Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A mining method, terminal and storage medium for discovering dependencies between threat behaviors

A technology of dependencies and storage media, which is applied to the mining method for finding dependencies between threat behaviors, terminals and storage media, can solve problems such as computer loss, and achieve the effect of improving incident response capabilities

Active Publication Date: 2022-07-19
中孚安全技术有限公司 +3
View PDF11 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] With the advent of big data, more attack behaviors are no longer a single operation, and there are inextricably linked among many attack behaviors. It is difficult for the traditional attack matrix to identify and quantify these attack relationships. At the same time as the threat, these preventive measures may release another attack related to the constant threat, causing incalculable damage to the computer

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A mining method, terminal and storage medium for discovering dependencies between threat behaviors
  • A mining method, terminal and storage medium for discovering dependencies between threat behaviors
  • A mining method, terminal and storage medium for discovering dependencies between threat behaviors

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] The described features, structures or characteristics may be combined in one or more embodiments in any suitable manner to the mining method for discovering dependencies among threat behaviors related to the present invention. In the following description, numerous specific details are provided to ensure a thorough understanding of the embodiments of the present invention. However, those skilled in the art will realize that the present invention does not specify implementation methods for some details of the technical solutions, and those skilled in the art can use other well-known methods, devices, steps, etc. to implement them. Accordingly, the following description does not illustrate or describe well-known methods, apparatus, implementations, or operations in detail to avoid obscuring aspects of the present invention.

[0046]The present invention provides a mining method for discovering the dependencies among threat behaviors, and the purpose of the present inventi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a mining method, a terminal and a storage medium for discovering dependencies between threat behaviors, collects log files of all users a in the system, cleans and organizes the data in the log files, and forms an employee behavior set S={ beh ai }, the time span w in the statistical set S t ; based on S and w t The probability of occurrence of statistical behavior P(beh ai ) and the behavior co-occurrence probability P(beh ai ,beh aj ); calculates the dependency value dep based on the two probabilities ai,aj , dep ai,aj reflects the behavior beh ai on behavior beh aj degree of dependence; according to all dep ai,aj Construct the attack dependency matrix M, which reflects the dependency between all behaviors of an employee; the attack behavior path path is obtained from M ag→ak , path ag→ak Represents a complete, most likely series of attack actions. The present invention finds potential connections between employee behaviors and quantifies such dependencies. Enterprises can quickly find out the two most closely related behaviors through the value of the dependency relationship, and warn the threat behavior according to the pre-specified risk threshold to prevent the enterprise from being attacked by some internal threats.

Description

technical field [0001] The invention relates to the technical field of data security, and in particular, to a mining method, a terminal and a storage medium for discovering dependencies between threat behaviors. Background technique [0002] Insider threats are generally considered malicious activities that compromise the system by disgruntled employees or former employees of a business, institution, or organization. A saboteur gains access to an enterprise system or network, finds and attacks weak points in the system's defenses by infiltrating the system's structure and operating state. There are many forms of insider threat attacks, such as using Trojans, worms, viruses and other program tools to intrude into the system; stealing confidential information within the enterprise; modifying, deleting or destroying key company data; stealing the identity information of the company's internal employees, etc. The occurrence of any of these behaviors will cause incalculable loss...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/1416H04L63/1425
Inventor 李成梁李兴国苗功勋路冰孙宁
Owner 中孚安全技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com