基于云架构的网络安全事件检测研究
发布时间:2018-08-28 15:54
【摘要】:计算机网络的发展具备鲜明的时代色彩。时下,以云计算为主的网络大数据应用处理模式已经成为网络发展的主旋律。这一变化也为网络安全带来了新的机遇与挑战。目前,网络安全问题仍然是威胁网络健康发展的重要因素。如何解决大数据时代的网络发展的安全问题是一个非常有意义的研究课题。 为了解决这个问题,本文提出了一种网络安全事件检测系统的体系结构并基于云计算架构实现。这其中将采集的网络大数据交由云平台进行处理分析,问题事件则通过检测平台向管理员进行报告。此种处理模式显著提高了网络安全事件的检测效率。 为进一步提高检测效率,在算法的设计方面,本文在对特征熵研究的基础之上,深入分析不同应用的熵值特征曲线,,探究它们在特征熵值上的变化规律。提出了基于活跃熵的网络安全事件检测算法。从活跃熵的熵值计算、计算尺度的选择策略上对算法进行详细说明。 本文实现了基于Hadoop的云计算环境,并针对该环境特点,设计了完整的检测编程模型,将多种算法与云计算进行整合,有效提升了计算速度,在检测具有随机特性的网络安全事件方面取得较好的实验结果。 本文将云检测进行系统化应用,设计并开发出可扩展的基于云平台的安全事件检测系统,从实际应用角度对本文的算法和系统进行测试,取得了较好的成果。
[Abstract]:The development of computer network has a bright color of the times. Nowadays, cloud-based network big data application processing mode has become the main theme of network development. This change also brings new opportunities and challenges to network security. At present, network security is still an important factor threatening the healthy development of network. How to solve the network security problem in big data era is a very meaningful research topic. In order to solve this problem, a network security event detection system architecture is proposed and implemented based on cloud computing architecture. The collected network big data is handed over to the cloud platform for processing and analysis, and the problem events are reported to the administrator through the detection platform. This processing mode improves the detection efficiency of network security events. In order to further improve the detection efficiency, in the aspect of algorithm design, based on the study of feature entropy, this paper deeply analyzes the characteristic curve of entropy value in different applications, and probes into the law of their change in the characteristic entropy value. A network security event detection algorithm based on active entropy is proposed. The algorithm is explained in detail from the calculation of the entropy of active entropy and the selection strategy of calculation scale. In this paper, the cloud computing environment based on Hadoop is implemented, and according to the characteristics of the environment, a complete detection programming model is designed, which integrates various algorithms with cloud computing, and effectively improves the computing speed. Good experimental results are obtained in detecting network security events with random characteristics. In this paper, cloud detection is systematically applied, and an extensible security event detection system based on cloud platform is designed and developed. The algorithm and system are tested from the point of view of practical application, and good results are obtained.
【学位授予单位】:天津理工大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08
本文编号:2209880
[Abstract]:The development of computer network has a bright color of the times. Nowadays, cloud-based network big data application processing mode has become the main theme of network development. This change also brings new opportunities and challenges to network security. At present, network security is still an important factor threatening the healthy development of network. How to solve the network security problem in big data era is a very meaningful research topic. In order to solve this problem, a network security event detection system architecture is proposed and implemented based on cloud computing architecture. The collected network big data is handed over to the cloud platform for processing and analysis, and the problem events are reported to the administrator through the detection platform. This processing mode improves the detection efficiency of network security events. In order to further improve the detection efficiency, in the aspect of algorithm design, based on the study of feature entropy, this paper deeply analyzes the characteristic curve of entropy value in different applications, and probes into the law of their change in the characteristic entropy value. A network security event detection algorithm based on active entropy is proposed. The algorithm is explained in detail from the calculation of the entropy of active entropy and the selection strategy of calculation scale. In this paper, the cloud computing environment based on Hadoop is implemented, and according to the characteristics of the environment, a complete detection programming model is designed, which integrates various algorithms with cloud computing, and effectively improves the computing speed. Good experimental results are obtained in detecting network security events with random characteristics. In this paper, cloud detection is systematically applied, and an extensible security event detection system based on cloud platform is designed and developed. The algorithm and system are tested from the point of view of practical application, and good results are obtained.
【学位授予单位】:天津理工大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08
【参考文献】
相关期刊论文 前2条
1 ;国家计算机网络应急技术处理协调中心四川分中心关于四川省一般网络安全事件的通报(2011年第4期)[J];通信与信息技术;2011年06期
2 王红艳;;一种基于Hadoop架构的网络安全事件分析方法[J];信息网络安全;2013年01期
相关博士学位论文 前1条
1 李玉萍;基于先进计算的智能入侵检测系统研究[D];中国地震局地球物理研究所;2012年
本文编号:2209880
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2209880.html
