Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Host intrusion detection method and device

An intrusion detection and host technology, applied in the computer field, can solve the problems of normal business impact, misuse detection cannot effectively detect unknown attack behavior, and high false alarm rate, so as to reduce the cost of manual intervention, reduce the false alarm rate of detection, and improve The effect of the detection rate

Pending Publication Date: 2020-01-31
JINGDONG TECH HLDG CO LTD
View PDF0 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] (1) Misuse detection cannot effectively detect unknown attacks;
[0006] (2) The false alarm rate of abnormal detection is relatively high, which has a certain impact on normal business

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Host intrusion detection method and device
  • Host intrusion detection method and device
  • Host intrusion detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0064] The following describes exemplary embodiments of the present invention with reference to the accompanying drawings, which include various details of the embodiments of the present invention to facilitate understanding, and should be regarded as merely exemplary. Therefore, those of ordinary skill in the art should realize that various changes and modifications can be made to the embodiments described herein without departing from the scope and spirit of the present invention. Likewise, for clarity and conciseness, descriptions of well-known functions and structures are omitted in the following description.

[0065] According to one aspect of the embodiments of the present invention, a host intrusion detection method is provided.

[0066] figure 1 It is a schematic diagram of the main process of the host intrusion detection method according to the embodiment of the present invention. Such as figure 1 As shown, the host intrusion detection method according to the embodiment o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a host intrusion detection method and device, and relates to the technical field of computers. One specific embodiment of the method comprises the following steps: acquiring signal data of a host, wherein the signal data comprises static signal data n and dynamic signal data s; searching a static detection rule rets matched with the static signal data from a preset featurelibrary; obtaining a dynamic prediction result retd according to the dynamic signal data and an SVM model; wherein the training parameters of the SVM model are obtained by adopting a particle swarm optimization algorithm; and judging whether the current process of the host is an attack behavior or not according to the static detection rule rets and the dynamic prediction result retd. According tothe embodiment, the detection rate of unknown attack behaviors can be improved; the detection false alarm rate of normal operation is reduced, and the stability of normal service is ensured; the detection rule is automatically generated and the detection feature library is updated when the attack behavior is detected, the manual intervention cost is reduced, and the response time to the unknown attack behavior is shortened.

Description

Technical field [0001] The invention relates to the field of computer technology, in particular to a method and device for detecting host intrusion. Background technique [0002] With the widespread application of Intentet and the rapid growth of information flow in cyberspace, various fields have benefited from the development of the network, while their data security has also been seriously threatened. As far as data detection is concerned, intrusion detection can be divided into two types, network-based intrusion detection and host-based intrusion detection. Network-based intrusion detection mainly detects the original data packets on the network to determine whether there are attacks in the data packets; host-based intrusion detection mainly analyzes the log, host traffic, process behavior and other information on the host to determine whether the host has suffered attack. [0003] For host-based intrusion detection, currently two methods are mainly used: misuse detection and...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62
CPCG06F21/566G06F18/2411G06F18/214
Inventor 刘明浩郝益壮洪艳
Owner JINGDONG TECH HLDG CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com