《電子技術應用》
您所在的位置:首頁 > 其他 > 設計應用 > 基于數(shù)據(jù)驅(qū)動的網(wǎng)絡安全態(tài)勢感知預測
基于數(shù)據(jù)驅(qū)動的網(wǎng)絡安全態(tài)勢感知預測
網(wǎng)絡安全與數(shù)據(jù)治理
吳寶江
中國電子科技集團有限公司電子科學研究院
摘要: 云計算和互聯(lián)網(wǎng)的快速發(fā)展引發(fā)網(wǎng)絡數(shù)據(jù)的爆炸式增長,隨之而來的網(wǎng)絡威脅也變得日益復雜,大量的數(shù)據(jù)給網(wǎng)絡帶來了巨大的安全風險。傳統(tǒng)的安全措施往往不足以抵御這些持續(xù)動態(tài)變化的網(wǎng)絡安全威脅,需要綜合應用人工智能和機器學習等技術,基于數(shù)據(jù)驅(qū)動形成數(shù)據(jù)應用智能化,采用態(tài)勢數(shù)據(jù)采集、大數(shù)據(jù)關聯(lián)分析、安全威脅研判等手段,實現(xiàn)網(wǎng)絡安全威脅實時監(jiān)測并預測潛在的網(wǎng)絡攻擊行為,支撐防御策略動態(tài)調(diào)整,提升網(wǎng)絡空間安全防御整體效能。此外,基于數(shù)據(jù)驅(qū)動的網(wǎng)絡安全態(tài)勢感知預測系統(tǒng)能夠幫助網(wǎng)絡安全管理人員豐富網(wǎng)絡風險處理相關專業(yè)知識,在實際網(wǎng)絡安全威脅場景下做出更好的判斷和決策。
中圖分類號:TN918.91;TP309文獻標識碼:ADOI:10.19358/j.issn.2097-1788.2025.05.003
引用格式:吳寶江. 基于數(shù)據(jù)驅(qū)動的網(wǎng)絡安全態(tài)勢感知預測[J].網(wǎng)絡安全與數(shù)據(jù)治理,2025,44(5):17-20.
Data-driven network security situational awareness and prediction
Wu Baojiang
China Academy of Electronics and Information Technology
Abstract: The rapid development of cloud computing and the Internet has led to the explosive growth of network data, and the ensuing network threats have become increasingly complex. A large amount of data has brought huge security risks to the network. Traditional security measures are often insufficient to resist these constantly changing network security threats. It is necessary to comprehensively apply technologies such as artificial intelligence and machine learning to from data-driven intelligent data applications, using situational data collection, big data correlation analysis, security threat analysis and other means to achieve real-time monitoring of network security threats and predict potential network attack behaviors. It can support dynamic adjustment of defense strategies, and improve the overall effectiveness of network security defense. In addition, data-driven security situational awareness and prediction systems can help network security managers enrich their related professional knowledge of network risks, and make better judgments and decisions in actual network security threat scenarios.
Key words : data-driven;security situational awareness and prediction;artificial intelligence;machine learning;security defense

引言

由于日益增長的網(wǎng)絡環(huán)境威脅和越來越多的網(wǎng)絡惡意攻擊行為,網(wǎng)絡安全已經(jīng)成為當今互聯(lián)網(wǎng)世界的一個重要問題。傳統(tǒng)的安全解決方案已經(jīng)不足以抵御當今各個領域持續(xù)不斷動態(tài)發(fā)展的網(wǎng)絡安全威脅,亟需能夠有效感知預測并防御網(wǎng)絡安全威脅的創(chuàng)新方法。因此,本文提出基于數(shù)據(jù)驅(qū)動的網(wǎng)絡安全態(tài)勢感知預測方法,它能夠提供主動預測策略和實時監(jiān)測,將為網(wǎng)絡安全管理人員針對網(wǎng)絡安全事件做出快速、準確決策提供有力支撐,使網(wǎng)絡安全管理人員能夠有效分配資源,采取應對措施,保護網(wǎng)絡環(huán)境免受安全威脅。

數(shù)據(jù)驅(qū)動不僅是數(shù)據(jù)的采集分析,更是數(shù)字化時代催生的各類創(chuàng)新技術(人工智能、機器學習等)的綜合應用,進而形成數(shù)據(jù)應用智能化,是利用數(shù)據(jù)分析來獲取有用知識的過程,并最終做出智能決策。由人工智能和機器學習賦能的基于數(shù)據(jù)驅(qū)動的網(wǎng)絡安全態(tài)勢感知預測方法,利用網(wǎng)絡日志、系統(tǒng)安全事件和用戶行為等眾多來源產(chǎn)生的大量數(shù)據(jù)來預測潛在的網(wǎng)絡攻擊,這使得積極主動和自適應的網(wǎng)絡防御系統(tǒng)成為可能,而不是僅僅依賴預定義的規(guī)則和標簽來防御網(wǎng)絡威脅。此外,網(wǎng)絡安全管理人員還可以通過從數(shù)據(jù)分析中獲得的有用知識對網(wǎng)絡攻擊對手進行分析,深入了解其網(wǎng)絡攻擊方法、技術和程序,以便在實際網(wǎng)絡安全威脅場景下做出更好的人工判斷和決策。


本文詳細內(nèi)容請下載:

http://theprogrammingfactory.com/resource/share/2000006542


作者信息:

吳寶江

(中國電子科技集團有限公司電子科學研究院,北京100041)


Magazine.Subscription.jpg

此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。