本文選題：開(kāi)源工具 + 大數(shù)據(jù)�。� 參考：《計(jì)算機(jī)科學(xué)》2017年05期

【摘要】：對(duì)信息系統(tǒng)安全防護(hù)而言,大數(shù)據(jù)是一把雙刃劍。信息量的巨增使得數(shù)據(jù)價(jià)值密度更小,給APT等攻擊行為提供了更好的藏身環(huán)境;但大數(shù)據(jù)處理技術(shù)對(duì)海量數(shù)據(jù)的聚合、挖掘和分析又使得準(zhǔn)確檢測(cè)及預(yù)測(cè)攻擊威脅成為可能。為增強(qiáng)信息系統(tǒng)的威脅感知與攻擊預(yù)警能力,構(gòu)建大數(shù)據(jù)威脅處理平臺(tái)勢(shì)在必行�；谧钚碌拈_(kāi)源大數(shù)據(jù)組件集,構(gòu)建了集數(shù)據(jù)收集整理、數(shù)據(jù)存儲(chǔ)、離線分析發(fā)現(xiàn)、實(shí)時(shí)關(guān)聯(lián)檢測(cè)、威脅預(yù)警和態(tài)勢(shì)呈現(xiàn)等功能于一體的、支持全流程安全事件處理過(guò)程的、完整的網(wǎng)絡(luò)安全態(tài)勢(shì)感知及預(yù)警架構(gòu),與現(xiàn)有同類平臺(tái)架構(gòu)相比,其具有高可用、可擴(kuò)展、易部署等特點(diǎn),且能較好地支持威脅情報(bào)的引入。
[Abstract]:For information system security protection, big data is a double-edged sword. The huge increase in the amount of information makes the data value density smaller and provides a better hiding environment for attacks such as APT, but the aggregation, mining and analysis of massive data by big data processing technology make it possible to accurately detect and predict attack threats. In order to enhance the ability of threat perception and attack warning of information system, it is imperative to construct big data threat handling platform. Based on the latest open source big data component set, this paper constructs a collection of data collection and collation, data storage, offline analysis and discovery, real-time association detection, threat warning and situation rendering, and supports the whole process of security event processing. Compared with the existing similar platform architecture, the integrated network security situation awareness and early warning architecture has the characteristics of high availability, extensibility, easy deployment, and can support the introduction of threat intelligence.
【作者單位】： 中國(guó)人民解放軍信息工程大學(xué);數(shù)學(xué)工程與先進(jìn)計(jì)算國(guó)家重點(diǎn)實(shí)驗(yàn)室;
【基金】：國(guó)家自然科學(xué)基金(61501515)資助
【分類號(hào)】：TP393.08

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 葉李;王娟;張鳳荔;;宏觀網(wǎng)絡(luò)態(tài)勢(shì)感知系統(tǒng)中的預(yù)測(cè)算法設(shè)計(jì)[J];計(jì)算機(jī)應(yīng)用研究;2009年04期

2 龔正虎;卓瑩;;網(wǎng)絡(luò)態(tài)勢(shì)感知研究[J];軟件學(xué)報(bào);2010年07期

3 翟勝軍;;安全態(tài)勢(shì)感知的關(guān)鍵是對(duì)安全的有效度量[J];信息網(wǎng)絡(luò)安全;2011年09期

4 楊玉璞;毛新然;;智慧城市安全服務(wù)平臺(tái)態(tài)勢(shì)感知系統(tǒng)設(shè)計(jì)[J];中國(guó)科技信息;2013年24期

5 劉尚東;龔儉;楊望;Ahmad;;態(tài)勢(shì)感知技術(shù)在網(wǎng)絡(luò)安全中的應(yīng)用[J];中國(guó)教育網(wǎng)絡(luò);2013年12期

6 王娟;張鳳荔;傅，

本文編號(hào)：1868707