Journal on Communications ›› 2021, Vol. 42 ›› Issue (6): 182-194.doi: 10.11959/j.issn.1000-436x.2021106

• Papers • Previous Articles     Next Articles

Network security situational awareness model based on threat intelligence

Hongbin ZHANG1,2, Yan YIN1, Dongmei ZHAO2, Bin LIU3,4   

  1. 1 School of Information Science and Engineering, Hebei University of Science and Technology, Shijiazhuang 050018, China
    2 Hebei Key Laboratory of Network and Information Security, Hebei Normal University, Shijiazhuang 050024, China
    3 School of Economics and Management, Hebei University of Science and Technology, Shijiazhuang 050018, China
    4 Research Center of Big Data and Social Computing, Hebei University of Science and Technology, Shijiazhuang 050018, China
  • Revised:2021-04-09 Online:2021-06-25 Published:2021-06-01
  • Supported by:
    The National Natural Science Foundation of China(61672206);The National Natural Science Foundation of China(61572170);S&T Program of Hebei(18210109D);S&T Program of Hebei(20310701D);S&T Program of Hebei(20310802D);High-Level Talents Subsidy Project in Hebei Province(A2016002015);S&T Research and Development Program of Shijiazhuang(19SCX01006);S&T Research and Development Program of Shijiazhuang(191130591A)

Abstract:

In order to deal with the problems that the increasing scale of the network in the real environment leads to the continuous high incidence of network attacks, the threat intelligence was applied to situational awareness, and the situational awareness model based on random game was constructed.Threat perception of the target system was performed by comparing the similarity between the exogenous threat intelligence and the internal security events of the system.At the same time, internal threat intelligence was generated based on the threat information inside the system.In this process, game theory was used to quantify the current network security situation of the system, evaluate the security status of the network.Finally, the prediction of the network security situation was realized.The experimental results show that the network security situation awareness method based on threat intelligence can reflect the changes in the network security situation and predict attack behaviors accurately.

Key words: threat intelligence, situational awareness, network security, game theory, Nash equilibrium

CLC Number: 

No Suggested Reading articles found!