面向网络态势感知的多源安全信息融合研究
Study of multi-source information fusion for network situational awareness
网络安全态势感知系统可通过采集并分析多源安全信息,实现对大规模网络的实时监控。本文基于事件场景关联的方法,设计并实现了针对态势感知中的多源安全信息的关联模型,实验表明,该关联模型具备大规模网络态势感知能力,能够降低由单一传感器独立工作所造成的误报率和漏报率,能够更加准确的评估网络安全态势,具有良好的应用前景。
Network security situation awareness(NSSA) system can monitor a large-scale network real-timely by collecting and analyzing multi-source security information. This paper based on the method of fusing information into scenarios. A fusion model of multi-source security information for network situational awareness was designed and implemented. Experiments showed that this fusion model had the ability to aware network situation in Large-scale network. It also could reduce false positive and false negative rate caused by single sensor working independently. Therefore it could reflect the changing trend of network security situation accurately and had a good prospect.
郭方方、王慧强、纪乃丹
安全科学通信
计算机网络网络态势感知日志SNMP信息融合
computer networknetwork situational awarenesslogSNMPinformation fusion
郭方方,王慧强,纪乃丹.面向网络态势感知的多源安全信息融合研究[EB/OL].(2011-09-13)[2025-08-04].http://www.paper.edu.cn/releasepaper/content/201109-183.点此复制
评论