In:
Journal of Physics: Conference Series, IOP Publishing, Vol. 1550, No. 6 ( 2020-05-01), p. 062025-
Abstract:
In the context of the era of big data, how to quickly and accurately detect attack events from massive amounts of heterogeneous data and form effective response on time has become the main challenge facing network security today. This paper systematically summarizes the attack behavior with both attack technology mechanisms and characteristics of the attack target, thereby constructing a scalable attack behavior model. Based on the attack behavior model, a data fusion framework of the multi-source heterogeneous network security situation is constructed. The framework normalizes multi-source heterogeneous security data into threat events with an attack pattern as the core and determine the attack state by the causal chain. Finally, the feasibility and effectiveness of the framework are verified by analyzing data in real business scenarios. This framework abstracts the multi-source heterogeneous data into an analyzable attack event, which greatly reduces the amount of data to be analyzed and improves the credibility of the network security situation data, realizing the identification of attack behaviors in the big data environment.
Type of Medium:
Online Resource
ISSN:
1742-6588
,
1742-6596
DOI:
10.1088/1742-6596/1550/6/062025
Language:
Unknown
Publisher:
IOP Publishing
Publication Date:
2020
detail.hit.zdb_id:
2166409-2
Permalink