摘要
随着互联网的开放性和复杂性不断提高,企业信息系统面临着更大规模的软件恶意行为的入侵与破坏,对系统的正常运行造成了严重的影响。因此,针对软件行为进行快速可靠的定性分析,并及时采取有效措施予以解决成为了网络安全领域研究的热点。论文以威胁情报技术为依托,采取静态的聚类算法与动态的SVM机制相结合的方法,建立了针对软件恶意行为的分析模型,并设计了相关的算法流程,具有一定的应用推广价值。
With the increasing openness and complexity of the Internet,enterprise information systems are also facing a larger scale of invasion and destruction by software maliciously behavior,which has led to a serious impact on the normal operation of the system. Therefore,rapid and reliable qualitative analysis of software behavior and taking effective measures to solve the problem in time has become a hot research topic in the field of network security. Based on threat intelligence technology,this paper combines static clustering algorithm with dynamic SVM mechanism,establishes an analysis model for software malicious behavior,and designs the related algorithm flow,which has certain application and popularization value.
作者
肖治华
杨杉
张成
邓国如
XIAO Zhihua;YANG Shan;ZHANG Cheng;DENG Guoru(Information&Communication Branch of Hubei Electric Power Company,Wuhan 430077)
出处
《计算机与数字工程》
2020年第7期1731-1736,共6页
Computer & Digital Engineering
关键词
威胁情报
软件恶意行为
威胁特征
聚类算法
SVM
分析模型
threat intelligence
software malicious behavior
threat characteristics
clustering algorithm
SVM
analysis model