基于警报关联的威胁行为检测技术综述

基于警报关联的网络威胁行为检测技术因其与网络上大量部署的安全产品耦合,且能充分挖掘异常事件之间的关联关系以提供场景还原证据,正成为复杂威胁行为检测的研究热点。从威胁行为和网络安全环境的特点出发,引出威胁行为检测的应用需求和分类,介绍基于警报关联的威胁行为检测的基本概念和系统模型;重点论述作为模型核心的警报关联方法,并分类介绍了各类典型算法的基本原理和特点,包括基于因果逻辑的方法、基于场景的方法、基于相似性的方法和基于数据挖掘的方法;并结合实例介绍了威胁行为检测系统的三种典型结构,即集中式结构、层次式结构和分布式结构;基于当前研究现状,提出了对未来研究趋势的一些认识。     

Indications and warning in Belgium: Brussels is not Delphi

The terrorist attacks in France and Belgium of 2015–2016 that occurred while these countries were in a heightened state of alert raise questions about indications and warning methodology as well as effectiveness of the blanket-protection deployment of security services assisted even by the military. Response and perhaps even more anticipation may require strategic rethinking in light of the predatory attacks that target the most vulnerable spots of the public space. This study looks at threat analysis in Belgium as conducted through her intelligence fusion centre Coordination Unit for Threat Analysis (CUTA)?????? since its inception in 2006. With a special focus on what is known, at the time of writing, about the terrorist attacks in Paris and Brussels, this study hopes to put into context how the system (mal)functions and will also consider the preventive measures that respond to the threat, and the international aspects which have implications far beyond Belgian borders. Therefore, a case is made for not just a Belgian homeland security framework, but one that fits into an EU-wide security concept.     

墨家思想对守护网络空间安全和平的启示

墨家思想就是中华传统文化和思想宝库中的重要代表,其倡导的"兼爱""非攻""备御""尚贤"等思想为后世所传承发展并借鉴利用。网络空间国际关系的协调和安全环境的治理,是当前国际上探索和研究的重点,我国应为其贡献中华民族的智慧,墨家思想的精髓可以为我们更好地认识网络空间发展规律、国际关系并维护好网络空间安全和平提供借鉴启示。     

Civilian protection in Africa: How the protection of civilians is being militarized by African policymakers and diplomats

This article explores how the protection of civilians is being militarized by African policymakers and diplomats. I draw on practice approaches to analyze what social groups are doing when they claim to “protect civilians.” I show how innovative protection mechanisms can be seen as a function of officials and diplomats coping with the changing circumstances of increasingly militarized politics in Africa. Specifically, accountability mechanisms for unintended and intended civilian harm by African security operations have originated in connection with this development. I argue that these are results of anchoring practices, which means that everyday informal interactions in one context become linked to another context. I argue that these emerging accountability mechanisms represent a new combination of practices, with the potential of changing the routine activities and mutual learning between policymakers and diplomats.     

New directions for African security

African security, particularly conflict-related political violence, is a key concern in international relations. This forum seeks to advance existing research agendas by addressing four key themes: domestic politics and peacekeeping; security sector reform programs; peace enforcement; and the protection of civilians. Each of the articles in this forum makes a case for analyzing African agency when it comes to African security. As a way of introduction, this short article sets out the main debates and concludes by providing further directions for future research.     

Can security vetting be extended to include the detection of financial misconduct?

An analysis of the security vetting files of 19 employees within a South African national department who had been found guilty of financial misconduct in the last five years uncovered that the existing security vetting processes did not detect the financial misconduct of which these employees have been found guilty. This research sets out to establish whether security vetting can be extended to include the detection of financial misconduct within the department and, if so, how. Moreover, if security vetting can indeed be so extended, can it possibly enhance the management of fraud risk across all South African public sector departments? Qualitative interviews were conducted with 27 employees who are key to fraud risk management and security vetting within the researched department. During the interviews, the following five themes emerged: (1) the reasons why employees commit financial misconduct; (2) why it is not detected by the security vetting process; (3) the potential alignment of the security vetting process to facilitate the detection of financial misconduct; (4) the following through on security vetting findings; and (5) sharing these findings with the internal audit and risk management functions within state departments. These themes were probed and are reported on, establishing firstly that security vetting can indeed be extended to include the detection of financial misconduct within the researched department, and secondly that it can enhance the management of fraud risk across all South African public sector departments, given the specific mandate of the State Security Agency (SSA) and the national security vetting strategy.     

The role and capabilities of major weapon systems transferred between 1950 and 2010: Empirical examinations of an arms transfer data set

Arms transfers provide exporters an avenue to provide security to other states while gaining economic benefits. Arms transfers provide importers an avenue to gain security without having to rely on alliances. Past research uses aggregate measures of the monetary or security value of major weapon system transfers without accounting for strategic differences in possible use in interstate and civil conflict. This article presents a data set on interstate transfers of major weapon systems between 1950 and 2010 building upon Stockholm Peach Research Institute’s Arms Trade Register with several improvements. First, it disaggregates land weapons and air weapons into categories reflecting their strategic capabilities. Second, model level characteristics (e.g. age, speed, and range) are drawn from Jane’s Defence sources. Additionally, the data set covers a larger range of time and states than previous data sets categorizing arms. To demonstrate the usefulness, this article first presents summary statistics of the data set and then replicates an earlier test to show that the effect of human rights and regime types on United States transfers differs across the categories of arms compared to alternative measures of arms transfers.     

基于物联网的战地装备安全监管问题研究

针对战地环境中军事装备的安全监管问题,分析了战地装备安全监管应用系统的整体结构与功能层次,给出了基于RFID射频识别技术、无线传感器等物联网技术的硬件平台设计方案,以及基于数据采集、分析、融合、传输和可视化技术研发监管控制软件的实现方案。该系统部署应用后可实现对装备实时、连续、精确的分级监管,能够确保装备管理的安全和高效,提高部队指挥决策能力。     

美国网络安全战略管理体系分析

文章从美国政府颁布的政策文件、法律法规和各机构部门的职能三个方面,对美国网络安全战略管理体系进行了介绍和分析。     

沿海船舶边防治安管理立法问题研究

沿海船舶边防治安管理是维护海上治安秩序稳定的重要手段。为加强海上治安管理,需要通过立法活动赋予公安边防机关特殊的执法权,并以此规范公安边防行政执法活动。分析沿海船舶边防治安管理立法概况及其存在的问题,提出完善沿海船舶边防治安管理立法的建议。