计算机科学与探索2018,Vol.12Issue(5):681-696,16.DOI:10.3778/j.issn.1673-9418.1707064
网络安全日志可视化分析研究进展
Research Advances on Network Security Logs Visualization
摘要
Abstract
With the incessant expansion and evolution of modern network security threats, the situation and chal-lenges of network security are becoming increasingly severe and complicated.Network security logs visualization,a new cross subject, can help users intuitively analyze network security features, respond to internet events in real-time,and offer analysts 360-degree network security situation awareness via visualizing abstract network and security data. This paper first introduces the characteristics of the running security equipment and the analysis drawbacks, and points out the necessity of visual analysis.Next,this paper defines three elements(people,incident,device)and the process flow of network security visualization,and summarizes the figure technology according to basic figure, general figure and novel figure,which provide a new thought for further research.Then,this paper focuses on dis-cussing five network logs visualization technologies and their respective representative works: the firewall, intru-sion,network traffic,the host state and multi-source big data fusion.Finally,this paper prospects the essence of visu-alization technology in the future,that is people-oriented and figure-mediumed.关键词
网络安全日志/数据源/图技术/可视化系统/可视分析Key words
network security logs/data source/figure technology/visualization system/visual analysis分类
信息技术与安全科学引用本文复制引用
张胜,赵珏,陈荣元..网络安全日志可视化分析研究进展[J].计算机科学与探索,2018,12(5):681-696,16.基金项目
The National Natural Science Foundation of China under Grant No.61402540(国家自然科学基金) (国家自然科学基金)
the Natural Science Foundation of Hunan Province under Grant No.2016JJ2070(湖南省自然科学基金). (湖南省自然科学基金)