计算机应用 ›› 2012, Vol. 32 ›› Issue (01): 1-4.DOI: 10.3724/SP.J.1087.2012.00001

• 第四届中国计算机网络与信息安全学术会议论文(CCNIS’2011) •    下一篇

网络安全态势感知研究综述

席荣荣,云晓春,金舒原,张永铮   

  1. 中国科学院 计算技术研究所,北京 100190
  • 收稿日期:2011-08-01 修回日期:2011-09-08 发布日期:2012-02-06 出版日期:2012-01-01
  • 通讯作者: 席荣荣
  • 作者简介:席荣荣(1979-),女,山西洪洞人,博士研究生,主要研究方向:网络安全态势感知、安全评估;云晓春(1971-),男,黑龙江哈尔滨人,教授,博士生导师,博士,主要研究方向:计算机网络、信息安全;金舒原(1974-),女,黑龙江哈尔滨人,副研究员,博士,主要研究方向:安全测评、入侵检测、脆弱性分析;张永铮(1978-),男,黑龙江哈尔滨人,副研究员,博士,主要研究方向:网络安全事件监控、网络安全性分析、网络脆弱性评估。
  • 基金资助:

    国家自然科学基金资助项目(61070090);国家863计划项目(2009AA01Z438, 2009AA01Z431)

Research survey of network security situation awareness

XI Rong-rong,YUN Xiao-chun,JIN Shu-yuan,ZHANG Yong-zheng   

  1. Institute of Computing Technology, Chinese Academy of Sciences, Beijing 100190, China
  • Received:2011-08-01 Revised:2011-09-08 Online:2012-02-06 Published:2012-01-01
  • Contact: XI Rong-rong

摘要: 网络安全态势感知(SA)的研究对于提高网络的监控能力、应急响应能力和预测网络安全的发展趋势具有重要的意义。基于态势感知的概念模型,详细阐述了态势感知的三个主要研究内容:网络安全态势要素提取、态势理解和态势预测,重点论述各研究点需解决的核心问题、主要算法以及各种算法的优缺点;最后对各研究点的相关理论及其应用实现的发展趋势进行了分析和展望。

关键词: 态势感知, 网络安全, 数据融合, 态势预测

Abstract: The research of network security Situation Awareness (SA) is important in improving the abilities of network detection, response to emergency and predicting the network security trend. In this paper, based on the conceptual model of situational awareness, three main problems with regard to network security situational awareness were discussed: extraction of the elements in the network security situation, comprehension of the network security situation and projection of future situation. The core issues to be resolved, and major algorithms as well as the advantages and disadvantages of various algorithms were focused. Finally, the opening issues and challenges for network security situation awareness concerning both theory and implementation in near future were proposed.

Key words: Situation Awareness (SA), network security, data fusion, situational prediction

中图分类号: