| 基于可拓学的网络安全报警分析技术研究* |
| |
| 引用本文: | 徐慧,肖德宝,肖敏. 基于可拓学的网络安全报警分析技术研究*[J]. 计算机应用研究, 2008, 25(9): 2825-2828 |
| |
| 作者姓名: | 徐慧 肖德宝 肖敏 |
| |
| 作者单位: | (华中师范大学 计算机网络与通信研究所, 武汉 430079) |
| |
| 基金项目: | 武汉市科技攻关计划资助项目(200710421130);湖北省科技攻关重大项目(2004AA103A01) |
| |
| 摘 要: | 用户的网络管理需要建立一种新型的综合网络安全管理解决方案,即统一网络安全管理。特别关注于其中的一个关键功能——报警分析。其思路是以IDS报警为中心,将报警分析过程分解为包含报警评估与报警相关的两级关联分析模式。为了有效克服现今IDS报警分析技术中存在的问题和局限,顺应网络安全管理的统一化趋势,引入在解决矛盾问题方面极具优势的可拓学,以保证网络安全报警分析各种功能在技术上的实现。
|
| 关 键 词: | 网络安全 报警分析 报警评估 报警相关 可拓学 |
Research on extenics based alert analysis techniques for network security |
| |
| XU Hui,XIAO De bao,XIAO Min. Research on extenics based alert analysis techniques for network security[J]. Application Research of Computers, 2008, 25(9): 2825-2828 |
| |
| Authors: | XU Hui XIAO De bao XIAO Min |
| |
| Affiliation: | (Institute of Computer Network & Communication, Huazhong Normal University, Wuhan 430079, China) |
| |
| Abstract: | Network users need a new integrated solution for network security management, or in other words, unified network security management. This paper discussed alert analysis, which was one of its key functionalities. The proposal had IDS alerts as the center, and realized alert analysis by means of two step correlation including alert evaluation and alert correlation. In order to effectively overcame the problems and limitations existing in analysis technologies of current IDSs and follow in the trend of unification for network security management, introduced an extenics based method as technical support for implementing all the proposed functions for network security alert analysis, since extenics has a great advantage in dealing with contradiction problems. |
| |
| Keywords: | network security alert analysis alert evaluation alert correlation extenics |
|
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
