Network situation awareness method and network situation awareness system based on information acquisition of various network devices

A network situation awareness and information collection technology, applied in the field of network security, can solve the problems of not being able to grasp the status of the entire network in a timely manner, and not being able to manage the software of network equipment, so as to achieve the effect of alarming the overall network security threat

Active Publication Date: 2020-11-03
ANHUI JIYUAN SOFTWARE CO LTD
View PDF4 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

From the initial manual management and decentralized management, it is impossible to grasp the status of the whole network and the status of each part in a timely manner, and it cannot effectively manage the software of network equipment; it has developed to the way of unified and centralized management and control of software to detect abnormal equipment and network status in time, so that The overall network management transitions from passive and disorderly to active observation, and can comprehensively and accurately grasp the operation status of the entire network in a timely manner

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network situation awareness method and network situation awareness system based on information acquisition of various network devices
  • Network situation awareness method and network situation awareness system based on information acquisition of various network devices
  • Network situation awareness method and network situation awareness system based on information acquisition of various network devices

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0056] The technical solution of the present invention will be further described below in combination with specific embodiments and accompanying drawings.

[0057] The network situation analysis aimed at by the present invention mainly consists of three parts:

[0058] The first is the operating status of the devices that make up the entire network, including system logs, device environment status, etc.;

[0059] The second is the communication transmission, automatic processing, emergency and other behaviors between network devices, that is, network behavior;

[0060] The third is the collection of various operations taken by users on devices and networks, that is, user behaviors;

[0061] These three parts constitute the overall situation of the network. Based on the above-mentioned security elements that cause changes in the network situation, collection, filtering, fusion, correlation alarm analysis and correlation statistical analysis are performed.

[0062] The present...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network situation awareness method and system based on information collection of multiple network devices, and the method comprises the steps: collecting log data based on the multiple network devices, and carrying out the filtering, paradigm and merging of log information; performing a complex event query task and a complex event monitoring alarm task based on the atomicevent flow formed by the log data, wherein the complex event query task is used for querying and detecting an occurrence situation of a complex scene event, and the complex event monitoring task is used for fusing various associated events in a complex event scene and predicting and alarming causal associated events; and performing secondary statistical analysis on data processed by complex eventquery task and complex event monitoring alarm task; according to the invention, multi-dimensional information acquisition of a plurality of network resources is carried out and multi-event association analysis is carried out by using a complex event processing technology, threats and abnormal behaviors in the network are discovered in time, so that network situation awareness is achieved, and a user is reminded of possible abnormal active troubleshooting.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a network situation awareness method and system based on information collection of various network devices. Background technique [0002] With the development of informatization construction, the number of network devices serving as informatization bearers continues to increase, and the management of network devices has gradually attracted attention. From the initial manual management and decentralized management, it is impossible to grasp the status of the whole network and the status of each part in a timely manner, and it cannot effectively manage the software of network equipment; it has developed to the way of unified and centralized management and control of software to detect abnormal equipment and network status in time, so that The overall network management transitions from passive disorder to active observation, and can grasp the operation status of the entire...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24
CPCH04L63/1425H04L41/069H04L41/0631
Inventor 张雪燕程周育窦国贤顾昊旻宋善坤李彬柴吴军陈衡俞长亮李竞刁燕燕
Owner ANHUI JIYUAN SOFTWARE CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products