Abstract
In order to ensure the information security of a network, network security devices have been widely deployed in the information and communication network. Based on the monitoring data collected by network security equipment, network security administrators analyze whether there is an attacking incident or abnormal situation in the current network environment. However, if the original monitoring data collected by network security equipment is tampered with by the attacker, then network security administrators will make a wrong judgment and delay the best time to take protective actions. Therefore, the reliability and authenticity of data generated by network security devices are of the utmost importance. In this paper, we first define a revised Euclidean distance formula for the D-S evidence theory and propose a dual test method for the authenticity of data based on algebra statistics and geometric trends, detecting any malicious tampering on these monitoring data. Utilizing a web application firewall (WAF) device, we carry out a series of experiments to verify the proposed method.
Highlights
The power grid is a typical cyber-physical system
It is endowed with different weight depending on the degree of dispersion of the algebra distance [3]; Secondly, the geometric trend matching of the gathered data is carried out via the grey correlation method, and the weights are given depending on the geometric trend of the overall data [4], [5]; Thirdly, the final processing result is worked out from the average value of the above two methods, and the standard variance processing is calculated on the raw data, so as to judge the rationality of the proposed method form theoretical aspect [6]; a typical web application firewall (WAF) device is used to corroborate our proposed method for information authenticity and show the availability of double correction of D-S Evidence Theory
EXPERIMENT SETUP Here, as illustrated in figure 1, we present a network architecture with WAF, which is connected in parallel with the router, mainly to identify the abnormality by mirroring the traffic of the router port
Summary
The power grid is a typical cyber-physical system. The cyber attack cannot only invade the information technology network and lead to irreversible damage to physical devices and systems. Wang et al.: Effective Method to Safeguard Cyber Security by Preventing Malicious Data miss some intrusion incident and delay the best time for network security emergency response These IDS or WAF will become a decoration. First of all, it is endowed with different weight depending on the degree of dispersion of the algebra distance [3]; Secondly, the geometric trend matching of the gathered data is carried out via the grey correlation method, and the weights are given depending on the geometric trend of the overall data [4], [5]; Thirdly, the final processing result is worked out from the average value of the above two methods, and the standard variance processing is calculated on the raw data, so as to judge the rationality of the proposed method form theoretical aspect [6]; a typical WAF device is used to corroborate our proposed method for information authenticity and show the availability of double correction of D-S Evidence Theory. The feasibility of using this theory to infer uncertainty evidence is supported by the literature [10]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
