基于用户实体行为分析与人工智能的数据安全审计管理系统研究
Design of data audit and security management system based on UEBA and AI
薛亮 1汪含笑 2胡晓波 3韩海庭4
作者信息
- 1. 中国移动通信集团江苏有限公司,南京 210029
- 2. 中国信息通信研究院安全研究所,北京 100191
- 3. 公安部第一研究所,北京 100010
- 4. 浙江海洋大学海天智能物联网实验室,舟山 316000
- 折叠
摘要
基于用户实体行为分析数据安全审计管理系统,为应对企业内外部数据安全威胁提供了新的解决方案.通过对用户、设备和应用的行为进行持续监控,建立动态基线,并实时分析异常行为,有效识别潜在威胁.提出了包含实体、行为、基线和算法为核心4要素,以及数据采集、行为分析和处置响应为3步骤的框架系统,展示了如何将人工智能增强的用户实体行为分析构建智能化的数据安全审计体系,以增强数据保护能力和合规性.
Abstract
A data auditing and security management system based on user and entity behavior analysis offers an innovative solution to address internal and external data security threats in enterprises.By continuously monitoring the behaviors of users,devices,and applications,the system establishes dynamic baselines and performs real-time anomaly detection to identify potential threats effectively.This paper proposes a framework centered on four key elements—entities,behaviors,baselines,and algorithms—along with a three-step process comprising data collection,behavior analysis,as well as response and handling.It demonstrates how artificial intelligence-enhanced user and entity behavior analysis(UEBA)can be used to construct an intelligent data security auditing system,strengthening data protection capabilities and ensuring compliance.
关键词
用户实体行为分析/人工智能/数据安全/数据审计Key words
UEBA/artificial intelligence/data security/data audit引用本文复制引用
出版年
2024
国家科技期刊平台
NSTL
万方数据