摘要
文章针对当前各种网络安全设备独立分散地工作带来的问题提出了一种安全信息管理模型,采用信息融合的概念和方法从误用检测和异常检测两个过程对信息进行处理。最后,利用安全信息关联和融合的结果进行量化的实时安全风险评估。
Most of security equipments work dependently and separately. The administrators are prone to be confused by vast security events. To solve these problems, a security information management model is presented. The model processes information with the techniques of misuse detection and anomaly detection. Finally, a real-time risk evaluation method i~ introduced utilizing the result of information correlation and information fusion.
出处
《微计算机信息》
北大核心
2008年第15期52-54,共3页
Control & Automation
基金
国家自然科学基金(90304005)
关键词
信息关联
信息融合
误用检测
异常检测
D-S证据理论
风险评估
information correlation
information fusion
misuse detection
anomaly detection
D-S evidence theory
,risk evaluation