An Improved Integrated Prediction Method of Cyber Security Situation Based on Spatial-time Analysis

Cyber security situation awareness, as an effective supplement in cyber security protection measures, has been one of the research focus in recent years. In particular, cyber security situation prediction has become a hotspot of research. However, the existing cyber security situation prediction methods neglect the influence of future security elements when measuring the future security situation. Another fact is that the relationships among the security elements are always ignored. In this work, we presented an improved integrated cyber security situation prediction method based on spatial-time analysis from a new perspective. We described cyber security elements in different levels by a hierarchical index system. Then we predicted the future security elements independently in time dimension. In the process of spatial dimension prediction, we made a fusion prediction of the future security elements by using Fuzzy Cognitive Maps (FCM), and meanwhile, we corrected the prediction in spatial dimension prediction by using threat intelligence data. Finally, we used DARPA2000 datasets that is from Lincoln Laboratory Scenario (DDOS) to verify and analyze our method. The experimental result shows that the proposed method can model the future cyber security situation in network environment in a more accurate way by comparing with other similar methods.