KEYWORDS: Computer security, Network security, Information security, Databases, Logic, Data processing, System on a chip, Document management, Security technologies, Data acquisition
File transmission is a key concern of Intranet Security Monitoring. Compared with explicit file transmission within a single system, the implicit transmission of files across various business systems is a difficult problem in current Intranet Security Monitoring. In order to shield the differences of file operations in various business systems, explore the clues of implicit file transmission across different business systems, and realize the retrospective security analysis of complex scenarios related to file transmission, this paper proposes an effective technical framework. Firstly, it takes network flow as the main data source, aiming at different business applications and focusing on files, and extracts valuable business information from flow data. Secondly, it reorganizes key elements such as files, users, and terminals in business information, and uses the file transmission process as a link to form unified high-value clue data. Thirdly, it integrates multiple clues, designs and builds a unified file transmission graph data based on an open-source graph database. Finally, an example of security analysis on the implicit transmission of suspicious files based on the above is given, the results show that the organized file element graph data proposed in this paper can effectively describe the transmission of the same files across different business systems.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.