Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network security source analysis method and device

A network security and context technology, applied in the field of network security traceability analysis, can solve the problem of unclear behavior characteristics of attackers

Active Publication Date: 2018-11-06
武汉思普崚技术有限公司
View PDF7 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Existing network attack source tracing mostly only has attack path playback, knowing where the attacker came from, but not knowing the behavior characteristics of the attacker itself

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security source analysis method and device
  • Network security source analysis method and device
  • Network security source analysis method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] The preferred embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings, so that the advantages and features of the present invention can be more easily understood by those skilled in the art, so as to define the protection scope of the present invention more clearly.

[0035] figure 1 A flowchart of an embodiment of the method for network security traceability analysis provided by the present invention, the method includes:

[0036] Step 101, collect log information of various network devices in real time, and solidify and save the log information.

[0037] Step 102, perform in-depth correlation analysis and data mining on the collected log information from multiple dimensions of time and space, and sort out the occurrence context and attack path of the attack event.

[0038] Step 103, according to the occurrence context and attack path of the attack event, obtain relevant information and behavior of the attac...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network security source analysis method and device. Log information of various types of network equipment is acquired in real time and fixedly saved, and therefore logs can be restored when the logs are attacked to be cleared; the acquired log information is subjected to deep association analysis and data mining, and a generation vein and an attack path of an attack eventare combed out to acquire related information and behaviors of an attacker, feature attributes are extracted, and an attacker relation model is built; and related information and behaviors of a visitor are acquired, feature attributes of the related information and behaviors of the visitor are matched with the attacker relation model, and therefore whether or not the visitor is the attacker can be determined.

Description

technical field [0001] The present application relates to the technical field of network information security, in particular to a method and device for network security traceability analysis. Background technique [0002] The forms of network attacks are becoming more and more diverse, posing a serious threat to network security. It is necessary to protect the software and hardware devices such as the host, firewall, switch or WEB server of the system. It is very necessary to trace the source of the attack and have a detailed understanding of the attacker. . [0003] Most of the existing network attack traceability only has the attack path playback, knowing where the attacker came from, but not knowing the behavior characteristics of the attacker itself. At the same time, the attacker usually clears the system logs after the attack is over, so as to remove the traces of the attack. Therefore, a method and device capable of qualitatively analyzing the attacker itself is pro...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425H04L2463/146
Inventor 段彬
Owner 武汉思普崚技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com