网络安全日志可视化分析研究进展*
张胜1,2,赵珏1+,陈荣元3
1.湖南商学院大数据与互联网创新研究院,长沙410205
2.中南大学信息科学与工程学院,长沙410083
3.国防科技大学计算机学院,长沙410073
Research Advances on Network Security Logs Visualization *
ZHANG Sheng 1,2,ZHAO Jue 1+,CHEN Rongyuan 3
1.Institute of Big Data and Internet Innovation,Hunan University of Commerce,Changsha 410205,China
2.School of Information Science and Engineering,Central South University,Changsha 410083,China
3.School of Computer,National University of Defense Technology,Changsha 410073,China
+Corresponding author:E-mail:16967032@https://www.doczj.com/doc/1213783585.html,
ZHANG Sheng,ZHAO Jue,CHEN Rongyuan.Research advances on network security logs visualization.Journal of Frontiers of Computer Science and Technology,2018,12(5):681-696.
Abstract:With the incessant expansion and evolution of modern network security threats,the situation and chal-lenges of network security are becoming increasingly severe and https://www.doczj.com/doc/1213783585.html,work security logs visualization,a new cross subject,can help users intuitively analyze network security features,respond to internet events in real-time,and offer analysts 360-degree network security situation awareness via visualizing abstract network and security data.This paper first introduces the characteristics of the running security equipment and the analysis drawbacks,and points out the necessity of visual analysis.Next,this paper defines three elements (people,incident,device)and the process flow of network security visualization,and summarizes the figure technology according to basic figure,general figure and novel figure,which provide a new thought for further research.Then,this paper focuses on dis-cussing five network logs visualization technologies and their respective representative works:the firewall,intru-sion,network traffic,the host state and multi-source big data fusion.Finally,this paper prospects the essence of visu-*The National Natural Science Foundation of China under Grant No.61402540(国家自然科学基金);the Natural Science Foundation of Hunan Province under Grant No.2016JJ2070(湖南省自然科学基金).
Received 2017-07,Accepted 2018-02.
CNKI 网络出版:2018-02-06,https://www.doczj.com/doc/1213783585.html,/kcms/detail/11.5602.TP.20180206.1449.016.html
ISSN 1673-9418CODEN JKYTA8
Journal of Frontiers of Computer Science and Technology
1673-9418/2018/12(05)-0681-16
doi:10.3778/j.issn.1673-9418.1707064E-mail:fcst@https://www.doczj.com/doc/1213783585.html, https://www.doczj.com/doc/1213783585.html, Tel:+86-10-89056056万方数据