摘要
[目的/意义]网络威胁情报已成为美遏制网络攻击,抵御网络威胁的重要安全实践。作为"情报驱动网络安全"的重要一环,美国正逐步建立基于网络威胁情报的网络生态。对美网络威胁情报应用情况进行分析,能够为政府及产业界提供有益借鉴,推动我国网络安全理念升级。[方法/过程]运用文献解读、比较分析、技术分析等方法围绕美网络威胁情报应用现状进行研究,对其特点、面临的挑战及发展趋势进行了分析。[结果/结论]美国网络威胁情报应用形成了"标准—项目—平台—系统"的逻辑链路,构建了自身独特的管理模式,逐渐形成国家主导,网络安全服务商主建的发展模式,逐步实现基于网络威胁情报的网络安全控制。
[ Purpose/Significance] Cyber threat intelligence has become an important security practice to prevent cyber attacks and protect against cyber threats. As an important part of " intelligence-driven cyber security", the United States is gradually building a cyber ecosys-tem based on cyberthreat intelligence. The analysis of it's application can provide a useful reference to promote the upgrading of China's network security concept. [ Method/Process] Using literature review, comparative analysis, technical analysis and other methods to stud-y. Its characteristics, challenges and development trends were analyzed. [ Result/Conclusion] The US cyber threat intelligence application forms the logical link of ' standard-project-platform-system', constructs its own unique management mode, and gradually forms the state -led development pattern . The United States is gradually achieving cyber security control based on cyber threat intelligence.
作者
陶昱玮
Tao Yuwei(PLA University of Foreign Lanuage,Luoyang 471003)
出处
《情报杂志》
CSSCI
北大核心
2017年第11期8-15,共8页
Journal of Intelligence
关键词
网络空间
威胁情报
信息安全
Cyber Sapce Threat Intelligence Information Security
