A Network Security Situation Awareness Model Based on Risk Assessment

  • Yixian LiuEmail author
  • Dejun Mu
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 891)


Network Security Situation Awareness (NSSA) can provide holistic status to administrator, and most related works rely on real time packet inspection technique to detect the security attacks which are happening and may already have caused some damage. In this paper, we propose the Risk Assessment NSSA model which collects the vulnerabilities information and uses corresponding risk level to qualitatively represent the security situation. This model is easy to apply and conveniently helps the administrator to monitor the whole network and be alerted to possible threat in future.


Network security Situation Awareness Risk assessment Vulnerability 



This research is supported by the China Natural Science Foundation (61672433).


  1. 1.
    Tao, H., Zhou, J., Liu, S.: A survey of network security situation awareness in power monitoring system. In: IEEE Conference on Energy Internet and Energy System Integration, pp. 1–3. IEEE, Beijing (2017).
  2. 2.
    Singh, M., Bhandari, P.: Building a framework for network security situation awareness. In: International Conference on Computing for Sustainable Global Development, pp. 2578–2583. IEEE, Delhi (2016)Google Scholar
  3. 3.
    Evangelopoulou, M., Johnson, C.W.: Attack visualisation for cyber-security situation awareness. In: IET International Conference on System Safety and Cyber Security, pp. 1–6. IEEE, London (2015).
  4. 4.
    Endsley, M.R.: Design and evaluation for situation awareness enhancement. In: Human Factors Society-32nd Annual Meeting, CA, Santa Monica, pp. 97–101 (1988)CrossRefGoogle Scholar
  5. 5.
    Vlahakis, G., Apostolou, D., Kopanaki, E.: Enabling situation awareness with supply chain event management. Expert Syst. Appl. 93, 86–103 (2018). Scholar
  6. 6.
    Kalloniatis, A., Ali, I., Neville, T., La, P., Macleod, I., Zuparic, M., Kohn, E.: The situation awareness weighted network (SAWN) model and method: theory and application. Appl. Ergon. 61, 178–196 (2017). Scholar
  7. 7.
    Wolf, F., Kuber, R.: Developing a head-mounted tactile prototype to support situational awareness. Int. J. Hum. Comput. Stud. 109, 54–67 (2017). Scholar
  8. 8.
    Naderpour, M., Lu, J., Zhang, G.: A situation risk awareness approach for process systems safety. Saf. Sci. 64, 173–189 (2014). Scholar
  9. 9.
    Yong, K.C.: Assessment of operator’s situation awareness for smart operation of mobile cranes. Autom. Constr. 85, 65–75 (2017). Scholar
  10. 10.
    Bass, T., Gruber, D.: A glimpse into the future of ID. In: The Magazine of USENIX & SAGE, vol. 24, pp. 40–45 (1999)Google Scholar
  11. 11.
    Zhao, D., Liu, J.: Study on network security situation awareness based on particle swarm optimization algorithm. Comput. Ind. Eng. (2018). Scholar
  12. 12.
    Zhang, Y., Huang, S., Guo, S., Zhu, J.: Multi-sensor data fusion for cyber security situation awareness. Procedia Environ. Sci. 10, 1029–1034 (2011). Scholar
  13. 13.
    Xu, G., Cao, Y., Ren, Y., Li, X., Feng, Z.: Network security situation awareness based on semantic ontology and user-defined rules for internet of things. IEEE Access 5, 21046–21056 (2017). Scholar
  14. 14.
    Endsley, M.R.: Toward a theory of situation awareness in dynamic systems. Hum. Factors 37, 32–64 (1995)CrossRefGoogle Scholar
  15. 15.
    Munir, R., Mufti, M.R., Awan, I., Hu, Y.F., Disso, J.P.: Detection, mitigation and quantitative security risk assessment of invisible attacks at enterprise network. In: 2015 International Conference on Future Internet of Things and Cloud, FiCloud 2015 and 2015 International Conference on Open and Big Data, pp. 256–263. IEEE, Rome (2015).
  16. 16.
    Mansfield-Devine, S.: Google hacking 101. Netw. Secur. 2009(3), 4–6 (2009). Scholar
  17. 17.
    Abdelhalim, A., Traore, I.: The impact of Google hacking on identity and application fraud. In: IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, pp. 240–244. IEEE, Victoria (2007).
  18. 18.
    Beaudoin, L., Eng, P.: Asset valuation technique for network management and security. In: IEEE International Conference on Data Mining Workshops 2006, ICDM Workshops, pp. 718–721. IEEE, Hong Kong (2006)Google Scholar
  19. 19.
    Loloei, I., Shahriari, H.R., Sadeghi, A.: A model for asset valuation in security risk analysis regarding assets’ dependencies. In: 20th Iranian Conference on Electrical Engineering (ICEE2012), pp. 763–768. IEEE, Tehran (2012).
  20. 20.
    Deng, Y., Sadiq, R., Jiang, W., Tesfamariam, S.: Risk analysis in a linguistic environment: a fuzzy evidential reasoning-based approach. Expert Syst. Appl. 38(12), 15438–15446 (2011). Scholar
  21. 21.
    Sendi, A.S., Jabbarifar, M., Shajari, M., Dagenais, M.: FEMRA: fuzzy expert model for risk assessment. In: Fifth International Conference on Internet Monitoring & Protection, pp. 48–53. IEEE, Barcelona (2010).

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.School of AutomationNorthwestern Polytechnical UniversityXi’anChina

Personalised recommendations