摘要
为不断提高水利网络安全威胁感知、监测预警、应急响应能力,提出融合网络威胁情报的水利网络安全防护框架,基于水利部网络安全大数据平台,建立水利部网络威胁情报中心,实现网络威胁情报汇集、私有情报生产和多类型情报输出,将水利部网络威胁情报中心与水利部网络安全威胁感知决策指挥系统等进行对接,实现网络威胁情报赋能威胁狩猎、预警响应、攻击溯源等应用场景。研究成果已在水利行业网络安全日常防护、重要时期安全保障中得到应用,可有效提升水利部及水利行业单位网络安全防护水平,在网络安全防御体系构建中具有参考价值和实践意义。
To enhance capabilities in preception,monitoring,warning,and responding to cybersecurity threats in water conservancy,this study proposes a cybersecurity protection framework integrating cyber threat intelligence.Leveraging the Ministry of Water Resources’cybersecurity big data platform,the cyber threat intelligence center was established to enable threat intelligence aggregation,private intelligence generation,and multi-type intelligence dissemination.The center is integrated with systems such as the Ministry’s Cybersecurity Threat Perception and Decision Command System,enabling applications in threat hunting,warning responses,and attack tracing.This framework has been implemented in routine cyber security protection and critical period security assurance within the water conservancy sector,effectively improving cybersecurity defenses for the Ministry and affiliated units.The findings provide valuable references and practical insights for constructing cybersecurity defense systems.
作者
邹希
殷悦
张潮
詹全忠
ZOU Xi;YIN Yue;ZHANG Chao;ZHAN Quanzhong(Information Center,Ministry of Water Resource,Beijing 100053,China)
出处
《水利信息化》
2024年第6期55-60,共6页
Water Resources Informatization
基金
国家重点研发计划项目(2021YFB3900600)
水利青年拔尖人才资助项目(JHQB202214)。
关键词
网络安全
网络威胁情报
威胁感知
监测预警
应急响应
cybersecurity
cyber threat intelligence
threat perception
monitoring and warning
emergency response
