摘要
网络空间开源威胁情报是开源情报的一个子集,主要关注与网络空间对抗战术、技术、程序、行为、事件和所有其他元素相关的信息。随着网络空间规模和复杂性的提升,网络空间攻防力量不对等、优势非对称、信息不透明等矛盾逐渐突出,信息量迅速增加到人类难以及时处理的程度,防御者必须通过人机协同方式提升能力。当前,人机协同效能尚存在极大的优化空间,通过剖析网络空间威胁情报分析需求,提出开源威胁情报的应用模型,给出四象限的人机工作分工与职责优先级,为提高情报分析的准确性、洞察力和人机协同效率谋划发展进路。
Open source threat intelligence in cyberspace is a subset of open source intelligence that focuses on information related to cyberspace countermeasure tactics,techniques,procedures,behaviors,events,and all other elements.With the increase in the scale and complexity of cyberspace,contradictions such as unequal offensive and defensive forces,asymmetric advantages,and opaque information in cyberspace have gradually become prominent,meanwhile the amount of information has rapidly increased to the extent that it is difficult for ability-constrained humans to deal with in proper time.At present,there is still a great distance for optimization of human-machine collaboration efficiency.By analyzing the demand for cyberspace threat intelligence analysis,an application model of open source threat intelligence is proposed,and the four-quadrant human-machine work division and responsibility priority are given.Further plan development paths are purposed to increase accuracy,insight and human-machine synergy efficiency.
作者
陈剑锋
CHEN Jianfeng(No.30 Institute of CETC,Chengdu Sichuan 610041,China;China Electronics Technology Cyber Security Co.,Ltd.,Chengdu Sichuan 610041,China)
出处
《信息安全与通信保密》
2022年第7期17-24,共8页
Information Security and Communications Privacy
基金
国家重点研发计划项目(No.2019YFB2101701)。
关键词
网络空间安全
开源情报
人机协同
策略优化
cyberspace security
open-source intelligence
human-machine cooperation
strategy optimization
