Research on IoT security situation awareness method based on evidence theory
The security problem of IoT became more and more serious with its rapid development.Considering that the current IoT security situation awareness system lacks generality and excessively relies on expert knowledge, a IoT security situation awareness method based on improved D-S evidence theory was pr...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2022-04-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2022022 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841529791292899328 |
|---|---|
| author | Jian LI Tinglu DONG Jie LI |
| author_facet | Jian LI Tinglu DONG Jie LI |
| author_sort | Jian LI |
| collection | DOAJ |
| description | The security problem of IoT became more and more serious with its rapid development.Considering that the current IoT security situation awareness system lacks generality and excessively relies on expert knowledge, a IoT security situation awareness method based on improved D-S evidence theory was proposed in this paper.Fuzzy Gaussian membership function was used to calculate the vulnerability information membership matrix, which was normalized as evidence distribution matrix.The improved Topsis method was used to measure the evidence credibility.In order to fully restrain the credibility of conflicting evidence and improve the credibility of mutually supporting evidence, local credibility between two evidence was aggregated and the expected positive and negative solution vectors were improved according to the situation assessment scenario.And the weighted average method was used for vulnerability information fusion, to obtain the result of situational assessment.The result of situational awareness was fused with the time discount and high-risk vulnerability information discount evidence theory.At the same time, the IoT vulnerability information at different moments was considered comprehensively, the evidence was adaptively and dynamically weighted with the ratio information of high-risk vulnerability.The experimental results show that in the fusion of different numbers of evidence bodies and four common conflicting evidence, the improved Topsis method has higher fusion probability on credible proposition.In the aspect of situation assessment, the risk degree of current system is accurately assessed.And in the aspect of situational awareness, this discount evidence theory can predict the probability of high risk and critical risk, which is more effective than the traditional D-S evidence theory.According to this theory, a IoT security situational awareness method process was proposed, which would be used to guide engineering practice.In the future, the relationship between vulnerabilities can be considered and richer information between vulnerabilities can be extracted for vulnerability exploiting, so that the result of situation assessment is more accurate and reasonable.On the other hand, for situational awareness, game theory can be adopted in the process of dynamic game between the attacker and defender. |
| format | Article |
| id | doaj-art-5bd561a4100542c494cc9e108f38fdce |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2022-04-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-5bd561a4100542c494cc9e108f38fdce2025-01-15T03:15:27ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2022-04-018394759570313Research on IoT security situation awareness method based on evidence theoryJian LITinglu DONGJie LIThe security problem of IoT became more and more serious with its rapid development.Considering that the current IoT security situation awareness system lacks generality and excessively relies on expert knowledge, a IoT security situation awareness method based on improved D-S evidence theory was proposed in this paper.Fuzzy Gaussian membership function was used to calculate the vulnerability information membership matrix, which was normalized as evidence distribution matrix.The improved Topsis method was used to measure the evidence credibility.In order to fully restrain the credibility of conflicting evidence and improve the credibility of mutually supporting evidence, local credibility between two evidence was aggregated and the expected positive and negative solution vectors were improved according to the situation assessment scenario.And the weighted average method was used for vulnerability information fusion, to obtain the result of situational assessment.The result of situational awareness was fused with the time discount and high-risk vulnerability information discount evidence theory.At the same time, the IoT vulnerability information at different moments was considered comprehensively, the evidence was adaptively and dynamically weighted with the ratio information of high-risk vulnerability.The experimental results show that in the fusion of different numbers of evidence bodies and four common conflicting evidence, the improved Topsis method has higher fusion probability on credible proposition.In the aspect of situation assessment, the risk degree of current system is accurately assessed.And in the aspect of situational awareness, this discount evidence theory can predict the probability of high risk and critical risk, which is more effective than the traditional D-S evidence theory.According to this theory, a IoT security situational awareness method process was proposed, which would be used to guide engineering practice.In the future, the relationship between vulnerabilities can be considered and richer information between vulnerabilities can be extracted for vulnerability exploiting, so that the result of situation assessment is more accurate and reasonable.On the other hand, for situational awareness, game theory can be adopted in the process of dynamic game between the attacker and defender.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2022022D-S evidence theorysituation awarenessIoT securitytime evolutionCVSS |
| spellingShingle | Jian LI Tinglu DONG Jie LI Research on IoT security situation awareness method based on evidence theory 网络与信息安全学报 D-S evidence theory situation awareness IoT security time evolution CVSS |
| title | Research on IoT security situation awareness method based on evidence theory |
| title_full | Research on IoT security situation awareness method based on evidence theory |
| title_fullStr | Research on IoT security situation awareness method based on evidence theory |
| title_full_unstemmed | Research on IoT security situation awareness method based on evidence theory |
| title_short | Research on IoT security situation awareness method based on evidence theory |
| title_sort | research on iot security situation awareness method based on evidence theory |
| topic | D-S evidence theory situation awareness IoT security time evolution CVSS |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2022022 |
| work_keys_str_mv | AT jianli researchoniotsecuritysituationawarenessmethodbasedonevidencetheory AT tingludong researchoniotsecuritysituationawarenessmethodbasedonevidencetheory AT jieli researchoniotsecuritysituationawarenessmethodbasedonevidencetheory |