Research Article  Open Access
Xiaoling Tao, Ziyi Liu, Changsong Yang, "An Efficient Network Security Situation Assessment Method Based on AE and PMU", Wireless Communications and Mobile Computing, vol. 2021, Article ID 1173065, 9 pages, 2021. https://doi.org/10.1155/2021/1173065
An Efficient Network Security Situation Assessment Method Based on AE and PMU
Abstract
Network security situation assessment (NSSA) is an important and effective active defense technology in the field of network security situation awareness. By analyzing the historical network security situation awareness data, NSSA can evaluate the network security threat and analyze the network attack stage, thus fully grasping the overall network security situation. With the rapid development of 5G, cloud computing, and Internet of things, the network environment is increasingly complex, resulting in diversity and randomness of network threats, which directly determine the accuracy and the universality of NSSA methods. Meanwhile, the indicator data is characterized by large scale and heterogeneity, which seriously affect the efficiency of the NSSA methods. In this paper, we design a new NSSA method based on the autoencoder (AE) and parsimonious memory unit (PMU). In our novel method, we first utilize an AEbased data dimensionality reduction method to process the original indicator data, thus effectively removing the redundant part of the indicator data. Subsequently, we adopt a PMU deep neural network to achieve accurate and efficient NSSA. The experimental results demonstrate that the accuracy and efficiency of our novel method are both greatly improved.
1. Introduction
Network security situation assessment (NSSA) technology is one of the most effective active defense technologies to evaluate the threats of network security, by which the network administrators not only can comprehensively understand the security risk situation but also can understand the security threats which are faced by the current network and information system. Hence, the network administrators can manage the dynamic network security situation and judge the development trend of the network security situation [1, 2]. As a result, NSSA attracts increasing attention.
Nowadays, plenty of NSSA methods have been proposed, while there still exist many inherent deficiencies in the existing methods, resulting in a lot of severe challenges that need to be solved solidly. Firstly, most of the existing NSSA methods pay too much attention to subjective judgment and prior knowledge. Meanwhile, they ignore plenty of other external factors and the time sequence property of the indicator data. As a result, they are not suitable for the longterm assessment over the network security situation. Secondly, the existing NSSA methods are not efficiency attractive. Specifically, the current indicator data is characterized by large scale, multifeature, heterogeneity, high dimensionality, and nonlinearity. Hence, the existing NSSA methods need to pay very expensive computational overhead to process these indicator data before evaluating the network security situation. Last but not least, some existing NSSA methods only consider part of the network security threats and attacks. However, the current network threats and attacks are characterized by diversity and randomness, resulting in very low accuracy in some existing methods. Therefore, how to design a novel method to effectively and accurately achieve NSSA has become one of the most important problems in the field of network security.
1.1. Contributions
We study an essential but challenging problem in this paper, i.e., accurate and efficient NSSA in largescale network environment. Then, we design a novel NSSA method based on the autoencoder (AE) and parsimonious memory unit (PMU), which can efficiently and accurately achieve NSSA. Therefore, the main contributions of this paper can be described as the following two aspects. (1)In the current largescale network environment, the indicator data is characterized by heterogeneity, large scale, multifeature, high dimensionality, and nonlinearity. Therefore, we design an AEbased data dimensionality reduction method to process the original indicator data, thus reducing the dimensions of the indicator data. Subsequently, we can efficiently extract the situation assessment elements on the premise of guaranteeing the integrity of the data features(2)We adopt PMU to design a novel NSSA method for the current largescale network environment, in which PMU is utilized for feature representation and timevarying learning of situation assessment elements. Meanwhile, we offer the theoretical computational complexity comparison. Finally, we implement our novel method and provide the performance evaluation, which can intuitively demonstrate the high efficiency and accuracy of our novel method
1.2. Related Work
NSSA has been extensively studied in both academia and industry, resulting in a rich body of solutions. Generally speaking, the existing NSSA methods can be summarized into three categories: mathematical statisticsbased assessment method, knowledge reasoningbased assessment method [3], and machine learningbased assessment method [4, 5].
Wang et al. [6] designed a hierarchical NSSA method based on an analytic hierarchy process (AHP), which used the hierarchical cyber threat situation assessment (CSA) indicator system constructed by AHP to decide the network threat weight values. Wang et al. [7] proposed an AHPbased NSSA and quantification method, which utilized the AHP and hierarchical situation assessment model to simplify the NSSA problem. Li et al. [8] adopted fuzzy optimal clustering criteria combined with means clustering to process the indicator data, thus getting the number of clusters and the optimal clustering center. Then, they got the final NSSA results by utilizing AHP to construct an assessment model. Zhang et al. [9] presented a distributed denial of service (DDoS) attack NSSA model based on fuzzy clustering algorithm fusion features, which can effectively evaluate the security status of DDoS attack. Although the above methods can effectively implement NSSA, they not only need a lot of subjective judgments but also are not conducive to longterm assessment.
Yi et al. [10] designed a NSSA method based on fuzzy theory. Their method used fuzzy theory to weaken the index factors with low credibility and eliminate the uncertainty, thus making the assessment results more accurate. Liu et al. [11] utilized DS evidence theory to fuse the measured indexes for obtaining the device threat value. Then, they utilized AHP to calculate the weights for different devices and finally obtained the network threat situation value by the weighting method. CodettaRaiteri et al. [12] designed a NSSA method based on decision networks (DN), which can achieve a reasonable tradeoff between computational complexity and analysis efficiency. To quantitatively assess the network security risk, Wang et al. [13] designed a NSSA model based on the Bayesian approach. Fan et al. [14] presented a security evaluation method based on a softwaredefined network (SDN), which used multiple observation hidden Markov model (HMM) to obtain the security evaluation value of SDN, by quantifying the network state. To more completely describe the network security situation, Liao et al. [15] designed a NSSA method based on the extended HMM. Although the above knowledge reasoningbased methods can improve the NSSA accuracy, they rely on too much prior knowledge and have no advantages in efficiency.
Nowadays, the support vector machine (SVM) [16] and neural network [17, 18] are also widely used in NSSA. Chen et al. [19] adopted the SVM and gravitational search algorithm (GSA) to design a NSSA method, which has a better global optimization function. Qiang et al. [20] utilized an optimized cuckoo search back propagation neural network (BPNN) to design a new NSSA method. In their method, they used a cuckoo search (CS) algorithm based on conjugate gradient to optimize the initial parameters of BPNN and increase the training efficiency of the neural network. Shi and Chen [21] utilized a dualSVM model for data learning and parameter estimation in command information system security situation samples, thus evaluating the command information system security situation. Gao et al. [22] designed the SVM information system security risk assessment model, which was optimized by an artificial fish swarm algorithm (AFSA). In their method, the AFSA was used to optimize the SVM, resulting in great accuracy and fast convergence. Han et al. [23] adopted convolutional neural networks (CNN) to design a quantitative network security situation evaluation method for an intelligent robot cluster under the wireless connection. Yang et al. [24] adopted a deep autoencoder (DAE) and deep neural networks (DNN) to study NSSA. Subsequently, they designed a new method to improve the network attack identification accuracy and the NSSA flexibility. Although the above methods can improve the accuracy, they cannot learn the correlation of time series. Therefore, they cannot be suitable for the NSSA over the indicator data which is characterized by the time sequence.
1.3. Organization
The rest of the structure of this paper is as follows. In Section 2, we describe the AE and PMU. In Section 3, we adopt AE and PMU to propose a novel NSSA method. Then, we implement the proposed method and provide the experiment results in Section 4. Finally, we simply summarize this paper in Section 5.
2. Preliminaries
2.1. Autoencoder
An autoencoder (AE) [25, 26] is a common unsupervised learning algorithm, which utilizes the original input data as a reference for selfsupervised learning to reduce dimension. AE generates information elements with more obvious features and lower dimensions than the original data element. AE maps the original data to the encoding layer to achieve encoding, then maps the encoded data to the decoding layer for decoding, and takes the final decoded data as the output data (see Figure 1).
We utilize and to represent the input data and the weight of the encoder, respectively. At the same time, we denote by the output of the encoding layer. Then, we could utilize to represent the weight of the decoder. The output result can be expressed as , where represents the data dimensions. Note that the AE requires that the final input result is almost equal to the output result, that is, .
The encoding process of the AE can be expressed as follows:
where the bias of the encoding part can be represented as and the activation function of the encoding part can be represented as .
The decoding process of the AE decoding layer can be expressed as follows: where the bias of the decoding part can be represented as and the activation function of the decoding part can be represented as .
The loss function is usually used in AE training, and it can be expressed as where represents the input variable, represents the output variable, represents the loss function, and represents the number of samples.
2.2. Parsimonious Memory Unit
A parsimonious memory unit (PMU) is a new recurrent neural network, which can be viewed as an improved version of a gated recurrent unit (GRU) [27]. PMU is characterized by better managing the latent relations between short and longterm dependencies [28]. Note that there are two gate structures in the GRU model, i.e., reset gate and update gate. However, there is only one gate structure in PMU, i.e., unit gate, as seen in Figure 2. Specifically, PMU integrates the update gate and the reset gate of GRU into a new unit gate, resulting in fewer parameters in PMU. Moreover, due to the fact that the PMU can better manage the latent relations between short and longterm dependencies, PMU has better convergence and speed in training.
In Figure 2, we utilize to represent the unit gate, which is used to control the learning of longterm correlation and shortterm correlation of the data. When is 1, PMU learns the longterm dependence of the data, while when is 0, PMU learns the shortterm dependence of the data. The learning mode of PMU can be described as follows.
Firstly, the state of the unit gate is obtained by the evaluation state transmitted from the previous node and the input of the current node:
Secondly, the state of the current time memorized on the current candidate set can be expressed as
Thirdly, in the stage of updating memory, PMU updates through the following formula:
Finally, the output of forward propagation is
In the forward propagation process of PMU, we need to learn the following three parameters: , , and , where
Then, the output is the network domain security situation score value.
3. Method
In this section, we initially describe the system structure. Then, we introduce our AEPMUbased NSSA method in detail.
3.1. System Structure
With the rapid development of modern network technology, the complexity of the current network environment is continuously increasing. In particular, with the development of cloud computing [29–31] and Internet of things [32, 33], the modern network is characterized by new features, such as dynamic virtualized management methods and multilevel service models. As a result, the network threats have the characteristics of diversity and randomness. Meanwhile, the indicator data is largescale and has heterogeneity, resulting in plenty of new problems in NSSA. Specifically, the large volume of indicator data seriously affects the efficiency of the assessment method. Moreover, the diversity and randomness of network threats directly determine the accuracy and the universality of the assessment method. To handle the above challenges, we propose a novel NSSA method (as seen in Figure 3), which is mainly composed of AEbased data dimensionality reduction and PMUbased assessment method. Specifically, we first adopt AE to process the original indicator data to achieve data dimension reduction. Then, we extract the situation assessment elements efficiently. By taking AE, our method can greatly improve the efficiency and reduce the data loss. Then, we adopt PMU to design an efficient NSSA method. Compared with other deep neural networks (e.g., GRU), PMU is more suitable for managing the latent relations between short and longterm dependencies. Meanwhile, our PMUbased assessment method is more efficient than the GRUbased assessment method.
3.2. AEPMUBased NSSA Method
In this part, we provide the detailed description of our proposed AEPMUbased NSSA method. The algorithm pseudocode is shown in Algorithm 1.

As described in Algorithm 1, represents the dimension of data dimensionality reduction, represents the training period, and represents the situation value after the evaluation of the test set. The main processes are as follows. (1)Initialize the data dimension reduction dimension and the number of training period (2)Use AE to extract the situation assessment elements from the initialized overall indicator dataset to achieve data dimensionality reduction(3)Input the situation assessment elements of the training set into the PMUbased NSSA training model to implement the model training(4)Input the situation assessment elements of the testing set into the PMUbased NSSA model to get the situation value
4. Time Complexity Analysis and Experiment
We initially analyze the time complexity in this section. Then, we implement our AEPMUbased NSSA method and provide the experimental results, including the precision, the efficiency, and the fit between the assessed indicator value and the real indicator value.
4.1. Time Complexity Analysis
Time complexity is a significant index to judge the merits of the algorithm. We will analyze and compare the forward propagation time complexity of the GRUbased NSSA method and the PMUbased NSSA method.
We can assume that the dimension of the data input is and the number of PMU hidden units is . Firstly, according to formula (4), the number of operations for can be represented as . Secondly, according to formula (5), the number of operations for calculating the current state candidate set is . Thirdly, according to formula (6), the number of operations in the memory update phase is . Finally, the total number of operations of PMU is . Overall, the time complexity is .
Compared with PMU, GRU has one more gate structure, which has the same number of operations as the gate of PMU. In addition, the memory update phase of the GRU is different from that of PMU. GRU uses to control whether the candidate set state is added to the memory update phase in this state. Therefore, the number of operations in the memory update phase of the GRU is . The operation time of other parts of GRU is the same as that of PMU. Therefore, the total number of GRU operations is . In summary, the time complexity is .
As shown in Table 1, in general, although the time complexity of PMU is the same as that of the GRU, the total number of operations in PMU is much less than that in GRU. Therefore, the PMUbased NSSA is much more efficient.

4.2. Experimental Settings
4.2.1. Experimental Environment and Dataset
In our simulation experiment, the public dataset UNSWNB15 is utilized as the experimental dataset [34, 35]. In UNSWNB15, there are 9 different modern attacks. Meanwhile, every data record contains 43 elements and a corresponding label. UNSWNB15 is divided into 4 different CommaSeparated Values (CSV) files, which contain a total of 2540044 data records. Moreover, there are 300000 abnormal traffic data records, as shown in Table 2.

As shown in Table 2, the dataset covers 9 different attack categories; the detailed categories are as follows: (1)Analysis: an intrusion method that penetrates web applications through email, web scripts, ports, etc.(2)Backdoors: an intrusion method that bypasses the system security mechanism through technical secrets to evaluate the computer or its data(3)DoS: a method of deliberately attacking the implementation defects of the network protocol or directly using brute force to exhaust the resources of the attacked object, so as to achieve an attack that makes the target network unable to use services or resources(4)Exploits: a type of attack that exploits the attacker’s knowledge of security vulnerabilities in the operating system or software(5)Fuzzers: an attack type in which an attacker provides a large number of random numbers to the program or the network to make it down(6)Generic: use hash functions for conflicts regardless of password configuration(7)Reconnaissance: attacks used to collect computer information, also called probes(8)Shellcode: the attacker uses shell commands and a small amount of code to control the attack mode of the attacked host(9)Worms: worm attack, a virus attack that can replicate itself to the control host without any operation
For the convenience of experiment, we make statistics every ten minutes according to the time stamp in all the extracted dataset. A total of 144 sample data composed of the situation value is generated; among them, 100 are intercepted as the training set and 44 as the testing set. In addition, the network security situation value is 010. In the process of establishing the situation risk level, we will denote the situation value of 02 as safe, the situation value of 34 as low risk, and the situation value of 56 as medium risk. The situation value of 78 indicates a high risk, and the situation value of 910 indicates an emergency.
4.2.2. Experimental Criteria
In this experiment, , , , and are used to evaluate the effectiveness of our NSSA method and some of these concepts are defined as follows.
True positive (): means that the positive samples are evaluated as positive samples
False positive (): means that the negative samples are evaluated as positive samples
True negative (): means that the negative samples are evaluated as negative samples
False negative (): means that the positive samples are evaluated as negative samples
We use a confusion matrix to represent , , , and , as shown in Table 3.

Then, the , , , and are defined as follows:
represents the proportion of the number of correctly identified samples in the total sample. represents the proportion of actual positive samples among the number of positive samples identified. represents the percentage of positive examples in the sample that are predicted to be correct. However, it is unreasonable to evaluate the performance of the model only from or . To make the evaluation be more convincing, except for and , it is generally necessary to use as the model evaluation standard.
4.3. Evaluation Experimental Result
In this part, we evaluate the proposed AEPMUbased assessment method, the PMUbased assessment method, the GRUbased assessment method, and BPNNbased assessment method from the points of effectiveness, fitting degree, and efficiency.
4.3.1. Effectiveness Evaluation
We compare the effectiveness of our AEPMUbased assessment method, PMUbased assessment method, GRUbased assessment method, and BPNNbased assessment method, as shown in Figure 4.
Figure 4 measures the effectiveness of four different assessment methods from the rate, rate, rate, and . Among them, the AEPMUbased assessment method has the best performance. This is because BPNNbased assessment method does not consider the time sequence of the indicator data; thus, it could not evaluate the indicator data better. Although the GRUbased assessment method can consider the timing of the indicator data, compared with the PMUbased assessment method, GRU cannot effectively manage gates based on the latent relation between short and longterm dependencies, so its effectiveness is inferior to that of the PMUbased assessment method. Because the data after AE dimensionality reduction removes the redundant part, the effectiveness of the AEPMUbased assessment method is better than that of the PMUbased assessment method. This shows that the AEbased dimensionality reduction data fully retains the effectiveness of the indicator data, and the effectiveness of the PMUbased assessment method is better than that of the GRUbased assessment method.
4.3.2. Goodness of Fit
We utilize a polyline graph to intuitively show the comparison of the fit between the assessment value and the real value, as shown in Figure 5.
From Figure 5, we can see that when the sample numbers are 3, 13, 31, and 33, the network situation value fluctuates significantly, indicating that the network threats are relatively strong at these moments. In the third sample, a warning of “mediumrisk” level appeared, indicating that the network is being threatened by a higher level attack, and security defense countermeasures should be taken. The “highrisk” level warnings appeared in the samples no. 13 and no. 31, indicating that the network suffers from extremely great security threats, and timely protection or rescue is required. According to the two fitting curves of the real value and the assessment value, it can be seen that the situation assessment result obtained by the proposed method basically fits the real security situation. Except for sample no. 31, which misjudged “high risk” as “safety,” all other samples were correctly judged, which can more accurately fit the real security situation of the current network. Among other methods, the PMUbased assessment method makes a mistake once, the GRUbased assessment method makes a mistake twice, and the BPNNbased assessment method makes a mistake three times.
Our analysis of the reasons is consistent with the above “effectiveness evaluation” reasons. According to the above experimental results, it can be shown that the AEPMUbased NSSA method can adapt to the NSSA under the modern network environment and can more accurately fit the real network security situation changes.
4.3.3. Performance Evaluation
Among the above four methods, although the network structure of BPNN is simple, it is rarely used in practical applications because it cannot fully characterize the data characteristics by using the time sequence of the data. Therefore, here we only compare the performance (assessment time) of NSSA methods based on PMU, GRU, and AE+PMU, as seen in Figure 6.
We can see from Figure 6 that the running time of the AEPMUbased assessment method is the smallest, the running time of the PMUbased assessment method is the second, and the running time of the GRUbased assessment method is the longest. This is because the GRU has two gate structures. The reset gate helps the GRU decide which past information needs to be forgotten, and the update gate helps the GRU decide which past information needs to be passed to the future. However, PMU uses a gate to complete the calculation tasks of the GRU update gate and reset gate, thus reducing the amount of calculation. Meanwhile, AE reduces the dimension of the original indicator data. Hence, the computational efficiency of the AEPMUbased assessment method is the best.
5. Conclusions
In largescale network environment, the diversity of network threats and the high dimensionality of indicator data make the NSSA become more difficult. In this paper, we studied the NSSA in largescale network environment and then proposed a novel NSSA method based on AE and PMU. Specifically, we first used AE for data dimensionality reduction to remove the redundant data. Then, we utilized PMU to achieve NSSA. By taking the advantage of PMU, the proposed method can effectively improve the performance of the model. Finally, we implemented the proposed method and provided the performance evaluation. The experimental results can show that compared with the existing methods, our method had significant advantages in efficiency, accuracy, and fit degree.
Data Availability
The dataset UNSWNB15 can be got by sending email to the corresponding author or downloaded from https://research.unsw.edu.au/projects/unswnb15dataset.
Conflicts of Interest
The authors declare that they have no conflicts of interest.
Acknowledgments
This work is supported by the National Natural Science Foundation of China (No. 61962015), the Natural Science Foundation of Guangxi (No. 2020GXNSFBA297132), the Science and Technology Program of Guangxi (No. AD20297028), the Innovation Project of GUET Graduate Education (No. 2021YCXS061), and the Opening Project of Shanghai Key Laboratory of Integrated Administration Technologies for Information Security (No. AGK2020005).
References
 Y. B. Leau, S. Manickam, and Y. W. Chong, “Network security situation assessment: a review and discussion,” in Information Science and Applications, K. Kim, Ed., vol. 339 of Lecture Notes in Electrical Engineering, pp. 407–4414, Springer, Berlin, Germany, 2015. View at: Publisher Site  Google Scholar
 X. Tao, Y. Liu, F. Zhao, C. Yang, and Y. Wang, “Graph databasebased network security situation awareness data storage method,” EURASIP Journal on Wireless Communications and Networking, vol. 2018, 2018. View at: Publisher Site  Google Scholar
 P. Thagard, “Frames, knowledge, and inference,” Synthese, vol. 61, no. 2, pp. 233–259, 1984. View at: Publisher Site  Google Scholar
 T. M. Mitchell, Machine Learning, McGraw Hill, Burr Ridge, IL, 1997.
 M. I. Jordan and T. M. Mitchell, “Machine learning: trends, perspectives, and prospects,” Science, vol. 349, no. 6245, pp. 255–260, 2015. View at: Publisher Site  Google Scholar
 Y. F. Wang, J. Wang, Z. B. Xu, and H. Li, “Assessing cyberthreats situation for electric power information networks,” in 2013 Ninth International Conference on Natural Computation (ICNC), pp. 1557–1562, Shenyang, China, 2013. View at: Publisher Site  Google Scholar
 H. Wang, Z. F. Chen, Z. Feng et al., “Research on network security situation assessment and quantification method based on analytic hierarchy process,” Wireless Personal Communications, vol. 102, no. 2, pp. 1401–1420, 2018. View at: Publisher Site  Google Scholar
 F. W. Li, S. C. Yang, and J. Zhu, “Improved network security situation assessment method based on fuzzy hierarchy method,” Journal of Computer Applications, vol. 42, no. 9, pp. 2622–2626, 2014. View at: Google Scholar
 R. Zhang, J. Cheng, X. Tang, Q. Liu, and X. He, “DDoS attack security situation assessment model using fusion feature based on fuzzy Cmeans clustering algorithm,” in International Conference on Cloud Computing and Security (ICCCS), X. Sun, Z. Pan, and E. Bertino, Eds., vol. 11064 of Lecture Notes in Computer Science, pp. 654–669, Springer, Cham, 2018. View at: Publisher Site  Google Scholar
 B. Yi, Y. P. Cao, and Y. Song, “Network security risk assessment model based on fuzzy theory,” Journal of Intelligent & Fuzzy Systems, vol. 38, no. 4, pp. 3921–3928, 2020. View at: Publisher Site  Google Scholar
 Z. H. Liu, Z. Bin, Z. Ning, and L. Li, “Hierarchical network threat situation assessment method for DDoS based on DS evidence theory,” in 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 49–53, Beijing, China, 2017. View at: Publisher Site  Google Scholar
 D. CodettaRaiteri and L. Portinale, “Decision networks for security risk assessment of critical infrastructures,” ACM Transactions on Internet Technology, vol. 18, no. 3, pp. 1–22, 2018. View at: Publisher Site  Google Scholar
 J. Wang, M. Neil, and N. Fenton, “A Bayesian network approach for cybersecurity risk assessment implementing and extending the FAIR model,” Computers & Security, vol. 89, article 101659, 2020. View at: Publisher Site  Google Scholar
 Z. Fan, Y. Xiao, A. Nayak, and C. Tan, “An improved network security situation assessment approach in software defined networks,” PeertoPeer Networking and Applications, vol. 12, no. 2, pp. 295–309, 2019. View at: Publisher Site  Google Scholar
 Y. W. Liao, G. S. Zhao, J. Wang, and S. Li, “Network security situation assessment model based on extended hidden Markov,” Mathematical Problems in Engineering, vol. 2020, Article ID 1428056, 13 pages, 2020. View at: Publisher Site  Google Scholar
 W. S. Noble, “What is a support vector machine?” Nature Biotechnology, vol. 24, no. 12, pp. 1565–1567, 2006. View at: Publisher Site  Google Scholar
 Y. Liang, Z. P. Cai, J. G. Yu, Q. L. Han, and Y. S. Li, “Deep learning based inference of private information using embedded sensors in smart devices,” IEEE Network Magazine, vol. 32, no. 4, pp. 8–14, 2018. View at: Publisher Site  Google Scholar
 Y. Lecun, Y. Bengio, and G. Hinton, “Deep learning,” Nature, vol. 521, no. 7553, pp. 436–444, 2015. View at: Publisher Site  Google Scholar
 X. Y. Chen, X. C. Yin, and A. Sun, “Network security situation assessment model based on GSASVM,” in Proceedings of 2018 International Conference on Computer, Communication and Network Technology (CCNT), pp. 414–420, Zhejiang, China, June 2018. View at: Google Scholar
 J. Qiang, F. Wang, and X. L. Dang, “Network security based on DS evidence theory optimizing CSBP neural network situation assessment,” in 2018 5th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/2018 4th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom), pp. 153–159, Shanghai, China, June 2018. View at: Publisher Site  Google Scholar
 L. L. Shi and J. Chen, “Assessment model of command information system security situation based on twin support vector machines,” in 2017 International Conference on Network and Information Systems for Computers (ICNISC), pp. 135–139, Shanghai, China, April 2017. View at: Publisher Site  Google Scholar
 Y. Y. Gao, Y. J. Shen, G. D. Zhang, and S. Zheng, “Information security risk assessment model based on optimized support vector machine with artificial fish swarm algorithm,” in 2015 6th IEEE International Conference on Software Engineering and Service Science (ICSESS), pp. 599–602, Beijing, China, September, 2015. View at: Publisher Site  Google Scholar
 W. H. Han, Z. H. Tian, Z. Z. Huang, D. Q. Huang, and Y. Jia, “Quantitative assessment of wireless connected intelligent robot swarms network security situation,” IEEE Access, vol. 7, no. 99, pp. 134293–134300, 2019. View at: Publisher Site  Google Scholar
 H. Y. Yang, R. Y. Zeng, G. Q. Xu, and L. Zhang, “A network security situation assessment method based on adversarial deep learning,” Applied Soft Computing, vol. 102, no. 8, article 107096, 2021. View at: Publisher Site  Google Scholar
 D. E. Rumelhart, G. E. Hinton, and R. J. Williams, “Learning representations by backpropagating errors,” Nature, vol. 323, no. 6088, pp. 533–536, 1986. View at: Publisher Site  Google Scholar
 G. E. Hinton, S. Osinder, and Y. W. Teh, “A fast learning algorithm for deep belief nets,” Neural Computation, vol. 18, no. 7, pp. 1527–1554, 2006. View at: Publisher Site  Google Scholar
 M. Mohamed, “Parsimonious memory unit for recurrent neural networks with application to natural language processing,” Neurocomputing, vol. 314, no. 7, pp. 48–64, 2018. View at: Publisher Site  Google Scholar
 L. Landberg, G. Giebel, H. A. Nielsen, T. Nielsen, and H. Madsen, “Shortterm prediction? An overview,” Wind Energy, vol. 6, no. 3, pp. 273–280, 2003. View at: Publisher Site  Google Scholar
 C. Yang, X. Tao, F. Zhao, and Y. Wang, “Secure data transfer and deletion from counting bloom filter in cloud computing,” Chinese Journal of Electronics, vol. 29, no. 2, pp. 273–280, 2020. View at: Publisher Site  Google Scholar
 C. Yang, X. Tao, F. Zhao, and Y. Wang, “A new outsourced data deletion scheme with public verifiability,” in Wireless Algorithms, Systems, and Applications. WASA 2019, E. Biagioni, Y. Zheng, and S. Cheng, Eds., vol. 11604 of Lecture Notes in Computer Science, pp. 631–638, Springer, Cham, 2019. View at: Publisher Site  Google Scholar
 C. Yang, F. Zhao, X. Tao, and Y. Wang, “Publicly verifiable outsourced data migration scheme supporting efficient integrity checking,” Journal of Network and Computer Applications, vol. 192, article 103184, 2021. View at: Publisher Site  Google Scholar
 X. Zheng and Z. P. Cai, “Privacypreserved data sharing towards multiple parties in industrial IoTs,” IEEE Journal on Selected Areas in Communications, vol. 38, no. 5, pp. 968–979, 2020. View at: Publisher Site  Google Scholar
 K. Y. Li, G. C. Luo, Y. Ye, W. Li, S. Ji, and Z. Cai, “Adversarial privacypreserving graph embedding against inference attack,” IEEE Internet of Things, vol. 8, no. 8, pp. 6904–6915, 2021. View at: Publisher Site  Google Scholar
 N. Moustafa and J. Slay, “UNSWNB15: a comprehensive data set for network intrusion detection systems (UNSWNB15 network data set),” in Military Communications and Information Systems Conference 2015 (MilCIS), pp. 1–6, Canberra, Australia, November 2015. View at: Publisher Site  Google Scholar
 N. Moustafa and J. Slay, “The evaluation of network anomaly detection systems: statistical analysis of the UNSWNB15 data set and the comparison with the KDD99 data set,” Information Security Journal: A Global Perspective, vol. 25, no. 1, pp. 18–31, 2016. View at: Google Scholar
Copyright
Copyright © 2021 Xiaoling Tao et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.