辐状节点链接图在IPS日志分析中的研究与应用
发布时间:2018-07-23 17:48
【摘要】:为了提高IPS(入侵防御系统)日志分析的效率和精准度,提出一种辐状节点链接图可视化分析方法。针对经典节点链接图随着数据量增加,节点变得拥挤、层次难以区分、空间利用率不高等问题,结合节点链接图和辐射图的优势,设计一种新的可视化技术变形即辐状节点链接图。分析VAST 2013 Challenge比赛中IPS日志。研究结果表明:在大数据环境下,该技术能够合理分布节点以区分不同维度的IPS属性,利用可视化筛选降低图像密度,改进布局算法以合理利用显示面积以及产生图形的聚类;该方法能有效地感知网络安全态势,辅助分析人员决策;该辐状节点链接图的数据维度表现能力和业务层次控制能力较强。
[Abstract]:In order to improve the efficiency and accuracy of log analysis in IPS (intrusion Prevention system), a visual analysis method of radial node link graph is proposed. In view of the problems of the classical node link graph with the increase of data volume, the nodes become crowded, the hierarchy is difficult to distinguish, and the space utilization rate is not high, the advantages of the node link graph and the radiation map are combined. A new visualization technique called radial node link graph is designed. Analyze the IPS log of VAST 2013 Challenge match. The results show that: in big data environment, this technique can reasonably distribute nodes to distinguish IPS attributes of different dimensions, reduce image density by visual filtering, and improve layout algorithm to reasonably utilize display area and generate graph clustering. This method can effectively perceive the network security situation and assist the analyst to make decision, and the radial node link graph has strong performance of data dimension and control ability of service level.
【作者单位】: 中南大学信息科学与工程学院;湖南商学院现代教育技术中心;
【基金】:国家自然科学基金资助项目(61402540)~~
【分类号】:TP393.08
本文编号:2140166
[Abstract]:In order to improve the efficiency and accuracy of log analysis in IPS (intrusion Prevention system), a visual analysis method of radial node link graph is proposed. In view of the problems of the classical node link graph with the increase of data volume, the nodes become crowded, the hierarchy is difficult to distinguish, and the space utilization rate is not high, the advantages of the node link graph and the radiation map are combined. A new visualization technique called radial node link graph is designed. Analyze the IPS log of VAST 2013 Challenge match. The results show that: in big data environment, this technique can reasonably distribute nodes to distinguish IPS attributes of different dimensions, reduce image density by visual filtering, and improve layout algorithm to reasonably utilize display area and generate graph clustering. This method can effectively perceive the network security situation and assist the analyst to make decision, and the radial node link graph has strong performance of data dimension and control ability of service level.
【作者单位】: 中南大学信息科学与工程学院;湖南商学院现代教育技术中心;
【基金】:国家自然科学基金资助项目(61402540)~~
【分类号】:TP393.08
【相似文献】
相关重要报纸文章 前1条
1 ;提供真正的No Downtime[N];网络世界;2001年
,本文编号:2140166
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2140166.html
