收稿日期: 2015-11-18
修回日期: 2016-01-17
网络出版日期: 2016-03-20
基金资助
本文系国家社会科学基金重大项目"大数据与云环境下国家信息安全管理范式及政策路径研究"(项目编号:13&ZD185)研究成果之一。
Threat Intelligence in the Era of Big Data
Received date: 2015-11-18
Revised date: 2016-01-17
Online published: 2016-03-20
范佳佳 . 论大数据时代的威胁情报[J]. 图书情报工作, 2016 , 60(6) : 15 -20 . DOI: 10.13266/j.issn.0252-3116.2016.06.002
[Purpose/significance] This paper primarily discussesthe information security theory frontier, elucidatesthe threat intelligence and related hot issues, and introduces a new concept toexplore the new field in intelligence research.[Method/process] Through literature research, content analysis, induction and deduction, this paper teases out the main characteristics,basic technologies, practical situations and development trends, significance,and future research directions ofthreat intelligence.[Result/conclusion] This paper concludes that threat intelligence will become a new research hot spot in the intelligence field through analysis. It has features witha wide range of applications, close traceability andusefulness for information security decision. It has a great meaning for national information security management and research on national intelligence elements. The issues of the data jurisdiction and privacy protection, information sharing related with it will become the focuses of future research. It will provide an important reference for intelligence theory research and practical exploration.
Key words: threat intelligence; information security; big data
[1] COVAULT C. Cyber threat challenges intelligence capability[J]. Aviation week & space technology, 1997, 146(6):20-21.
[2] KORZYK A D. Developing intelligence-based threat definitions for global information security management[C]//KHOSROWPOUR M. International conference of the Information-Resources-Management-Association.USA:IDEAGROUP,2003:862-864.
[3] 刘叶婷,唐斯斯.大数据对政府治理的影响及挑战[J].电子政务,2014,138(6):20-29.
[4] NTT. 2014 global threat intelligence report[EB/OL].[2015-10-10]. https://nttgroupsecurity.com.
[5] 爱微帮.[科技评论]从"2015年美国RSA大会"看网络安全技术发展趋势[EB/OL].[2015-10-12]. http://www.aiweibang.com/yuedu/29137570.html.
[6] 中国科技网. 美建网络威胁情报整合中心[EB/OL].[2015-10-12]. http://www.wokeji.com/jbsj/seb/201502/t20150217_973459.shtml.
[7] GARTNER. 中国IT安全硬件、软件和服务2015-2019全景图[EB/OL].[2015-10-12].http://www.idc.com/getdoc.jsp?containerId=CH251005.
[8] 齐鲁晚报. 2015黑帽大会人工智能新突破引全球黑客"关心"[EB/OL].[2015-10-13]. http://news.sina.com.cn/o/2015-06-19/155531970205.shtml?cre=newspagepc&mod=f&loc=8&r=a&rfunc=2.
[9] MILES C, LAKHOTIA A, LEDOUX C, et al. VirusBattle:State-of-the-art malware analysis for better cyber threat intelligence[C]//20147th international symposium on resilient control systems(ISRCS),New York:IEEE,2014:1-6.
[10] CAGLAYAN A, TOOTHAKER M, DRAPEAU D, et al. Behavioral analysis of botnets for threat intelligence[J]. Information systems and e-business management, 2012, 10(4):1-29.
[11] NAZAROV A. Botnets tracking and global threat intelligence-Behavioral approaches to identifying distributed botnets[C]//2012 Third Worldwide Cybersecurity Summit (WCS), New York:IEEE, 2012:1-5.
[12] 欧道兵, 刘永生, 干代武. 应对多种安全威胁情报信息工作的"两个着力点"[J]. 国防, 2013(3):34.
[13] 王卓君. 一种用于情报威胁评估的数据分类算法研究[J]. 情报杂志, 2011, 30(10):156-162.
[14] 董青. 基于威胁情报信息的民航空防安全预警方法研究[D].广汉:中国民用航空飞行学院, 2012.
[15] Gartner. Definition:threat intelligence[EB/OL].[2015-10-08]. https://www.gartner.com/doc/2487216/definition-threat-intelligence.
[16] Cybersecurity ventures. Cybersecurity Market Report Q32015[EB/OL].[2015-10-01]. http://cybersecurityventures.com/cybersecurity-market-report.
[17] 安全牛. 威胁情报不是知识产权[EB/OL].[2015-10-11]. http://www.aqniu.com/neo-points/10726.html.
[18] 网界网. 威胁情报共享:是安全突破,还是昙花一现?[EB/OL].[2015-10-11]. http://netsecurity.51cto.com/art/201506/481453.htm.
/
| 〈 |
|
〉 |
