Abstract
Building situational awareness systems that can collect and evaluate data from several sources in real time is crucial as cyber threats become more complex. Sensor fusion, probabilistic reasoning, graph theory, and information theory are all brought together in the innovative mathematical model known as Multi-Source Fusion-Based Cybersecurity Situational Awareness (MF-CSSA). This model is designed to give a complete framework for the visualization and awareness of real-time cybersecurity scenarios. Scalability, accuracy, reaction time, false positive rate, and situational awareness score are the five key performance indicators (KPIs) that we used in order to simulate and assess the proposed model’s architecture. Scalability is the level of scalability that the architecture has. A hundred iterations of the simulation were carried out, and the results indicate that MF-CSSA regularly outperforms the baseline techniques. By combining data and using probabilistic reasoning, the model is able to predict hostile activities in a consistent manner, as shown by the fact that it has an average accuracy of 88% when detecting threats. Having the ability to function in real time is very important, as shown by the fact that its average reaction time is 2.1 seconds. By doing so, it stops attacks from happening before they ever happen. By achieving an average score of 0.82 on the situational awareness scale, the model demonstrates that it is capable of recognizing and contextualizing cybersecurity scenarios. Another way of putting it is that it is able to swiftly adjust to new dangers. The model has a low false positive rate of just 8%, which is in addition to considerably decreasing the amount of work that analysts have to put in and alert fatigue. Last but not least, MF-CSSA is able to develop and handle a significant amount of traffic since it can process around 110 events per second. Because of this, it is a good option for huge networks that experience significant levels of information flow. It is clear from these data that the MF-CSSA architecture is a way of real-time cyber threat defense that is not only intelligent but also practical and provides accurate results.
References
Zhang J., Chen K. T., Jia M., and Baba T., Hybrid MAC-based multipoint relay with energy awareness for system data sharing in wireless sensor network, Journal of Signal Processing. (2012) 16, no. 6, 527–535, https://doi.org/10.2299/jsp.16.527.
Downs R. C., Live panoramic surveillance and spatial awareness achieved through optimized array sensor at source data fusion, Proceedings of SPIE-The International Society for Optical Engineering. (2001) 4363, 198–206.
Minor C. P., Steinhurst D. A., and Johnson K. J., A full-scale prototype multisensor system for damage control and situational awareness, Fire Technology. (2010) 46, no. 2, 437–469, https://doi.org/10.1007/s10694-009-0103-y, 2-s2.0-77952421781.
Bouvry P., Chaumette S., Danoy G., Guerrini G., Jurquet G., Kuwertz A., Muller W., Rosalie M., and Sander J., Using heterogeneous multilevel swarms of UAVs and high-level data fusion to support situation management in surveillance scenarios, IEEE International Conference on Multisensor Fusion & Integration for Intelligent Systems, 2017, Baden-Baden, Germany.
Odumuyiwa, V., and Alabi, R. DDOS Detection on Internet of Things Using Unsupervised Algorithms. Journal of Cyber Security and Mobility, (2021), 10(3), 569–592. https://doi.org/10.13052/jcsm2245-1439.1034.
Guo R., Zhou Y., Zhao J., Yao R., Liu B., and Zhang X., Unsupervised spatial-awareness attention-based and multi-scale domain adaption network for point cloud classification, International Journal of Wavelets Multiresolution and Information Processing. (2021) 19, no. 4, https://doi.org/10.1142/S0219691321500077.
Chen G., Cai J. P., and Yang J., Network security situation awareness based on multi-source data fusion, Advanced Materials Research. (2014) 989–994, 4885–4888, https://doi.org/10.4028/www.scientific.net/AMR.989-994.4885, 2-s2.0-84905842303.
Thomas J. T., Gains D., and Malloy A., Content-based image exploitation for situational awareness, Proceedings of SPIE - The International Society for Optical Engineering. (2008) 6956, article 695604.
Yong D., Su X., and Dong W., Target recognition based on fuzzy Dempster data fusion method, Defence Science Journal. (2010) 60, no. 5, 525–530, https://doi.org/10.14429/dsj.60.576, 2-s2.0-77957592770.
Chen L. and Lenan W. U., Mobile positioning in mixed LOS/NLOS conditions using modified EKF banks and data fusion method, IEICE Transactions on Communications. (2009) 92, no. 4, 1318–1325, https://doi.org/10.1587/transcom.E92.B.1318, 2-s2.0-70350247466.
Chen Y., Gunawan E., and Kim Y., UWB microwave imaging for breast cancer detection: tumor/clutter identification using a time of arrival data fusion method, IEEE Antennas and Propagation Society International Symposium, 2006, Albuquerque, NM, USA.
Han F., Zhu L., and Zhi X., Measurement of multi-sensor data fusion method based on fuzzy theory, Journal of Applied Optics. (2009) 30, no. 6, 988–991.
Asad, H., Adhikari, S. and Gashi, I. A perspective–retrospective analysis of diversity in signature-based open-source network intrusion detection systems. Int. J. Inf. Secur. 23, 1331–1346 (2024). https://doi.org/10.1007/s10207-023-00794-9.
Cai, S., Gallina, B., Nyström, D. et al. Data aggregation processes: a survey, a taxonomy, and design guidelines. Computing 101, 1397–1429 (2019). https://doi.org/10.1007/s00607-018-0679-5.
Talukder, M.A., Islam, M.M., Uddin, M.A. et al. Machine learning-based network intrusion detection for big and imbalanced data using oversampling, stacking feature embedding and feature extraction. J Big Data 11, 33 (2024). https://doi.org/10.1186/s40537-024-00886-w.
Zhao, F., Zhang, H., Peng, J., Zhuang, X., Na, S.G. A semi-self-taught network intrusion detection system. Neural Comput. Appl. 2020, 32, 17169–17179.
Devan, P., Khare, N. An efficient XGBoost–DNN-based classification model for network intrusion detection system. Neural Comput. Appl. 2020, 32, 12499–12514.
Wu, Z., Wang, J., Hu, L., Zhang, Z., Wu, H. A network intrusion detection method based on semantic Re-encoding and deep learning. J. Netw. Comput. Appl. 2020, 164, 102688.
Jiang, K., Wang, W., Wang, A., Wu, H. Network intrusion detection combined hybrid sampling with deep hierarchical network. IEEE Access 2020, 8, 32464–32476.
Gu, J., Wang, L., Wang, H., Wang, S. A novel approach to intrusion detection using SVM ensemble with feature augmentation. Comput. Secur. 2019, 86, 53–62.
Gao, X., Shan, C., Hu, C., Niu, Z., Liu, Z. An adaptive ensemble machine learning model for intrusion detection. IEEE Access 2019, 7, 82512–82521.
Benmessahel, I., Xie, K., Chellal, M., Semong, T. A new evolutionary neural networks based on intrusion detection systems using locust swarm optimization. Evol. Intell. 2019, 12, 131–146.
Zhang, Y., Chen, X., Jin, L., Wang, X., Guo, D. Network intrusion detection: Based on deep hierarchical network and original flow data. IEEE Access 2019, 7, 37004–37016.
Hajisalem, V., Babaie, S. A hybrid intrusion detection system based on ABC-AFS algorithm for misuse and anomaly detection. Comput. Netw. 2018, 136, 37–50.
Sahu, A., Mao, Z., Wlazlo, P., Huang, H., Davis, K., Goulart, A., Zonouz, S. Multi-Source Data Fusion for Cyberattack Detection in Power Systems. arXiv 2021, arXiv:2101.06897.
Chen, K., Gu, L., Sun, J. A DoS Attack Detection Method Based on Multi-source Data Fusion. In Proceedings of the 4th International Conference on Computer Science and Application Engineering, Sanya, China, 20–22 October 2020; pp. 1–8.
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Copyright (c) 2025 Journal of Cyber Security and Mobility