| Nowadays, network security problems increase fast with the rapid spread of computer networks. How to manage network security effectively has becoming more and more important. Network Topology Visualization is an effective method for the management of network security. It can not only show the network connectivity, but also can response network anomalies real-time and accurate. The purpose of this paper is to research a kind of accurate and efficient detection method of network topology based on multi-source logs. The paper also focus on how to display the detected network topology information in a clear and intuitive way.First, this paper show a model of SOC system based on multi-source log and proposed four layers model including collector, pre-processor, analyzer and display device.The main work of each layer will be discussed at same time. Second, we make in-depth study on view of the model of analyzer, display, and storage. We put forward the following opinions:(1)The detection method for network topology based on multi-source log information;(2) The storage method for network topology information based on Elasticsearch;(3) The method to visualize 3D network topology using Web GL technology. Third, a SOC prototype system is designed and implemented in this paper. According to the research contents, the result of the prototype system will be analyzed and verified, and the network topology, network equipment asset information, network equipment alarm message and the processing of network attacks is displayed successfully. Finally, we summarize present work, and discuss some future work. |
PDF Full Text Request