摘要
网络安全管理系统提供的网络安全分析不充分,未能提供有效的网络安全态势信息,需要开展网络分析数据分析挖掘,准确识别网络威胁行为。以渔政管理信息系统为例,研究面向网络分析数据的多源网络数据融合与分析方法和数据关联关系挖掘模型,实现网络分析数据的进一步分析利用。首先,融合CVE、CNNVD等多源网络知识资源对网络安全分析数据中关键信息进行分析处理,构建网络漏洞数据库。其次,对数据属性特点、分布情况分析研究,掌握网络攻击事件类型分布。最后,构建网络攻击事件关联分析模型,实现漏洞关联关系分析。基于以上研究,实现了网络安全分析数据的知识提取与模式识别,分析了系统网络安全态势、网络攻击特点、不同漏洞被利用的关联关系。研究提供了网络安全分析数据处理、分析、挖掘的解决方案,为各类信息系统基于网络安全分析数据的再挖掘、再利用提供了研究思路。
Information systems always have a large amount of network security report data, and the analysis and use of the data have not been effectively carried out, mainly due to the single data source, the complex data structure and the single content of the report. Taking the fishery management information system as an example, in order to grasp the state and situation of the network environment of the system, this paper studied the key technology of network security report analysis and mining, including two steps. The first step was to collect network security reports, study data fusion and analysis techniques, and build a network vulnerability protection database. The second step was to study the data analysis and mining model. Through statistical analysis methods and data association analysis algorithms, the network security situation analysis of the system and the mining of the vulnerabilities association relationship were realized, which provided an effective basis for the system network security operation and maintenance. The research method of the paper provides research ideas for the re-excavation and reuse of various information systems based on network security reports.
作者
陈孟婕
刘慧媛
蒋庆朝
徐硕
倪晨瀚
CHEN Mengjie;LIU Huiyuan;JIANG Qingzhao;XU Shuo;NI Chenhan(Fishery Engineering Research Institute,Chinese Academy of Fishery Sciences,Beijing 100141)
出处
《渔业信息与战略》
2021年第3期193-200,共8页
Fishery Information & Strategy
基金
中国水产科学研究院基本科研业务费(2020HY-ZC001)
渔业通信导航与大数据创新团队项目(2020TD84)。
关键词
网络安全
网络管理系统
网络分析数据
网络态势分析
数据关联分析
network security
network management system
network analysis data
network situation analysis
data association analysis
