摘要
开展网络态势感知系统NSAS(NetworkSituationAwarenessSystem,也称CyberspaceSituationAwarenessSystem)的研究,对于提高我国网络系统的应急响应能力,缓解网络攻击所造成的危害,发现潜在恶意的入侵行为,提高系统的反击能力等具有十分重要的意义。本文首先给出了态势感知的概念及发展NSAS的必要性;其次介绍了网络态势感知的概念,并对相关概念以及NSAS与IDS(IntrusionDetectionSystem)的区别与联系进行了讨论,详细综述了国内外NSAS的研究现状。以此为基础提出了NSAS的框架,并着重对相关的关键技术与难点问题进行了论述。最后给出了NSAS今后的发展方向。
The study of NSAS(Network Situation Awareness System or Cyberspace Situation Awareness System)has great importance in improving abilities of responding to emergences, reducing losses of network attacks, revealing abnormally intrusions and enhancing system abilities of fighting back. At first, the definition of situation awareness and the necessity of developing NSAS were given. Then, the definition of NSAS was presented and relationships of NSAS and IDS were discussed. The summarization of studying situation in the world is presented. The architecture of NSAS was proposed in the following. The key technology and difficulties related to building NSAS prototype are discussed. In the end, the future development of NSAS was described.
出处
《计算机科学》
CSCD
北大核心
2006年第10期5-10,共6页
Computer Science
基金
高等学校博士学科点专项科研基金项目(20050217007)
国防预研重点资助项目(413150702)
武备预研基金资助项目(51416060104CB0101)。
关键词
态势感知
网络态势感知系统
数据挖掘
数据融合
态势可视化
Situation awareness, Network situation awareness system, Data mining, Data fusion, Situation visualization