摘要
针对网络信息中存在的各种威胁,为了预测不同种类漏洞出现的概率,提出一种新型的网络安全日志自动化分析方案。构建一种改进型威胁建模方法,能够识别网络架构或者信息中不同交互阶段的威胁信息,并在该模型中加入贝叶斯评估模型和成对的比较矩阵(PWCM),在网络运行过程中,能够对不同类型威胁因素进行评估。为了提高评估便捷性,还提出了一种网络安全日志自动化分析系统,实现不同网络数据节点数据信息获取、存储、分析与应用,提高了网络安全运行能力。试验表明,该研究评估能力高,误差精度小。
Aiming at various threats in network information,in order to predict the probability of different types of vulnerabilities,a new type of network security log automated analysis method is proposed.An improved threat modeling method is constructed to identify threat information at different interaction stages in the network architecture or information,and the Bayesian evaluation model and the paired comparison matrix(PWCM)are added to the model.During operation,different types of threat factors can be evaluated.In order to improve the convenience of evaluation,a network security log automated analysis system is also proposed,which realizes the acquisition,storage,analysis and application of data information of different network data nodes,and improves the ability of network security operation.Experiments show that the research has high evaluation ability and small error accuracy.
作者
郑磊
韩鹏军
田晨雨
张琦
钱隆
ZHENG Lei;HAN Pengjun;TIAN Chenyu;ZHANG Qi;QIAN Long(CHN Energy Digital Intelligence Technology Development(Beijing)Co.,Ltd.,Beijing 100011,China;CHN Energy Information Technology Co.,Ltd.,Beijing 100011,China)
出处
《微型电脑应用》
2023年第7期154-156,180,共4页
Microcomputer Applications
关键词
日志自动分析
威胁建模
网络安全
网络架构
贝叶斯评估模型
automatic log analysis
threat modeling
network security
network architecture
Bayesian evaluation model
