Journal of Computer Applications (计算机应用) 2013/33:12 PP.3506-3510
After analyzing and comparing the existing security situation assessment methods, a network security situation assessment method was proposed based on time dimension, which focused on the necessity of using different methods for short-term and long-term assessment respectively. Based on the alarm information which came from security device such as firewall and Intrusion Detection Systems (IDS), the whole short-term situation was got according to the score of destination host. Combining the result of short-term assessment and static index, the weight of long-term assessment system was determined by entropy method. The proposed assessment method divides network security situation into short-term and long-term, and makes up for the lack of setting situation assessment boundaries in terms.