Threat processing method and device, electronic equipment and computer readable storage medium

A threat processing and data flow technology, applied in the field of information processing, can solve problems such as inability to monitor and deal with network threats, and achieve the effect of improving security and strengthening security protection

Active Publication Date: 2021-04-16
CHINA ELECTRONICS CORP 6TH RES INST
View PDF5 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the embodiments of the present application is to provide a threat processing method, device, electronic equipment, and computer-readable storage medium to solve the technical problems in the prior art that cannot monitor and deal with the network threats of the cloud platform itself

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Threat processing method and device, electronic equipment and computer readable storage medium
  • Threat processing method and device, electronic equipment and computer readable storage medium
  • Threat processing method and device, electronic equipment and computer readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] In order to solve the technical problem in the prior art that the network threats of the cloud platform itself cannot be monitored and dealt with, an embodiment of the present application provides a threat handling method.

[0034] see figure 1 shown, figure 1 It is a threat processing method provided in the embodiment of this application, including:

[0035] S101: Grab its own network interaction data stream.

[0036] It should be noted that the solution in the embodiment of the present application can be applied to each target node of the cloud platform. The target node mentioned in the embodiment of the present application refers to a node in the cloud platform that faces the network and faces various network threats, such as a control node and a network node of the cloud platform.

[0037] In the embodiment of this application, a packet capture program can be configured on the target node, and by monitoring the network card of the target node, sniff all network i...

Embodiment 2

[0077] On the basis of Embodiment 1, this embodiment takes a more specific implementation manner as an example to further illustrate the solution adopted in the embodiment of the present application.

[0078] see Figures 2 to 4 as shown, figure 2 It shows an IPS (Intrusion Prevention System, intrusion prevention system) security component provided in the embodiment of the application applied to the target node of the cloud platform. Based on the IPS security component, the IPS provided in the embodiment of the application can be realized. Threat handling methods. Among them, the cloud platform is implemented based on the OpenStack architecture.

[0079] see figure 2 As shown, the IPS security component includes five parts: data acquisition module, preprocessing module, threat detection module, disposal module and security management module.

[0080] After the IPS security component is installed and enabled, first, the data acquisition module is implemented through the p...

Embodiment 3

[0105] Based on the same inventive concept, an embodiment of the present application also provides a threat processing device 100, which is applied to a target node of a cloud platform. see Figure 5 shown, Figure 5 shown with figure 1 The illustrated method corresponds to the threat processing apparatus 100 . It should be understood that for the specific functions of the threat processing apparatus 100, reference may be made to the above description, and to avoid repetition, detailed description is appropriately omitted here. The threat processing device 100 includes at least one software function module that can be stored in a memory in the form of software or firmware or solidified in the operating system of the threat processing device 100 . specifically:

[0106] see Figure 5 As shown, the threat processing apparatus 100 is applied to the target node of the cloud platform, and includes: a capture module 101 , an extraction module 102 and a processing module 103 . ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a threat processing method and device, electronic equipment and a computer readable storage medium, and the method is applied to a target node of a cloud platform, and comprises the steps: capturing a self network interaction data flow; extracting data flow characteristics from the network interaction data flow; inputting the data flow features into a pre-trained threat behavior detection model, and determining whether a threat behavior exists at present or not and the type of the existing threat behavior when the threat behavior exists; and when the threat behavior exists, determining a target defense strategy corresponding to the threat behavior type from preset defense strategies, and executing the target defense strategy. Therefore, the monitoring and disposal of the network threat of the cloud platform are realized, and the security protection of the cloud platform is enhanced.

Description

technical field [0001] The present application relates to the technical field of information processing, and in particular, relates to a threat processing method, device, electronic equipment, and computer-readable storage medium. Background technique [0002] At present, most of the security protection methods for cloud platforms on the market are realized by the way of leading traffic. That is, by establishing a virtualized security resource pool (usually an independent set of servers) on the cloud, deploying relevant security products on it, and guiding the data traffic entering and leaving the cloud platform to the security resource pool first, and then flowing into the cloud platform, In this way, security protection against network intrusions can be realized. [0003] However, this method cannot monitor and deal with the network threats of the cloud platform itself, especially the security components and protection strategies based on the cloud platform architecture a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08
Inventor 燕玮许凤凯张尼贾星威吴云峰白翼铭
Owner CHINA ELECTRONICS CORP 6TH RES INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap