实时网络安全威胁态势感知
吴朝雄;王晓程;王红艳;石波
【期刊名称】《计算机工程与设计》 【年(卷),期】2015(000)011
【摘要】Aiming at the lack of real‐time analysis of network security threats situation and sensitivity perceived of complex at‐tack ,the architecture of real‐time perceived system was designed ,and the method and analysis technology were proposed .Com‐plex attack rules from the sample were got through rough set (RS) theory .Combining with event stream processing (ESP) tech‐nology ,online dynamic analysis and detection of security event stream was completed .The sensitivity for complex attack was promoted ,so that it can improve the timeliness and objectivity of situation analysis of network security threats .Experiments verifies the effectiveness and feasibility of the proposed method .%针对目前网络安全威胁态势分析实时性不足以及对复杂攻击感知敏感度不高的问题,设计实时感知系统结构模型,提出相应的感知方法和分析技术。通过粗集(rough set , RS),从已有的组合攻击样本数据集中提取复杂攻击规则,结合事件流处理技术(event stream processing , ESP),实现对安全事件流的在线动态分析检测,提高对复杂攻击的感知能力,提升网络安全威胁态势分析的实时性和客观性。实验验证了该方法的有效性和可行性。
【总页数】5页(2953-2957)
实时网络安全威胁态势感知
