基于流量感知的动态网络资产监测研究  被引量:7

Research on Dynamic Network Asset Monitoring Based on Traffic Perception

在线阅读下载全文

作  者:李憧 刘鹏[1] 蔡国庆 Li Chong;Liu Peng;Cai Guoqing(Beijing Government Computer Emergency Response Center,Beijing100101)

机构地区:[1]北京市政务信息安全应急处置中心,北京100101

出  处:《信息安全研究》2020年第6期523-529,共7页Journal of Information Security Research

摘  要:随着网络技术的快速发展,安全问题也随着网络空间的资产数量增多和种类越发复杂变得越来越严峻,这对网络安全主管部门提出了新的挑战.精确对处于动态变化的网络资产进行识别,并全方位实时对其动态监测是实现网络资产有效管理的前提,同时也为威胁关联分析打下基础.基于实时流量采集处理、指纹特征建立、网络资产识别技术,提出网络资产动态监测思想.利用流量数据提取特征字段,采用多指纹角度的匹配方式实现对网络资产的有效识别,在此基础上通过服务器、信息系统、资产内部关联3个方面对网络资产进行动态监测,为网络资产管理和安全评估提供了有力支撑.With the rapid development of network technology,the security problem has become more and more serious as the number and types of assets in cyberspace have become more and more complex,which poses a new challenge to the management department of network security.It is the premise to realize the effective management of network assets to accurately identify the large network whose asset status is changing dynamically and to carry out real-time dynamic monitoring in an all-round way.It also lays a foundation for threat correlation analysis.Based on real-time traffic collection processing, to establish fingerprint characteristic, and network assets identification technology,proposed the idea to the dynamic monitoring network assets.Using flow field data extraction characteristics,adopts many the angles of the fingerprint matching method to realize the effective identification network assets,on this basis,through three aspects of the server,information systems and asset internal correlation to the dynamic monitoring of network assets,which provides a strong support for asset management and safety assessment for network.

关 键 词:流量分析 资产识别 指纹特征 网络资产监测 网络安全 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象