Since the evaluation of Distributed Denial of Service (DDoS) is inaccurate and network security situational evaluation is not comprehensive, a new network security situational awareness model based on information fusion was proposed. Firstly, to improve the accuracy of evaluation, a situation assessment method of DDoS attack based on the information of data packet was proposed; Secondly, the original Common Vulnerability Scoring System (CVSS) was improved and the leak vulnerability was evaluated to make the assessment more comprehensive; Then, according to the combination of objective weight and subjective weight, the method of calculating the combined weights and optimizing the results by Sequence Quadratic Program (SQP) algorithm was raised to reduce the uncertainty of fusion; Finally, the network security situation was got by fusing three aspects evaluation. To verify the original evaluation of DDoS was inaccurate, a testing platform was built and the alarm of the same DDoS differed by 3 orders of magnitude. Compared to the original method based on alarm, the steady and accurate result of evaluation was obtained based on data packet. The experimental results show that the proposed method can improve the accuracy of evaluation results.
To minimize damage from network security problem, an improved network security situation assessment model based on Fuzzy Analytic Hierarchy Process (FAHP) was proposed. First, a set of index system in conformity with actual environment which consists of index layer, criterion layer and decision layer was established in consideration of the large-scale network environment in the future. Aiming at the influence on evaluation by data distribution uncertainty and fuzziness in situation assessment, the proposed model used Fuzzy C-Means (FCM) clustering algorithm and the best clustering criterion for data preprocessing to get the optimal cluster number and cluster center. Finally, multi-factor secondary assessment model was established for situation assessment vector. The simulation results show that, compared with the present situation assessment method based on FAHP, the improved method takes the factors which have small weights into consideration better, so the standard deviation is smaller and evaluation results are more objective and accurate.
To solve the issue that, in wireless resource competition, the environment information which gamers get in power game is asymmetric, a power game mechanism based on hidden Markov prediction was proposed. By establishing a Hidden Markov Prediction Model (HMPM), the proposed mechanism estimated whether competitors would take part in the game to improve the information accuracy of the game. Then, the predicted information was used to calculate the best transmission power via the cost function. The simulation results show that, compared with MAP (Maximum A Posteriori) method and NP (No Predicting) method, the power game model based on hidden Markov prediction can not only meet the target capacity, but also improve the power efficiency of the unauthorized users.
Based on the theory of Restless Multi-Armed Bandit (RMAB) model, a novel mechanism of dynamic spectrum access was proposed for the problem that how to coordinate multiple user access multiple idle channels. Firstly, concerning the channel sensing error of the cognitive user being existed in the practical network, the Whittle index policy which can deal with sensing error effectively was derived. In this policy, the users achieved one belief value for every channel based on the historical experience accumulation and chose the channel, which was needed to sense and access, by considering the immediate and future rewards based on the belief values. Secondly, this paper used the multi-bid auction algorithm to deal with the collision among secondary users when they selected the channels to improve the spectrum utilization. The simulation results demonstrate that, in the same environment, the cognitive users with the proposed mechanism have higher throughtput than the mechanism without dealing with sensing error or without multi-bid.