ABSTRACT
To address the poor network security protection and low attack traffic identification, the study designs a network security monitoring system based on convolutional neural network and exponential weighted Dempster Shafer evidence theory. The validation of the UNSW-NB15 data set showed that the output of multi-source fusion after exponential weighted Dempster Shafer evidence theory was higher than the output of the feature fusion by 3.92%. The accuracy of the attack recognition was as high as 93.72%, which was 1.85% higher than feature fusion. The accuracy of the proposed network security monitoring system increased by 3.70% on average over other methods. The results indicate that the proposed network security monitoring system can effectively improve the efficiency of network attack identification, monitor network security in real-time, and effectively protect network operation. The system is feasible and reasonable in terms of network security situational awareness, which can provide effective situational analysis for network administrators.
Notations
Abbreviations | = | Full name |
NSSAT | = | Network Security Situational Awareness Technology |
CNN | = | Convolutional Neural Networks |
CK | = | Convolutional Kernel |
D-S | = | Dempster-Shafer |
EWD-S | = | Exponential Weighted D-S |
IoT | = | Internet of Things |
ReLU | = | Rectified Linear Unit |
IP | = | Internet Protocol |
ROC | = | Receiver Operating Characteristic curve |
FPR | = | False Positive Rate |
FNR | = | False Negative Rate |
AUC | = | Area Under the Curve |
FAR | = | False Alarm Rate |
DNS | = | Domain Name System |
HTTP | = | Hypertext Transfer Protocol |
SMTP | = | Simple Mail Transfer Protocol |
Disclosure statement
No potential conflict of interest was reported by the author(s).
Data availability statement
The data used to support the findings of the research are available from the corresponding author upon reasonable request.