摘要：随着安全数据的大数据化，传统安全分析面临诸多挑战。伴随正在兴起的智能安全与情境感知理念，大数据分析就是安全领域得解决方法。 系统集成先进的流计算，交互式和批量计算技术以及采用云计算和分布式文件系统及索引技术，包括日志，网络流，数据包和威胁智能，安全信息收集的结构化和半结构化元素， 存储，分析和显示，智能连接，用户的行为分析以及场景分析和机器学习等数据挖掘分析技术，去创造新一代的安全分析平台，为客户提供各种安全的数据分析场景，满足客户的安全需求 数字时代安全管理分析与管理。 随着人类社会信息技术的不断深入，信息系统产生的数据呈指数增长。对这些数据的深入分析可以得到很多有价值的信息。由于数据量太大以及数据属性的多样性，导致经典的统计分析方法已经无法适用，必须采用以机器学习理论为基础的大数据分析方法。目前，大数据分析的方法已经被广泛用于商业智能领域，并取得了令人非常满意的效果。这种方法同样可以应用在信息安全领域，用于发现信息系统的异常情况。利用大数据分析的方法发现异常事件，需要满足几个条件：1）行为日志在内容必须足够详细，可以从日志内容上区分正常行为和异常行为。也就是假定异常行为无论在表面上看多么正常，总是在细节上与正常行为有差异。2）针对不同的分析目标，选用恰当的分析算法。3）对行为描述进行合理的建模。71068

毕业论文关键词：大数据化；异常事件；多样性；异常行为；建模

The construction of analysis model of bank customer abnormal behavior based on big data

Abstract: With the large data of security data, traditional security analysis faces many challenges. With the emerging concept of intelligent security and situational awareness, large data analysis is the security field solution. System integration Advanced streaming computing, interactive and batch computing technologies and the use of cloud computing and distributed file systems and indexing technologies, including log, network flow, packet and threat intelligence, security information collection of structured and semi-structured elements, Storage, analysis and display, intelligent connection, user behavior analysis and scene analysis and machine learning and other data mining analysis technology, to create a new generation of security analysis platform for customers to provide a variety of safe data analysis scenarios to meet customer security needs Analysis and Management of Security Management in Digital Age. With the deepening of human social information technology, information systems generated data exponential growth. In-depth analysis of these data can be a lot of valuable information. Due to the large amount of data and the persity of data attributes, the classical statistical analysis method can not be applied. It is necessary to adopt large data analysis method based on machine learning theory. At present, large data analysis methods have been widely used in the field of business intelligence, and achieved very satisfactory results. This method can also be applied in the field of information security, for the discovery of information system anomalies. Using large data analysis method to find abnormal events, need to meet a few conditions: 1) behavior log in the content must be sufficient detail, you can distinguish from the log content of normal behavior and abnormal behavior. It is assumed that abnormal behavior, regardless of how normal the surface, always in the details of the difference with the normal behavior. 2) for different analysis objectives, the choice of appropriate analysis algorithm. 3) Reasonable modeling of behavior description.

Keywords: Large data; abnormal events; persity; abnormal behavior; modeling

目录