| 安全关联分析相关技术的研究 |
| |
| 引用本文: | 高雷,肖政,韦卫,孙育宁. 安全关联分析相关技术的研究[J]. 计算机应用, 2005, 25(7): 1526-1528 |
| |
| 作者姓名: | 高雷 肖政 韦卫 孙育宁 |
| |
| 作者单位: | 中国科学院,计算技术研究所,北京,100080;中国科学院,研究生院,北京,100039;中国科学院,计算技术研究所,北京,100080;联想研究院,北京,100085 |
| |
| 基金项目: | 国家863计划项目(2002AA142030),国家863计划项目(2003AA148020) |
| |
| 摘 要: | 着重研究网络安全集中管理系统中的关联分析技术,对其通用体系结构及其关键分析技术(产生式关联、即时关联等)、研究趋势(模式抽取、部署架构等)进行了探讨,并提出了基于层级式规则的关联分析解决方案。
|
| 关 键 词: | 安全关联分析架构 产生式关联 即时关联 引擎部署 模式抽取 层级式规则 |
| 文章编号: | 1001-9081(2005)07-1526-03 |
| 收稿时间: | 2005-01-02 |
| 修稿时间: | 2005-03-06 |
Research on the techniques of security events correlation |
| |
| GAO Lei,XIAO Zheng,WEI Wei,SUN Yun-ning. Research on the techniques of security events correlation[J]. Journal of Computer Applications, 2005, 25(7): 1526-1528 |
| |
| Authors: | GAO Lei XIAO Zheng WEI Wei SUN Yun-ning |
| |
| Affiliation: | 1. Institute of Computing Technology,Chinese Academy of Sciences;2. Graduate School,Chinese Academy of Sciences;3. Lenovo Corporation of Research |
| |
| Abstract: | The events correlation techniques in security integration management systems were introduced. A normal architecture of the correlation engine was introduced, and some discussions on the critical technologies and the main achievements in the field were put forward. The directions of the technology development were analyzed and evaluated, such as pattern obtainment, engine distribution and performance promotion. At last, a solution based on hierarchical rules to correlate events was presented. |
| |
| Keywords: | architecture of the security events correlation causal correlation temporal correlation engine distribution pattern Abstration hierarchical rules |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
