• Title/Summary/Keyword: Network Security Situational Awareness (NSSA)

Search Result 2, Processing Time 0.014 seconds

Design and implementation of the honeycomb structure visualization system for the effective security situational awareness of large-scale networks (대규모 네트워크의 효과적 보안상황 인지를 위한 벌집 구조 시각화 시스템의 설계 및 구현)

  • Park, Jae-Beom;Kim, Huy-Kang;Kim, Eun-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.6
    • /
    • pp.1197-1213
    • /
    • 2014

  • Due to the increase in size of the computer network, the network security systems such as a firewall, IDS, IPS generate much more vast amount of information related to network security. So detecting signs of hidden security threats has become more difficult. Security personnels' 'Network Security Situational Awareness(NSSA)' is effectively determining the security situation of overall computer network on the basis of the relation between the security events that occur in the several views. The process of situational awareness is divided into three stages of the 'identification,' 'understanding' and 'prediction'. And 'identification' and 'understanding' are prerequisites for 'predicting' and the following appropriate responses. But 'identification' and 'understanding' in the vast amount of information became more difficult. In this paper, we propose Honeycomb security situational awareness visualization system that is designed to help NSSA in large-scale networks by using visualization techniques known effective to the 'identification' and 'understanding' stages. And we identified the empirical effects of this system on the basis of the 'VAST Challenge 2012' data.

  • https://doi.org/10.13089/JKIISC.2014.24.6.1197 인용 PDF KSCI HTML

CRF Based Intrusion Detection System using Genetic Search Feature Selection for NSSA

  • Azhagiri M;Rajesh A;Rajesh P;Gowtham Sethupathi M
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.7
    • /
    • pp.131-140
    • /
    • 2023

  • Network security situational awareness systems helps in better managing the security concerns of a network, by monitoring for any anomalies in the network connections and recommending remedial actions upon detecting an attack. An Intrusion Detection System helps in identifying the security concerns of a network, by monitoring for any anomalies in the network connections. We have proposed a CRF based IDS system using genetic search feature selection algorithm for network security situational awareness to detect any anomalies in the network. The conditional random fields being discriminative models are capable of directly modeling the conditional probabilities rather than joint probabilities there by achieving better classification accuracy. The genetic search feature selection algorithm is capable of identifying the optimal subset among the features based on the best population of features associated with the target class. The proposed system, when trained and tested on the bench mark NSL-KDD dataset exhibited higher accuracy in identifying an attack and also classifying the attack category.

  • https://doi.org/10.22937/IJCSNS.2023.23.7.15 인용 PDF