海关网络安全态势感知建设与关键技术研究

Research on the Construction and Key Technologies of Customs Cyber Security Situation Awareness

为推进智慧海关建设,应对日益严峻的网络攻击态势,亟须使用新的技术手段建立掌控全局的网络安全态势感知平台。本文重点研究集数据采集、分析、监测预警、态势展示于一体的网络安全态势感知平台建设及关键技术,包括基于网络知识图谱的海量安全数据收集与治理技术、基于机器学习的告警数据智能分析技术、基于网络安全风险的态势展示技术,从而实现全天候、全方位的网络安全态势预警、预测。

In order to promote the construction of Smart Customs and defend against the increasingly severe cyber attacks,it is urgent to use new technological means to establish a cyber security awareness platform that controls the overall situation.This paper focuses on the construction of a cyber security situational awareness platform that integrates data collection,analysis,monitoring,and situational display,and its key technologies.This includes massive security data collection and governance technology based on network knowledge graphs,intelligent analysis technology of alertdata based on machine learning,and situational display technology based on cyber security risks.The goal is to achieve round-the-clock and comprehensive cyber security situational warnings and predictions.