计算机工程与科学2013,Vol.35Issue(3):72-79,8.DOI:10.3969/j.issn.1007-130X.2013.03.012
HS-StreamCube:网络安全事件流实时多维分析系统
HS-streamCube: Real-time multi-dimensional analysis system on network security event stream
摘要
Abstract
In the applications of large-scale network security monitoring, data stream of security e-vents is analysised real-timely to acquire the characteristic of current security in the network and to assess dynamically the current security situation with Stream OLAP by building Stream Cube. Because of the limited memory capacity, Stream Cube only concerned about the current data within the time window, but expired data is stored approximately or simply discarded, so it do not support the query with time beyond the scope of current time window. We propose a real-time StreamCube-based multi-dimensional and multi-level analysis framework on security event stream, Hybrid StorageStreamCube, which is implemented by a two-tier (memory and disk) storage model. On the basis of characteristics of data stream,we focus on the modeling,building,storing and querying of HS-StreamCube within the two-tier storage model. Efficient experiments verify the availability and efficiency of the system.关键词
流数据方/网络安全事件/混合存储/联机在线分析Key words
stream cube/network security event/hybrid storage/OLAP分类
信息技术与安全科学引用本文复制引用
甘亮,李润恒,贾焰,刘健..HS-StreamCube:网络安全事件流实时多维分析系统[J].计算机工程与科学,2013,35(3):72-79,8.基金项目
国家863计划资助项目(2006AA01Z451,2007AA01Z474,2007AA010502) (2006AA01Z451,2007AA01Z474,2007AA010502)
