A Method of Network Security Situation Awareness Based on Rough Set Theory
一种基于粗糙集理论的网络安全态势感知方法

Network security situation awareness is a hot research field in the network security domain. A method of network security situation awareness based on rough set theory is first used, in which network attack is regarded as the network security factor, and the threat degrees of each security factor or combination of them on network security are analyzed quantitatively, finally network security situation awareness model with three layers--attacks, network services and security situation is established and definite network security situation graph is created by the simulation experiment. The use of RST makes the network security situation awareness system be able to deal with large volumes of network data effectively, generate explainable attack-detectlon rules, then the influence of network attack on the whole network security can be reflected clearly and intuitively.