期刊文献+

互联网+环境下内部威胁实时检测与防护中间件模型 被引量:1

A middleware model detection and protection of insider threat based web+
原文传递
导出
摘要 内部威胁已成为企业数据泄露的主要渠道,如何检测和预防内部威胁成为互联网+环境下的一个重要课题。按照"事前预防、事中控制、事后治理"的安全策略,使用系统动态学梳理攻击过程,对由访问控制系统、异常行为分析系统和审计追踪技术构成的三层安全体系结构进行了分析,提出了基于中间件技术的内部威胁实时检测模型,在对三层安全体系结构的核心优化技术处理的基础上,提出了基于主体和客体混合分层模型的预防和检测策略。研究表明,使用基于中间件的混合分层模型比单一模型提高了内部威胁的检测准确率、降低了误报率。 Insider threat has become the main way of enterprise data leakage, how to detect and prevent insider threat has become an important issue in web+ environment. According to "advanced prevention, things in control and afterwards audit" of security policy, using system dynamics to comb the attack process, three layer security architecture composed of access control system, abnormal be- havior analysis system and audit tracking system are analyzed, put forward insider threat detection model based on middleware tech- nology, on the basis of the core of the three layer security architecture optimization technology for the treatment of proposed based on subject and object hierarchical mixture model of strategies for prevention and detection. The results show that using the hybrid hierar- chical model improves the insider threat detection accuracy and reduce the rate of false positives than that of the single model.
作者 王振铎 王振辉 姚全珠 Wang Zhenduo Wang Zhenhui Yao Quanzhu(School of Electronic and Information Engineering, Xi'an Siyuan University, Xi'an 710038, China School of Technology and Engineering, Xi'an Fanyi University, Xi'an 710105, China School of Automation and Information Engineering, Xi'an University of Technology, Xi'an 710048, China)
出处 《计算机与应用化学》 CAS 2017年第1期13-18,共6页 Computers and Applied Chemistry
基金 国家自然科学基金资助项目(61405157) 陕西省教育厅科研计划项目(12JK1055)
关键词 内部威胁 异常行为 中间件 模型 insider threat abnormalbehavior middleware model
  • 相关文献

参考文献7

二级参考文献71

  • 1程杰仁,殷建平,刘运,钟经伟.蜜罐及蜜网技术研究进展[J].计算机研究与发展,2008,45(z1):375-378. 被引量:35
  • 2曹爱娟,刘宝旭,许榕生.网络陷阱与诱捕防御技术综述[J].计算机工程,2004,30(9):1-3. 被引量:27
  • 3Robert H. Anderson, etc. Research on Mitigating the Insider Threa t to Information Systems - # 2 .
  • 4Stephen R. Band, etc. Comparing Insider IT Sabotage and Espionage: A Model-Based Analysis.
  • 5Broad Agency Announcement Cyber Insider Threat(CINDER).
  • 6Lance Spitzner, Honeypots ----Catching the Insider Threat.
  • 7Mark Maybury, Penny Chase, Brant Cheik es , Analysis and Detection of Insider Threats.
  • 8Antanas ?enys, etc. Implementation of Honey token module in DBMS ORACLE 9iR2 for internal Malicisous Activity Detection.
  • 9Schultz E. A Framework for Understanding and Predicting Insider Attacks [J] . Computer and Security, 2002, 21(6): 526-531.
  • 10Greitzer F L, Moore A P, Cappelli D M, et al. Combating the Insider Cyber Threat [J]. IEEE Security and Privacy, 2008, 6(1): 61-64.

共引文献178

同被引文献4

引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部