《電子技術(shù)應(yīng)用》
您所在的位置:首頁 > 其他 > 設(shè)計應(yīng)用 > 基于數(shù)據(jù)驅(qū)動的網(wǎng)絡(luò)安全態(tài)勢感知預(yù)測
基于數(shù)據(jù)驅(qū)動的網(wǎng)絡(luò)安全態(tài)勢感知預(yù)測
網(wǎng)絡(luò)安全與數(shù)據(jù)治理
吳寶江
中國電子科技集團(tuán)有限公司電子科學(xué)研究院
摘要: 云計算和互聯(lián)網(wǎng)的快速發(fā)展引發(fā)網(wǎng)絡(luò)數(shù)據(jù)的爆炸式增長,隨之而來的網(wǎng)絡(luò)威脅也變得日益復(fù)雜,大量的數(shù)據(jù)給網(wǎng)絡(luò)帶來了巨大的安全風(fēng)險。傳統(tǒng)的安全措施往往不足以抵御這些持續(xù)動態(tài)變化的網(wǎng)絡(luò)安全威脅,需要綜合應(yīng)用人工智能和機(jī)器學(xué)習(xí)等技術(shù),基于數(shù)據(jù)驅(qū)動形成數(shù)據(jù)應(yīng)用智能化,采用態(tài)勢數(shù)據(jù)采集、大數(shù)據(jù)關(guān)聯(lián)分析、安全威脅研判等手段,實(shí)現(xiàn)網(wǎng)絡(luò)安全威脅實(shí)時監(jiān)測并預(yù)測潛在的網(wǎng)絡(luò)攻擊行為,支撐防御策略動態(tài)調(diào)整,提升網(wǎng)絡(luò)空間安全防御整體效能。此外,基于數(shù)據(jù)驅(qū)動的網(wǎng)絡(luò)安全態(tài)勢感知預(yù)測系統(tǒng)能夠幫助網(wǎng)絡(luò)安全管理人員豐富網(wǎng)絡(luò)風(fēng)險處理相關(guān)專業(yè)知識,在實(shí)際網(wǎng)絡(luò)安全威脅場景下做出更好的判斷和決策。
中圖分類號:TN918.91;TP309文獻(xiàn)標(biāo)識碼:ADOI:10.19358/j.issn.2097-1788.2025.05.003
引用格式:吳寶江. 基于數(shù)據(jù)驅(qū)動的網(wǎng)絡(luò)安全態(tài)勢感知預(yù)測[J].網(wǎng)絡(luò)安全與數(shù)據(jù)治理,2025,44(5):17-20.
Data-driven network security situational awareness and prediction
Wu Baojiang
China Academy of Electronics and Information Technology
Abstract: The rapid development of cloud computing and the Internet has led to the explosive growth of network data, and the ensuing network threats have become increasingly complex. A large amount of data has brought huge security risks to the network. Traditional security measures are often insufficient to resist these constantly changing network security threats. It is necessary to comprehensively apply technologies such as artificial intelligence and machine learning to from data-driven intelligent data applications, using situational data collection, big data correlation analysis, security threat analysis and other means to achieve real-time monitoring of network security threats and predict potential network attack behaviors. It can support dynamic adjustment of defense strategies, and improve the overall effectiveness of network security defense. In addition, data-driven security situational awareness and prediction systems can help network security managers enrich their related professional knowledge of network risks, and make better judgments and decisions in actual network security threat scenarios.
Key words : data-driven;security situational awareness and prediction;artificial intelligence;machine learning;security defense

引言

由于日益增長的網(wǎng)絡(luò)環(huán)境威脅和越來越多的網(wǎng)絡(luò)惡意攻擊行為,網(wǎng)絡(luò)安全已經(jīng)成為當(dāng)今互聯(lián)網(wǎng)世界的一個重要問題。傳統(tǒng)的安全解決方案已經(jīng)不足以抵御當(dāng)今各個領(lǐng)域持續(xù)不斷動態(tài)發(fā)展的網(wǎng)絡(luò)安全威脅,亟需能夠有效感知預(yù)測并防御網(wǎng)絡(luò)安全威脅的創(chuàng)新方法。因此,本文提出基于數(shù)據(jù)驅(qū)動的網(wǎng)絡(luò)安全態(tài)勢感知預(yù)測方法,它能夠提供主動預(yù)測策略和實(shí)時監(jiān)測,將為網(wǎng)絡(luò)安全管理人員針對網(wǎng)絡(luò)安全事件做出快速、準(zhǔn)確決策提供有力支撐,使網(wǎng)絡(luò)安全管理人員能夠有效分配資源,采取應(yīng)對措施,保護(hù)網(wǎng)絡(luò)環(huán)境免受安全威脅。

數(shù)據(jù)驅(qū)動不僅是數(shù)據(jù)的采集分析,更是數(shù)字化時代催生的各類創(chuàng)新技術(shù)(人工智能、機(jī)器學(xué)習(xí)等)的綜合應(yīng)用,進(jìn)而形成數(shù)據(jù)應(yīng)用智能化,是利用數(shù)據(jù)分析來獲取有用知識的過程,并最終做出智能決策。由人工智能和機(jī)器學(xué)習(xí)賦能的基于數(shù)據(jù)驅(qū)動的網(wǎng)絡(luò)安全態(tài)勢感知預(yù)測方法,利用網(wǎng)絡(luò)日志、系統(tǒng)安全事件和用戶行為等眾多來源產(chǎn)生的大量數(shù)據(jù)來預(yù)測潛在的網(wǎng)絡(luò)攻擊,這使得積極主動和自適應(yīng)的網(wǎng)絡(luò)防御系統(tǒng)成為可能,而不是僅僅依賴預(yù)定義的規(guī)則和標(biāo)簽來防御網(wǎng)絡(luò)威脅。此外,網(wǎng)絡(luò)安全管理人員還可以通過從數(shù)據(jù)分析中獲得的有用知識對網(wǎng)絡(luò)攻擊對手進(jìn)行分析,深入了解其網(wǎng)絡(luò)攻擊方法、技術(shù)和程序,以便在實(shí)際網(wǎng)絡(luò)安全威脅場景下做出更好的人工判斷和決策。


本文詳細(xì)內(nèi)容請下載:

http://ccf-cncc2011.cn/resource/share/2000006542


作者信息:

吳寶江

(中國電子科技集團(tuán)有限公司電子科學(xué)研究院,北京100041)


Magazine.Subscription.jpg

此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。