| 基于事件关联的网络威胁分析技术研究 |
| |
| 引用本文: | 张翔,胡昌振,尹伟.基于事件关联的网络威胁分析技术研究[J].计算机工程与应用,2007,43(4):143-145. |
| |
| 作者姓名: | 张翔 胡昌振 尹伟 |
| |
| 作者单位: | 北京理工大学计算机网络攻防对抗技术实验室 北京100081 |
| |
| 摘 要: | 应用事件关联的方法综合IDS等安全设备报警信息进行网络威胁分析,介绍了事件关联基本方法,并提出事件关联分析器体系结构,实验系统测试结果表明,应用事件关联技术有效降低了网络威胁分析中出现的虚警,极大地减少了冗余报警。
|
| 关 键 词: | 网络安全 事件关联 威胁分析 |
| 文章编号: | 1002-8331(2007)04-0143-03 |
| 修稿时间: | 2006-05 |
Research of network threat analysis technique based on event correlation |
| |
| ZHANG Xiang,HU Chang-zhen,YIN Wei.Research of network threat analysis technique based on event correlation[J].Computer Engineering and Applications,2007,43(4):143-145. |
| |
| Authors: | ZHANG Xiang HU Chang-zhen YIN Wei |
| |
| Affiliation: | Computer Network Countermeasure Technology Laboratory,Beijing Institute of Technology,Beijing 100081,China |
| |
| Abstract: | The presentation is about network threat analysis accord to alert information of IDS and other network security devices in event correlation method.First some basic methods of event correlation are introduced,then a structure of event correlation analysis engine is discussed.Test result of demo system proves that applying event correlation method on the threat analysis decreases the false positive and redundant alarm from network security devices. |
| |
| Keywords: | network security event correlation threat analysis |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
