KEYWORDS: Information security, Artificial intelligence, Analytical research, Visualization, Visual analytics, Network security, Evolutionary algorithms, Telecommunications, Internet of things, Algorithm development
With the advent of the information age, people are paying more and more attention to the security of information, and information security is already a more mature field. The advancement of artificial intelligence technology in recent years has brought about a considerable breakthrough in this field. At present, the research papers on AI in the field of information security are relatively scattered, and there are few papers analysing the hot spots and trends in this field. In this paper, we use Biblimetric, Citespace and VOSviewer to analyse 933 papers downloaded from WOS (Web of Science), summarise them and generate a visual knowledge graph to visualise and analyse the application of AI in the field of information security, through literature volume analysis, co-citation analysis and keyword co-occurrence visualisation, the current research hotspots and possible future development trends are further analysed.
KEYWORDS: Systems modeling, Operating systems, Data modeling, Design and modelling, Databases, Windows, Elasticity, Performance modeling, Data storage, Telecommunications
With the rapid development of science and technology, the world has accelerated into the network information era, and the high sustained and high intensity attack and defense confrontation in cyberspace has become the new normal of the game between countries, the organization of attackers, the standardization of attack equipment, and the automation of attack methods have evolved. The research on APT attack detection has become a hot and difficult issue for academia and industry. To address these challenges, this paper proposes a system-level origin graph model for APT attack detection, analyzes and discusses the advantages and disadvantages of different granularity of origin graphs, selects a reasonable granularity of origin graph models, and focuses on multi-operating system origin graph models to determine different origin graph models for the respective characteristics of different operating system platforms, specifically, to build different entity objects, and elaborates on the technical details. The technical details are elaborated. Finally, the validity and feasibility of the system-level origin graph model are clarified to provide model support for the subsequent research on effective APT attack detection.
With the rapid development of virtualization, cloud computing and other technologies, and their gradual application in various industries, how to use the cloud computing infrastructure well and make the cloud computing play the maximum capacity is an important issue in cloud computing technology. In this context, the concept of "cloud-native" was born. With the development of cloud-native technology, its related research has gradually become a field of concern and research for scholars, but there is still a lack of research on the development trend of cloud-native technology. Therefore, in this paper, 904 high-quality papers were downloaded from web of science and correlation analysis was conducted by Citespace and VOSviewer with the help of bibliometric research methods, including literature quantity analysis, co-citation analysis, keyword co-occurrence analysis and research hotspot analysis.
In the network security test environment, due to the destructive nature of network adversarial behavior and uncontrollable boundaries and other characteristics, it is easy to lead to security risks in the event capture process. A real-time and secure event capture method for network security tests is an effective guarantee of the authority of the exercise results, and is also a pressing challenge for the key applications of network security tests. To this end, the article investigates the event capture technology for network security tests in a trusted execution environment, and designs a secure and efficient event capture method based on SGX technology, Elastic Stack technology stack and virtualization technology tools to ensure the authenticity and confidentiality of the original data in the network security test environment, which can realize the secure and The method enables secure and efficient capture of virtual host behavior logs in the test environment.
As an important platform to support cyberspace security technology verification, cyberspace attack and defense equipment performance testing, and cyberspace attack and defense rehearsal confrontation; the network security test platform plays an increasingly important role in the field of network security research. With the rapid development of cloud computing and big data, the network security test cloud platform shows the characteristics of explosive growth of data volume, among which the value of massive log data is particularly important. Through log analysis, abnormal events and behaviors can be found in a timely manner, but the traditional log detection technology appears to be incompetent for the analysis of massive log data, and the log detection and analysis technology based on Elastic Stack can realize real-time collection and retrieval of massive log data, and then realize effective detection and analysis of abnormal events in the network security test cloud platform.
The cybersecurity testbed is of great importance to cybersecurity practitioners and is a necessary platform for conducting cybersecurity. To better demonstrate the offensive and defensive postures in network security tests, all data in the tests must be quickly collected, standardized, securely stored, and allowed to be quickly retrieved. Based on Elastic Stack products, virtualization technology tools, and commercial link collection systems, this paper designs an efficient data collection method based on the network security test cloud platform to provide data support for real-time situational monitoring by the guide in the test. After testing and verification, the method can achieve efficient collection of host behavior logs, virtual network data, and real network link data within the network security test cloud platform.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.