1 / 15

About this Article

Research on Network Security Situation Awareness Technology based on Artificial Immunity System by Sandeep Gadi. . About this Article.

emma
Download Presentation

About this Article

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Research on Network Security Situation Awareness Technology based on Artificial Immunity System bySandeepGadi .

  2. About this Article • this article puts forward a new immune network security situation awareness model to enable self-learning and self-adapting of network system, and increase its immunity and viability. • The classic biological definition of immunity includes all of the physiological mechanisms that give an organism the ability to recognize foreign substances and neutralize or degrade them, with or without injury to the organism's own tissue.

  3. Why do we need INSSAT? Current Systems:-adopted traditional technology of • intrusion detection • firewall and • virus detection Drawbacks:-they don’t have cognition on the network resource they are protecting for. And this cognition disjunction increases the time needed for operator to make a decision for alarm risen, and therefore, misses the optimal timing of handling.

  4. Aspects of Immune Network Security Situation Awareness Technology • It is aimed to carry out real-time monitor on network security situation, realize real-time and quantitative awareness of network security situation before malicious network behavior becomes out of control • help make timely and effective network security strategy adjustment for better general security safeguard of system.

  5. Biological Immune System • Biological Immune System (BIS) is a complicated system with the ability of self-adapting ,self-learning, self-organizing , parallel processing and distributed coordinating • it also has the basic function to distinguish self and non-self and clean non-self. • The problems in the field of computer security and Artificial Immune Systems have the astonishing similarity of keeping the system stable in a continuous changing environment. • Artificial Immune System can use biological immune theoretic for references to search and design relevant models and algorithms to solve the various problems occurred in the field of computer security.

  6. Brief idea of how INSSAT works? • The system uses network intrusion detection, which based on the theory of biological immunity as the base of situational awareness, to detect known and unknown intrusions with the help of biological technology such as self/non-self discrimination, self-tolerance, self-learning, evolutionmechanism, immunological surveillance, etc.

  7. In the tendency prediction for network security, this paper uses Grey Markov Model to make quantitative prediction on short- term, medium-term, long-term risk in different span.

  8. Network security situation is a macro reaction to the running status of network information system, is a process of mining, understanding and forecasting situation elements which reflect network security condition, thus divided into three parts • Situation awareness • Situation evaluation • Situation forecast

  9. Situation Awareness:- • Filters • Simplifies and combines states • Gets situation factors

  10. Situation Evaluation:- • Core of situation awareness. • Makes association analysis of security events. • Concludes on risk level according to degree of threat. • Situation Forecast:- • Based on historical and present network security information. • Uses Grey Markov Model to predict.

  11. FLAW ANALYSIS OF INTRUSION DETECTION TECHNIQUEBASED ON IMMUNOLOGY THEORY • The accurate description that what is “normal”, namely, the normal model of sample system or the network is quite difficult; • accuracy is guaranteed with difficulty; • Learning process computation is costly

  12. Conclusion • When network information system is under attack, network security situation awareness model based on immunity has all-around and whole knowledge of current network security situation and its future trend and can provide grounds for reasonable and accurate response to guarantee the availability of system.

  13. References • http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5231663&isnumber=5231498?tag=1 • http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4722501&isnumber=4722268 • Application of Grey-Markov Model in Order Forecasting of Distribution Center. • http://www.healthy.net/scr/article.asp?Id=1987

  14. Thank You

More Related