| 网络安全态势感知综述 |
| |
| 引用本文: | 龚俭,臧小东,苏琪,胡晓艳,徐杰.网络安全态势感知综述[J].软件学报,2017,28(4):1010-1026. |
| |
| 作者姓名: | 龚俭 臧小东 苏琪 胡晓艳 徐杰 |
| |
| 作者单位: | 东南大学 计算机科学与工程学院,江苏 南京 211189;江苏省计算机网络重点实验室,江苏 南京 211189;计算机网络和信息集成教育部重点实验室,江苏 南京 211189,东南大学 计算机科学与工程学院,江苏 南京 211189;江苏省计算机网络重点实验室,江苏 南京 211189;计算机网络和信息集成教育部重点实验室,江苏 南京 211189,东南大学 计算机科学与工程学院,江苏 南京 211189;江苏省计算机网络重点实验室,江苏 南京 211189;计算机网络和信息集成教育部重点实验室,江苏 南京 211189,东南大学 计算机科学与工程学院,江苏 南京 211189;江苏省计算机网络重点实验室,江苏 南京 211189;计算机网络和信息集成教育部重点实验室,江苏 南京 211189,东南大学 计算机科学与工程学院,江苏 南京 211189;江苏省计算机网络重点实验室,江苏 南京 211189;计算机网络和信息集成教育部重点实验室,江苏 南京 211189 |
| |
| 基金项目: | 基于网络编码的信息中心网络研究(61602114) |
| |
| 摘 要: | 随着网络空间安全的重要性不断提高,网络安全态势感知(Network Security Situation Awareness,简称 NSSA)的研究与应用正在得到更多地关注.NSSA实现对网络中各种活动的行为辨识、意图理解和影响评估,以支持合理的安全响应决策.它是对网络的安全性进行定量分析的一种手段,网络安全管理系统可以借助其宏观把握整个网络的安全状况,分析攻击者的意图,为管理决策提供重要的依据.本文讨论了NSSA的任务范围,并据此对网络安全态势感知的概念进行了重新定义.然后本文分别从网络安全态势觉察、网络安全态势理解、网络安全态势投射三个层面综述了网络安全态势感知的研究现状和存在的问题.
|
| 关 键 词: | 网络安全态势感知 数据融合 模型 关联性分析 综述 |
| 收稿时间: | 2016/5/11 0:00:00 |
| 修稿时间: | 2016/10/26 0:00:00 |
Survey of Network Security Situation Awareness |
| |
| GONG Jian,ZANG Xiao-Dong,SU Qi,HU Xiao-Yan and XU Jie.Survey of Network Security Situation Awareness[J].Journal of Software,2017,28(4):1010-1026. |
| |
| Authors: | GONG Jian ZANG Xiao-Dong SU Qi HU Xiao-Yan and XU Jie |
| |
| Affiliation: | School of Computer Science and Technology, Southeast University, Nanjing 211189, China;Jiangsu Provincial Key Laboratory of Compmer Network Technology, Nanjing 211189, China;Key Laboratory of Computer Network and Information Integration Ministry of Education, Nanjing 211189, China,School of Computer Science and Technology, Southeast University, Nanjing 211189, China;Jiangsu Provincial Key Laboratory of Compmer Network Technology, Nanjing 211189, China;Key Laboratory of Computer Network and Information Integration Ministry of Education, Nanjing 211189, China,School of Computer Science and Technology, Southeast University, Nanjing 211189, China;Jiangsu Provincial Key Laboratory of Compmer Network Technology, Nanjing 211189, China;Key Laboratory of Computer Network and Information Integration Ministry of Education, Nanjing 211189, China,School of Computer Science and Technology, Southeast University, Nanjing 211189, China;Jiangsu Provincial Key Laboratory of Compmer Network Technology, Nanjing 211189, China;Key Laboratory of Computer Network and Information Integration Ministry of Education, Nanjing 211189, China and School of Computer Science and Technology, Southeast University, Nanjing 211189, China;Jiangsu Provincial Key Laboratory of Compmer Network Technology, Nanjing 211189, China;Key Laboratory of Computer Network and Information Integration Ministry of Education, Nanjing 211189, China |
| |
| Abstract: | As the priority of cyber-security arises world-wide, network security situation awareness (NSSA) and its application help to draw more attentions of researchers. NSSA is able to identify network activities, understand their intentions and evaluate the impact of these activities on the managed network, as well as to support an optimal security response to the security threats. It is a means of quantitative analysis for network security, with which network security management system can have a global view of security states of the managed network, find the intention of attackers, and make a management decision based on these findings. In the paper, the coverage of NSSA is discussed to redefine the concept of NSSA. Then a survey is given on the state-of-art of NSSA''s research in the aspects of network security situation perception, comprehension and projection. Finally the features and challenges of network security situation awareness are summarized. |
| |
| Keywords: | network security situation awareness data fusion models correlation analysis survey |
|
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
