###
计算机系统应用:2019,28(4):1-8
本文二维码信息
码上扫一扫!
基于Netflow的网络安全大数据可视化分析
(北京工业大学 信息学部, 北京 100124)
Cyber Security Visualization Analysis Based on Netflow
(Faculty of Information Technology, Beijing University of Technology, Beijing 100124, China)
摘要
图/表
参考文献
相似文献
本文已被:浏览 313次   下载 640
投稿时间:2018-10-06    修订日期:2018-10-23
中文摘要: 近年来网络安全日志数据呈现出爆炸式的增长,但现有的可视化技术难以支持高维度、多粒度的Netflow日志实现完善的可视化分析.因此本文提出了一种全新的网络安全可视化框架设计方案,采用三维柱状图展示Netflow日志的流量时序图,以帮助用户快速了解和掌握网络中的异常时刻.引用信息熵算法针对平行坐标轴的维度数据进行处理,便于用户对多维度图形的理解,利用矩阵图、气泡图和流量时序图进行细节分析,最后利用该系统实现了对DDOS攻击和端口扫描攻击的网络异常案例分析.研究证明本系统丰富的可视化图形以及简单易用的协同交互,能较好的支撑网络安全人员从网络整体运行状态分析,到定位异常时刻、监测网络行为细节的全部过程.
Abstract:In recent years, the network security log data shows explosive growth. However, the existing visualization technology is hardly to support the analysis of high dimensional and multi-granularity NetFlow log data. In order to make advantages of the visualization technology, this study proposes a new network security visualization framework to paint the picture, uses the three dimensional histogram which help users to quickly master the abnormal moment of network shown by the Netflow log data, uses information entropy algorithm to process multi-dimensional data, makes use of the matrix chart, bubble diagram, and line chart to synthesize analyzed data in detail. Finally, we carry out an experiment to test the process of DDOS attack, and Port Scanning Attack can be detected easily by proposed system. The study proves that the system which has rich visual graphics and provides simple collaborative interaction can better help network security personnel to analyze the entire network behavior process.
文章编号:     中图分类号:    文献标志码:
基金项目:
引用文本:
王全民,韩晓芳.基于Netflow的网络安全大数据可视化分析.计算机系统应用,2019,28(4):1-8
WANG Quan-Min,HAN Xiao-Fang.Cyber Security Visualization Analysis Based on Netflow.COMPUTER SYSTEMS APPLICATIONS,2019,28(4):1-8

用微信扫一扫

用微信扫一扫