Cloud servers provide cloud users with storage service and allow cloud users to access their files anytime. To guarantee security of the stored files, auditors need to periodically verify data block correctness. In the existing integrity verification schemes, there are few protocols to support the users' identity anonymity and the data block dynamic operation simultaneously. In this paper, we present an efficient and anonymous identity-based integrity auditing protocol, which supports data dynamic operation and can be extended to support batch auditing in the multifile or multiuser setting. Our scheme not only resists forgery, replace, and replay attacks but also maintains users' anonymity, which is not discussed in other related techniques. The computation efficiency of auditor is improved a lot. Comparing with Zhang's efficient identity-based public auditing scheme, our scheme is more suitable for actual application scenario with large-scale storage system.
In the context of the era of big data, how to quickly and accurately detect attack events from massive amounts of heterogeneous data and form effective response on time has become the main challenge facing network security today. This paper systematically summarizes the attack behavior with both attack technology mechanisms and characteristics of the attack target, thereby constructing a scalable attack behavior model. Based on the attack behavior model, a data fusion framework of the multi-source heterogeneous network security situation is constructed. The framework normalizes multi-source heterogeneous security data into threat events with an attack pattern as the core and determine the attack state by the causal chain. Finally, the feasibility and effectiveness of the framework are verified by analyzing data in real business scenarios. This framework abstracts the multi-source heterogeneous data into an analyzable attack event, which greatly reduces the amount of data to be analyzed and improves the credibility of the network security situation data, realizing the identification of attack behaviors in the big data environment.
Abstract. In view of the increasingly prominent problem of network space security, the management and analysis of network security log is a very important defense means in the security field. Aiming at the practical problems of network security log management analysis system, with the log management and analysis system as the main object of the research, combined with the problems of log system and the current research status of log analysis algorithm, this paper designs the management and analysis system of network security log based on ELK, used to manage and analyze large amounts of logs. The results show that the proposed method enhances the system's functions of crawling and analyzing, especially the log retrieval ability, and combines with the large data storage technology, improving the performance of the whole system.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.