检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]中国电子科技集团公司第三十研究所,四川成都610041
出 处:《通信技术》2017年第7期1493-1498,共6页Communications Technology
摘 要:端点检测与响应是国际上端点安全领域新近出现的研究热点。它完全不同于以往的端点被动防护思路,而是通过云端威胁情报、机器学习、异常行为分析、攻击指示器等方式,主动发现来自外部或内部的安全威胁,并进行自动化的阻止、取证、补救和溯源,从而有效对端点进行防护。综述端点检测与响应技术,介绍端点检测与响应的研究现状,阐述端点检测与响应的基本原理和主要关键技术,最后讨论端点检测与响应技术的优势和问题,并对其应用前景进行展望。Endpoint detection and response is a new research hotspot in the field of endpoint security. It is completely different from the previous passive protection idea of endpoint, but via cloud threat intelligence, machine learning, abnormal behavior analysis, attack indicators, and so on, initiatively discovers security threats from external or internal sources, and realizes automatic prevention, forensics, remediation, and tracing of attack source, thus to effectively protect the endpoint. The endpoint detection and response technology is overviewed, its research status of endpoint detection and response deccribed, and its the basic principle and key techniques also expounded. Finally, the advantages and problems of endpoint detection and response technology are discussed, and the application prospects forecasted.
分 类 号:TP311[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.176
