信息安全研究 ›› 2019, Vol. 5 ›› Issue (7): 599-607.

• 保密技术专题 • 上一篇    下一篇

大数据在信息安全领域的应用分析

吕彬,张悦,齐标,石志鑫   

  1. 中国科学院信息工程研究所第四研究室
  • 收稿日期:2019-07-08 出版日期:2019-07-15 发布日期:2019-07-08
  • 通讯作者: 吕彬
  • 作者简介:吕彬,1979年生,博士,高级工程师,主要研究领域为大数据安全分析技术、网络与系统安全技术、信息保密技术。 lvbin@iie.ac.cn 张悦,1994年生,硕士,主要研究领域为大数据、数据分析。 zhangyue1994@iie.ac.cn 齐标,1987年生,博士,主要研究领域为大数据、信息安全 qibiao@iie.ac.cn 石志鑫,1986年生,博士,高级工程师,主要研究领域为特定应用场景大数据挖掘分析、智能信息处理威胁检测。 shizhixin@iie.ac.cn

Application Analysis of Big Data in Information Security

  • Received:2019-07-08 Online:2019-07-15 Published:2019-07-08

摘要: 人类社会飞速发展,互联通信技术不断改良和升级,信息交互越来越频繁,信息积累与日俱增,大数据时代也随之到来.如今大数据这个概念被广泛应用于社会的各个方面,如民生医疗、航空航海、环境保护、法律治安等,大数据并非空中楼阁虚无缥缈,而是真实存在的时代需求.大数据通常被认为起源于谷歌的“三驾马车”(GFS,MapReduce和BigTable),发展至今已经10余年,而且不断更新变化.大数据技术可以大致概括为4部分内容:数据传输、数据处理、数据存储和数据查询,每部分内容包括不同的组件去实现各自的功能,代表性的有:在数据传输方面的Kafka,Message Queue;在数据处理方面的MapReduce,Spark等等.这些组件共同协作完成全面复杂的大数据分析,一起形成了大数据的Hadoop生态系统.对于信息和网络安全而言,大数据同样发挥着举足轻重的作用,如大数据隐私、舆情监测、高级持续威胁(APT)检测等.通过对网络流量监测分析、日志分析和电磁频谱数据分析的大数据平台建设的案例分析,更切实地体会到大数据对信息安全领域的重要性.

关键词: 大数据, 信息安全, 数据挖掘, 网络流量分析, 日志分析, 电磁数据分析

Abstract: With the rapid development of human society, Interconnection communication technology becomes more and more improved and advanced, information exchanges becomes more frequent, information accumulation increases day by day, and the era of Big Data is coming. Nowadays, the concept of big data is widely used in various aspects of society, such as peoples livelihood, medical care, aviation and navigation, environmental protection, law and order, etc. Big data is not a castle in the air, but the real needs of the age. Big Data is generally thought to have originated from Googles “troika”(GFS, MapReduce, and BigTable), which has been in development for more than a decade, and changes continuously. Big Data can be roughly summarized into four parts: transmission of data, processing of data, storage of data, and query of data, each part includes different components to achieve their respective functions, typically Kafka, Message Queue in transmission of data, MapReduce, Spark, etc. in processing of data. These components together realize comprehensive and complex data analysis and constitutes the Hadoop ecosystem of Big Data. For information and network security, Big Data also plays an important role, such as big data privacy, public opinion monitoring, advanced persistent threat (APT) detection, etc. We are more aware of the importance of big data in the field of information security, through the case study of construction of Big Data platform for network traffic monitoring analysis, log analysis and electromagnetic data analysis.

Key words: big data, information security, data mining, network traffic analysis, log analysis, electromagnetic data analysis