Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Mining method and device of attacking organization

A technology for attackers and organizations, applied in the field of network security, it can solve the problems of difficult to fight against continuously changing and upgraded attack methods, inability to perceive attacking organizations, and lack of data intelligence functions.

Active Publication Date: 2017-02-01
BEIJINGNETENTSEC
View PDF6 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In addition, advanced persistent threats have become the main security threats faced by all types of networks at all levels. Advanced persistent threats have transformed network threats from random attacks of stragglers into purposeful, organized, and premeditated group attacks. Traditional defense methods based on real-time detection and real-time blocking are difficult to play a role anymore
[0004] The current network security protection methods and product systems still use traditional stand-alone and private ideas to solve network and public threats, but now is the era of dynamic security. Traditional equipment and solutions are static, and it is difficult to fight against continuous threats. Due to changing and upgraded attack methods, network security protection methods and products based on traditional security thinking cannot perceive attacking organizations because they do not have data intelligence functions.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mining method and device of attacking organization
  • Mining method and device of attacking organization
  • Mining method and device of attacking organization

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] figure 1 It is a schematic diagram of the implementation flow of the mining method for attacking organizations in the embodiment of the present invention, the method includes:

[0038] Step 101: Extracting the attack behavior recorded in the log of the firewall intrusion prevention system; the attack behavior includes attack time, attack mode, and IP address of the attacker;

[0039] Specifically, the network attack behavior is identified, and the identified attack behavior is recorded in the log of the firewall intrusion prevention system (Intrusion Prevention System, IPS); at least one IP address of the attacker recorded in the log of the firewall IPS is extracted in different attacks. The attack method used by time.

[0040] Here, the identifying the network attack behavior may be to use a firewall to identify the network attack behavior; the firewall IPS log records the attack behavior identified by the firewall within a preset time, and the preset time may be one ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a mining method of an attacking organization. The mining method of the attacking organization comprises the steps of extracting attacking behaviors recorded in a firewall intrusion prevention system log, wherein each attacking behavior comprises attacking time, an attacking mode and an IP address of an attacker; and clustering the IP addresses of all the attackers based on the attacking time and the attacking mode corresponding to the IP address of each attacker to obtain the attacking organization. The invention also discloses a mining device of the attacking organization.

Description

technical field [0001] The invention relates to network security technology, in particular to a mining method and device for attacking organizations. Background technique [0002] With the increasing development and popularization of the Internet, the Internet has penetrated into all aspects of people's daily work and life. However, the network security problem introduced by it has gradually become one of the problems that people focus on. In particular, the existing network attack methods are showing a trend of diversification and complexity, making institutions and systems that provide business services based on the Internet face unprecedented threats. Once the networks of these institutions and systems are successfully attacked, huge damage will be caused. Economic losses. [0003] At present, with the continuous development of the social economy, the division of labor among practitioners from all walks of life in society is becoming more and more detailed. For a techno...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425
Inventor 易蜀锋
Owner BEIJINGNETENTSEC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com