基于事故树的云机房网络安全态势自动化预测系统  被引量：1

作　　者：丁之 何启学 唐冬升 倪杨 DING Zhi;HE Qixue;TANG Dongsheng;NI Yang(China Tobacco Sichuan Industrial Co.,Ltd.,Chengdu 610016,China;Chengdu Information Technology Co.,Ltd.of the Chinese Academy of Sciences,Chengdu 610299,China;Chengdu Zhongke Information Technology Co.,Ltd.,Chengdu 610299,China)

机构地区：[1]四川中烟工业有限责任公司,成都610016 [2]中科院成都信息技术股份有限公司,成都610299 [3]成都中科信息技术有限公司,成都610299

出　　处：《自动化与仪表》2024年第4期149-152,157,共5页Automation & Instrumentation

摘　　要：为全面掌握云机房网络安全的运行状态,预测网络的安全态势,该文设计基于事故树的云机房网络安全态势自动化预测系统。该系统的云机房模块采用日志类传感器采集云机房网络数据,并存储至数据管理模块中,功能模块以存储的数据为依据,通过时间窗口检测存储数据中的异常数据流,采用逐级量化方法计算云机房网络危险度后,利用事故分析法计算云机房网络安全事件重要度,依据该结果即可分析网络未来的变化情况。测试结果可知,该系统具有全面的网络运行相关数据采集能力,网络安全态势的量化效果较好,决定系数结果均在0.022以下;有效实现不同目的IP地址网络的风险态势预测量化分析,可靠掌握云机房网络的安全态势情况。In order to fully grasp the running state of network security in cloud computer room and predict the network security situation,an automatic prediction system of network security situation in cloud computer room based on fault tree is designed.The cloud computer room module of the system uses log sensors to collect the network data of the cloud computer room,and stores them in the data management module.Based on the stored data,the functional module detects the abnormal data flow in the stored data through the time window,calculates the network risk of the cloud computer room by using the step-by-step quantification method,and then calculates the importance of the network security events of the cloud computer room by using the accident analysis method,and then analyzes the future changes of the network according to the results.The test results show that the system has a comprehensive ability to collect data related to network operation,and the quantitative effect of network security situation is good,and the determination coefficient results are all below 0.022.Effectively realize the quantitative analysis of risk situation prediction of IP address networks with different purposes,and reliably grasp the security situation of cloud computer room networks.

关 键 词：危险度评价 事故树分析 云机房网络 安全态势 自动化预测 事件重要度 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]