Traffic Management User And Entity Behavior Audit System Based On Big Data Platform

With the continuous development of cloud computing and big data technology,the volume of data in traffic management industry is increasing,and the degree of data centralization is also increasing.Therefore,abnormal user behavior such as data theft and ultra vires access is not only easy to cause industry sensitive information leakage,but also seriously infringe on citizens' privacy and increasingly threaten network information security.Therefore,it is urgent to strengthen the security audit of users' abnormal behavior in terms of security technology to protect platform business and data security.Traditional security audit technology has the following congenital shortcomings: on the one hand,due to the lack of correlation analysis of audit records of many kinds of objects(such as users,terminals,application systems,databases,etc.),it is difficult to carry out effective audit tracking,and retroactively trace to the actors.On the other hand,the basic use of relational database to store audit data,storage capacity and processing capacity are very limited,unable to deal with a large number of audit logs.Therefore,based on the theory of UEBA(User and Entity Behavior Analytics),this paper builds an early warning platform for abnormal behavior analysis of traffic managed users in large data platform through cloud computing and large data platform,which can prevent sensitive information from leaking and infringing on citizens' privacy.The main contents of this paper include:1)Technical selection of user abnormal behavior analysis system,analysis of the advantages and disadvantages of Hadoop big data platform and ELK technology architecture,select ELK + Hadoop technology architecture as the bottom platform of large data analysis.2)Using machine learning algorithm and UBA/UEBA theory,a traffic management user abnormal behavior analysis and early warning system based on large data platform is constructed.3)Design the architecture of the system and implement the abnormal behavior auditing system based on the big data platform.At present,the user abnormal behavior audit system developed in this paper has been successfully applied in Anhui traffic management industry.Through a variety of algorithm model analysis,dozens of suspects who steal sensitive information from citizens have been screened out,which effectively protects data security.