摘要
随着网络技术的快速发展,伴随而来的是愈来愈多的新型网络威胁,传统安全防护体系也濒临失效,基于全流量威胁检测逐渐成为新型威胁检测的有效途径。在实战过程中,依靠传统的分析方式,传统安全设备通常无法对新型网络威胁的各个阶段进行有效的检测。换个角度来看攻防实战,真相往往隐藏在网络流量中。本文采用网络流量实时采集的思路,通过动态行为分析和网络流量分析技术实现新型网络威胁行为检测,有效解决了新型网络威胁的发现难题。
With the rapid development of network technology,there are more and more new network threats.Traditional security protection systems are also on the verge of failure.Threat detection based on full traffi c has gradually become an effective way to detect new threats.In the actual combat process,relying on traditional analysis methods,traditional security equipment usually cannot effectively detect the various stages of new cyber threats.Looking at the actual attack and defense from another angle,the truth is often hidden in the network traffic.This article uses real-time network traffic collection.The idea of using dynamic behavior analysis and network traffi c analysis technology to achieve new network threat behavior detection,effectively solve the problem of new network threat discovery.
作者
朱京毅
罗汉斌
ZHU Jing-yi;LUO Han-bin(China Mobile Group Shanghai Co.,Ltd.,Shanghai 200060,China)
出处
《电信工程技术与标准化》
2020年第12期25-29,共5页
Telecom Engineering Technics and Standardization
关键词
网络威胁
威胁检测
动态行为分析
网络流量分析
network threats
threat detection
dynamic behavior analysis
network traffic analysis
