摘要
安全态势感知及分析处理是网络安全领域的研究热点,由于网络结构日益复杂,安全设备不断增多,在监测网络运行状态过程中产生的海量、多类型的安全事件需要进行分类、计算和归纳推理,从而得到整体统一的安全态势视图来辅助管理员决策。基于人工智能语言在规则描述和推理过程中的优势,这里以Prolog语言为例对安全态势领域的推理技术进行了研究,通过规范的知识表示及系统建模方法提取安全态势信息的事实、规则及目标,提出了一种用于网络安全态势问题性质推理的可行方法及系统设计思路。
The sensation and analysis of security situation is a hot spot in network security research domain. As the network structure becomes more complicated and the devices swell,mass data of various kinds obtained in the network monitor process needs to be categorized,calculated and summarized,thus to realize a integrated situation view in assistance of admin decision. In considering the advantages of artificial languages in rule description and reasoning procedure and with Prolog as an example the reasoning technique in security situation evaluation is studied,and through specific knowledge representation and system modeling,the security information facts,rules and goals are extracted,and relatively complete method and system design for network security situation reasoning are proposed.
出处
《信息安全与通信保密》
2011年第6期89-91,94,共4页
Information Security and Communications Privacy
