网络安全数据采集关键技术研究
Research on Key Technologies of Data Collection for Cyberspace Security
DOI: 10.12677/CSA.2021.114085, PDF,    科研立项经费支持
作者: 张海霞*, 黄克振, 连一峰:可信计算与信息保障实验室,中国科学院软件研究所,北京;乔赞瑞, 潘 啸:北京市公安局网络安全保卫总队,北京
关键词: 网络安全数据采集模式匹配行为分析人工智能Cyberspace Security Data Collection Pattern Matching Behavior Analysis Artificial Intelligence
摘要: 多源异构的网络安全数据是开展安全保护工作的基础。针对网络资产、安全漏洞、网络流量、软件代码等安全数据,需要通过不同类型的关键技术进行综合采集。本文提出了从数据来源维度对网络安全数据采集技术进行分类的方法,详细阐述了流量检测、行为分析和网络探测等典型的关键技术方法,分析相关技术的特点和关联性,为建立网络安全大数据平台,开展数据汇聚、治理、分析和挖掘提供参考。
Abstract: Multisource heterogeneous network security data is the foundation of security protection. In view of network assets, security vulnerabilities, network traffic, software code and other security data, it is necessary to conduct comprehensive collection through different types of technologies. This paper proposes a method to classify network security data collection technologies from the dimension of data source. It describes in detail the typical key technologies such as traffic detection, behavior analysis and network detection, analyzes the characteristics and correlation of relevant technologies, which contributes to establish the big data platform for data aggregation, governance and knowledge mining.
文章引用:张海霞, 乔赞瑞, 潘啸, 黄克振, 连一峰. 网络安全数据采集关键技术研究[J]. 计算机科学与应用, 2021, 11(4): 832-839. https://doi.org/10.12677/CSA.2021.114085

参考文献

[1] Cheng, Z.H., Beshley, M., Beshley, H., et al. (2020) Development of Deep Packet Inspection System for Network Traf-fic Analysis and Intrusion Detection. 2020 IEEE 15th International Conference on Advanced Trends in Radioelectronics, Telecommunications and Computer Engineering (TCSET), Lviv-Slavske, 25-29 February 2020, 877-881. [Google Scholar] [CrossRef
[2] Li, Z.Y., Xian, M., Liu, J., et al. (2020) The Development Trend of Artificial Intelligence in Cyberspace Security: A Brief Survey. Journal of Physics: Conference Series, 1486, Ar-ticle ID: 022047. [Google Scholar] [CrossRef
[3] Ahn, S., Paek, Y., et al. (2020) Hawkware: Network Intru-sion Detection Based on Behavior Analysis with ANNs on an IoT Device. 2020 57th ACM/IEEE Design Automation Conference (DAC). San Francisco, 20-24 July 2020, 1-6. [Google Scholar] [CrossRef
[4] Huang, X., Ma, L., Yang, W.Y., et al. (2020) A Method for Windows Malware Detection Based on Deep Learning. Journal of Signal Processing Systems, 93, 1-9.
[5] Das, S. (2019) Taking Cyber Security to the Next Level. Dataquest, 37, 44-45.
[6] Common Vulnerabilities and Exposures (CVE). The MITRE Corporation (2011) http://cve.mitre.org
[7] Mell, P.M. and Scarfone, K. (2010) The Common Configuration Scoring System (CCSS): Metrics for Software Security Configuration Vulnerabilities. NIST Interagen-cy/Internal Report, Report No. 7502.
[8] Gao, C.D., Guo, Q.Q., Jiang, D., et al. (2019) The Theoretical Basis and Technical Path of Cyberspace Geography. Journal of Geographical Sciences, 29, 1949-1964. [Google Scholar] [CrossRef
[9] Husari, G., Al-Shaer, E., Chu, B., et al. (2019) Learning APT Chains from Cyber Threat Intelligence. Proceedings of the 6th Annual Symposium on Hot Topics in the Science of Secu-rity, Article No. 19, 1-2. [Google Scholar] [CrossRef