计算机工程与应用 ›› 2011, Vol. 47 ›› Issue (25): 107-111.

• 网络、通信、安全 • 上一篇    下一篇

安全报警融合环境中信息的关联

刘 靖1,2,刘建伟1,张铁林2,陈建华2,刘芋存3   

  1. 1.北京航空航天大学 电子信息工程学院,北京 100191
    2.酒泉卫星发射中心,甘肃 酒泉 732750
    3.两河中心学校,四川 广安 638509
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2011-09-01 发布日期:2011-09-01

Association of information in security alerts fusion environment

LIU Jing1,2,LIU Jianwei1,ZHANG Tielin2,CHEN Jianhua2,LIU Yucun3   

  1. 1.School of Electronic and Information Engineering,Beihang University,Beijing 100191,China
    2.Jiuquan Satellite Launch Center,Jiuquan,Gansu 732750,China
    3.Lianghe Central School,Guang’an,Sichuan 638509,China
  • Received:1900-01-01 Revised:1900-01-01 Online:2011-09-01 Published:2011-09-01

摘要: 网络中各个安全产品各自为阵,难以满足全方位集成防御体系的需求,信息融合是安全技术的发展趋势。基于分层融合的思想提出SAFE(Security Alerts Fusion Environment),对安全报警信息进行融合,采用一阶谓词逻辑,从网络安全行为描述和关联规则等方面叙述报警信息的关联。SAFE生成简洁直观的综合性安全信息,为安全事件响应决策提供有效支持。

关键词: 安全报警融合环境(SAFE), 分层融合, 关联, 一阶谓词逻辑

Abstract: If the network security products operate independently,it can not meet the demand for integrated defense.Information fusion is the development trend of security technology.Based on idea of hierarchical fusion,this paper proposes a Security Alerts Fusion Environment(SAFE).Security alarms are fused.First-order predicate logic is used and the associated processing of information is realized.From description of network security behavior and association rules etc,the association of information is described.SAFE generates intuitionistic and comprehensive security information,provides effective support for security response decision.

Key words: Security Alerts Fusion Environment(SAFE), hierarchical fusion, association, first-order predicate logic