摘要
随着网络的不断发展,网络空间面临的风险也在不断增加,其中网络基础设备面临的风险增长迅速。面对复杂多变的网络环境,在混杂且庞大的网络流量中,快速识别并分离出网络基础设备自身流量,并对其进行深度威胁分析与检测,对网络空间安全有紧迫且重要的意义。基于流量采集与处理技术,聚焦通信指纹预测技术和设备时钟分析技术,探讨了面向网络基础设备的流量识别与分离技术,为后续针对性威胁分析与检测提供数据基础,并基于智能算法模型,进一步研究了针对网络基础设备流量的威胁分析与检测方法。
With the continuous development of the network,the risks faced by the cyberspace are also increasing,and network infrastructure risks become one of the fastest growing areas.In the face of complex and changeable network environment,how to quickly identify and separate the traffic of network infrastructure from the mixed and huge network traffic,and carry out in-depth threat analysis and detection,has urgent and important significance for cyberspace security.Based on traffic acquisition and processing technology,focusing on communication fingerprint prediction technology and equipment clock analysis technology,this paper discusses the traffic identification and separation technology,which provides a data basis for subsequent targeted threat analysis and detection.Finally,based on the model of intelligent algorithm,it further studies the threat analysis and detection methods for network infrastructure traffic.
作者
邓金祥
温嵩杰
侯俊龙
田晓东
周恩亚
谷峰
DENG Jinxiang;WEN Songjie;HOU Junlong;TIAN Xiaodong;ZHOU Enya;GU Feng(Chengdu SYNSEC Technology Co.,Ltd.,Chengdu Sichuan 610095,China)
出处
《通信技术》
2022年第9期1208-1216,共9页
Communications Technology
关键词
网络基础设备
高速流量采集
流量分离
威胁检测
network infrastructure
high speed flow acquisition
flow separation
threat detection
