scispace - formally typeset
Search or ask a question
Proceedings ArticleDOI

Network security risk assessment based on support vector machine

Jun Chen, Xionggang Tu
27 May 2011-pp 184-187
TL;DR: The content and the evaluation indicators of network security risk assessment and the classification of the support vector machine are described and the method is proposed, which is feasible and effective.
Abstract: With the development and application of network technology, the issues of network security has become prominent increasingly. Network security risk assessment has become the key process in solve network security. Support Vector Machine(SVM)is one of novel learning machine methods, its advantages are simple structure, strong compatibility, global optimization, least raining time and better generalization. So it has superiority to apply it into network security risk assessment. This paper describes the content and the evaluation indicators of network security risk assessment and the classification of the support vector machine in detail. And then an assessment method of network security risk based on support vector machine is proposed in this paper. Experiment results show that the method Is feasible and effective.
Citations
More filters
Journal ArticleDOI
Comprehensive approach to information sharing for increased network security and survivability

[...]

Michał Choraś
01 Oct 2013-Cybernetics and Systems
TL;DR: A comprehensive approach to information sharing framework aimed at increasing network security and survivability is presented and developments and results of information sharing mechanisms in both on-line and off-line network security dimensions are described.
Abstract: In this article, a comprehensive approach to information sharing framework aimed at increasing network security and survivability is presented. Currently, in order to defend complex cyber-attacks and sophisticated cybercrime, comprehensive means of ensuring network security and survivability are highly demanded. Comprehensive is understood as at least technical, human, organizational, and regulatory dimensions, whereas technical means that both on-line and off-line aspects should be carefully taken into account. The focus of this article is on the technical dimension and, in particular, on information exchange mechanisms for on-line and off-line dimension. Firstly, the on-line information exchange mechanism dedicated for interconnected federated networks is described. Then, a proposition of the off-line network information sharing approach regarding results of the risk assessment, cybersecurity audits, threat ranking, etc., is discussed. Developments and results of information sharing mechanisms in both on-line and off-line network security dimensions are also described.

6 citations

Cites background or methods from "Network security risk assessment ba..."

  • ...Chen and Tu (2011) and Liu et al. (2012) stated that a traditional single point and locally oriented defense approach is unable to meet nowadays network security requirements....

    [...]

  • ...Chen and Tu (2011) and Liu et al. (2012) stated that a traditional single point and locally oriented defense approach is unable to meet nowadays network security requirements. Chen and Tu (2011) adapted a support vector machine (SVM) algorithm in order to apply it to network security risk assessment. Luo and Liu (2012) proposed a similar solution that intends to improve the accuracy and reliability of the risk evaluation of network information security risk....

    [...]

  • ...Chen and Tu (2011) and Liu et al. (2012) stated that a traditional single point and locally oriented defense approach is unable to meet nowadays network security requirements. Chen and Tu (2011) adapted a support vector machine (SVM) algorithm in order to apply it to network security risk assessment. Luo and Liu (2012) proposed a similar solution that intends to improve the accuracy and reliability of the risk evaluation of network information security risk. For that purpose the authors used rough set theory in order to reduce the number of factors that may affect security risk. Recently, it has also been indicated that traditional security protocols in an Open Systems Interconnection (OSI) layered model lack cooperation. As a result, the performance degradation is observed due to the redundancy of security mechanisms. Therefore, the mechanism of network complex event correlation is seen as a substantial approach that can address the problem of performance and cooperation among security mechanisms deployed in different OSI layers. Liu et al. (2012) proposed a network security events correlation scheme based on rough set theory....

    [...]

  • ...Chen and Tu (2011) and Liu et al. (2012) stated that a traditional single point and locally oriented defense approach is unable to meet nowadays network security requirements. Chen and Tu (2011) adapted a support vector machine (SVM) algorithm in order to apply it to network security risk assessment. Luo and Liu (2012) proposed a similar solution that intends to improve the accuracy and reliability of the risk evaluation of network information security risk. For that purpose the authors used rough set theory in order to reduce the number of factors that may affect security risk. Recently, it has also been indicated that traditional security protocols in an Open Systems Interconnection (OSI) layered model lack cooperation. As a result, the performance degradation is observed due to the redundancy of security mechanisms. Therefore, the mechanism of network complex event correlation is seen as a substantial approach that can address the problem of performance and cooperation among security mechanisms deployed in different OSI layers. Liu et al. (2012) proposed a network security events correlation scheme based on rough set theory. The authors built a database of network security events and knowledge base that includes a rule generation method and rule matcher. This method is intended to solve the problem of simplification and correlation of massive security events. As stated in their paper, this is obtained due to data discretization, attribute reduction, value reduction, and rule generation. Ongoing works are also dedicated to the application of classifiers to various aspects of cybersecurity, such as, for example, spam detection, as proposed in Zmyslony et al. (2012) and Wrótniak and Wozniak (2012). In addition, cooperation between off-line and on-line analysis has recently been signalized as essential to security....

    [...]

  • ...Chen and Tu (2011) adapted a support vector machine (SVM) algorithm in order to apply it to network security risk assessment....

    [...]

Proceedings ArticleDOI
The Research of the Network Security Situation Prediction Mechanism Based on the Complex Network

[...]

Shouxin Sun1
Liaoning University1
01 Dec 2015
TL;DR: Through simulation analysis, the network security situation prediction mechanism based on the complex network can reflect the essence behavior of the system to some extent and can precisely predict the Security Status in thecomplex network.
Abstract: Most of the existing network security situation prediction mechanisms are only directed by the prediction of the situation value, but these methods do not reveal the problem of the dynamics features of the network situational factors. For these issues, this paper proposes the network security situation prediction mechanism based on the complex network. By this mechanism, we can easily and intuitively trace the dynamics features in the value fluctuations of the network security situation prediction. After that, this paper proposes Markov prediction method based on the complex network, so that we can achieve an effective prediction of the Security Status. Through simulation analysis, the network security situation prediction mechanism based on the complex network can reflect the essence behavior of the system to some extent. At the same time this mechanism can precisely predict the Security Status in the complex network.

5 citations

Cites methods from "Network security risk assessment ba..."

  • ...The literature [3] researched the prediction methods based on Grey Theory; In the literature [4], situation value has the characteristics of the Nonlinear, so it established the prediction methods based on neural network; The literature [5]used the SVM prediction method to solve over-fitting…...

    [...]

Journal ArticleDOI
Network security situation automatic prediction model based on accumulative CMA-ES optimization

[...]

Wang Jian1, Li Ke1, Zhao Guosheng2
Harbin University of Science and Technology1, Harbin Normal University2
01 Jun 2017-The Journal of China Universities of Posts and Telecommunications
TL;DR: The proposed security situation automatic prediction model based on accumulative data preprocess and support vector machine (SVM) optimized by covariance matrix adaptive evolutionary strategy (CMA-ES) has faster convergence-speed and higher prediction accuracy than other extant prediction models.

3 citations

Cites background from "Network security risk assessment ba..."

  • ...[16], which could make up for the shortcomings of neural network method....

    [...]

Proceedings ArticleDOI
S. A. V. I. O. R: Security Analytics on Asset Vulnerability for Information Abstraction and Risk Analysis

[...]

Kieran Flanagan1, Enda Fallon1, Abir Awad1, Paul Connelly
Athlone Institute of Technology1
06 Apr 2016
TL;DR: This paper proposes an architecture that will enable a company to perform a proactive risk assessment of their network to mitigate any possible chance of data leaks or damage to the network and uses machine learning mechanisms to perform abstraction of performance metrics gained from a data provider, Nexpose, while also performing an analysis of assets in terms of one area of risk, vulnerability.
Abstract: Protecting intellectual property and confidential customer details from network based attacks is becoming increasingly difficult in modern times due to a dramatic increase in online based attacks. For companies such as The NPD Group, protecting this confidential information is key in keeping a positive perceived image while also doing its utmost to protect vital I. P. This paper proposes an architecture that will enable a company to perform a proactive risk assessment of their network to mitigate any possible chance of data leaks or damage to the network. It also performs an abstraction of the performance metrics gained from various data providers to allow for easily understandable metrics pertaining to the risk level of the network at large while also maintaining a level of granularity that can be used by technical experts within the company. SAVIOR is one algorithm within this architecture that uses machine learning mechanisms to perform abstraction of performance metrics gained from a data provider, Nexpose, while also performing an analysis of assets in terms of one area of risk, vulnerability.
Proceedings ArticleDOI
Research on Risk Assessment Technology of Power Monitoring System Based on Machine Learning

[...]

Bo Li1, Liang Ye1, Wang Hao1, Jiang Zhengwei, Jin Xueqi 
Electric Power Research Institute1
01 Aug 2020
TL;DR: After establishment and operation of the model, effective and rapid analysis and output of disposal recommendations and corresponding risk levels are carried out, and the original experience is intellectualized and rationalized to the relevant people.
Abstract: with the complexity of the power system and the increasingly severe network security environment, the industry has urgently needed to improve the risk prediction ability of the power system security and the potential safety hazards brought about by the disposal. According to the experience and the features attributes of historical data, K-means unsupervised learning clustering is carried out. For supervised learning classification, this paper chooses SVM-KNN, and the risk assessment portrait after business disposal is constructed. After establishment and operation of the model, effective and rapid analysis and output of disposal recommendations and corresponding risk levels are carried out, and the original experience is intellectualized and rationalized to the relevant people. In order to make sure the stable, efficient and safe operation of the power monitoring system, model could give prompt safety advice as an expert.

Cites background from "Network security risk assessment ba..."

  • ...Therefore, it has certain advantages in applying network security risk assessment [12]....

    [...]

References
More filters
Journal Article
Survey of information security risk assessment

[...]

Zhang Yu-qing
01 Jan 2004-Journal of China Institute of Communications
TL;DR: The article discusses the contents of risk assessment, for example: present situation, models, standards, methods, process, then introduces information security test and evaluation system and analyzes the problems existing in Risk Assessment and the future prospect.
Abstract: In the information security engineering, Risk Assessment plays an important part. It is the basis of the information system security systematism. The article discusses in detail the contents of risk assessment, for example: present situation, models, standards, methods, process, then introduces information security test and evaluation system, finally, the paper analyzes the problems existing in Risk Assessment and the future prospect.

52 citations

Journal ArticleDOI
Some properties of centrosymmetric matrices

[...]

Zhong-Yun Liu
05 Sep 2003-Applied Mathematics and Computation
TL;DR: Some properties of centrosymmetric matrices, which often appear in the construction of orthonormal wavelet basis in wavelet analysis, are investigated.

40 citations

Journal Article
A Chinese Web Page Classifier Based on Support Vector Machine and Unsupervised Clustering

[...]

Li Xiao
01 Jan 2001-Chinese Journal of Computers
TL;DR: A new algorithm that combines Support Vector Machine (SVM) and unsupervised clustering and proposes a new vector representation of web pages and applies it to web page classification.
Abstract: This paper presents a new algorithm that combines Support Vector Machine (SVM) and unsupervised clustering. After analyzing the characteristics of web pages, it proposes a new vector representation of web pages and applies it to web page classification. Given a training set, the algorithm clusters positive and negative examples respectively by the unsupervised clustering algorithm (UC), which will produce a number of positive and negative centers. Then, it selects only some of the examples to input to SVM according to ISUC algorithm. At the end, it constructs a classifier through SVM learning. Any text can be classified by comparing the distance of clustering centers or by SVM. If the text nears one cluster center of a category and far away from all the cluster centers of other categories, UC can classify it rightly with high possibility, otherwise SVM is employed to decide the category it belongs. The algorithm utilizes the virtues of SVM and unsupervised clustering. The experiment shows that it not only improves training efficiency, but also has good precision.

33 citations

Proceedings ArticleDOI
Short-Term Load Forecasting Using Support Vector Machine with SCE-UA Algorithm

[...]

Gang Li1, Chuntian Cheng1, Jianyi Lin1, Yun Zeng1
Dalian University of Technology1
24 Aug 2007
TL;DR: The proposed SCE-UA SVM model provides a promising alternative for forecasting electricity load and outperforms the BPNN model, which has obtained wide attention in STLF.
Abstract: Short-term load forecasting (STLF) has always been a very important issue in power system planning and operation Recently, along with power system privatization and deregulation, accurate forecast of electricity load has received increasing attention However, forecasting electricity load is difficult because of the randomness and uncertainties of load demand Support vector machine (SVM) is a novel type of learning machine, which has been successfully employed to solve nonlinear regression and time series problems and showed its potential in STLF However, the accuracy of STLF is greatly related to the selected parameters of SVM In this paper, the SCE-UA algorithm, which is an effective and efficient method to optimize model parameters and widely applied to optimize the parameters of the hydrologic models, is employed to optimize the parameters of a SVM model Subsequently, examples of electricity load data from GuiZhou Power Grid, China were used to compare the forecast performance of the proposed SCE-UA SVM model and back propagation neural network(BPNN) which has obtained wide attention in STLF The results reveal that the proposed model outperforms the BPNN model Consequently, the proposed SCE-UA SVM model provides a promising alternative for forecasting electricity load

25 citations

Proceedings ArticleDOI
An Improved Algorithm for Decision-Tree-Based SVM

[...]

Xiaodan Wang, Zhaohui Shi, Chongming Wu, Wei Wang
23 Oct 2006
TL;DR: A new separable measure is defined based on the distribution of the training samples in the feature space, the defined separability measure was used in the formation of the decision tree, and an improved algorithm for decision-tree-based support vector machine is proposed.
Abstract: Decision-tree-based support vector machine which combines support vector machines and decision tree is an effective way for solving multi-class problems. A problem exists in this method is that the division of the feature space depends on the structure of a decision tree, and the structure of the tree relate closely to the performance of the classifier. To maintain high generalization ability, the most separable classes should be separated at the upper nodes of a decision tree. Distance measure is often used as a separability measure between classes, but the distance between class centers can not reflect the distribution of the classes. After analyzing the tree structure and the classification performance of the decision-tree-based support vector machine, a new separability measure is defined based on the distribution of the training samples in the feature space, the defined separability measure was used in the formation of the decision tree, and an improved algorithm for decision-tree-based support vector machine is proposed. Classification experiments prove the effectiveness of the improved algorithm for decision-tree-based support vector machine.

21 citations

Related Papers (5)
Assessment of network security situation based on grey relational analysis and support vector machine

[...]

01 Jan 2013-Application Research of Computers
Wang Cai-yin
Security audit system using Adaptive Genetic Algorithm and Support Vector Machine

[...]

20 Sep 2010
Xiaomei Yi, Peng Wu
Heterogeneous Multi-Sensor Data Fusion with Multi-Class Support Vector Machines: Creating Network Security Situation Awareness

[...]

29 Oct 2007
Xiaowu Liu, Huiqiang Wang, Ying Liang, Jibao Lai 
Situation prediction of large-scale Internet of Things network security

[...]

25 Nov 2019-Eurasip Journal on Information Security
Wenjun Yang, Jiaying Zhang, Chundong Wang, Xiuliang Mo 
Research of Security Detection for Networked Manufacturing Based on Optimized Support Vector Machine

[...]

26 Aug 2009
Shi Jinfa, Jiao Hejun
Trending Questions (1)
Is SVM a part of deep learning?

Support Vector Machine(SVM)is one of novel learning machine methods, its advantages are simple structure, strong compatibility, global optimization, least raining time and better generalization.

See answers from 12 other papers