计算机科学与探索
計算機科學與探索
계산궤과학여탐색
JOURNAL OF FRONTIERS OF COMPUTER SCIENCE & TECHNOLOGY
2014年
7期
848-857
,共10页
赵颖%樊晓平%周芳芳%黄伟%汤梦姣
趙穎%樊曉平%週芳芳%黃偉%湯夢姣
조영%번효평%주방방%황위%탕몽교
信息可视化%可视分析%网络安全%数据融合%堆叠流图%雷达图
信息可視化%可視分析%網絡安全%數據融閤%堆疊流圖%雷達圖
신식가시화%가시분석%망락안전%수거융합%퇴첩류도%뢰체도
information visualization%visual analytics%network security%data fusion%stacked stream graph%radial graph
网络安全可视化是近年来网络安全研究的热点,它通过提供有效的信息可视化工具,提升网络安全分析师在解决网络安全问题过程中的感知和认知能力,从而发现模式、识别异常和掌握趋势。为了应对大规模、多数据源的网络安全协同可视分析需求,研究了基于统一格式的事件元组和统计元组的数据融合模型,并提出了擅长事件关联分析的雷达图和擅长统计时序对比分析的对比堆叠流图的设计方法。最后使用该原型系统对2013国际可视分析挑战赛(visual analytics science and technology challenge,VAST Challenge)中网络安全数据可视分析竞赛提供的数据集进行了分析,通过实验和讨论验证了该网络安全数据协同可视分析方法的有效性。
網絡安全可視化是近年來網絡安全研究的熱點,它通過提供有效的信息可視化工具,提升網絡安全分析師在解決網絡安全問題過程中的感知和認知能力,從而髮現模式、識彆異常和掌握趨勢。為瞭應對大規模、多數據源的網絡安全協同可視分析需求,研究瞭基于統一格式的事件元組和統計元組的數據融閤模型,併提齣瞭擅長事件關聯分析的雷達圖和擅長統計時序對比分析的對比堆疊流圖的設計方法。最後使用該原型繫統對2013國際可視分析挑戰賽(visual analytics science and technology challenge,VAST Challenge)中網絡安全數據可視分析競賽提供的數據集進行瞭分析,通過實驗和討論驗證瞭該網絡安全數據協同可視分析方法的有效性。
망락안전가시화시근년래망락안전연구적열점,타통과제공유효적신식가시화공구,제승망락안전분석사재해결망락안전문제과정중적감지화인지능력,종이발현모식、식별이상화장악추세。위료응대대규모、다수거원적망락안전협동가시분석수구,연구료기우통일격식적사건원조화통계원조적수거융합모형,병제출료천장사건관련분석적뢰체도화천장통계시서대비분석적대비퇴첩류도적설계방법。최후사용해원형계통대2013국제가시분석도전새(visual analytics science and technology challenge,VAST Challenge)중망락안전수거가시분석경새제공적수거집진행료분석,통과실험화토론험증료해망락안전수거협동가시분석방법적유효성。
Network security visualization is a growing community of network security research in recent years. It provides the human security analysts with better tools to discover patterns, detect anomalies, identify correlations of security events with higher efficiency. To meet the demand of cooperative visual analytics on large-scale network and multi-source data, this paper develops a data fusion model based on the even tuple and statistics tuple within uni-form data formats, raises a design strategy including the radial graph that is good at parsing events correlations and comparative stacked stream that is good at comparing statistics time series, explores the automated deployment method based on network logic topology and edge bundling method in radial graph. Finally by utilizing the pro-posed prototype system to analyze network security datasets in VAST Challenge 2013 and conducting some experi-ments and discussions, the effectiveness of tools is verified and substantiated.
