JUCS - Journal of Universal Computer Science 25(3): 203-221, doi: 10.3217/jucs-025-03-0203
Ontology and Weighted D-S Evidence Theory-Based Vulnerability Data Fusion Method
Xiaoling Tao‡, Liyan Liu‡, Feng Zhao‡, Yan Huang§, Saide Zhu§‡ Guilin University of Electronic Technology, Guilin, China§ Georgia State University, Atlanta, United States of America
Corresponding author: Xiaoling Tao ( txl@guet.edu.cn ) © Xiaoling Tao, Liyan Liu, Feng Zhao, Yan Huang, Saide Zhu. This is an open access article distributed under the terms of the Creative Commons Attribution License (CC BY-ND 4.0). This license allows reusers to copy and distribute the material in any medium or format in unadapted form only, and only so long as attribution is given to the creator. The license allows for commercial use. Citation:
Tao X, Liu L, Zhao F, Huang Y, Zhu S (2019) Ontology and Weighted D-S Evidence Theory-Based Vulnerability Data Fusion Method. JUCS - Journal of Universal Computer Science 25(3): 203-221. https://doi.org/10.3217/jucs-025-03-0203 |  |
Abstract
With the rapid development of high-speed and large-scale complex network, network vulnerability data presents the characteristics of massive, multi-source and heterogeneous, which makes data fusion become more complex. Although existing data fusion methods can fuse multi-source data, they do not consider that the multisource data may affect the accuracy of fusion result. To solve this problem, we propose an ontology and weighted D-S evidence theory-based vulnerability data fusion method. In our method, we utilize ontology to describe the network vulnerability semantically and construct the network vulnerability ontology hierarchically. Then we use weighted D-S evidence theory to perform the operation of probability distribution and fusion processing. Besides, we simulate our method on MapReduce parallel computing platform. The experiment results show that our method is more effective and accurate compared with existing fusion approaches using single detection tool and traditional D-S evidence theory.
Keywords
data fusion, D-S evidence theory, network vulnerability, ontology