Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Behavior prediction method of network attack knowledge graph generated based on honeypot actual combat

A network attack, knowledge graph technology, applied in knowledge expression, data exchange network, character and pattern recognition, etc., can solve the problem of ineffective analysis of attack behavior.

Active Publication Date: 2021-02-26
广州锦行网络科技有限公司
View PDF8 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the above two documents both construct network security knowledge graphs, not network attack knowledge graphs, and cannot effectively analyze attack behaviors.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Behavior prediction method of network attack knowledge graph generated based on honeypot actual combat
  • Behavior prediction method of network attack knowledge graph generated based on honeypot actual combat
  • Behavior prediction method of network attack knowledge graph generated based on honeypot actual combat

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0052] This embodiment provides a network attack knowledge map and behavior prediction method generated based on honeypot actual combat, including the following steps:

[0053] S1: Deploy trapping nodes and honeypots, bind node information, and record all attack information after being attacked, where attack information includes attack behavior, attack source IP and port, attack method, attack content, and attack time; The node information is to bind the trapping node and the honeypot, and record the node IP and the honeypot IP.

[0054] S2: Construct the knowledge map of the attack information recorded in step S1. The map construction method is as follows: divide all attack information into first-level nodes M1 according to attack types, which include SSH scanning attacks, Http attacks, and FTP attack events; second The first-level node M2 ​​includes a single attack event; the third-level node M3 includes the collection of attack IP, attack port, attack time, attack sequence,...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a behavior prediction method for a network attack knowledge graph generated based on honeypot actual combat, and the method comprises the steps: deploying a certain number of network nodes and binding honeypots, and then collecting and recording the information of a network attack behavior, an attack path and an attack object; and then, according to the attack information, establishing an actual combat knowledge graph of network attack and defense through Neo4j. On the basis of the built knowledge graph, the relevance of attack events is analyzed through a clustering algorithm, then the attack events are analyzed and predicted through the obtained average clustering coefficient, effective classification display and behavior prediction can be conducted on network attack and defense, and certain guiding significance is achieved for network attack and defense.

Description

technical field [0001] The invention relates to the fields of network attack and defense and knowledge graphs, in particular to a behavior prediction method based on network attack knowledge graphs generated by honeypot actual combat. Background technique [0002] Knowledge graph, as a series of different graphs showing knowledge development process and structural relationship, is currently widely used in various analytical disciplines. Its advantage is that as a visual database, it can more vividly describe knowledge resources and their carriers, mine, analyze, construct, map and display knowledge and their interrelationships, and then conduct behavior analysis and prediction based on this. [0003] At the same time, network attacks often occur in real life. Due to the unequal technical capabilities of the attacking and defending parties, ordinary non-technical personnel often do not know how to prevent and solve the attack after the attack is released, and may lead to furt...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/12H04L12/24G06F16/35G06K9/62G06N5/02
CPCH04L63/1416H04L63/1433H04L63/1491H04L63/1466H04L61/255H04L41/14H04L41/147G06F16/35G06N5/02G06F18/23
Inventor 吴建亮胡鹏王永君
Owner 广州锦行网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com