摘要
本文根据移动警务信息化建设需求,在分析当前移动警务信息网络安全现状和现有安全管控系统的基础上,提出了一种为移动警务态势感知提供基础支撑的安全管控系统。该系统在广泛采集网络组件状态信息和在网各应用系统日志文件的基础上,通过异常用户关联审计、基于规则的分析和基于机器学习的异常日志分析等,能感知网络安全态势,并可根据策略给出安全警报和防护建议。
According to the current mobile police information construction needs,this paper proposes a security management and control system to provide basic support for mobile police situational awareness based on the full analysis of the current security situation of mobile police information network and the existing security management and control system.Based on extensive collection of network component state information and log files of various application systems,the system senses network security situation through abnormal user association audit,rule-based analysis and machine learning-based anomaly log analysis,and gives security alerts and protection recommendations according to the strategy.
作者
高永龙
陈绪
席新
李雁
GAO Yong-long;CHEN Xu;XI Xin;LI Yan(Tianjin Public Security Bureau Science and Technology Information Office,Tianjin 300393)
出处
《数字技术与应用》
2019年第11期149-152,共4页
Digital Technology & Application
基金
公安部技术研究计划项目(批准号:2018JSYJA09)
关键词
移动警务
态势感知
安全管控
策略
mobile policing
situational awareness
security management and control
strategy
