Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Threat Intelligence Exploitation and Reproduction Method Based on Statistical Learning

A statistical learning and intelligence technology, applied in transmission systems, digital transmission systems, secure communication devices, etc., can solve problems such as model degradation and prediction accuracy decline, and achieve the effect of improving accuracy and alleviating model degradation

Active Publication Date: 2022-01-11
NANKAI UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the present invention is to alleviate the problem that the traditional security monitoring model faces massive and time-sensitive threat intelligence, which leads to the degradation of the model, which leads to the decline of prediction accuracy, and provides a threat intelligence utilization and propagation method based on statistical learning

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Threat Intelligence Exploitation and Reproduction Method Based on Statistical Learning
  • Threat Intelligence Exploitation and Reproduction Method Based on Statistical Learning
  • Threat Intelligence Exploitation and Reproduction Method Based on Statistical Learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0056] The present invention takes the detection of malicious domain names as an example for specific description. Any detection model based on a fixed threshold can be used in this method. The method flow is as follows figure 1 In this embodiment, two detection models, XGBoost and LSTM, are used as examples to illustrate, and the specific introduction is as follows:

[0057] XGBoost is a Boosting algorithm based on GBDT gradient boosting decision tree. It first uses a simple model to fit the data to obtain a more general result, and then continuously adds simple models to the model. As the number of trees increases, the complexity of the entire model gradually becomes higher and approaches the complexity of the data itself. By building and fitting the CART tree of different eigenvalue sets of intelligence, the scoring of the tree structure is carried out. This method has good learning effect, fast speed, can handle large-scale data, and can effectively score massive threat i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention proposes a threat intelligence utilization and propagation method based on statistical learning, which is applied in the field of network security. Based on limited known threat intelligence, through statistical learning, a large number of unknown threat intelligence is discovered to realize the propagation of threat intelligence. To evade security detection, cyberattacks are changing at an ever-increasing rate, resulting in an increase in the volume and shortening of the timeliness of threat intelligence. A security detection model that only uses known threat intelligence will be affected by the model degradation problem and its accuracy will decrease. Based on the statistical learning algorithm, the present invention introduces credibility, replaces the static threshold, and improves the ability of the model to identify unknown threats; the method supports multiple heterogeneous detection models, and realizes multi-model collaborative defense based on the comparison of credibility; the method introduces The sliding time window concept enables the detection model to quickly absorb emerging threat intelligence and effectively forget outdated intelligence.

Description

technical field [0001] The invention belongs to the field of computer network security. Background technique [0002] In order to evade security detection, network attackers continue to improve the attack methods used, such as Domain Generate Algorithm (DGA), which can generate a large number of malicious domain names, allowing network attacks to bypass security firewalls and threaten user computer security. Constantly updated attack methods have led to a surge in the number of threat intelligence and shortened timeliness. Traditional security detection models that only use known threat intelligence will be affected by model degradation and cannot accurately detect many new threat intelligence. Therefore, threat intelligence detection methods are required to build a more comprehensive detection model based on known limited intelligence to deal with undiscovered threats. Contents of the invention [0003] The purpose of the present invention is to alleviate the problem th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/1416H04L63/1425H04L63/1433H04L63/1441H04L63/205
Inventor 王志杨帆李昊润林美含杨晨煜刘新慧
Owner NANKAI UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com