信息网络安全

信息网络安全 ›› 2016, Vol. 16 ›› Issue (9): 202-207.doi: 10.3969/j.issn.1671-1122.2016.09.040

• • 上一篇    下一篇

网络空间安全态势感知数据收集研究

褚维明(), 黄进, 刘志乐   

  1. 杭州安恒信息技术有限公司,浙江杭州310000
  • 收稿日期:2016-07-25 出版日期:2016-09-20 发布日期:2020-05-13
  • 作者简介:

    作者简介: 褚维明(1988—),男,河北,工程师,本科,主要研究方向为网络安全态势感知;黄进(1985—),男,安徽,工程师,本科,主要研究方向为信息安全等级保护与网络安全态势感知技术;刘志乐(1973—),男,江苏,工程师,硕士,主要研究方向为信息安全。

Research on Collecting Data for Situation Awareness of Cyber Space

Weiming CHU(), Jin HUANG, Zhile LIU   

  1. DBAPPSecurity Co. Ltd, Hangzhou Zhejiang 310000, China
  • Received:2016-07-25 Online:2016-09-20 Published:2020-05-13

RichHTML

4

PDF (PC)

233

摘要:

随着互联网的迅猛发展,其规模不断扩大、应用更加广泛,许多部门和企业的关键业务活动越来越多地依赖于网络,各种网络攻击、信息安全事件发生率在不断攀升。态势感知与APT逐渐成为网络热词。文章阐述了一种基于大数据的网络空间安全态势感知数据收集的实现方法。结合网络流量分析方法,进行网络空间态势感知分析,产生可持续、即时性强的网络安全数据,实时分析感知网络攻击行为。并且通过可视化手段,为网络安全实施感知以及未来趋势、决策研判提供有力手段。文章着重介绍网络空间安全态势感知系统数据收集方式,并说明APT检测技术在网络空间安全态势感知系统中的应用与实现,将二者相结合,提供一种新的态势感知数据构建思路。

关键词: 大数据, 态势感知, 流量分析, 高级持续性威胁

Abstract:

With the rapid development of the Internet, which have been expanding and becoming more widely today. Many departments and companys activities are increasingly rely on the network with their critical activities .It causes the rising rates of a variety of network attacks and information security event . Situational awareness and APT gradually become hot network words. This paper mainly describes a web-based space security situation of Big Data and aware implementation of data collection. Combined with network traffic analysis to search network analysis space situational awareness to find out generate sustainable and real strong network security data.At the same time make real-time analysis of network attacks. And by visual means, provided great network security implementation perceived future trends,also provided a powerful tool for decision making judgments. In this article, we focus on cyberspace security situational awareness system to collect data,prove and shows APT detection technology in cyberspace security situational awareness application and implementation of the system, will be a combination of both things, provide a situational awareness data to build new ideas.

Key words: big data, situational awareness, traffic analysis, APT

中图分类号: