Analyzing host security using D-S evidence theory and multisource information fusion

Security monitoring and analysis can help users to timely perceive threats faced by the host, thereby protecting and backup data and improving the host's security status. In the research domain of host security analysis, many feasible solutions have been proposed. However, real-time performance and accuracy still need improvement. This paper proposes a host security analysis method based on Dempster–Shafer (D-S) evidence theory. It adopts three models of support vector regression, logistic regression, and K-nearest neighbor regression, as sensors for multisource information fusion. Multiple sensors perform security analysis on the host, respectively, and use the analysis results as evidence of D-S evidence theory. Experiments show that the proposed method provides effective security protection for the host in terms of absolute error, root mean square error, and the average absolute percentage error.