JUCS - Journal of Universal Computer Science 25(3): 203-221, doi: 10.3217/jucs-025-03-0203
Ontology and Weighted D-S Evidence Theory-Based Vulnerability Data Fusion Method
expand article infoXiaoling Tao, Liyan Liu, Feng Zhao, Yan Huang§, Saide Zhu§
‡ Guilin University of Electronic Technology, Guilin, China§ Georgia State University, Atlanta, United States of America
Open Access
With the rapid development of high-speed and large-scale complex network, network vulnerability data presents the characteristics of massive, multi-source and heterogeneous, which makes data fusion become more complex. Although existing data fusion methods can fuse multi-source data, they do not consider that the multisource data may affect the accuracy of fusion result. To solve this problem, we propose an ontology and weighted D-S evidence theory-based vulnerability data fusion method. In our method, we utilize ontology to describe the network vulnerability semantically and construct the network vulnerability ontology hierarchically. Then we use weighted D-S evidence theory to perform the operation of probability distribution and fusion processing. Besides, we simulate our method on MapReduce parallel computing platform. The experiment results show that our method is more effective and accurate compared with existing fusion approaches using single detection tool and traditional D-S evidence theory.
data fusion, D-S evidence theory, network vulnerability, ontology