PDF(405 KB)
PDF(405 KB)
PDF(405 KB)
网络空间战略预警体系的建设思考
Construction of Strategic Early-Warning System in Cyberspace
网络空间战略预警体系指为早期发现、跟踪、识别、报知来袭的重大战略攻击或烈性病毒传播破坏而建立的警告体系,是国家安全防御体系的重要组成部分;实施网络强国战略需要高度重视网络空间战略预警体系建设。本文分析了网络空间战略预警的主要特点和基本要求,研究了安全漏洞预警、安全威胁预警、入侵攻击预警、异常行为预警等主要预警样式,梳理了国内外网络空间战略预警监测体系的建设情况。研究认为,应重点抓好网络空间测绘系统、漏洞收集预警平台、威胁情报感知推送系统、安全监控综合预警系统等方面的建设工程。研究建议,强化高层统筹协调,注重多源数据融合,设立专业预警机构,开展经常性安全评估, 实行威胁预警分级机制,以此精准保障网络空间战略预警体系建设。
Cyberspace strategic early-warning is a monitoring and warning system that is established by a country or group for early detection, tracking, identification, and notification of incoming major cyber attacks or the spreading destruction of powerful viruses. It’s an important component of a national security defense system. The implementation of the national cyber development strategy in China requires high attentions to the construction of a cyberspace strategic early-warning system. This study analyzes the major characteristics and basic requirements of strategic early-warning in cyberspace, and studies four major warning styles: security vulnerabilities, security threats, intrusion attacks, and abnormal behaviors warning. It also emphasizes four key projects, namely cyberspace surveying and mapping system, vulnerability collection and early-warning platform, threat intelligence perception and push system, as well as security monitoring and comprehensive early-warning system, after summarizing the construction of strategic early-warning and monitoring systems in cyberspace in China and abroad. Furthermore, we propose several countermeasures and suggestions, including strengthening high-level coordination, focusing on multi-source data integration, establishing professional earlywarning agencies, conducting regular security assessments, and implementing threat and early-warning grading mechanisms.
cyberspace security / strategic early warning / situation awareness / system construction
| [1] |
张峰, 秦志光, 刘锦德. 基于入侵事件预测的网络安全预警方法 [J]. 计算机科学, 2004, 31(11): 77–79, 129. Zhang F, Qin Z G, Liu J D. Intrusion event based early warning method for network security [J]. Computer Science, 2004, 31(11): 77–79, 129.
|
| [2] |
陈明, 王乔保, 汤文峤. 网络空间安全战略情报保障能力研究 [J]. 情报杂志, 2020, 39(4): 127–131. Chen M, Wang Q B, Tang W Q. The capability of strategic intelligence supporting for cyberspace security [J]. Journal of Intelligence, 2020, 39(4): 127–131.
|
| [3] |
龚俭, 臧小东, 苏琪, 等. 网络安全态势感知综述 [J]. 软件学报, 2017, 28(4): 1010–1026. Gong J, Zang X D, Su Q, et al. Survey of network security situation awareness [J]. Journal of Software, 2017, 28(4): 1010– 1026.
|
| [4] |
吴彤. 境外信息网络监控形势与挑战 [J]. 国防科技, 2016, 37(3): 40–43. Wu T. Situation and challenges of overseas information network monitoring [J]. National Defense Technology, 2016, 37(3): 40–43.
|
| [5] |
李鸿飞, 田康生, 金宏斌. 浅析战略预警空天目标与识别 [J]. 飞 航导弹, 2015 (6): 30–33. Li H F, Tian K S, Jin H B. Analysis on strategic early warning aerospace target and identification [J]. Aerodynamic Missile Journal, 2015 (6): 30–33.
|
| [6] |
宣蕾, 苏金树, 苗青, 等. 网络安全战略预警系统研究 [J]. 通信 技术, 2001 (7): 90–92. Xuan L, Su J S, Miao Q, et al. Study on network security strategic indication/warning system [J]. Communications Technology, 2001 (7): 90–92.
|
| [7] |
刘凤增, 肖兵, 刘捷, 等. 美国战略预警体系发展探析 [J]. 飞航 导弹, 2019 (3): 65–69. Liu F Z, Xiao B, Liu J, et al. Analysis on the development of American strategic early warning system [J]. Aerodynamic Missile Journal, 2019 (3): 65–69.
|
| [8] |
冯伟, 梅越. 大数据时代, 数据主权主沉浮 [J]. 信息安全与通信 保密, 2015 (6): 49–51. Feng W, Mei Y. In the era of big data, data sovereignty rises and falls [J]. Information Security and Communications Privacy, 2015 (6): 49–51.
|
| [9] |
俞飞. “爱因斯坦计划”升级美国网络安全 [J]. 保密工作, 2013 (8): 54–55. Yu F. “Einstein plan” upgrades American cyber security [J]. Confidential Work, 2013 (8): 54–55.
|
| [10] |
赵阳光, 黄海波. 美国“爱因斯坦计划”研究 [J]. 信息安全研究, 2020, 6(11): 1013–1016. Zhao Y G, Huang H B. American “Einstein plan” research [J]. Journal of Information Security Research, 2020, 6(11): 1013– 1016.
|
| [11] |
Common Vulnerabilities & Exposures Numbering Authorities. Common vulnerabilities and exposures [EB/OL]. (2021-03-05) [2021-03-06]. http://cve.mitre.org/cve/.
|
| [12] |
国家信息安全漏洞库. 漏洞信息 [EB/OL]. (2021-03-05) [2021- 03-06]. http://www.cnnvd.org.cn/web/vulnerability/querylist.tag. China National Vulnerability Database of Information Security. Vulnerability information [EB/OL]. (2021-03-05) [2021-03-06]. http://www.cnnvd.org.cn/web/vulnerability/querylist.tag.
|
| [13] |
周勇林. 计算机应急响应与我国互联网应急处理体系 [J]. 世界 电信, 2004 (3): 33–38. Zhou Y L. Computer network emergency response and internet emergency coordination system in China [J]. World Telecommunications, 2004 (3): 33–38.
|
| [14] |
戴艳梅. 俄罗斯反恐机制研究 [J]. 俄罗斯东欧中亚研究, 2012 (5): 31–38, 95–96. Dai Y M. Research on Russian anti-terrorism mechanism [J]. Russian, Central Asian & East European Studies, 2012 (5): 31–38, 95–96.
|
/
| 〈 |
|
〉 |
