Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

An abnormal user detection method and system based on ensemble learning

A technology integrating learning and detection algorithms, applied in the field of network security, can solve problems such as lack of pertinence in traditional methods, and achieve the effect of preventing information leakage

Active Publication Date: 2022-01-28
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The reason is that the traditional methods are mostly scattered, after the fact, and lack of pertinence

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An abnormal user detection method and system based on ensemble learning
  • An abnormal user detection method and system based on ensemble learning
  • An abnormal user detection method and system based on ensemble learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] refer to figure 1 , the embodiment of the present invention provides a method for detecting abnormal users based on integrated learning, which may include the following steps:

[0034] Step S101 , collecting user behavior information to be detected, wherein the behavior information to be detected includes at least one behavior characteristic information.

[0035] In the embodiment of the present invention, the behavior information to be detected is the behavior information to be detected, and the behavior information can be classified into network behavior information and terminal behavior information according to classification. It should be noted that behavior information is provided by user behavior data sources. User behavior data sources include but are not limited to security logs, network traffic, threat intelligence, logs related to identity access, and access logs related to user scenarios. Among them, logs related to user scenarios include but are not limite...

Embodiment 2

[0079] refer to Figure 6 , the embodiment of the present invention provides an abnormal user detection system based on integrated learning, which may include the following modules:

[0080] The first collection module 11 is used to collect the user's behavior information to be detected, wherein the behavior information to be detected includes at least one behavior characteristic information;

[0081] The comparison module 12 is used to compare the behavioral feature information and the preset feature baseline corresponding to the behavioral feature information to obtain a comparison result;

[0082] An extraction module 13, configured to extract abnormal behavior information from the behavior information to be detected according to the comparison result, and determine users with abnormal behavior information as suspected abnormal users;

[0083] The scoring module 14 is configured to use a preset integrated learning model to score suspected abnormal users, and determine susp...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a method and system for detecting abnormal users based on integrated learning, which relate to the technical field of network security and include collecting user behavior information to be detected, wherein the behavior information to be detected includes at least one behavior characteristic information; the behavior characteristic information , and compare with the preset feature baseline corresponding to the behavior feature information to obtain the comparison result; extract abnormal behavior information from the behavior information to be detected according to the comparison result, and determine users with abnormal behavior information as suspected abnormal users; Finally, the preset integrated learning model is used to score the suspected abnormal users, and the suspected abnormal users whose scoring results reach the preset scores are determined as abnormal users. The invention establishes a detection system with users as the core object, and can accurately locate abnormal users based on a preset integrated learning model, discover internal threats in time, and then terminate internal threats in time to prevent information leakage.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to an abnormal user detection method and system based on integrated learning. Background technique [0002] With the increasing development of Internet technology and the deepening of my country's big data strategy, there are more and more data collection terminals and more and more types of collection. Data has become one of the core assets of enterprises. While the value of data is highly valued, various data security threats faced by enterprises are becoming more and more serious, and information security is gradually focused on data security. [0003] Under normal circumstances, external attacks are of various types and continue to be frequent. Enterprises are accustomed to deploying resources to build security fortresses to resist external attacks. However, in addition to external hacker attacks, internal personnel participate in information trafficking and share illeg...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40G06K9/62
CPCH04L63/1425G06F18/2411
Inventor 莫凡范渊刘博何帅孙佳
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com