A Survey of Architecture and Implementation Method on Cyber Security Situation Awareness Analysis

LI Yan; WANG Chun-zi; HUANG Guang-qiu; ZHAO Xu; ZHANG Bin; LI Ying-chao

doi:10.3969/j.issn.0372-2112.2019.04.021

您当前的位置：

首页 >

文章列表页 >

A Survey of Architecture and Implementation Method on Cyber Security Situation Awareness Analysis

更新时间：2025-07-16

- A Survey of Architecture and Implementation Method on Cyber Security Situation Awareness Analysis
- Acta Electronica Sinica Vol. 47, Issue 4, Pages: 927-945(2019)
- 作者机构：
  
  1. 西安工程大学管理学院,陕西,西安,710048
  2. 西安建筑科技大学管理学院,陕西,西安,710055
  3. 联易软件有限公司,陕西,西安,710000
- 作者简介：
- 基金信息：
  
  Science and Technology Research and Development Program of Shaanxi Province (No.2013K1117);Fund of Key Discipline Construction Project of Shaanxi Province (No.E08001);Doctoral Research Fund of Xi' an Polytechnic University
- DOI：10.3969/j.issn.0372-2112.2019.04.021
  CLC： TN915.08
- Published Online：25 April 2019，
  
  Published：2019
- 稿件说明：
移动端阅览
LI Yan, WANG Chun-zi, HUANG Guang-qiu, et al. A Survey of Architecture and Implementation Method on Cyber Security Situation Awareness Analysis[J]. Acta Electronica Sinica, 2019, 47(4): 927-945.
DOI：

LI Yan, WANG Chun-zi, HUANG Guang-qiu, et al. A Survey of Architecture and Implementation Method on Cyber Security Situation Awareness Analysis[J]. Acta Electronica Sinica, 2019, 47(4): 927-945. DOI： 10.3969/j.issn.0372-2112.2019.04.021.

摘要

信息技术已经深入到全社会政治、经济、文化的方方面面，信息革命改变了全世界的沟通方式，促使人类社会有了巨大的发展，也使网络安全问题受到了前所未有的关注.针对网络安全问题的研究主要经历了理想化设计保证安全、辅助检测被动防御、主动分析制定策略、全面感知预测趋势4个主要阶段，在各国都在争夺数字控制权的新战略制高点背景下，针对网络安全态势感知的探讨无论是在学术研究上还是在产业化实现上都呈现出了全新的特点.本文对网络安全态势感知进行了尽可能详尽的文献调研，首先介绍了国内外研究现状及网络安全态势感知与传统态势感知之间的区别与联系；然后从数据价值链角度提出了网络安全态势感知的逻辑分析框架，将整个过程分解为要素采集、模型表示、度量确立、求解分析和态势预测五个连续的处理阶段，随后对每个阶段的作用，主流的方法进行了阐述，并对在实验对象上的应用结果以及方法间的横向比较进行了说明.本文意图对网络安全态势感知提供全景知识，为网络安全的产业化方案提供辅助思想，希望能够对此领域的科研和工程人员起到参考作用.

Abstract

Information technology has penetrated into all aspects of politics

economy and culture in the whole society.The information revolution has changed the way of communication all over the world

promoted the development of human society

and made the problem of network security get unprecedented attention.The research on network security has mainly experienced 4 main stages:idealized design ensures safety

passive defense after auxiliary detection

actively analyze and formulate security strategies

forecast trend after comprehensive perception.Under the background of the new strategic commanding point for the power of digital control in all countries

the research on the Cyber Security Situation Awareness Analysis (CSSA) has presented new features in both academic research and industrialization.This paper makes a detailed literature survey on CSSA.First

it introduces the status of the research and the difference and connection between CSSA and traditional awareness analysis.Then the logical analysis framework of CSSA is proposed from the perspective of data value chain.The whole process is decomposed into five continuous stages of processing

including factor collection

model representation

measurement establishment

solution analysis and situation prediction.After that

the role and the mainstream method of each stage are expounded

and the application results on the experimental object and the horizontal comparison between the methods are explained.The purpose of this paper is to provide a panoramic knowledge of CSSA

and to provide an auxiliary idea for the network security industrialization scheme

and hope that it can serve as a reference for scientific research and engineering personnel in this field.

关键词

Keywords

references

Views

666

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Masquerade Detection Based on Shell Commands and High-Order Markov Chain Models

A Survey of Zero Trust Management for Large-Scale Internet of Things

Malware Classification Method Based on Improved CNN

Intrusion Detection Method Based on Capsule Network for Industrial Internet

Research on Modeling of Latent Virus Propagation Behavior with Increasing or Decreasing Network Nodes

Related Author

XIAO Xi

ZHAI Qi-bin

TIAN Xin-guang

CHEN Xiao-juan

YE Run-guo

XING Fang-yuan

DONG Ao

SUN Yu-yi

Related Institution

State Key Laboratory of Information Security,Graduate University of Chinese Academy of Sciences

Key Laboratory of Network Science and Technology,Institute of Computing Technology,Chinese Academy of Sciences

College of Computer and Information Engineering,Beijing Technology and Business University

Beijing Venustech Company Ltd

State Key Laboratory of Information SecurityGraduate University of Chinese Academy of SciencesBeijing 100049China

⁰