农业农村部网络安全态势感知监测分析平台设计与实现
收稿日期: 2023-03-21
网络出版日期: 2023-05-16
Design and Implementation of Ministry Agriculture and Rural Affairs Network Security Situation Awareness Monitoring and Analysis Platform
Received date: 2023-03-21
Online published: 2023-05-16
为了做好网络安全防护,消除潜在风险隐患,保障网络基础设施和信息系统安全稳定运行,文章作者探索通过建设农业农村部网络安全态势感知监测分析平台,实现农业农村部网络安全态势感知、流量异常监测、事件安全预警、攻击追踪溯源、全景可视化展示等,有效应对各类网络安全挑战。农业农村部网络安全态势感知监测分析平台依托大数据技术、机器学习算法,进行全局网络安全态势评估、威胁异常排除、攻击事件处置,从而提升网络安全防护能力,实现了安全设备告警、网络及服务器日志、全网关键节点流量数据、管理数据等多源异构网络安全数据标准化;实现了集网络入侵、横向威胁、攻击者追踪溯源、资产威胁和应用安全等为一体的全局网络安全态势感知;实现了网络安全状况、攻击监测处置等全流程安全防御可视化展示;实现了全网络安全防御一体化,有力保障了业务系统的正常运行,有效防范了病毒木马等造成的破坏活动,极大提高了重大网络安全事件的快速发现和应急处置能力,为网络安全防护提供了高效的防护手段。通过农业农村部网络安全态势感知监测分析平台建设,为网络安全数据治理、一体化安全监测防御探索出了一条可复制可推广的有效路径,其建设思路为省级农业农村部门提供了实践参考。
呼亚杰 . 农业农村部网络安全态势感知监测分析平台设计与实现[J]. 农业大数据学报, 2023 , 5(1) : 68 -75 . DOI: 10.19788/j.issn.2096-6369.230115
In order to protect network security, eliminate potential risks, ensure the safe and stable operation of network infrastructure and information systems, this paper aims to build a network security situation awareness monitoring and analysis platform for the Ministry of Agriculture and Rural Affairs, to realize network security situation awareness, traffic anomaly monitoring, incident safety warning, attack tracking, panoramic visual display, effectively responding various network security threats and challenges. The platform relies on big data technology and machine learning algorithms to conduct global network security situation assessment, eliminate threat anomalies, and handle attack events, thereby improving network security protection capabilities, it has achieved standardization of multi-source heterogeneous network security data, network server logs, traffic data of key nodes, management data, implemented global network security situational awareness that integrates network intrusion, horizontal threats, attacker tracing, asset threats, and application security, realized the visualization display of the entire process of security defense, including network security status, attack monitoring and disposal, realized the integration of network security defense, effectively ensuring the normal operation of business systems, effectively preventing destructive activities caused by viruses and Trojans, greatly improving the ability to quickly detect and respond to major network security incidents, and providing efficient protection measures for network security protection. Through the construction of the network security situational awareness monitoring and analysis platform of the Ministry of Agriculture and Rural Affairs, an effective path that can be replicated and promoted for network security data governance and integrated security monitoring and defense has been explored, and its construction ideas provide practical reference for provincial agricultural and rural departments.
| [1] | 龚俭, 臧小东, 苏琪, 等. 网络安全态势感知综述[J]. 软件学报, 2017, 28(4): 1010-1026. |
| [1] | Gong J, Zhang X D, Su Q, et al. Survey of network security situation awareness[J]. Journal of Software, 2017, 28(4): 1010-1026. |
| [2] | Nolan M S. Fundamentals of air traffic control[J]. Delmar Cengage Learning, 1990, 2(2): 859-863. |
| [3] | Bass T. Intrusion detection systems and multisensor data fusion: Creating cyberspace situational awareness[J]. Communications of the ACM, 2000, 43(4): 99-105. |
| [4] | 谷晓鹏. 面向威胁信息的网络安全态势感知研究[J]. 现代计算机, 2022, 28(19): 57-62. |
| [4] | Gu X P. Research on network security situation awareness oriented to threat information[J]. Modern Computer, 2022, 28(19): 57-62. |
| [5] | 李建华. 网络空间威胁情报感知、共享与分析技术综述[J]. 网络与信息安全学报, 2016, 2(2): 16-29. |
| [5] | Li J H. Overview of the technologies of threat intelligence sensing, sharing and analysis in Cyberspace[J]. Chinese Journal of Network and Information Security, 2016, 2(2): 16-29. |
| [6] | 梁栋, 呼亚杰, 唐文凤. 农业农村部政务信息资源共享服务系统设计与实现[J]. 中国农业信息, 2020, 32(4): 50-58. |
| [6] | Liang D, Hu Y J, Tang W F. Design and implementation of government information resources sharing service system of the Ministry of Agriculture and Rural Affairs[J]. China Agricultural Informatics, 2020, 32(4): 50-58. |
| [7] | 张燏. 农业农村部政务服务平台建设探索与实践[J]. 中国农业信息, 2020, 32(2): 76-82. |
| [7] | Zhang Y. Exploration and practice on the construction of government affairs service platform of the Ministry of Agriculture and Rural Affairs[J]. China Agricultural Informatics, 2020, 32(2): 76-82. |
/
| 〈 |
|
〉 |