Network security risk assessment based on support vector machine

Abstract: Most of the existing network security situation prediction mechanisms are only directed by the prediction of the situation value, but these methods do not reveal the problem of the dynamics features of the network situational factors. For these issues, this paper proposes the network security situation prediction mechanism based on the complex network. By this mechanism, we can easily and intuitively trace the dynamics features in the value fluctuations of the network security situation prediction. After that, this paper proposes Markov prediction method based on the complex network, so that we can achieve an effective prediction of the Security Status. Through simulation analysis, the network security situation prediction mechanism based on the complex network can reflect the essence behavior of the system to some extent. At the same time this mechanism can precisely predict the Security Status in the complex network.

Abstract: In this article, a comprehensive approach to information sharing framework aimed at increasing network security and survivability is presented. Currently, in order to defend complex cyber-attacks and sophisticated cybercrime, comprehensive means of ensuring network security and survivability are highly demanded. Comprehensive is understood as at least technical, human, organizational, and regulatory dimensions, whereas technical means that both on-line and off-line aspects should be carefully taken into account. The focus of this article is on the technical dimension and, in particular, on information exchange mechanisms for on-line and off-line dimension. Firstly, the on-line information exchange mechanism dedicated for interconnected federated networks is described. Then, a proposition of the off-line network information sharing approach regarding results of the risk assessment, cybersecurity audits, threat ranking, etc., is discussed. Developments and results of information sharing mechanisms in both on-line and off-line network security dimensions are also described.

Abstract: To improve the accuracy of the network security situation, a security situation automatic prediction model based on accumulative data preprocess and support vector machine (SVM) optimized by covariance matrix adaptive evolutionary strategy (CMA-ES) is proposed The proposed model adopts SVM which has strong nonlinear ability Also, the hyper parameters for SVM are optimized through the CMA-ES which owns good performance in finding optimization automatically Considering the irregularity of network security situation values, we accumulate the original sequence, so that the internal rules of discrete data can be revealed and it is easy to model Simulation experiments show that the proposed model has faster convergence-speed and higher prediction accuracy than other extant prediction models

Abstract: Protecting intellectual property and confidential customer details from network based attacks is becoming increasingly difficult in modern times due to a dramatic increase in online based attacks. For companies such as The NPD Group, protecting this confidential information is key in keeping a positive perceived image while also doing its utmost to protect vital I. P. This paper proposes an architecture that will enable a company to perform a proactive risk assessment of their network to mitigate any possible chance of data leaks or damage to the network. It also performs an abstraction of the performance metrics gained from various data providers to allow for easily understandable metrics pertaining to the risk level of the network at large while also maintaining a level of granularity that can be used by technical experts within the company. SAVIOR is one algorithm within this architecture that uses machine learning mechanisms to perform abstraction of performance metrics gained from a data provider, Nexpose, while also performing an analysis of assets in terms of one area of risk, vulnerability.

Abstract: with the complexity of the power system and the increasingly severe network security environment, the industry has urgently needed to improve the risk prediction ability of the power system security and the potential safety hazards brought about by the disposal. According to the experience and the features attributes of historical data, K-means unsupervised learning clustering is carried out. For supervised learning classification, this paper chooses SVM-KNN, and the risk assessment portrait after business disposal is constructed. After establishment and operation of the model, effective and rapid analysis and output of disposal recommendations and corresponding risk levels are carried out, and the original experience is intellectualized and rationalized to the relevant people. In order to make sure the stable, efficient and safe operation of the power monitoring system, model could give prompt safety advice as an expert.

Abstract: The support vector (SV) machine is a novel type of learning machine, based on statistical learning theory, which contains polynomial classifiers, neural networks, and radial basis function (RBF) networks as special cases. In the RBF case, the SV algorithm automatically determines centers, weights, and threshold that minimize an upper bound on the expected test error. The present study is devoted to an experimental comparison of these machines with a classical approach, where the centers are determined by X-means clustering, and the weights are computed using error backpropagation. We consider three machines, namely, a classical RBF machine, an SV machine with Gaussian kernel, and a hybrid system with the centers determined by the SV method and the weights trained by error backpropagation. Our results show that on the United States postal service database of handwritten digits, the SV machine achieves the highest recognition accuracy, followed by the hybrid system. The SV approach is thus not only theoretically well-founded but also superior in a practical application.

Abstract: In 1991 A. D. Gunawardena et al. reported that the convergence rate of the Gauss-Seidel method with a preconditioning matrix I + S is superior to that of the basic iterative method. In this paper, we use the preconditioning matrix I + S(α). If a coefficient matrix A is an irreducibly diagonally dominant Z-matrix, then [I + S(α)]A is also a strictly diagonally dominant Z-matrix. It is shown that the proposed method is also superior to other iterative methods.

Abstract: In this paper, we present the convergence analysis for some modified Gauss–Seidel and Jacobi type iterative methods and provide a comparison of spectral radius among the Gauss– Seidel iterative method and these modified methods. Some recent results are improved.

Abstract: Publisher Summary This chapter discusses square nonnegative matrices, that is, square matrices all of whose elements are nonnegative. The matrices A that satisfy A > 0 are called positive matrices. The two basic approaches to the study of nonnegative matrices are geometrical and combinatorial. The chapter describes the combinatorial matrices, using the elementwise structure in which the zero–nonzero pattern plays an important role. It also discusses the irreducible matrices and the reducible case. An irreducible matrix is primitive if its trace is positive. The order of cyclicity of a matrix can be computed by inspection of its directed graph. If there are n possible states of a certain process and the probability of the process moving from state si to state sj is time independent, such a process is called a finite homogeneous Markov chain. The maximal eigenvalue of a stochastic matrix is one. A nonnegative matrix T is stochastic if and only if e is an eigenvector of T corresponding to the eigenvalue one.

Abstract: In order to exploring the inherent rule of information security risk assessment development, based on information system or asset structure and operation status, a survey is proposed in which the common risk assessment methods are divided into four types: vulnerability identification and risk assessment, risk factors simulation and risk estimation, security situation assessment, the risk calculation based on business process analysis. The method on delving into the information system of the highest level structure--namely business process structure and change is advocated, on which business operating performance indicators are regarded as risk scale, so real-time and dynamically information security risk calculation is obtained. Finally, Based on an understanding of the information system structure and utilization, combined with feedback control theory, three levels of judgment is defined which positions information security risk assessment method status, and the information security risk assessment study on the return to the rule of non-linear system.