| 网络安全态势感知分析框架与实现方法比较 |
| |
| 引用本文: | 李艳,王纯子,黄光球,赵旭,张斌,李盈超.网络安全态势感知分析框架与实现方法比较[J].电子学报,2019,47(4):927-945. |
| |
| 作者姓名: | 李艳 王纯子 黄光球 赵旭 张斌 李盈超 |
| |
| 作者单位: | 西安工程大学管理学院,陕西西安,710048;西安建筑科技大学管理学院,陕西西安,710055;西安工程大学管理学院,陕西西安710048;联易软件有限公司,陕西西安710000 |
| |
| 基金项目: | 陕西省科学技术研究发展计划;陕西省重点学科建设专项;博士科研启动基金 |
| |
| 摘 要: | 信息技术已经深入到全社会政治、经济、文化的方方面面,信息革命改变了全世界的沟通方式,促使人类社会有了巨大的发展,也使网络安全问题受到了前所未有的关注.针对网络安全问题的研究主要经历了理想化设计保证安全、辅助检测被动防御、主动分析制定策略、全面感知预测趋势4个主要阶段,在各国都在争夺数字控制权的新战略制高点背景下,针对网络安全态势感知的探讨无论是在学术研究上还是在产业化实现上都呈现出了全新的特点.本文对网络安全态势感知进行了尽可能详尽的文献调研,首先介绍了国内外研究现状及网络安全态势感知与传统态势感知之间的区别与联系;然后从数据价值链角度提出了网络安全态势感知的逻辑分析框架,将整个过程分解为要素采集、模型表示、度量确立、求解分析和态势预测五个连续的处理阶段,随后对每个阶段的作用,主流的方法进行了阐述,并对在实验对象上的应用结果以及方法间的横向比较进行了说明.本文意图对网络安全态势感知提供全景知识,为网络安全的产业化方案提供辅助思想,希望能够对此领域的科研和工程人员起到参考作用.
|
| 关 键 词: | 网络安全 网络态势感知 攻击模型 入侵检测 数据融合分析 |
| 收稿时间: | 2018-04-23 |
A Survey of Architecture and Implementation Method on Cyber Security Situation Awareness Analysis |
| |
| LI Yan,WANG Chun-zi,HUANG Guang-qiu,ZHAO Xu,ZHANG Bin,LI Ying-chao.A Survey of Architecture and Implementation Method on Cyber Security Situation Awareness Analysis[J].Acta Electronica Sinica,2019,47(4):927-945. |
| |
| Authors: | LI Yan WANG Chun-zi HUANG Guang-qiu ZHAO Xu ZHANG Bin LI Ying-chao |
| |
| Affiliation: | 1. School of Management, Xi'an Polytechnic University, Xi'an, Shaanxi 710048, China;
2. School of Management, Xi'an University of Architecture & Technology, Xi'an, Shaanxi 710055, China;
3. LianYi Software Co. Ltd., Xi'an, Shaanxi 710000, China |
| |
| Abstract: | Information technology has penetrated into all aspects of politics,economy and culture in the whole society.The information revolution has changed the way of communication all over the world,promoted the development of human society,and made the problem of network security get unprecedented attention.The research on network security has mainly experienced 4 main stages:idealized design ensures safety,passive defense after auxiliary detection,actively analyze and formulate security strategies,forecast trend after comprehensive perception.Under the background of the new strategic commanding point for the power of digital control in all countries,the research on the Cyber Security Situation Awareness Analysis (CSSA) has presented new features in both academic research and industrialization.This paper makes a detailed literature survey on CSSA.First,it introduces the status of the research and the difference and connection between CSSA and traditional awareness analysis.Then the logical analysis framework of CSSA is proposed from the perspective of data value chain.The whole process is decomposed into five continuous stages of processing,including factor collection,model representation,measurement establishment,solution analysis and situation prediction.After that,the role and the mainstream method of each stage are expounded,and the application results on the experimental object and the horizontal comparison between the methods are explained.The purpose of this paper is to provide a panoramic knowledge of CSSA,and to provide an auxiliary idea for the network security industrialization scheme,and hope that it can serve as a reference for scientific research and engineering personnel in this field. |
| |
| Keywords: | network security network situation awareness attack model intrusion detection data fusion analysis |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《电子学报》浏览原始摘要信息 |
|
点击此处可从《电子学报》下载全文 |
|
