期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于事件聚合和关联分析技术的安全管理平台应用研究 被引量:1

Research on Security Management Platform based on Event Aggregation and Association Analysis
在线阅读 下载PDF
导出
摘要 随着信息系统的增多以及系统复杂度的增加,信息安全防护系统也越来越复杂、越来越重要,随之产生了海量的日志,使得传统的日志审计系统已无法有效胜任分析工作。为此,文章结合基于事件聚合分析和关联分析技术的安全管理平台应用,对其技术原理进行了研究,总结了应用成效。 With the development of information system and the increasing of system complexity, information security system is more and more complex and important, and it produces massive logs .The traditional log audit system has been unable to effectively complete the work of analysis. With the application of security management platform based on event aggregation analysis and association analysis technology, this paper studies the technical principle, and summarizes its application effect.
作者 戴明星 褚英国 陈正奎
机构地区 浙江省地方税务局信息中心
出处 《信息网络安全》 2013年第7期91-92,共2页 Netinfo Security
关键词 日志分析 聚合分析 关联分析 安全管理平台 log analysis aggregation analysis association analysis security management platform
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献4

二级参考文献17

  • 1V.Paxson.Bro:A system for detecting network intruders in realtime.Computer Networks,1999,31(23-24):2435~2463
  • 2M.Roesch.Snort:Lightweight intrusion detection for networks.LISA'99,13th Systems Administration Conf.,Seattle,Washington,1999
  • 3M.V.Mahoney,P.K.Chan.Learning rules for anomaly detection of hostile network traffic.In:Proc.3rd IEEE Int'l Conf.Data Mining.Los Alamitos,CA,IEEE Computer Society Press,2003.601~604
  • 4M.Ester,H.P.Kriegel,J.Sander,et al.A density-based algorithm for discovering clusters in large spatial databases.In:Proc.1996 Int'l Conf.Knowledge Discovery and Data Mining.Portland:Oregon,1996.226~231
  • 5W.H.Joshua,P.L.Richard,J.F.David,et al.1999 DARPA intrusion detection system evaluation:Design and procedures.MIT Lincoln Laboratory,Tech.Rep.:TR1062,2001
  • 6R.P.Lippmann,J.W.Haines,D.J.Fried,et al.The 1999 DARPA oftline intrusion detection evaluation.Computer Networks,2000,34(4):579~595
  • 7K.Kendall.A database of computer attacks for the evaluation of intrusion detection system:[Master dissertation].Massachusetts:MIT,1999
  • 8P.A.Porras,M.W.Fong,A.Valdes.A mission-impact-based approach to INFOSEC alarm correlation.Recent Advances in Intrusion Detection,Zurich,Switzerland,2001
  • 9R.P.Goldman,W.Heimerdinger,S.A.Harp,et al.Information modeling for intrusion report aggregation.In:Proc.DARPA Information Survivability Conference and Exposition (DISCEX Ⅱ).Los Alamitos,CA:IEEE Computer Society Press,2001.329~342
  • 10H.Debar,A.Wespi.Aggregration and correlation of intrusiondetection alerts.Recent Advances in Intrusion Detection (RAID),Zurich,Switzerland,2001

共引文献11

同被引文献6

引证文献1

二级引证文献1

信息网络安全
2013年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部