Security monitoring and analysis can help users to timely perceive threats faced by the host, thereby protecting and backup data and improving the host's security status. In the research domain of host security analysis, many feasible solutions have been proposed. However, real‐time performance and accuracy still need improvement. This paper proposes a host security analysis method based on Dempster–Shafer (D‐S) evidence theory. It adopts three models of support vector regression, logistic regression, and K‐nearest neighbor regression, as sensors for multisource information fusion. Multiple sensors perform security analysis on the host, respectively, and use the analysis results as evidence of D‐S evidence theory. Experiments show that the proposed method provides effective security protection for the host in terms of absolute error, root mean square error, and the average absolute percentage error.

中文翻译：

---

使用 D-S 证据理论和多源信息融合分析主机安全性

安全监控和分析可以帮助用户及时感知主机面临的威胁，从而保护和备份数据，提高主机的安全状态。在主机安全分析的研究领域，已经提出了许多可行的解决方案。然而，实时性能和准确性仍然需要改进。本文提出了一种基于Dempster-Shafer（D-S）证据理论的主机安全分析方法。它采用支持向量回归、逻辑回归和K-最近邻回归三种模型作为多源信息融合的传感器。多个传感器分别对主机进行安全分析，并将分析结果作为D-S证据理论的证据。实验表明，所提出的方法在绝对错误方面为主机提供了有效的安全保护，