威胁情报在态势感知中的应用研究
Research on Application of Threat Intelligence in Situational Awareness
摘要:
随着网络空间安全重要性的不断提高,网络安全态势感知(network security situation awareness,简称NSSA)的研究与应用正在得到更多的关注。高质量的威胁情报可以大幅度地提升检测、分析、应急响应效率,进而改变攻防态势。本文介绍了态势感知和威胁情报的概念,研究了威胁情报在态势感知中具体的应用场景。研究结果表明随着威胁情报技术的不断发展成熟,其将会在态势感知中发挥更大的作用。
Abstract:
As the priority of cyber-security arises world-wide, network security situation awareness (NSSA) and its application are receiving more attention from researchers. High-quality threat intelligence can greatly improve the efficiency of detection, analysis and emergency response which change the offensive and defensive posture. This paper introduces the concept of situational awareness and threat intelligence, and then discusses the specific application scenarios of threat intelligence in situational awareness. The research results show that it will play a greater role in situational awareness with the development and maturity of threat intelligence technology.
参考文献
|
[1]
|
中国互联网应急响应中心. 2018年我国互联网网络安全态势综述[Z].
|
|
[2]
|
Endsley, M.R. (1995) Toward a Theory of Situation Awareness in Dynamic Systems. Human Factors, 37, 32-64. [Google Scholar] [CrossRef]
|
|
[3]
|
Tadda, G.P. and Salerno, J.S. (2010) Overview of Cyber Situa-tion Awareness. In: Jajodia S., Liu P., Swarup V. and Wang C., Eds., Cyber Situational Awareness, Springer, Boston, MA. [Google Scholar] [CrossRef]
|
|
[4]
|
单琳. 网络威胁情报发展现状综述[J]. 保密科学技术, 2016(8): 28-33.
|
|
[5]
|
龚俭, 臧小东, 苏琪, 等. 网络安全态势感知综述[J]. 软件学报, 2017, 28(4): 1010-1026.
|
|
[6]
|
林晨希, 薛丽敏, 韩松. 浅析网络安全威胁情报的发展与应用[J]. 网络安全技术与应用, 2016(6): 12-13.
|
|
[7]
|
陈兴蜀, 曾雪梅, 王文贤, 等. 基于大数据的网络安全与情报分析[J]. 工程科学与技术, 2017(3): 1-12.
|
|
[8]
|
2017安全分析与情报大会. 微步在线-薛锋: 基于威胁情报的安全智能化[R].
|
|
[9]
|
2017安全分析与情报大会. 谷安天下-赵毅: 威胁情报正在和企业安全架构全面融合[R].
|