Abstract

To analyze the influence of security incidents on a networked system and accurately evaluate system security, this paper proposes a novel cyber security situation assessment model, based on multi-heterogeneous sensors. By using D-S evidence theory, we fuse security data submitted from multi-sensors, according to the network topology and the importance of services and hosts. Moreover, we adopt the evaluation policy that from bottom to top and from local to global in this model. The evaluation of a simulated network indicates that the proposed approach is suitable for network environment, and the evaluation results are precise and efficient.