基于多源告警信息关联的网路安全技防技术  被引量:2

Network Security Technology Based on Multi-Source Alarm Information Association

在线阅读下载全文

作  者:黄强 鲁学仲 运凯 李浩升 赵梅 康婉晴 Huang Qiang;Lu Xuezhong;Yun Kai;Li Haosheng;Zhao Mei;Kang Wanqing(State Grid Xinjiang Information&Telecommunication Company,Wulumuqi 830063)

机构地区:[1]国网新疆电力有限公司信息通信公司,乌鲁木齐830063

出  处:《信息安全研究》2021年第11期1041-1046,共6页Journal of Information Security Research

摘  要:针对现有网络安全技防策略在处理告警信息时,计算结构单一,导致运行时间长、效率低,为此提出基于多源告警信息关联分析的网络安全技防技术研究.在明确其攻击意图的基础上提取有效告警信息数据,通过关联分析的算法,对多源告警信息进行聚合、去冗余处理;设计基于关联分析规则匹配的告警信息管理流程;建立网络安全技防技术平台;实现基于多源告警信息关联分析的网络安全技防技术研究.实验结果表明,在同一运行时间内,告警信息数量明显减少,提高了网络安全报警率.For the existing network security strategy in dealing with the alarm information,the calculation structure is single,which leads to the problems of long running time and low efficiency.This paper proposed a network security technology research based on multi-source alarm information correlation analysis.On the basis of clarifying the attack intention,the effective alarm information data is extracted,and the multi-source alarm information is aggregated and de-redundant by association analysis algorithm;the alarm information management process based on association analysis rules matching is designed,and the network security technology platform is established to realize the network security technology research based on multi-source alarm information association analysis.The experimental results show that in the same running time,the number of alarm information is significantly reduced,and the network security alarm rate is improved.

关 键 词:告警信息 关联分析 网络安全 多源融合 技防技术 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象