An Integrated Assessment Scheme of Network Infrastructure Following Security Standards and Specifications

Abstract

In this intelligent era, with deeper research, faster development, and wider application of information technologies, the network infrastructure plays one more and more important role in data communication and processing that affects almost every field worldwide. Correspondingly, cyberspace security, especially the security of network infrastructure has become elementary for countries and companies. Then, various security standards and specifications have been proposed to guide network infrastructure’s design, development, and operation. Consequently, it is the key to assess whether a network infrastructure is compliant with the related standards and specifications. However, most of the existing security assessment schemes are manual, that is, testers should check all issues depending on their understanding of the network infrastructures and related documents. That results in the lack of accuracy, continuity as well as comprehensiveness. Therefore, in this paper, we propose an Al-based network infrastructure security assessment (ISA-CN) scheme, which concerns China’s current fundamental network infrastructure security assessment related standards and specifications and evaluates the object’s security states with multi-dimensional automatically monitored network traffic data continuously and comprehensively. The analytical and experimental results show that our ISA-CN scheme is suitable for the assessment of real-world network infrastructure systems.