摘要
近年来,日益严峻的网络安全形势对信息系统的网络安全防御防护能力提出了更高的要求.大量且多样的网络数据使得网络攻击的态势感知、应急处置等防御环节面临挑战.因此,网络安全技术以及网络安全架构设计也应在此趋势下作出及时和持续的改进.通过对网络安全防御防护能力和大数据技术的研究,提出了以态势感知、应急处置决策支持和网络安全系统智能优化为主的网络安全大数据平台功能需求,并设计了平台的技术架构.基于该架构建设的网络安全大数据平台可以提高网络威胁态势感知的前瞻性和准确性、网络事件应急处置的实时性和有效性、网络安全体系架构的前沿性和全面性以及架构优化调整的及时性.
In recent years,the increasingly severe cybersecurity situation has put forward higher requirements for the cybersecurity defense and protection capabilities of information systems.The network flows and data with high volume and large variety bring even more issues to the information system protection in terms of cybersecurity situation awareness,crisis handling,etc.Thus,the cybersecurity technology and the information system architecture should have timely and continuous improvement in order to deal with situation changes.By analyzing the cybersecurity abilities of an information system and the big data technologies,this study proposes 3 main features of a big data platform for cybersecurity concerns:cybersecurity situation awareness,decision support for handling cybersecurity crises and cybersecurity system optimization,and therefore provides the technical architecture of the platform that aims at addressing cybersecurity protection and defense.A big data platform based on the proposed architecture can improve the foresight and the accuracy of the situation awareness,ensure the real-time performance and the effectiveness of the crisis handling and guarantee the technological advancement and the versatility of the information system architecture towards cybersecurity considering the timeliness in its optimization.
作者
王逸鹤
黄亦芃
Wang Yihe;Huang Yipeng(Research Section of Cybersecurity,Department of Computer Technology Application,China Institute of Nuclear Industry Strategy,Beijing 100048;School of Softivare,Tsinghua University,Beijing 100084)
出处
《信息安全研究》
2021年第1期75-80,共6页
Journal of Information Security Research
关键词
网络安全
大数据
态势感知
应急处置
决策支持
系统优化
cybersecurity
big data
situation awareness
crisis handling
decision support
system optimization
