• 查询稿件
  • 获取最新论文
  • 知晓行业信息

铁路网络安全应急预案数字化平台研究

Digital platform for railway network security emergency plan

  • 摘要: 针对传统网络安全应急预案无法实现计算机辅助决策和自动执行的问题,基于模块化设计、机器学习技术,研究铁路业务环境的网络安全应急预案数字化平台,实现应急预案数据采集处理、应急预案生成和应急预案执行3个功能,并针对数据采集处理中的初始日志数据,基于机器学习和关联分析技术,从日志组和日志序列两个维度设计了日志异常检测方法。铁路网络安全应急预案数字化平台涵盖了从初始数据检测到发现异常、评估风险、生成预案、执行预案和生成问题报告等一系列安全处置流程,为铁路网络环境安全应急预案数字化平台建设提供了一种新的思路。

     

    Abstract: In response to the problem of traditional network security emergency plans not being able to achieve computer-aided decision-making and automatic execution, based on modular design and machine learning technology, this paper studied a digital platform for network security emergency plans in railway business environments, implemented three functions: emergency plan data collection and processing, emergency plan generation, and emergency plan execution. The paper focused on the initial log data in data collection and processing, and designed a log anomaly detection method based on machine learning and association analysis techniques from two dimensions: log group and log sequence. The digital platform for railway network security emergency plans covered a series of security disposal processes from initial data detection to discovering anomalies, risk assessment, generation of plans, execution of plans, and generation of problem reports, which provided a new approach for the construction of a digital platform for railway network environment security emergency plans.

     

/

返回文章
返回