Research and Development Trend Analysis of Key Technologies for Cyberspace Security Situation Awareness

doi:10.3969/j.issn.1671-1122.2018.08.011

Abstract

Abstract:

The article expounds that cyberspace security situational awareness is an important means and key development direction for protecting critical information infrastructure and important information systems. By analyzing the technical characteristics of APT attack, and the security risk of cloud platform and big data platform, a conclusion is got that the cyberspace security situation awareness needs to be realized from five aspects: visibility, knowable, manageable, controllable, traceable and early warning. The domestic and foreign technical status of cyberspace security situation awareness system is researched comprehensively. The main functions and key technologies of network security data source, big data analysis, cyberspace situation assessment, cyberspace threat assessment and cyberspace situation prediction are analyzed, and the future development trend of cyberspace security situation awareness system is obtained. With the integration of big data and AI technology, the infrastructure of cyberspace security situation awareness system should be dynamically expanded, and the accurate prediction and defense disposal recommendations can be proved. So that good guiding significance is proved for research, development, evaluation and supervision of cyberspace security situation awareness system.

Key words: cyberspace security, situation awareness, cloud computing, big data

CLC Number:

TP309

Yuan TAO, Tao HUANG, Mohan ZHANG, Shuilin LI. Research and Development Trend Analysis of Key Technologies for Cyberspace Security Situation Awareness[J]. Netinfo Security, 2018, 18(8): 79-85.

Figures/Tables 1

References 15

[1]	GONG Jian, ZANG Xiaodong, SU Qi, et al.Survey of Network Security Situation Awareness[J].Journal of Software, 2017,28(4):1010-1026.
	龚俭,臧小东,苏琪,等.网络安全态势感知综述[J]. 软件学报,2017,28(4):1010-1026.
[2]	ZHAO Guosheng, WANG Huiqiang, WANG Jian.A Situation Awareness Model of Network Security Based on Grey Verhulst Model[J].Journal of Harbin Institute of Technology, 2008,40(5):798-801.
	赵国生,王慧强,王健. 基于灰色Verhulst的网络安全态势感知模型[J]. 哈尔滨工业大学学报,2008,40(5):798-801.
[3]	JIA Yan, WANG Xiaowei, HAN Weihong, et al.YHSSAS: Large-scale Network Oriented Security Situational Awareness System[J]. Computer Science,2011,38(2):4-8,37.
	贾焰,王晓伟,韩伟红,等. YHSSAS:面向大规模网络的安全态势感知系统[J].计算机科学,2011,38(2):4-8,37.
[4]	CHEN Xiuzhen, ZHENG Qinghua, GUAN Xiaohong, et al.Quantitative Hierarchical Threat Evaluation Model for Network Security[J].Journal of Software,2006,17(4):885-897.
	陈秀真,郑庆华,管晓宏,等. 层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897.
[5]	ZHAO Guofeng, YE Fei, YAO Yongan, et al.Design and Implementation of A Multi-pattern String Matching Algorithm in Cloud Center Network Intrusion Detection System[J].Netinfo Security, 2018, 18(1):52-57.
	赵国锋,叶飞,姚永安,等. 一种面向云中心网络入侵检测的多模式匹配算法[J]. 信息网络安全,2018,18(1):52-57.
[6]	LIU Xiaowu, WANG Huiqiang, LAI Jibao, et al.Network Security Situation and Evaluation Based on Heterogeneous Multi-sensor Fusion[J]. Journal of System Simulation, 2010,22(6):1411-1415.
	刘效武,王慧强,赖积保,等.基于多源异质融合的网络安全态势生成与评价[J]. 系统仿真学报,2010,22(6):1411-1415.
[7]	CHEN Xiaojun, FANG Binxing, TAN Qingfeng, et al.Inferring Attack Intent of Malicious Insider Based on Probabilistic Attack Graph Model[J].Chinese Journal of Computers,2014,37(1):62-72.
	陈小军,方滨兴,谭庆丰,等. 基于概率攻击图的内部攻击意图推断算法研究[J].计算机学报,2014,37(1):62-72.
[8]	LIU Xiaowu, WANG Huiqiang, LV Hongwu, et al.Fusion-Based Cognitive Awareness-Control Model for Network Security Situation[J].Journal of Software, 2016,27(8):2099-2114.
	刘效武,王慧强,吕宏武,等. 网络安全态势认知融合感控模型[J]. 软件学报,2016,27(8):2099-2114.
[9]	XI Rongrong, YUN Xiaochun, ZHANG Yongzheng, et al.An Improved Quantitative Evaluation Method for Network Security[J].Chinese Journal of Computers, 2015,38(4):749-758.
	席荣荣,云晓春,张永峥,等. 一种改进的网络安全态势量化评估方法[J].计算机学报,2015,38(4):749-758.
[10]	MAO Junli, JI Xilin.Architecture of Cyberspace Situational Awareness Based upon Big Data[J].Radio Communications Technology, 2018,44(3):217-223.
	毛军礼,汲锡林. 基于大数据的网络态势感知体系架构[J]. 无线电通信技术,2018,44(3):217-223.
[11]	CHEN Xingshu, ZENG Xuemei, WANG Wenxian, et al.Big Data Analytics for Network Security and Intelligence[J].Advanced Engineering Sciences, 2017,49(3):1-12.
	陈兴蜀,曾雪梅,王文贤,等.基于大数据的网络安全与情报分析[J].工程科学与技术,2017,49(3):1-12.
[12]	TAO Yuan, ZHANG Yuxiang,MA Siyuan, et al.Combining the Big Data Analysis and the Threat Intelligence Technologies for the Classified Protection Model[J].Cluster Computing, 2017, 20(2): 1035-1046.
[13]	WANG Wenjie, HU Baiqing, LIU Chi.A Survey of Open Source Softwares for Big Data Governance and Security[J].Netinfo Security, 2017, 17(5):28-36.
	王文杰,胡柏青,刘驰. 开源大数据治理与安全软件综述[J].信息网络安全,2017,17(5):28-36.
[14]	ZHANG Xiaosong, NIU Weina, YANG Guowu, et al.Method for APT Prediction Based on Tree Structure[J].Journal of University of Electronic Science and Technology of China,2016,45(4):582-588.
	张小松,牛伟纳,杨国武,等.基于树型结构的APT攻击预测方法[J].电子科技大学学报,2016,45(4):582-588.
[15]	GUAN Lei, HU Guangjun, WANG Zhuan.Research on Network Security Situational Awareness Technology Based on Big Data[J].Netinfo Security,2016, 16(9):45-50.
	管磊,胡光俊,王专.基于大数据的网络安全态势感知技术研究[J].信息网络安全,2016,16(9):45-50.