Hindawi
Security and Communication Networks
Volume 2022, Article ID 3639174, 9 pages
https://doi.org/10.1155/2022/3639174
Research Article
Research on Network Security Situational Awareness Based on
Crawler Algorithm
Xu Wu ,1 Dezhi Wei ,2 Bharati P. Vasgi ,3 Ahmed Kareem Oleiwi ,4
Sunil L. Bangare ,5 and Evans Asenso 6
1Laboratory Management Center, Chengyi College, Jimei University, Xiamen, Fujian 361021, China
2Department of Information Engineering, Chengyi College, Jimei University, Xiamen, Fujian 361021, China
3Department of Information Technology, Marathwada Mitra Mandal’s College of Engineering, Pune, India
4Department of Computer Technical Engineering, -e Islamic University, Najaf 54001, Iraq
5Department of Information Technology, Sinhgad Academy of Engineering, Savitribai Phule Pune University, Pune, India
6Department of Agricultural Engineering, School of Engineering Sciences, University of Ghana, Accra, Ghana
Correspondence should be addressed to Dezhi Wei; weidezhi8@126.com and Evans Asenso; easenso@ug.edu.gh
Received 10 May 2022; Revised 13 June 2022; Accepted 22 June 2022; Published 20 July 2022
Academic Editor: Mukesh Soni
Copyright © 2022 XuWu et al. ,is is an open access article distributed under the Creative Commons Attribution License, which
permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Network security situation awareness is a critical basis for security solutions because it displays the target system’s security state by
assessing actual or possible cyber-attacks in the target system. Aiming at the security and stability of global information flow, this
paper studies the perception and measurement of the overall situation of network security. ,rough the Scrappy web crawler
framework, data were collected from several Zhiming network security event websites, and based on the vulnerability database of
China Computer Network Intrusion Prevention Center, the network security event database was designed and established, which
enriched the data of situational awareness research.,is study investigates the analysis and processing of network security events,
a crucial parameter in the stage of security insight and perception, and builds and implements a text-based network security event
analysis tool. By designing a network security event analysis tool based on text processing, the data cleaning of network security
time text information is completed, and a set of network security event processing solutions with high applicability and
comprehensiveness are formed. Statistical experimental results show that the network security event database built based on the
crawler algorithm contains 43,848 pieces of data, which increases the capacity by 12.79% and 29.33% compared with the
traditional algorithm, and reduces the reading time by 63.5% and 87.2%.
1. Introduction period in 2017, an increase of 3.8%. But at the same time,
networked systems have gradually become the preferred
,e use of the global Internet has grown exponentially, target of organized crime groups. Unfortunately, the overall
bringing new ways of transacting, communicating, learning, defense capabilities of current cyber systems are still in their
and socializing to everyday life. At the same time, the In- infancy. Cyber security difficulties can range from minor
ternet has penetrated into the fields of economy, politics, issues such as out-of-date software to major issues such as a
transportation, education, agriculture, etc., playing an in- lack of leadership backing. ,e number of Internet-con-
creasingly important role in different fields. According to the nected “smart” devices in both homes and businesses is
2018 Internet Statistics Report [1] by the China Internet increasing. ,e problem is that not all of these smart devices
Network Information Center (CNNIC), the number of provide proper protection, allowing intruders to hijack
Internet users in China has reached 829 million, with 56.53 systems and get access to business networks. With the
million new Internet users throughout the year, and the popularization and promotion of network technology, the
Internet penetration rate is 59.6%, compared with the same following severe situation of network security has become
2 Security and Communication Networks
difficult to ignore. ,e analysis methodology can extract effectiveness and practicability of the tools and models. ,e
analytically valuable security events from multi-source and article presents a comprehensive introduction to the topic of
heterogeneous huge raw data, and then discover security network security situational awareness, with the goal of
concerns, prospective threats, and unknown assaults. As providing useful guidance for comprehending related ideas,
there are different types of encryption, there are numerous encouraging their use in practice, and implementing large-
means for attackers to transmit encrypted threats. Phishing, scale network development. ,e data cleaning of network
sensitive information theft, DOS attacks, ransomware, security time text information is finished by building a
DDoS assaults, masquerading, pattern matching, and other network security event analysis tool based on text pro-
network security threats are continually evolving. ,e scope cessing, and a set of network security event processing
of network security threats is constantly expanding, the solutions with high applicability and comprehensiveness is
research content of network security is also constantly established.
enriched, and the network security situation and challenges ,e previous section is the introduction to the paper.
are becoming more and more severe [2, 3]. Section 2 is the literature survey done related to the work
With the increasing importance of cyberspace safety, done in the field of security. Research methodology has been
more attention is being paid to cyber security stress de- discussed in section 3. Section 4 is the results analysis based
tection research and applications (NSSA). ,e research onmajor findings. Conclusion of the paper has been covered
decomposes an independent assault behavior into several in section 5.
separate time stages during the process of continuous
evolution of the NSSA system, such as the IKC multi-stage 2. Literature Review
attack model. NSSA realizes behavior identification,
knowledge of purpose, and effect evaluation of diverse Situational awareness can forecast network security growth
network operations in order to make suitable security re- by representing the complete state of cyber security in real
sponse options. ,e occurrence of one network security time. Massive data technology application gives up new
event may influence the later creation of other network opportunities for big network security spatial awareness
security events, demonstrating a tendency of chain evolution study. ,e network security event evolution law comprises
and increasing the complexity of network security events. not only the development rule of a single network security
NSSA realizes behavior identification, purpose under- event, but also the law of chain evolution between network
standing, and effect evaluation of various network opera- security events. References [9, 10] summarize that, by an-
tions to allow appropriate security response decisions [4, 5]. alyzing network security and recognizing anomalous events
Network security events are both intrinsically related and in the networks, one could anticipate the future security
affect each other [6]. Situational awareness can represent the condition and prevent aberrant feedback. Big data-based
overall condition of cyber security in real time and predict network security situational awareness can aid in the res-
network security growth. ,e application of big data tech- olution of increasingly complicated networking security
nology opens up new avenues for big network security concerns. With the growth of the Internet and global in-
spatial awareness research [7, 8]. ,e occurrence of one formation, the encryption of the data is at risk threats that
network security event may affect the subsequent devel- employ encryption to avoid detection and are known as
opment of different network security events, showing a trend encrypted threats. Malware, espionage, spear-phishing,
of chain evolution, making the nature of network security zero-day, security breaches, malicious websites, and other
events more complex. For complex networks, the longer the attack types are among them.,ere are variety of techniques
duration, the greater the impact and harm on work life. ,e for attackers to communicate encrypted threats, just as there
evolution law of network security events includes not only are numerous forms of encryption. ,e concept of situa-
the evolution law of a single network security event, but also tional awareness was first proposed by [11]; situational
the law of chain evolution between network security events. awareness refers to “the perception of environmental ele-
Identifying and understanding these evolution laws is very ments in a certain time and space, the specific understanding
important for the analysis and perception of network se- of their meaning, and the understanding of their situation in
curity situation, a complete set of cyberspace security sit- the near future. Network security situational awareness, as a
uational awareness solutions is shown in Figure 1. Figure 1 type of active defense technology, discovers and analyzes
shows the schematic diagram representing security aware- dangerous behaviors in the network, and discovers the risks
ness solution. ,e platform will provide great convenience existing in the network as soon as possible. By sensing the
and has strong applicability; at the same time, it can also host node, log, topology structure, etc., it can formulate and
clearly present the internal connection of network security schedule different security solutions in a timely manner, so
events. that it can reduce losses and reduce risks before the attack
,is paper mainly studies the analysis and processing of arrives.
network security events, an important parameter in the stage Situational awareness has emerged as a hot topic in the
of awareness and understanding of security situation, and cyber security industry, due to its capacity to improve de-
designs and implements a network security event analysis cision-making by applying a three-layer model of obser-
tool based on text processing. A hypernetwork-based net- vation, understanding, and prediction [12, 13]. In the early
work security event chain evolution model, based on the stage when security situational awareness was proposed,
established network security database, verifies the literature [14] proposed a security situational awareness
Security and Communication Networks 3
Qianxin cloud monitoring Qianxin cloud monitoring The internet
Website vulnerability data Website vulnerability data
The website hangs horse data The website hangs horse data
Website dark link data Website dark link data
Reinsurance unit WEB system
Unicom Telecom
Intranet area Protect data such as
The Internet
Emergency response data zone
Analysis
platform Layer 3 switch
cluster Intranet
firewall
Internet
Internet data internal
collector firewall
Intranet The Internet
Early warning platform Business
business work and workspace Platform - Internet
large screen display zone control
Cloud Data push
Third Party data
Figure 1: Cyberspace security situational awareness solutions.
model based on simple weighting method and gray theory; online visual analysis system OCEANS to deal with network
literature [14] proposed a network security situational as- security events to assist users to quickly understand the
sessment scheme based on attack mode identification; lit- actual network security situation and reduce the frequency
erature [15] summarized the current research direction and of system false positives; reference [22] also describes a visual
found that the research work mainly focused on the simple analysis system that can ensure security management.
static evaluation, and the dynamic analysis from the possible Personnel timely discover the actual harm of network se-
transformation of attack activities was seriously insufficient, curity threats to critical infrastructure; reference [23] pro-
including early warning analysis and other aspects; Refer- poses a situational awareness model that can simultaneously
ence [16] discusses that the security situational awareness realize information sharing among multiple agencies, which
elements are extracted from the attacker, the defender, and helps to further improve the security situational awareness
the network environment, and a security situational pre- system and reduce network security hazards caused by risks.
diction method based on the analysis of the spatiotemporal With the deterioration of Internet security, spatial
dimension is further formed. Reference [17] applies the awareness has become a top issue in the area. ,e breadth
LAMBDA language to support the elaboration of the and depth of data, business logic with which it is processed,
template and matching process. In the process of the con- and the clarity and intuitive with which the information is
tinuous development of the NSSA system, the literature [18] analyzed all influence the effect of situational awareness
decomposes an independent attack behavior into multiple decision-making processes [24, 25]. Historically, research on
different time stages, such as the IKC multi-stage attack network security incidents has made achievements in dif-
model [19], by analyzing the semantics of each attack ferent fields, but from a macro perspective, they are all
warning report. Pattern matching is performed on the valid scattered. Reference [26] reviewed and summarized the
alerts and differentiated attack stages after the configuration analysis tools of security events in stages, and representative
information is verified with the vulnerability information to tools include Swatch, SEC, OSSEC, etc. [27] proposed a
reproduce the complete attack process; reference [20] security event based on data mining.,e analysis framework
proposes a network security situation prediction method can obtain security events with analytical value from multi-
based on immune time series; reference [21] developed an source and heterogeneous massive raw data, and further
4 Security and Communication Networks
detect security risks, potential threats, and unknown attacks; of generic web crawlers. It can scrape data from various data
Leijiao et al. [28] proposed a graph theory-based method. A sources. It is an elevated web crawling and scraping tech-
trace analysis method is used for understanding the de- nology for crawling and extracting organized data from
tection and response data of collected incidents, con- online pages. It has a variety of applications, including data
structing applicable patterns for data classification from mining, surveillance, and automated testing. It can scrape
attack trajectories. A finite state machine can be constructed data from various data sources. Scrapy also allows operations
based on certain rules to automate data classification, then a such as cleaning, formatting, decorating, and storing these
state machine can be constructed according to the tracking data into data to cascade, so that the performance degra-
trajectory, and finally the effectiveness of the state machine dation becomes smaller. Technically, Scrapy is a scraping
and the performance of the state machine can be evaluated; application built with Python’s twisted framework, because
Powar et al. [29] identified specific security events as the Twisted is event-driven, allowing Scrapy to split the
starting point to take the development process of the security throughput through smooth operations when it has thou-
incident life cycle as the main idea, supplemented by security sands of open connections delay. Users can modify it
management and security technology, to build a complete according to their needs, and it is simple and lightweight to
security incident life cycle management and control system. use, so it has a wide range of uses and can be used in a series
Security incident emergency response is an important of fields including data mining, information processing, or
field of security incident research. Hou et al. [30] proposed a storage of historical data [33].
set of basic network security incident emergency response When implementing the Scrapy framework, this paper
linkage schemes, which can reasonably dispatch geo- mainly uses the custom crawler module (spider.py), project
graphically distributed resources to coordinately respond to module (items.py), pipeline module (pipelines.py), and
the sudden occurrence of network security incidents. configuration file module (setting.py). When writing the
According to the characteristics of network security inci- crawler module, according to the characteristics of the
dents, Reti et al. [31] have pointed out the key point of the actual network security event website, the regular ex-
network information security incident emergency response pression of Xpath is used to parse the HTML text from the
(NISIER) system, proposed a new NISIER engine and locate the target information; when writing the
architecture—“8641” hierarchy, and expounded this system. project module, the specific crawler is determined Tasks,
In order to solve the problem of the combination of network namely, Title, Category, Summary, Pub-time, Author, and
security emergency response system and emergency man- Security Event Content (Article); when writing the pipeline
agement platform, Tan et al. [32] proposed a security ar- module, according to the website source, the safe time text
chitecture of a web-based network security emergency information is numbered, sorted, and stored separately
management platform, which uses the stored procedure of [34].
parameterized statements to further filter hazardous
information.
3.2. Classification of Network Security Incidents. After re-
3. Research Methods ferring to China’s official classification standards for in-formation security incidents, comprehensively consider
In order to provide more comprehensive data for the that the main research object of this paper is network
awareness and understanding stage of network security security incidents, at the same time refer to the triggering
situational awareness, and to solve the problem that it is rules, nature, and mechanism of network security inci-
difficult for current users to obtain the key information they dents, and consider the requirements of the current net-
need in time from hundreds of millions of network security work security situation. Harmful program incidents (MI)
event texts, this paper designs and implements the text and network attack incidents (NAI) in information security
processing-based network security event analysis tool. incidents are the two main categories of network security
Taking into account the advantages of machine learning incidents, and the specific downward classification of the
algorithms in the fields of text classification and decom- two categories is shown in Table 1, as the final classification
position and information extraction, the actual functions of standard of the article [35]. A denial-of-service (DOSAI)
various tools involved in this chapter are completed by attack is a cyber-attack in which the offender attempts to
combining them with network security event processing. render a computer or network resource inaccessible to its
Figure 2 shows the overall framework of the network se- user requirements by temporary or permanently inter-
curity event analysis tool. rupting services of a server attached to the network. A
backdoor attack (BDAI) is a sort of hack that exploits
security flaws in computer networks. Poor design, code
3.1. Scrapy Framework Analysis and Application. Scrapy is a problems, and malware can all generate these vulnerabil-
robust web crawler framework based on the Python lan- ities, which might be purposeful or inadvertent. Backdoor
guage. Python has the benefits of being lightweight, simple, attacks are frequently used to obtain unwanted access to
and having a wide range of applications, among other networks or data, as well as to infect systems with malware.
characteristics. Several crawler frameworks and application A botnet assault is a type of cyber-attack that occurs when a
modules based on Python are now well developed, with the collection of World Wide Web devices becomes infected
crawler framework being particularly prominent in the use with software controlled by malevolent hackers. Botnet
Security and Communication Networks 5
Network security During supervised learning, the maximum likelihood
event collection algorithm is used to calculate the parameter matrix of the
model according to the manual annotation results of the
training samples, and finally the construction of the infor-
Data preprocessing mation extractionmodel is completed.,e parameters of the
HMM model can be calculated by the above crawler
algorithm:
Text annotation Text similarity Classification of cyber
Cij()
calculation security incidents aij � n , 1≤ i, j≤ n, (1)􏽐k�1 Cik
where Cij is the frequency of transition from state i to state j
and mText information 􏽐k�1 Cik is the sum of the frequency of transition from
extraction state i to all states.
Figure 2: Overall frame diagram. Ejk()
bj(k) � m , 1≤ i, j≤ n≤ k≤m, (2)
􏽐i�1 Eji()
assaults (BI) often entail spamming, data breaches, stealing where Ejk() is the frequency at which state j releases ob-
confidential material, or conducting devastating DDoS servation and mxk 􏽐i�1 Eji() is the sum of the frequencies at
attacks [36]. which state j releases all observations.
4. Analysis of Results
3.3.Classification ImplementationofCrawlerAlgorithmBased
on Neural Network Model. ,e goal of training a neural 4.1. Test Data Sources. ,e test source of this paper mainly
network is to input a crawler algorithm training set that has comes from the VCDB (VERIS Community Database) se-
completed text preprocessing and determine the category curity event dataset.,e network security events obtained by
into the neural network model, so that it can be trained and the crawler tool are stored in the MySQL database. ,e
continuously learned to form rules for recognizing a certain current event database stores a total of 43848 pieces of data,
type of text. ,e implementation process of the classification as shown in Table 2. ,is dataset is designed to collect and
module is shown in Algorithm 1. First, the determined disseminate information on cybersecurity incidents for all
categories and the eigenvalues extracted by TF-IDF are used publicly disclosed data breaches. Its data are encoded in
as the input of the neural network model, the classification VERIS format, and the same data are published in JSON
list in the sample set is looped through, and the MLP multi- format in GitHub. Each event in the dataset is a self-con-
layer perception classification in the sklearn library is used. tained JSON file, including the original URL used when the
,e processor handles classification problems. data were collected.
Among the parameters of MLP, solver represents the
solver for weight optimization, alpha represents the initial
learning rate of the neural network, hidden_layer_sizes 4.2. Classification Model Test Experiment. ,is paper com-
represents the number of neurons in the hidden layer, and pares the classification accuracy of two text classification
random_state is the default state or seed without a random algorithms, naive Bayes and logistic regression, and the
number generator [37]. ,e joblib function saves the crawler algorithm based on the neural network model used
training model formed by each loop, and when the traversal in this paper. ,e logistic regression algorithm is a well-
of the training samples is completed, the final classification known algorithm.,emain reason is that it is more efficient,
model is formed. ,en, by judging whether the actual does not require a large amount of calculation, is simple and
classification is the same as the model predicted classifica- easy to understand, does not require scaling of input fea-
tion, if it is the same as the actual classification, assign a value tures, hardly requires any special design, is easy to adjust,
to the variable representing the accuracy rate, and contin- and can output calibrated predicted probabilities. Another
uously record the number of correct classifications in the advantage is that it is easier to implement and the model
database. If it is different from the actual classification, training is more efficient; naive Bayes is one of the most
record it in the database. ,e number of misclassified commonly used text classification models, and it has a good
cybersecurity events finally returns the overall average effect on datasets with a large degree of discrimination such
classification accuracy. as information classification. And its model is relatively
In this paper, the preprocessed training samples have a simple, which can reduce the requirements for the scale of
total of 9962 feature dimensions, and the network security the dataset to a certain extent.
events are divided into 14 categories. ,erefore, the number ,e specific experimental process is to extract 2,000
of neurons in the input layer of the neural network is 9962, pieces of data from the three categories of test data, namely,
the depth of the hidden layer is 1, the number of neurons in backdoor attack events, vulnerability attack events, and
the hidden layer is 20, the number of neurons in the output network scanning and eavesdropping events, for a total of
layer is 14, and the learning rate of the model is 2.0. 6,000 pieces of data. Starting from 1000 pieces of data,
6 Security and Communication Networks
Table 1: Specific classification of network security incidents.
Unwanted program event (MI) Cyber-attack incident (NAI)
Computer virus incident (CVI) Denial-of-service attack (DOSAI)
Worm event (WI) Backdoor attack (BDAI)
Trojan Horse incident (THI) Vulnerability attack event (VAI)
Botnet incident (BI) Network scanning eavesdropping (NSEI)
Hybrid attack program incident (BAI) Phishing incident (PI)
Web page embedded malicious code event (WBPI) Disturbance event (II)
Other unwanted program events (OMI) Other cyber-attack incidents (ONAI)
(1) INPUT: tfidf_path weight and category
(2) OUTPUT: total_correct_rate
(3) For each classify_name in classify_list do
(4) MLPClassifier(hidden_layer_sizes, random_state,
(5) solver, alpha)
(6) joblib.dump(network_clf )
(7) If real_classify� � predicted_classify then
(8) correct_rate� predicted_score
(9) correct_file_num� correct_file_num+ 1
(10) Else
(11) wrong_file_num�wrong_file_num+ 1
(12) End if
(13) Return total_correct_rate
ALGORITHM 1: Crawler algorithm implementation.
Table 2: Examples of VCDB database.
Incident type Time Summary
Hacking May. Employee accidentally included attachment to e-mail with sensitive information about current/former/2019 deceased students and one teacher
Website Jan. 2020 Stolen mobile device places PII for over 100,000 people at risk. Device was not encrypted and did not havedefacement password protection
Website N/A. Hackers part of the anonymous-affiliated k0detec collective have gained unauthorized access to the systems
defacement 2019 of MOAB training international
Server breach N/A. After three long years of investigation by the Federal Bureau of Investigation, a local woman has been2020 indicted in federal court on 26 counts of bank fraud, identity theft, and bankruptcy fraud
Website hacked May.2021 External actor conspired with servers to skim customer credit car
Private key stolen N/A.2019 Veteran A received veteran B’s medication. Information included veteran B’s name and medication type
additional 1000 pieces of data are input into three classifi- category news, and keywords of different types have great
cation models. ,e experimental results are shown in Fig- differences. In the classification of network security inci-
ures 3 and 4. dents, the keyword “attack” has a high probability of oc-
As shown in Figures 3 and 4, it can be seen that the currence in categories such as “worm incident,” “mixed
classification accuracy of the neural network is increased by attack program incident,” and “backdoor attack incident.” It
12.79% and 29.33% compared with logistic regression and appears frequently in “vulnerability attack events” as well as
naive Bayes, respectively, while the reading time is reduced “interference events,” and thus network security event
by 63.5% and 87.2%.,e reason is that the keywords of each classification frequently requires referring to the connection
category in the network security event classification are between numerous keywords at the same time.
more uncertain than the news classification. For example, in Among them, the detection effect of the logistic re-
the news information classification, keywords such as “star,”, gression algorithm is the least ideal, because logistic re-
“drama,” and “variety show” generally appear in “enter- gression belongs to a linear model, the model complexity is
tainment.” In category news, keywords such as “athlete,” relatively low, and the ability to describe the boundary of the
“schedule,” and “referee” generally appear in “physical” sample points with irregular spatial distribution is
Security and Communication Networks 7
1.00 intrinsic content between different input neurons (i.e., vo-
cabulary) in the process of optimizing the weights between
0.95 neurons in each layer. It can express complex nonlinear
0.90 functional relationships, and the changes in the internal
parameters of the algorithm improve the generalization
0.85 performance, thus achieving superior detection results, so it
shows better results in the classification of network security
0.80 events.
0.75
5. Conclusion
0.70
,e research results of this paper are based on the char-
0.65 acteristics of network security events as an important pa-
0.60 rameter of network security situational awareness research,
0 1000 2000 3000 4000 5000 6000 7000 and combined with machine learning, crawler algorithm,
Data number and hyper-network technology, it can quickly distinguish
and query the constantly updated network security events,
Crawler providing users or researchers. It provides great convenience
Naive Bayes and has strong applicability; at the same time, it can also
Logistic regression clearly present the internal connection of network security
Figure 3: Classification model accuracy comparison. events. A text processing-based network security event
analysis tool is designed and implemented in this study. ,e
1.8 real characteristics of the numerous instruments engaged in
this article are completed by merging them with network
1.6 security event processing, taking into consideration the
1.4 benefits of machine learning algorithms in the domains of
text categorization and segmentation and information ex-
1.2 traction. Starting from the correlation between security
1.0 events, it is helpful to establish the impact of security events
on network system security. ,e impact analysis of the
0.8 degree of impact is also of positive significance for the
0.6 analysis of real network attacks and defense historical events,
as well as the analysis of the development trend of attack and
0.4 defense technologies; at the same time, the research field of
0.2 super network has been expanded, and it has been extended
to cyberspace security from other fields, which greatly
0.0 enriched the scope of application of hyper-networks. It can
0 1000 2000 3000 4000 5000 6000 7000 also express complicated nonlinear functional connections,
Data number and adjustments to the algorithm’s internal parameters
Crawler increase generalization capability, resulting in superior de-
Naive Bayes tection results; thus, it performs better in network security
Logistic regression event categorization.
Figure 4: Classification model read time comparison.
Data Availability
insufficient; the prior probability predicts the type of new ,e data used to support the findings of this study are
samples. In order to avoid the formation of exponential available from the corresponding author upon request.
parameters when the model is established, it is necessary to
assume that each feature (i.e., vocabulary) in the sample is Conflicts of Interest
independent of each other. ,erefore as a result, when the ,e authors declare that there are no conflicts of interest
number of features in the problem is high and each feature regarding the publication of this paper.
has a specific connection between them, this assumption will
interfere with the model's prediction effect. From the ex- Acknowledgments
perimental results, this may limit the further improvement
of the accuracy. ,e neural network algorithm performed ,e authors are thankful to the: 1. ,e Program of Culti-
the best detection and significantly outperformed the pre- vating Outstanding Young Scientific Research Talents in
vious algorithm. In contrast, the neural network model Universities of Fujian Province: Research on the dissemi-
simulates the human nervous system by constructing nation and evolution of social network hot events based on
multiple layers of neurons and can gradually extract the game theory and SIRS, ZX17033, Project Leader: Dezhi Wei.
Read time (s) Accuracy
8 Security and Communication Networks
2. ,e Doctoral Research Initiation Fund Program: Research [13] M. Yang, P. Kumar, J. Bhola, andM. Shabaz, “Development of
on robot decision technology based on multi-sensor infor- image recognition software based on artificial intelligence
mation fusion, CK18013, Project Leader: Dezhi Wei. 3. Pro- algorithm for the efficient sorting of apple fruit,” International
gram of Fujian Provincial Department of Education:Modeling Journal of System Assurance Engineering and Management,
and simulation analysis of group behavior in the evolution of vol. 13, 2021.
social network emergencies, JAT201035, Project Leader: Dezhi [14] Y. Zhang, X. Kou, Z. Song, Y. Fan, M. Usman, and V. Jagota,
Wei. 4. Education and Scientific Research Project for Middle- “Research on logistics management layout optimization and
Aged and Young Teachers in Fujian Province: Research and real-time application based on nonlinear programming,”
design of Internet public opinion crawler algorithm based on Nonlinear Engineering, vol. 10, no. 1, pp. 526–534, 2021.[15] W. Qian, H. Lai, Q. Zhu, and K. C. Chang, Overview of
big data, JT180876, Project Leader: Wu Xu. Network Security Situation Awareness Based on Big Data,
2021.
References [16] H. Zhang, C. Kang, and Y. Xiao, “Research on network se-
curity situation awareness based on the lstm-dt model,”
[1] S. Lu and Y. Zhuang, A Network Security Situational Sensors, vol. 21, no. 14, p. 4788, 2021.
Awareness Framework Based on Situation Fusion, 2021. [17] N. Kishor, K. Uhlen, L. Vanfretti, and S. Skok, Synchrophasor
[2] Y. Zhao, “Application of Machine Learning in Network Se- Technology: Towards Real-Time Operation of Power Networks,
curity Situational Awareness,” in Proceedings of the 2021 2021.
World Conference on Computing and Communication Tech- [18] J. Y. Zhang, S. Y. Bi, L. L. Gong,W.W. Kong, and X. Y. Zhang,
nologies (WCCCT), Dalian, China, January 2021. Research on Network Optimization and Network Security in
[3] G. S. Sriram, “Security challenges of big data computing,” Power Wireless Private Network, 2021.
International Research Journal of Modernization in Engi- [19] W. Li and H. Zhu, “Research on Comprehensive Enterprise
neering Technology and Science, vol. 4, no. 1, pp. 1164–1171, Network Security,” in Proceedings of the 2021 IEEE 11th
2022. International Conference on Electronics Information and
[4] H. Li, M. Shabaz, and R. Castillejo-Melgarejo, “Imple- Emergency Communication (ICEIEC), IEEE, China, June
mentation of python data in online translation crawler 2021.
website design,” International Journal of System Assurance [20] X. He, “Research on computer network security based on
Engineering and Management, 2021. firewall technology,” Journal of Physics: Conference Series,
[5] D. Bhargava, B. Prasanalakshmi, T. Vaiyapuri, H. Alsulami, vol. 1744, no. 4, Article ID 042037, 2021.
S. H. Serbaya, and A. W. Rahmani, “CUCKOO-ANN based [21] Z. Zou, T. Chen, J. Chen, Y. Hou, and R. Yang, “Research on
novel energy-efficient optimization technique for IoT sensor Network Security Risk and Security Countermeasures of 5G
node modelling,” Wireless Communications and Mobile Technology in Power System Application,” in Proceedings of
Computing, vol. 2022, Article ID 8660245, 9 pages, 2022. the 2021 IEEE 5th advanced information technology, electronic
[6] L. Matta and M. Husák, “A Dashboard for Cyber Situational and automation control conference (IAEAC), Beijing China,
Awareness and Decision Support in Network Security October 2021.
Management,” in Proceedings of the 17th IFIP/IEEE Inter- [22] T. K. Lohani, M. T. Ayana, A. K. Mohammed, M. Shabaz,
national Symposium on Integrated Network Management (IM G. Dhiman, and V. Jagota, “A comprehensive approach of
2021), IEEE, Bordeaux, France, May 2021. hydrological issues related to ground water using GIS in the
[7] G. S. Sriram, “Edge computing vs. Cloud computing: an
overview of big data challenges and opportunities for large Hindu holy city of Gaya, India,”World Journal of Engineering,
enterprises,” International Research Journal of Modernization p. 6, 2021.
in Engineering Technology and Science, vol. 4, no. 1, [23] N. Ding, P. Prabhakar, A. Khosla, V. Jagota, E. Ramirez-Asis,
pp. 1331–1337, 2022. and B. K. Singh, “Application of fuzzy immune algorithm and
[8] S. Zhang, K. Srividya, I. Kakaravada et al., “A Global Opti- soft computing in the design of 2-DOF PID controller,”
mization Algorithm for Intelligent Electromechanical Control Discrete Dynamics in Nature and Society, vol. 2022, Article ID
System with Improved Filling Function,” Scientific Pro- 5608054, 8 pages, 2022.
gramming, vol. 2022, Article ID 3361027, 10 pages, 2022. [24] Z. Yan, Y. Yu, andM. Shabaz, “Optimization research on deep
[9] J. Bhola, S. Soni, and G. K. Cheema, “Recent trends for se- learning and temporal segmentation algorithm of video shot
curity applications in wireless sensor networks – a technical in basketball games,” Computational Intelligence and Neu-
review,” in Proceedings of the 6th International Conference on roscience, vol. 2021, pp. 1–10, 2021.
Computing for Sustainable Global Development (INDIACom), [25] G. S. Sriram, “Green cloud computing: an approach towards
pp. 707–712, New Delhi, India, March 2019. sustainability,” International Research Journal of Moderni-
[10] B.Wang, X. Yao, Y. Jiang, C. Sun, andM. Shabaz, “Design of a zation in Engineering Technology and Science, vol. 4, no. 1,
real-time monitoring system for smoke and dust in thermal pp. 1263–1268, 2022.
power plants based on improved genetic algorithm,” Journal [26] J. Zhao, “Research on network security defence based on big
of Healthcare Engineering, vol. 2021, Article ID 7212567, data clustering algorithms,” International Journal of Infor-
10 pages, 2021. mation and Computer Security, vol. 15, no. 4, p. 343, 2021.
[11] Y. Zhu and Z. Du, “Research on the key technologies of [27] H. Song, D. Zhao, and C. Yuan, “Network security situation
network security-oriented situation prediction,” Scientific prediction of improved lanchester equation based on time
Programming, vol. 2021, Article ID 5527746, pp. 1–10, 2021. action factor,” Mobile Networks and Applications, vol. 26,
[12] J. Du, F. Yuan, L. Ding, G. Chen, and X. Liu, “Research on no. 3, pp. 1008–1023, 2021.
threat information network based on link prediction,” In- [28] L. GeGe, Y. LiLi, S. LiLi, J. Zhu, and J. Yan, “Evaluation of the
ternational Journal of Digital Crime and Forensics, vol. 13, situational awareness effects for smart distribution networks
no. 2, pp. 94–102, 2021. under the novel design of indicator framework and hybrid
Security and Communication Networks 9
weighting method,” Frontiers in Energy, vol. 15, no. 1,
pp. 143–158, 2021.
[29] V. Powar and R. Singh, “Stand-alone direct current power
network based on photovoltaics and lithium-ion batteries for
reverse osmosis desalination plant,” Energies, vol. 14, no. 10,
p. 2772, 2021.
[30] R. Hou, G. Ren, W. Gao, and L. Liu, “Research on cyberspace
multi-objective security algorithm and decisionmechanism of
energy internet,” Future Generation Computer Systems,
vol. 120, no. 10, pp. 119–124, 2021.
[31] D. Reti, D. Klaasen, S. D. Anton, and H. D. Schotten, “Secure
(S) Hell: Introducing an SSH Deception Proxy Framework,”
in Proceedings of the 2021 International Conference on Cyber
Situational Awareness, Data Analytics and Assessment
(CyberSA), Dublin, Ireland, June 2021.
[32] L. Tan, K. Yu, F. Ming, X. Chen, and G. Srivastava, IEEE
Consumer Electronics Magazine, no. 99, p. 1, 2021.
[33] H. Liu, “Quantitative situational awareness algorithm of land
state network based on neutral statistics,” Journal of Ambient
Intelligence and Humanized Computing, pp. 1–11, 2021.
[34] J. Pyhnen, J. Rajamki, V. Nuojua, and M. Lehto, Cyber Sit-
uational Awareness in Critical Infrastructure Organizations,
2021.
[35] J. Chen, T. Yang, B. He, and L. He, An Analysis and Research
on Wireless Network Security Dataset. 2021 International
Conference on Big Data Analysis and Computer Science
(BDACS), 2021.
[36] J. Bhola and S. Soni, “Information theory-based defense
mechanism against DDOS attacks for WSAN. Advances in
VLSI, communication, and signal processing,” Lecture Notes
in Electrical Engineering, vol. 683, 2021.
[37] B. Yang, Y. Yu, Z. Wang et al., “Research on network security
protection of application-oriented supercomputing center
based on multi-level defense and moderate principle,” Journal
of Physics: Conference Series, vol. 1828, no. 1, Article ID
012114, 2021.