计算机科学与探索 ›› 2015, Vol. 9 ›› Issue (4): 462-474.DOI: 10.3778/j.issn.1673-9418.1407069

• 网络与信息安全 • 上一篇    下一篇

实时风险评估模型的研究与实现

孙国瑞1,2+,华锦芝3,刘思帆1,2,杨  阳3,钟亦平1,2,张凌毅3   

  1. 1. 复旦大学 计算机科学技术学院,上海 200433
    2. 网络信息安全审计与监控教育部工程研究中心,上海 200433
    3. 中国银联电子支付研究院,上海 201201
  • 出版日期:2015-04-01 发布日期:2015-04-02

Research and Implementation of Real-Time Risk Assessment Schema

SUN Guorui1,2+, HUA Jinzhi3, LIU Sifan1,2, YANG Yang3, ZHONG Yiping1,2, ZHANG Lingyi3   

  1. 1. School of Computer Science, Fudan University, Shanghai 200433, China
    2. Engineering Research Center of Cyber Security Auditing and Monitoring, Ministry of Education, Shanghai 200433, China
    3. Research Institute of Electronic Payment, China UnionPay, Shanghai 201201, China
  • Online:2015-04-01 Published:2015-04-02

摘要: 随着云计算的发展,数据中心的规模和复杂性都上升到一个新的高度。如何对整个信息系统进行全面的监控,或者说如何实时准确地获知当前整个系统的风险状态已经成为很多企业和机构亟需解决的一个热点问题。针对这一问题,通过模拟真实用户的实际需求,结合风险评估的系统理论知识,利用主机日志的分析结果,提出了一种实时风险评估模型(real-time risk assessment schema,RRAS)。在实验环境中对RRAS进行了实现,并完成了3组模拟攻击实验。实验结果表明,该模型可以实时地对整个系统进行风险评估,并且得到的结果具有较高的准确性。

关键词: 风险评估, 基于主机日志, 云数据中心, 风险指数, 实时

Abstract: With the development of cloud computing, the scale and complexity of the data center has risen to a new level. How to monitor the whole information system and get the real-time risk status of the system has become a hot research topic in both academia and industry. For this situation, this paper proposes a real-time risk assessment schema (RRAS) by acquiring real customers’ actual needs, combining risk assessment theory and using the analysis results of host logs. This paper simulates three types of attacks to verify RRAS. The results show that RRAS can assess the risk situation of entire system for real-time with high accuracy.

Key words: risk assessment, host log based, cloud data center, risk index, real-time