Abstract
In order to effectively deal with the APT and 0 day attacks, a new classified protection model of information system is proposed by combining the big data analysis and the threat intelligence technologies. And immune factors network algorithm is proposed based on the classified model. So that the useful information can be actively accessed and extracted from a large number of security information. The consequences of the threat information and the effective measures can be timely analysis, and the threat intelligence of classified protection can be timely shared. So the emergency response, bulletins and early warning can be timely done.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Lenders, V., Tanner, A., Blarer, A.: Gaining an edge in cyberspace with advanced situational awareness. IEEE Secur. Priv. 13(2), 65–74 (2015)
Erbacher, R., Frincke, D., Wong, P., Moody, S.: etl: cognitive task analysis of network analysts and managers for network situational awareness. Proc. SPIE Int. Soc. Opt. Eng. 7530(1), 423–426 (2010)
Aleroud, A., Karabatis, G., Sharma, P., He, P.: Context and semantics for detection of cyber attacks. Int. J. Inf. Comput. Secur. 6(1), 63–92 (2014)
ISO 7498-2:1989, Information processing system—Open Systems Interconnection—Basic Reference Model - Part2: Security architecture (1989)
Bass, T.: Intrusion detection system and multi-sensor data fusion. Commun. ACM 43(4), 99–105 (2000)
ISO/IEC 21827:2008, Information technology—Security techniques—Systems Security Engineering—Capability Maturity Model (2008)
Information Assurance Technical Framework (IATF), V3.1, NSA (2003)
GB/T 22239-2008 Baseline for classified protection of information system (2008)
GB/T 22240-2008 Information security technology—Classification guide for classified protection of information system (2008)
GB/T 25058-2010 Implementation guide for classified protection of information system (2010)
GB/T 28448-2012 Testing and evaluation requirement for classified protection of information system (2012)
GB/T 28449-2012 Testing and evaluation process guide for classified protection of information system security (2012)
Tao, Y., Liu, Z., Zhang, Z., et al.: Research on network attack situation niching model based on FNN theory. Chin. High Technol. Lett. 20(6), 680–684 (2010)
Ibrahim Salim, M., Abdul Razak, T.: A study on IDS for preventing denial of service attack using outliers techniques. 2016 IEEE International Conference on Engineering and Technology. IEEE Conference Publication, pp. 768–775 (2016)
Boldyreva, A., Lychev, R.: Provable security of (S0-BGP) and other path vector protocols: model, analysis, and extensions. In: Proceedings of the 19th ACM Conference on Computer and Communications Security, Sheraton Raleigh Hotel. Raleigh, USA, pp. 541–552 (2012)
Zhang, P., Zhu, X., Shi, Y., et al.: Robust ensemble learning for mining noisy data streams. Decision Support Syst. 50(2), 469–479 (2011)
Zhang, Z.H., Qian, S.Q.: Artificial immune system in dynamic environments solving time-varying non-linear constrained multi-objective problems. Soft Comput. 15(7), 1333–1349 (2011)
Zhu, Bin, Ghorbani, A.A.: Alert correlation for extracting attack strategies. Int. J. Netw. Secur. 32(3), 244–258 (2006)
Yanga, S.J., Stotzb, A., Holsoppleb, J., Suditc, M., Kuhld, M.: High level information fusion for tracking and projection of multistage cyber attacks. Inf. Fusion 10(1), 107–121 (2009)
Hariri, S., Qu, G.Z., Dharmagadda, T., et al.: Impact analysis of faults and attacks in large-scale networks. IEEE Secur. Privacy 1(5), 49–54 (2003)
Edge, K.S., Lamont, G.B., Raines, R.A.: A retrovirus inspired algorithm for virus detection & optimization. In: Proceedings of the 8th Annual Genetic and Evolutionary Computation Conference. Seattle WA, pp. 103–110 (2006)
Dipankar, D., Fabio, G.: An immunity-based technique to characterize intrusions in computer networks. IEEE Trans. Evol. Comput. 6(3), 1081–1088 (2002)
Allwinkle, S., Cruickshank, P.: Creating smarter cities: an overview. J. Urban Technol. 18(2), 1–16 (2011)
Yovanof, G.S., Hazapis, G.N.: An architectural framework and enabling wireless technologies for digital cities & intelligent urban environments. Wirel. Pers. Commun. 49(3), 445–463 (2009)
Wang, Y.Z., Jin, X.L., Cheng, X.Q.: Network big data: present and future. Chin. J. Comput. 36(6), 1125–1138 (2013)
Deakin, M., Al Waer, H.: From intelligent to smart cities. Intell. Build. Int. 3(3), 140–152 (2011)
Hu, C., Bai, X., Qi, L., Chen, P., Xue, G., Mei, L.: Vehicle color recognition with spatial pyramid deep learning. IEEE Trans. Intell. Transp. Syst. 16(5), 2925–2934 (2015)
Mackey, L., Talwalkar, A., Jordan, M.I.: Divide-and-conquer matrix factorization. In: Proceeding of the 25th Annual Conference on Neural Information Processing Systems(NIPS), pp. 1134–1142. Granada, Spain (2011)
Li, G.J., Cheng, X.Q.: Research status and scientific thinking of big data. Bull. Chin. Acad. Sci. 27(6), 647–657 (2012)
Akhilesh, B., Sudha, R.: IAIS: A methodology to enable interagency information sharing in e-Government. J. Database Manag. 14(4), 59–80 (2003)
Hu, C., Bai, X., Qi, L., Wang, X., Xue, G., Mei, L.: Learning discriminative pattern for real-time car brand recognition. EEE Trans. Intell. Transp. Syst. 16(6), 3170–3181 (2015)
Acknowledgements
This research was financially supported by the National Development and Reform Commission Information security special item “national engineering laboratory for key technology of classified information security protection”.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Tao, Y., Zhang, Yx., Ma, Sy. et al. Combining the big data analysis and the threat intelligence technologies for the classified protection model. Cluster Comput 20, 1035–1046 (2017). https://doi.org/10.1007/s10586-017-0813-8
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-017-0813-8