Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for discriminating threat information credibility based on multi-dimensional trusted feature

A discriminative method and multi-dimensional technology, applied in the field of network security, can solve the problems of reducing the accuracy of threat intelligence to be detected and incomplete untrustworthy threat intelligence, and achieve the effect of improving accuracy

Inactive Publication Date: 2018-09-28
BEIJING UNIV OF POSTS & TELECOMM
View PDF1 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the strong subjectivity of this discrimination method, and the unreliable threat intelligence stored in the blacklist database is not comprehensive, there are cases of misjudgment and missed judgment, which reduces the accuracy of judging the threat intelligence to be detected

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for discriminating threat information credibility based on multi-dimensional trusted feature
  • Method and device for discriminating threat information credibility based on multi-dimensional trusted feature
  • Method and device for discriminating threat information credibility based on multi-dimensional trusted feature

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0078] As an implementation of the embodiment of the present invention, the method further includes: using a threat intelligence sample set to train the DBN discriminant model to obtain a new DBN discriminant model, wherein the threat intelligence sample set contains multiple threat intelligence with known credibility .

[0079] In practical applications, the DBN discriminant model will mark the credibility of the classified preliminary credible threat intelligence after each output of the credibility discrimination result representing the preliminary credible threat intelligence, and store it in the threat intelligence sample set , and then according to the preset cycle, the DBN discriminant model is trained with the updated threat intelligence sample set to obtain a new DBN discriminant model.

[0080] Specifically, the threat intelligence sample set is divided into training threat intelligence sample set and test threat intelligence sample set, the training threat intellige...

Embodiment approach

[0095] As an implementation manner of the embodiment of the present invention, the device further includes: a training module, configured to use a threat intelligence sample set to train the DBN discriminant model to obtain a new DBN discriminant model, wherein the threat intelligence sample set contains multiple credible Known Threat Intelligence.

[0096] As an implementation manner of the embodiment of the present invention, the above-mentioned training module includes:

[0097] The division sub-module is used to divide the threat intelligence sample set into a training threat intelligence sample set and a test threat intelligence sample set;

[0098] The extraction sub-module is used to extract the multi-dimensional credible feature set of the training threat intelligence sample set, and construct a multi-dimensional credible feature vector space;

[0099] The training sub-module is used to iteratively train the DBN discriminant model using the multi-dimensional credible ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the present invention provides a method and a device for discriminating threat information credibility based on a multi-dimensional trusted feature. The method comprises the following steps: acquiring threat information to be detected; obtaining a verification threat information set corresponding thereto according to a category of the threat information to be detected; accordingto a content verification consistency recognition algorithm, calculating a similarity value between the threat information to be detected and the verification threat information; comparing the similarity value with a preset threshold value, and determining the threat information to be detected with the similarity value greater than the threshold as initial credibility threat information; extracting the multi-dimensional trusted feature of the initial trusted threat information, and constructing a multi-dimensional trusted feature vector; inputting the multi-dimensional trusted feature vector into a deep belief network DBN discriminant model, and outputting a credibility discrimination result of the initial trusted threat information. The embodiment of the present invention judges the threat information to be detected twice by using the content verification consistency method and the DBN discriminant model, thereby improving the accuracy of judging the threat information to be detected.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and device for judging the credibility of threat intelligence based on multi-dimensional credible features. Background technique [0002] Threat intelligence is a kind of knowledge information that describes threats based on evidence, including threat-related context information, methods and mechanisms used by threats, threat-related indicators, attack impacts, and countermeasures. The role of threat intelligence is to provide all clues to restore and predict attacks that have not occurred, to learn as much as possible about attackers’ motives, tactics, tools, resources, and behavioral processes, and to establish an effective security defense system. Due to the characteristics of large amount of information, high repetition rate and wide sources of threat intelligence, in practical applications, there may be misleading or confusing false information in the proce...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416
Inventor 李小勇李蕾高雅丽李继蕊苑洁
Owner BEIJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com