Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A Network Threat Intelligence Sharing Model

An intelligence and network technology, applied in the field of cyber threat intelligence sharing model, can solve problems such as low sharing efficiency, low intelligence sharing efficiency, lack of unified norms, etc. effect of ability

Active Publication Date: 2019-11-15
CHINA ELECTRONICS TECH CYBER SECURITY CO LTD
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In order to overcome the shortcomings of the prior art, the present invention provides a network threat intelligence sharing model, which aims to solve the current lack of unified specifications, low efficiency of intelligence sharing and intelligence due to The problem of the risk of disclosure caused by sharing
The present invention first proposes a threat intelligence sharing model, which provides unified norms and standards for the sharing of cross-departmental network threat intelligence, including data sharing format standards, sharing protocol standards, etc.; a hybrid sharing technology is proposed for the problem of low sharing efficiency , that is, centralized sharing, point-to-point sharing and other modes meet the needs of different intelligence sharing applications; in view of the problem of leaking risks brought about by sharing, a classification method for intelligence sharing levels is proposed, and the scope of intelligence sharing is limited according to different classifications, reducing the risk caused by excessive sharing. hidden danger of leaking

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Network Threat Intelligence Sharing Model
  • A Network Threat Intelligence Sharing Model
  • A Network Threat Intelligence Sharing Model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] A typical network attack process is as follows: figure 1 As shown, it generally includes the preparation period, the invasion period and the benefit period, which are subdivided into the following seven stages:

[0020] (1) Two phases of the preparation period:

[0021] Phase 1—Reconnaissance: The attacker studies, identifies and selects the target. Typical methods include using Internet crawlers to collect information such as meeting minutes, email addresses, social relations, or using special methods to collect information;

[0022] Stage 2—Weaponization: The attacker uses automated tools to modify the remote Trojan horse containing vulnerabilities and implants it into a specific carrier, such as data file formats such as PDF or office commonly used by clients;

[0023] (2) Three phases of the invasion period:

[0024] Phase 3—Loading: Transfer of the weaponized vehicle into the target environment. According to the Lockheed-Martin Computer Incident Response Team (L...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network threat information sharing model which comprises a data layer, a platform layer, a sharing layer and an application layer which longitudinally pass through threat information sharing. The network threat information sharing model aims to solve the problems that unified standards are absent between existing network threat information automatic processing and cross-department information sharing, the information sharing efficiency is low, and the leakage risk is caused by sharing. In order to provided the unified specifications and standards for cross-department information sharing, the network threat information sharing model comprises data sharing type standards, sharing protocol standards and the like; for the problem that the sharing efficiency is low, a mixed sharing technology is provided, and that is to say, the requirements of different information sharing applications are met by the modes such as concentrated sharing and point-to-point sharing; and for the leakage risk caused by sharing, an information sharing level classification method is provided, the sharing range of information is limited by different categories, and the leakage risk caused by excessive sharing is lowered.

Description

technical field [0001] The invention relates to a network threat intelligence sharing model. Background technique [0002] Cyber ​​threat intelligence (Cyber ​​Threat Intelligence, CTI) is to protect cyberspace resources from threats, using the experience and skills of security experts and professional groups to generate relevant information about security and threats, including vulnerabilities, threats, characteristics, lists The knowledge carrier of content, attributes, solutions, etc. is a new direction that has developed along with the rise of APT attacks in recent years. With the emergence of new threats in cyberspace, the research on network threat intelligence has attracted more and more attention. Pay attention to the development of cyberspace threat intelligence, and actively promote the introduction of relevant intelligence policies and standard formulation in terms of strategy, so that government agencies can better coordinate and share intelligence information. I...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/20
Inventor 徐锐胥小波陈剑锋刘方
Owner CHINA ELECTRONICS TECH CYBER SECURITY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com