Information network security posture sensing early-warning method based on big data

Abstract

The invention belongs to the field of data collection and analysis excavation, and especially relates to an information network security posture sensing early-warning method based on big data. The early-warning method comprises a data collecting module and a data analysis module; the data collecting module collects logo, network information flow and IDS data, and sends the logo, network information flow and IDS data to the data analysis module; the data analysis module can perform early-warning analysis on the logo, network information flow and IDS data. The information network security posture sensing early-warning method can uniformly collect and store data, uniformly analyze the network running posture, and greatly promotes the intelligent network operation and maintenance construction;the early-warning method can analyze suspicious acts by combining with log data, network information flow and IDS data, and realizes the advanced warning and analysis. The information network security posture sensing early-warning method can timely find out and exactly determine safety hidden troubles in the network device and the terminal device, and position and improve the weak link of the information network safety.

Description

technical field [0001] The invention belongs to the field of data collection, analysis and mining, and in particular relates to a big data-based information network security situation awareness and early warning method. Background technique [0002] With the continuous expansion of the scale of the information network and the increasing number of terminals, the security risks faced by the power information network are increasing. At the same time, as the business forms of the power information network become more and more abundant, the closedness and operation mechanism of the network itself are also affected. The security challenges it faces tend to be diverse and complex. As an important part of information network operation situation awareness, logs have not yet achieved unified collection and storage, and logs are an important part of information security. [0003] Considering the large-scale complexity of the power information network and the increasingly high requirem...

AI Technical Summary

Problems solved by technology

[0003] Considering the large-scale complexity of the power information network and the increasingly high requirements for the overall security of the network, the network operation security management of the traditional information network also relies on the network operation and maintenance personnel to manage and report the fault after it is found, which consumes the workload of personnel The reliability of risk early warning is low, and it is highly dependent on experience. Traditional security solutions cannot complete the task of ensuring network security. Therefore, it is urgent to propose a method that can combine log data to analyze suspicious behaviors and realize early warning analysis. Information Network Security Situational Awareness Early Warning Method

Images