| 网络安全事件关联分析及主动响应机制的研究 |
| |
| 引用本文: | 温辉,徐开勇,赵彬,汪滨.网络安全事件关联分析及主动响应机制的研究[J].计算机应用与软件,2010,27(4):60-63. |
| |
| 作者姓名: | 温辉 徐开勇 赵彬 汪滨 |
| |
| 作者单位: | 信息工程大学电子技术学院,河南,郑州,450004 |
| |
| 基金项目: | 国家高技术研究计划基金资助项目(2008AA01Z404);;国家重点预研基金项目(9140A26010306JB5201) |
| |
| 摘 要: | 如何从IDS等安全设备每天产生的海量安全事件中挖掘出有价值的信息,帮助管理员找到那些真正具有威胁的攻击并且及时主动的进行响应,有效地保护系统安全,这是目前网络安全管理亟待解决的问题。安全运维中心SOC(Security Operations Centre)是近几年在国内外迅速发展的一种网络安全管理技术,深入研究了SOC实现过程中涉及的安全事件关联分析、基于策略的主动响应等关键技术。
|
| 关 键 词: | 安全运维中心 关联信息模型 策略 主动响应 |
ON NETWORK SECURITY EVENT CORRELATION ANALYSIS AND ACTIVE RESPONSE MECHANISM |
| |
| Wen Hui,Xu Kaiyong,Zhao Bin,Wang Bin.ON NETWORK SECURITY EVENT CORRELATION ANALYSIS AND ACTIVE RESPONSE MECHANISM[J].Computer Applications and Software,2010,27(4):60-63. |
| |
| Authors: | Wen Hui Xu Kaiyong Zhao Bin Wang Bin |
| |
| Affiliation: | Institute of Electronic Technology/a>;Information Engineering University/a>;Zhengzhou 450004/a>;Henan/a>;China |
| |
| Abstract: | How to effectively pick out valuable abnormal behaviours from numerous security events produced by all kinds of security products everyday,assisting the administrators to find those attacks with genuine menace and to response actively and timely so as to effectually safeguard the system security,it is an urgent issue to be resolved with regard to network security management. Security operations centre(SOC) is one kind of the fast-developed network security management technologies at home and abroad in recen... |
| |
| Keywords: | Security Operations Centre Correlation information model Policy Active response |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
