电子科技 ›› 2024, Vol. 37 ›› Issue (6): 98-102.doi: 10.16180/j.cnki.issn1007-7820.2024.06.013

• 研究论文 • 上一篇    

网络安全态势感知模型的研究进展

方翔1,2   

  1. 1.福建信安网络科技有限公司,福建 福州 350101
    2.闽江学院,福建 福州 350108
  • 收稿日期:2023-01-06 出版日期:2024-06-15 发布日期:2024-06-20
  • 作者简介:方翔(1991-),男,工程师。研究方向:网络安全。
  • 基金资助:
    福建省中青年教师教育科研项目(JAT201192)

Research Progress in Network Security Situation Awareness Models

FANG Xiang1,2   

  1. 1. Xin An Network Technology Co.,Ltd., Fuzhou 350101, China
    2. Minjiang University, Fuzhou 350108, China
  • Received:2023-01-06 Online:2024-06-15 Published:2024-06-20
  • Supported by:
    Education and Research Project for Middle and Young Teachers in Fujian Province(JAT201192)

摘要:

针对当前数量形式均不断增多的网络攻击,不同种类名称的网络安全态势感知模型受到学术界的广泛关注研究。在信息技术迅速普及的背景下,硬件系统、软件漏洞日常应用操作的安全漏洞,导致网络攻击的方式手段不断增多,而单一类型的网络安全监控分析工具已难以适用于当前网络技术的发展。文中通过梳理网络安全态势感知技术的研究历史现状,总结分析了态势感知模型的技术理论发展及其工程应用,并且讨论了相关技术方案中存在的缺陷与不足,展望了网络安全态势感知模型未来的研究方向。

关键词: 网络安全, 信息安全, 态势感知, 恶意软件, 防火墙, 入侵检测, 流量分析, 日志审计

Abstract:

In response to the increasing number and forms of network attacks, different types and names of network security situational awareness models have received widespread attention and research from the academic community. In the context of the rapid popularization of information technology, hardware system, software vulnerabilities, and security vulnerabilities in daily application operations have led to an increasing number of ways and means of network attacks. However, a single type of network security monitoring and analysis tool is no longer suitable for the current development of network technology. By reviewing the research history and current status of network security situational awareness technology, this article summarizes and analyzes the theoretical development and engineering applications of situational awareness models, and discusses the shortcomings and deficiencies in relevant technical solutions. It also looks forward to the future research directions of network security situational awareness models.

Key words: network security, information security, situation awareness, malicious software, firewall, intrusion detection, flow analysis, log audit

中图分类号: 

  • TP393.08