摘要
文章提出基于数据特征融合的多层次网络空间安全防御系统。将搭载智能化流量模型和基于用户行为单向防御技术的H3C AFC作为系统的异常流量清洗硬件装置,通过旁路部署和在线部署实现对网络空间多层次的安全防护。在软件设计阶段,融合网络空间的流量规模、吞吐量以及流量变化幅度特征,当实时流量数据与融合特征之间的差值超出网络允许上限时,将其作为H3C AFC的清洗目标,以此实现对网络空间安全的多层次防御。测试结果表明,网络空间安全态势值在设计系统的保护下,受攻击影响后的下降幅度仅为0.12。
The article proposes a multi-layered cyberspace security defense system based on data feature fusion.The H3C AFC equipped with intelligent traffic model and one-way defense technology based on user behavior is used as the abnormal traffic cleaning hardware device of the system,and the multi-level security protection of cyberspace is realized through bypass deployment and online deployment.In the software design stage,the scale of traffic,throughput and the magnitude of traffic changes in the fused cyberspace are characterized,and when the difference between the real-time traffic data and the fused characteristics exceeds the allowed upper limit of the network,it is used as the cleaning target of the H3C AFC,thus realizing multi-level defense of cyberspace security.The test results show that the cyberspace security posture value decreases by only 0.12 after being affected by the attack under the protection of the design system.
作者
薛振华
XUE Zhenhua(Rugao Jiangsu Secondary Vocational School,Nantong Jiangsu 225500,China)
出处
《信息与电脑》
2023年第2期242-244,共3页
Information & Computer
关键词
数据特征融合
多层次
网络空间
安全防御
异常流量清洗硬件装置
清洗目标
data feature fusion
multi-level
cyberspace
security defense
abnormal flow cleaning hardware device
cleaning target
