Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for fusing network threat intelligence metadata

A technology of intelligence data and metadata, which is applied in transmission systems, text database indexing, electronic digital data processing, etc., can solve the problems of rough fusion granularity and inflexible result output, and achieve good user experience effects

Pending Publication Date: 2021-04-16
INST OF INFORMATION ENG CAS
View PDF4 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] At present, in the field of network threat intelligence fusion, the mainstream method is to fuse intelligence data based on rules, field mapping, templates, manual and other forms. The fusion granularity of these fusion methods is rougher, and the output of the fusion results is not flexible.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for fusing network threat intelligence metadata
  • Method and system for fusing network threat intelligence metadata
  • Method and system for fusing network threat intelligence metadata

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] In order to make the technical solutions, features and advantages of the present invention clearer and easier to understand, the technical details of the present invention will be further described below in conjunction with the accompanying drawings.

[0037] The method for fusion of network threat intelligence metadata of the present invention comprises the following steps:

[0038] (1) First, obtain cyber threat intelligence data from various intelligence sources, including: open source intelligence, purchased paid intelligence, and self-produced intelligence. Since these intelligence data are unstructured, if automated processing is to be performed, these cyber threat intelligence data need to be standardized, that is, transformed into structured cyber threat intelligence data. With reference to international standards, OpenIOC, IODEF (Incident Object Deion and Exchange Format), STIX (Structure Threat Information eXpression) and actual business needs, the network thr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention designs a method and system for fusing network threat intelligence metadata, which are used for solving multi-source heterogeneous network threat intelligence conflicts. The method comprises the following steps: converting unstructured network threat intelligence data into structured network threat intelligence; mapping the structured network threat intelligence data and metadata; splitting the network threat intelligence metadata; fusing the network threat intelligence metadata; and providing the fused metadata for network security threat intelligence analysts in an interface form through a customized output template. According to the invention, the network threat intelligence data can be fused in a finer-grained manner, and the fused result is automatically configured.

Description

technical field [0001] The invention relates to the field of computer network security and can be used in the field of fusion or conflict resolution of network threat intelligence metadata. Background technique [0002] Threat intelligence is evidence-based knowledge that mainly includes scenarios, mechanisms, indicators, meanings, and actionable recommendations. Based on high-quality threat intelligence information, it can provide decision support for the subject to respond to existing or emerging threats. Metadata is defined as data describing data, descriptive information about data and information resources. Cyber ​​threat intelligence metadata refers to data that describes cyber threat intelligence data. For cyber threat intelligence data, it is also necessary to perform a standardized representation or description, so that it can be used for processing, analysis, and docking with other vendors or platforms. The corresponding entities are defined with reference to in...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F16/31G06F16/2457G06K9/62H04L29/06
Inventor 马春燕姜政伟江钧邓铭锋李宁刘宝旭
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com