The Research On Construction Of Enterprise SOC

Posted on:2008-10-28

Degree:Master

Type:Thesis

Country:China

Candidate:X G Zhao

Full Text:PDF

GTID:2178360215982716

Subject:Cryptography

Abstract/Summary:

PDF Full Text Request

In recent years, Security Operation Center (SOC) is one of the most popular direction in information security research area。A SOC is made up of five distinct modules: event generators, event collectors, message database, analysis engines and reaction management software. The main problem encountered when building a SOC is the integration of all these modules, usually built as autonomous parts, while matching availability, integrity and security of data and their transmission channels.The technical kernel of SOC is events relationship analysis modules, its main function is to filtrate,unite and analysis the security reports, then report the result to the manage module to take a reaction .This dissertation discussing several correlation analysis arithmetic, then invent a model of correlation analysis under the SOC structure.My works on the research of SOC are:1. Analysis of SOC theoreticFirst in this dissertation is the discussion of SOC structure, the work model and workflow of SOC. After describing the associate to other systems (NOC etc), we summarized the key technology of SOC, such as load balance,correlation analysis,vulnerability analysis and quick reaction.2. Events relationship analysis of SOCDescribing the concept and structure of events correlation analysis module, then compare the correlation arithmetic base on the knowledge base and the correlation base on no knowledge base. Invent a new SOC events correlation analysis module. After describing the structure of this correlation analysis module, discussing the research direction of SOC.3. Discuss method and steps of building a SOC Considering the experience of my job, Discussing the method and steps of SOC architecture, introduced two SOC projects case by the end of the dissertation.In conclusion, through the analysis about SOC theoretic and the study of correlation analysis, put forward a new events correlation analysis module. Describing real case of building SOC . I hope this dissertation will helpful on the enterprise SOC construction。...

Keywords/Search Tags:

information security, correlation analysis, SOC

PDF Full Text Request

Related items

1	Design And Implementation Of The Security Management System Based On The Linked Data And Semantic Correlation Analysis
2	Research And Realization Of Correlation Analysis Algorithm In The Security Operations Center
3	Detection And Correlation Analysis System For Network Security Event
4	Research And Design Of Network Security Event Correlation Engine
5	Research And Application Of Correlation And Analysis Techniques For Network Security Events
6	Security Event Management System And Achieve
7	Research On The Model For Correlation Analysis And Influence Evaluation Of Network Security Event
8	Design And Implementation Of Network Security Event Correlation Analysis
9	Research On Enhanced Canonical Correlation Analysis With Applications
10	Research And Implementation Of Network Security Monitoring And Analysis System