An Effective Method to Safeguard Cyber Security by Preventing Malicious Data

Guohua Wang; Shangda Xie; Xun Zhang; Jinggeng Gao; Feng Wei; Bo Zhao; Chunying Wang; Shichao Lv

doi:10.1109/ACCESS.2019.2951234

IEEE Access (Jan 2019)

An Effective Method to Safeguard Cyber Security by Preventing Malicious Data

Guohua Wang,
Shangda Xie,
Xun Zhang,
Jinggeng Gao,
Feng Wei,
Bo Zhao,
Chunying Wang,
Shichao Lv

Affiliations

Guohua Wang: School of Automation and Electrical Engineering, Lanzhou Jiaotong University, Lanzhou, China
Shangda Xie: School of Automation and Electrical Engineering, Lanzhou Jiaotong University, Lanzhou, China
Xun Zhang: State Grid Gansu Electric Power Research Institute, Lanzhou, China
Jinggeng Gao: State Grid Gansu Electric Power Research Institute, Lanzhou, China
Feng Wei: State Grid Gansu Electric Power Research Institute, Lanzhou, China
Bo Zhao: State Grid Gansu Electric Power Company, Lanzhou, China
Chunying Wang: School of Software and Microelectronics, Peking University, Beijing, China
Shichao Lv: ORCiD; Beijing Key Laboratory of IoT Information Security Technology, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

DOI: https://doi.org/10.1109/ACCESS.2019.2951234
Journal volume & issue: Vol. 7
pp. 166282 – 166291

Abstract

Read online

In order to ensure the information security of a network, network security devices have been widely deployed in the information and communication network. Based on the monitoring data collected by network security equipment, network security administrators analyze whether there is an attacking incident or abnormal situation in the current network environment. However, if the original monitoring data collected by network security equipment is tampered with by the attacker, then network security administrators will make a wrong judgment and delay the best time to take protective actions. Therefore, the reliability and authenticity of data generated by network security devices are of the utmost importance. In this paper, we first define a revised Euclidean distance formula for the D-S evidence theory and propose a dual test method for the authenticity of data based on algebra statistics and geometric trends, detecting any malicious tampering on these monitoring data. Utilizing a web application firewall (WAF) device, we carry out a series of experiments to verify the proposed method.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords