Multiclass Support Vector Machines Theory and Its Data Fusion Application in Network Security Situation Awareness

Xiaowu Liu,Huiqiang Wang,Jibo Lai,Ying Liang,Chunmei Yang
DOI: https://doi.org/10.1109/wicom.2007.1557
2007-01-01
Abstract:Network Security Situation Awareness (NSSA) is an emerging technique in the field of network security and helps administrators to monitor the actual security situation of their networks. This paper mainly focuses on NSSA based on heterogeneous multisensor data fusion, We presented a model which adopted Snort and NetFlow as sensors to gather data from real network traffic. We employed Support Vector Machines as the fusion engine of our model and used efficient feature reduction approach to fuse the gathered data from heterogeneous sensors. Furthermore, we discussed the alert aggregation and security awareness generation techniques detailedly. Our model is proved to be feasible and effective through a series of experiments.
What problem does this paper attempt to address?