Framework for risk assessment in cyber situational awareness

A large number of data is generated to help network analysts to evaluate the network security situation in traditional detection and prevention measures, but it is not used fully and effectively, there is not a holistic view of the network situation on it for now. To address this issue, a framework is proposed to evaluate the security situation of the network from three dimensions: threat, vulnerability and stability, and merge the results at decision level to measure the security situation of the overall network. In the case studies, the authors demonstrate how the framework is deployed in the network and how to use it to reflect the security situation of the network in real time. Results of the case study show that the framework can evaluate the security situation of the network accurately and reasonably.