System Architecture and Key Technologies of Network Security Situation Awareness System YHSAS

Network Security Situation Awareness System YHSAS acquires,understands and displays the security factors which cause changes of network situation,and predicts the future development trend of these security factors.YHSAS is developed for national backbone network,large network operators,large enterprises and other large-scale network.This paper describes its architecture and key technologies:Network Security Oriented Total Factor Information Collection and High-Dimensional Vector Space Analysis,Knowledge Representation and Management of Super Large-Scale Network Security,Multi-Level,Multi-Granularity and Multi-Dimensional Network Security Index Construction Method,Multi-Mode and Multi-Granularity Network Security Situation Prediction Technology,and so on.The performance tests show that YHSAS has high real-time performance and accuracy in security situation analysis and trend prediction.The system meets the demands of analysis and prediction for large-scale network security situation.

A scalable model for network situational awareness based on Endsley＇ s situation model

The paper introduces the Endsley＇ s situation model into network security to describe the network security situation, and improves Endsley＇s data processing to suit network alerts. The proposed model contains the information of incident frequency, incident time and incident space. The HoneyNet dataset is selected to evaluate the proposed model in the evaluation. The paper proposes three definitions to depict and predigest the whole situation extraction in detail, and a fusion component to reduce the influence of alert redundancy on the total security situation. The less complex extraction makes the situation analysis more efficient, and the fine-grained model makes the analysis have a better expansibility. Finally, the situational variation curves are simulated, and the evaluation results prove the situation model applicable and efficient.

A network security situation awareness method based on layered attack graph

The real-time of network security situation awareness(NSSA)is always affected by the state explosion problem.To solve this problem,a new NSSA method based on layered attack graph(LAG)is proposed.Firstly,network is divided into several logical subnets by community discovery algorithm.The logical subnets and connections between them constitute the logical network.Then,based on the original and logical networks,the selection of attack path is optimized according to the monotonic principle of attack behavior.The proposed method can sharply reduce the attack path scale and hence tackle the state explosion problem in NSSA.The experiments results show that the generation of attack paths by this method consumes 0.029 s while the counterparts by other methods are more than 56 s.Meanwhile,this method can give the same security strategy with other methods.

Adaptive Load Balancing for Parameter Servers in Distributed Machine Learning over Heterogeneous Networks

In distributed machine learning(DML)based on the parameter server(PS)architecture,unbalanced communication load distribution of PSs will lead to a significant slowdown of model synchronization in heterogeneous networks due to low utilization of bandwidth.To address this problem,a network-aware adaptive PS load distribution scheme is proposed,which accelerates model synchronization by proactively adjusting the communication load on PSs according to network states.We evaluate the proposed scheme on MXNet,known as a realworld distributed training platform,and results show that our scheme achieves up to 2.68 times speed-up of model training in the dynamic and heterogeneous network environment.

Energy-Efficient Architecture and Technologies for Device to Device(D2D) Based Proximity Service

Considering that modern mobile terminals possess the capability to detect users' proximity,and offer means to directly communicate and share content with the people in close area,Device-to-Device(D2D) based Proximity Services(ProSe) have recently witnessed great development,which enable users to seek for and utilize relevant value in their physical proximity,and are capable to create numerous new mobile service opportunities.However,without a breakthrough in battery technology,the energy will be the biggest limitation for ProSe.Through incorporating the features of ProSe(D2D communication technologies,abundant built-in sensors,localization-dependent,and context-aware,etc.),this paper thoroughly investigates the energy-efficient architecture and technologies for ProSe from the following four aspects:underlying networking technology,localization,application and architecture features,context-aware and user interactions.Besides exploring specific energy-efficient schemes pertaining to each aspect,this paper offers a perspective for research and applications.In brief,through classifying,summarizing and optimizing the multiple efforts on studying,modeling and reducing energy consumption for ProSe on mobile devices,the paper would provide guide for developers to build energy-efficient ProSe.

Hierarchy Bayesian model based services awareness of high-speed optical access networks

As the speed of optical access networks soars with ever increasing multiple services, the service-supporting ability of optical access networks suffers greatly from the shortage of service awareness. Aiming to solve this problem, a hierarchy Bayesian model based services awareness mechanism is proposed for high-speed optical access networks. This approach builds a so-called hierarchy Bayesian model, according to the structure of typical optical access networks. Moreover, the proposed scheme is able to conduct simple services awareness operation in each optical network unit(ONU) and to perform complex services awareness from the whole view of system in optical line terminal(OLT). Simulation results show that the proposed scheme is able to achieve better quality of services(Qo S), in terms of packet loss rate and time delay.

Stateless overlay multicast with in-packet bloom filters

Due to the difficulty of deploying Internet protocol （IP） multicast on the Internet on a large scale, overlay multicast has been considered as a promising alternative to develop the multicast communication in recent years. However, the existing overlay multicast solutions suffer from high costs to maintain the state information of nodes in the multicast forwarding tree. A stateless overlay multicast scheme is proposed, in which the multicast routing information is encoded by a bloom filter （BF） and encapsulated into the packet header without any need for maintaining the multicast forwarding tree. Our scheme leverages the node heterogeneity and proximity information in the physical topology and hierarchically constructs the transit-stub overlay topology by assigning geometric coordinates to all overlay nodes. More importantly, the scheme uses BF technology to identify the nodes and links of the multicast forwarding tree, which improves the forwarding efficiency and decreases the false-positive forwarding loop. The analytical and simulation results show that the proposal can achieve high forwarding efficiency and good scalability.