| 基于ELK流量分析平台在高校网络安全管理中的应用 |
| |
| 引用本文: | 秦锐,袁毅哲,秦道祥.基于ELK流量分析平台在高校网络安全管理中的应用[J].计算机应用与软件,2019,36(6):317-321. |
| |
| 作者姓名: | 秦锐 袁毅哲 秦道祥 |
| |
| 作者单位: | 同济大学电子与信息工程学院 上海200092;同济大学软件学院 上海200092;同济大学信息化办公室 上海200092 |
| |
| 摘 要: | 网络安全设备普遍存在误报率高、难以验证的问题,对于已发生网络安全技术事件,也缺乏追踪和溯源的手段。基于ELK流量分析,可以实时采集校园网的流量并对数据进行分类。在ELK数据平台进行分布式存储,从多个维度建立分析视图,以不同的业务场景和图形方式进行展示。该方案可以发现校园网中的访问攻击并相互印证,为网络安全防御体系建设提供新的技术方案。同时可以提供访问日志审计为网络故障处理提供支持,提升校园网运维和信息安全管理水平。
|
| 关 键 词: | ELK 网络安全 流量分析 大数据 |
APPLICATION OF ELK TRAFFIC ANALYSIS PLATFORM IN UNIVERSITY NETWORK SECURITY MANAGEMENT |
| |
| Qin Rui,Yuan Yizhe,Qin Daoxiang.APPLICATION OF ELK TRAFFIC ANALYSIS PLATFORM IN UNIVERSITY NETWORK SECURITY MANAGEMENT[J].Computer Applications and Software,2019,36(6):317-321. |
| |
| Authors: | Qin Rui Yuan Yizhe Qin Daoxiang |
| |
| Affiliation: | (School of Electronics and Information Engineering, Tongji University, Shanghai 200092, China;School of Software Engineering, Tongji University, Shanghai 200092, China;Information Office, Tongji University, Shanghai 200092, China) |
| |
| Abstract: | The problem of high false alarm rate and difficult to verify exists in network security equipment.There is also a lack of traceability for the network security technology event has occurred.Based on ELK traffic analysis,we could collect and classify the traffic of campus network in real time,store the data in ELK data platform in a distributed way,build analysis views from multiple dimensions,and display them in different business scenarios and graphics.This scheme can discover the access attacks in the campus network and prove each other,and it provide a new technical solution for the construction of network security defense system.It also provide access log audit to support network fault handling and improve the level of campus network operation and information security management. |
| |
| Keywords: | ELK Network security Traffic analysis Big data |
| 本文献已被 维普 万方数据 等数据库收录! |
|
