信息网络安全

信息网络安全 ›› 2016, Vol. 16 ›› Issue (2): 60-65.doi: 10.3969/j.issn.1671-1122.2016.02.010

• • 上一篇    下一篇

海量数据下分布式IT资产安全监测系统

王红凯1, 郑生军2, 郭龙华3(), 刘昀4   

  1. 1.国网浙江省电力公司信息通信分公司,浙江杭州310007
    2.北京国电通网络技术有限公司,北京100070
    3.上海交通大学电子信息与电气工程学院,上海200240
    4.国网冀北电力有限公司,北京100053
  • 收稿日期:2015-12-20 出版日期:2016-02-10 发布日期:2020-05-13
  • 作者简介:

    作者简介: 王红凯(1984—),男,浙江,高级工程师,硕士,主要研究方向为网络与信息系统运行维护;郑生军(1977—),男,安徽,高级工程师,硕士,主要研究方向为电力系统信息安全;郭龙华(1991—),男,山西,博士研究生,主要研究方向为信息安全;刘昀(1980—),女,北京,高级工程师,本科,主要研究方向为电力市场信息安全。

  • 基金资助:
    国家电网科技项目[524681140009]

IT Assets Safety Monitoring System Based on Huge Data

Hongkai WANG1, Shengjun ZHENG2, Longhua GUO3(), Yun LIU4   

  1. 1. Information and Telecommunication Branch of State Grid Zhejiang Electric Power Company, Hangzhou Zhejiang 310007, China
    2. Beijng GuoDianTong Network Technology Co.,Ltd, Beijing 100070, China
    3. School of Electronic Information and Electric Engineering, Shanghai JiaoTong University, Shanghai 200240, China
    4. State Grid JIBEI Electric Power Company, Beijing 100053, China
  • Received:2015-12-20 Online:2016-02-10 Published:2020-05-13

RichHTML

2

PDF (PC)

197

摘要:

针对工业控制网络的恶意攻击,使以智能电网为代表的工业信息系统面临着巨大的信息安全威胁。随着信息化设备的更新换代,网络内部容易出现信息孤岛,造成IT资产管理混乱,进一步影响信息系统的安全性和稳定性。通过安全监测手段对电力设备信息进行实时的安全态势感知,以及时发现网络中存在的IT资产漏洞等问题,并为制定有效的安全防护措施提供依据,对解决电力信息系统安全问题具有至关重要的作用。文章研究并设计的海量数据下基于分布式调度的IT资产安全监测系统,通过硬件组件信息、端口扫描和分布式广度爬虫多维度侦测海量IT资产数据信息,基于分布式架构完成侦测任务的分布式调度以及资产信息的分布式处理,实现了超大网络规模下海量IT资产信息的高效高速侦测及漏洞分析。系统具备IT资产的自主发现能力,可对IT资产进行多维度全方位监控,从而实现对超大规模网络空间的实时、全面高效监测。

关键词: 分布式调度, IT资产, 安全监测

Abstract:

The emergence of security attack for industrial control networks causes the smart grid which is an important part of the industrial control networks facing huge security threat. The upgrade of information devices increases the possibility for creating isolated islands of information. Confused management of IT assets causes bad influence to the security and stability of information system. Real-time information security situation can be aware through security monitoring means. The detection of IT asset vulnerability and other security issues provide a basis for the development of effective security measures which play significant role in solving security problems in power system. How to deal with huge data is also a valuable topic deserving research. In this paper, we design the IT assets distributed monitoring system based on huge data, to solve increasingly serious problems of IT assets management. It collects IT assets information through hardware component details, ports scanning and the distributed vast web crawler. It constructs distributed engine clusters to implement information acquisition tasks and data processing tasks, implements the IT assets detecting and leaks analyzing effectively and fast. The system can autonomous discover and locate IT assets so that it detects the cyber space comprehensively, accurately and in real time.

Key words: distributed dispatch, IT assets, security monitoring

中图分类号: