检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:邹峰 陈兴蜀 罗永刚 ZOU Feng;CHEN Xing-shu;LUO Yong-gang(College of Cybersecurity,Sichuan University,Chengdu 610065,China;Cybersecurity Research Institute,Sichuan University,Chengdu 610065,China)
机构地区:[1]四川大学网络空间安全学院,四川成都610065 [2]四川大学网络空间安全研究院,四川成都610065
出 处:《计算机工程与设计》2021年第9期2433-2438,共6页Computer Engineering and Design
基 金:国家自然科学基金青年科学基金项目(61802270)。
摘 要:为解决Elastic Search大数据环境下的网络安全交互式分析场景中存在的原生DSL语言语法复杂、多个索引间的关联能力较弱等问题,研究并构建基于Elastic Search的网络安全交互式分析系统。通过一种新的语言CSIAL来简化网络安全分析的操作,利用语句的解析结果去调用相应API来实现对网络安全相关数据的基本查询与分析,通过一定方法扩展Elastic Search所不具有的子查询、连接查询等功能,对连接过程进行优化,实现介于安全分析人员与数据之间的交互式分析桥梁。实验结果验证了该方法的有效性。To solve the problems in the interactive analysis scenario of network security in Elastic Search big data environment,such as complex syntax of native DSL language and weak association ability among multiple indexes,an interactive network security analysis system based on Elastic Search was studied and constructed.A new language CSIAL was used to simplify the operation of network security analysis,the results of statement analysis were used to call the corresponding API to realize the basic query and analysis of network security related data,certain methods were used to expand sub query,connection query and other functions which Elastic Search did not have.The connection process was optimized and an interactive analysis bridge between security analysts and data was realized.Experimental results show the effectiveness of the method.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.200