《電子技術(shù)應(yīng)用》
您所在的位置:首頁(yè) > 通信與網(wǎng)絡(luò) > 設(shè)計(jì)應(yīng)用 > 網(wǎng)絡(luò)安全智能決策系統(tǒng)設(shè)計(jì)
網(wǎng)絡(luò)安全智能決策系統(tǒng)設(shè)計(jì)
信息技術(shù)與網(wǎng)絡(luò)安全
馮政鑫1,唐 寅1,韓 磊2,吳 錫1
(1.成都信息工程大學(xué) 計(jì)算機(jī)學(xué)院,四川 成都610225;2.北京計(jì)算機(jī)技術(shù)及應(yīng)用研究所,北京100854)
摘要: 隨著云計(jì)算、物聯(lián)網(wǎng)、大數(shù)據(jù)等新興技術(shù)日漸成熟,網(wǎng)絡(luò)環(huán)境也變得日益復(fù)雜。面對(duì)海量安全數(shù)據(jù),人力已經(jīng)難以詳盡分析,導(dǎo)致做出的決策具有局限性、安全事件響應(yīng)速度慢以及處置不及時(shí)等問(wèn)題。文章立足于網(wǎng)絡(luò)安全智能決策,在現(xiàn)有研究的基礎(chǔ)上開(kāi)展系統(tǒng)設(shè)計(jì)和研究工作。提出了網(wǎng)絡(luò)安全智能決策系統(tǒng)的整體架構(gòu),設(shè)計(jì)了網(wǎng)絡(luò)安全智能決策引擎,能夠?qū)W(wǎng)絡(luò)當(dāng)前的安全態(tài)勢(shì)進(jìn)行智能化分析,更加快速、合理地進(jìn)行決策和響應(yīng),并針對(duì)分布式大規(guī)模網(wǎng)絡(luò)環(huán)境對(duì)系統(tǒng)架構(gòu)進(jìn)行了拓展,形成了層次化的網(wǎng)絡(luò)安全智能決策系統(tǒng)部署架構(gòu),為實(shí)施網(wǎng)絡(luò)空間安全智能決策做了有益探索。
中圖分類(lèi)號(hào): TN915.08
文獻(xiàn)標(biāo)識(shí)碼: A
DOI: 10.19358/j.issn.2096-5133.2021.05.005
引用格式: 馮政鑫,唐寅,韓磊,等. 網(wǎng)絡(luò)安全智能決策系統(tǒng)設(shè)計(jì)[J].信息技術(shù)與網(wǎng)絡(luò)安全,2021,40(5):27-32.
Design of intelligent decision-making system for cyber security
Feng Zhengxin1,Tang Yin1,Han Lei2,Wu Xi1
(1.School of Compute Science,Chengdu University of Information Technology,Chengdu 610225,China; 2.Beijing Institute of Computer Technology and Applications,Beijing 100854,China)
Abstract: As emerging technologies such as cloud computing, Internet of Things, and big data mature, the network environment has become increasingly complex. Faced with massive amounts of security data, it is difficult for manpower to analyze in detail, which leads to problems such as limitations in decision-making, slow response and untimely handling to security incidents. Based on intelligent decision-making for cyber security, this paper carried out work such as system design and system research on the basis of existing work, proposed the overall architecture of the intelligent decision-making system for cyber security(IDSCS), and designed the intelligent decision-making engine for cyber security(IDECS), so as to intelligently assess the current security situation of the network, and then make faster and more reasonable decisions and responses. In addition, authors of this paper have expanded the system architecture of IDSCS for the distributed large-scale network environment, forming a hierarchical deployment architecture, which has made a beneficial exploration for the implementation of intelligent decision-making in cyberspace security.
Key words : cyber security;intelligent decision-making;decision engine;intelligent decision-making system

0 引言

網(wǎng)絡(luò)空間安全是在信息通信技術(shù)的硬件、代碼、數(shù)據(jù)、應(yīng)用4個(gè)層面,圍繞著信息的獲取、傳輸、處理、利用4個(gè)核心功能,針對(duì)網(wǎng)絡(luò)空間的設(shè)施、數(shù)據(jù)、用戶、操作4個(gè)核心要素來(lái)采取安全措施。網(wǎng)絡(luò)空間安全涉及多個(gè)安全領(lǐng)域,總體可歸納為四類(lèi):傳統(tǒng)網(wǎng)絡(luò)安全、“卡脖子”安全技術(shù)、新技術(shù)及其安全以及網(wǎng)絡(luò)安全基礎(chǔ)研究平臺(tái)(網(wǎng)絡(luò)靶場(chǎng))。傳統(tǒng)網(wǎng)絡(luò)安全是指?jìng)鹘y(tǒng)互聯(lián)網(wǎng)一直存在的安全問(wèn)題,涵蓋信息安全、輿論安全、在線社交網(wǎng)絡(luò)、傳感網(wǎng)安全、信息保密、網(wǎng)絡(luò)安全、可信計(jì)算、GPS安全等;“卡脖子”安全技術(shù)是指可避免我國(guó)網(wǎng)絡(luò)空間受制于他人的關(guān)鍵安全技術(shù),包括網(wǎng)絡(luò)主權(quán)、根域名安全、工業(yè)控制系統(tǒng)(工控)安全、芯片安全、APT攻防對(duì)抗等;新技術(shù)及其安全是指新一代信息技術(shù)發(fā)展過(guò)程中自身的內(nèi)生安全問(wèn)題和應(yīng)用中的衍生安全問(wèn)題,新技術(shù)主要包括:人工智能、大數(shù)據(jù)、云計(jì)算、區(qū)塊鏈、5G、車(chē)聯(lián)網(wǎng)、物聯(lián)網(wǎng)、暗網(wǎng)等;網(wǎng)絡(luò)安全驗(yàn)證平臺(tái)是指為驗(yàn)證安全技術(shù)所需的試驗(yàn)平臺(tái)和環(huán)境,是開(kāi)展網(wǎng)絡(luò)安全研究的基礎(chǔ)。

國(guó)內(nèi)外對(duì)傳統(tǒng)安全領(lǐng)域已有多年研究和積累,本文主要關(guān)注“卡脖子”安全技術(shù)、新技術(shù)及其安全、安全基礎(chǔ)研究平臺(tái)等核心技術(shù)領(lǐng)域。首先,對(duì)國(guó)內(nèi)外網(wǎng)絡(luò)安全核心技術(shù)的發(fā)展現(xiàn)狀進(jìn)行了概述,然后梳理了網(wǎng)絡(luò)空間安全發(fā)展所面臨的突出問(wèn)題,最后給出我國(guó)網(wǎng)絡(luò)安全核心技術(shù)發(fā)展的相關(guān)建議及結(jié)論。



本文詳細(xì)內(nèi)容請(qǐng)下載:http://ihrv.cn/resource/share/2000003547




作者信息:

馮政鑫1,唐  寅1,韓  磊2,吳  錫1

(1.成都信息工程大學(xué) 計(jì)算機(jī)學(xué)院,四川 成都610225;2.北京計(jì)算機(jī)技術(shù)及應(yīng)用研究所,北京100854)


此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。