Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for detecting threat attack, equipment and storage medium

A business access and business technology, applied in the field of network security, can solve the problem of high cost, reduce losses, improve the effect, and suppress the time of attack behavior

Inactive Publication Date: 2019-07-09
CHINA MOBILE GROUP SICHUAN +1
View PDF7 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Among them, for stage 1, the improvement of personnel security awareness is a continuous process, which requires a large amount of information security awareness training and long-term and continuous investment of a large amount of human resources; for stage 2, stage 3, and stage 4, due to the need to deploy More protective equipment requires a large amount of capital investment at this stage; at the same time, reasonable and effective use of the above equipment requires maintenance personnel with a very high technical level and high-end human resources investment; therefore, it can be seen from the above that, The disadvantage of the existing technical protection solutions against APT attacks is that it requires a lot of resource investment, especially in terms of funds. Depending on the size of the organization, it may require tens or millions of investments, and the cost is too high.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for detecting threat attack, equipment and storage medium
  • Method and device for detecting threat attack, equipment and storage medium
  • Method and device for detecting threat attack, equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The characteristics and exemplary embodiments of various aspects of the present invention will be described in detail below. In order to make the purpose, technical solutions and advantages of the present invention more clear, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only configured to explain the present invention, not to limit the present invention. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is only to provide a better understanding of the present invention by showing examples of the present invention.

[0027] It should be noted that in this article, relational terms such as first and second are only used to distinguish one entity or operation from another entity or operation, and ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a method and device for detecting advanced persistent threat attacks by utilizing an access relation, computer equipment and a readable storage medium. The method comprises the steps that acquiring business assets, determining the type of a business access strategy of a business access relation according to the business assets, wherein the type of the business access strategy comprises a business necessary access strategy and a business unnecessary access strategy; according to the service assets, sorting the service access relationship to generate a network access control list; if the service access strategy in the service access relationship is a service non-necessity access strategy, defining the service access strategy as rejection; detecting the flow of the server, matching the flow of the server with the network access control list, determining the flow of the server of which the service access strategy is rejected as an advanced persistent threat, and giving an alarm. The advanced persistent threat attack is restrained from the path from organizing the service characteristics of the system, and the efficiency of safety management work and the effect of safety operation and maintenance are improved.

Description

technical field [0001] The present invention relates to the technical field of network security, in particular to a method, a device, a computer device and a readable storage medium for detecting an advanced persistent threat attack by using an access relationship. Background technique [0002] At present, a complete APT (Advanced Persistent Threat, Advanced Persistent Threat) attack roughly has the following stages: [0003] Intelligence Gathering Phase: The goal of this phase is to gather not only strategic information about the intended target IT environment, but also information about its organizational structure. The information collected can range from the business applications and software used by the enterprise to the roles and relationships that exist in the organization. Intrusion Phase: Using the information obtained during the intelligence gathering phase, supplemented by the accumulated knowledge of previous attacks on the corporate environment, the threat acto...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416
Inventor 袁强李长城
Owner CHINA MOBILE GROUP SICHUAN
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products