Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Threat handling method, device, electronic device, and computer-readable storage medium

A technology of threat processing and data flow, applied in the field of information processing, can solve the problem of inability to monitor and deal with network threats, and achieve the effect of improving security and strengthening security protection

Active Publication Date: 2021-06-25
CHINA ELECTRONICS CORP 6TH RES INST
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the embodiments of the present application is to provide a threat processing method, device, electronic equipment, and computer-readable storage medium to solve the technical problems in the prior art that cannot monitor and deal with the network threats of the cloud platform itself

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Threat handling method, device, electronic device, and computer-readable storage medium
  • Threat handling method, device, electronic device, and computer-readable storage medium
  • Threat handling method, device, electronic device, and computer-readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] In order to solve the technical problem in the prior art that the network threats of the cloud platform itself cannot be monitored and dealt with, an embodiment of the present application provides a threat handling method.

[0034] see figure 1 as shown, figure 1 It is a threat processing method provided in the embodiment of this application, including:

[0035] S101: Grab its own network interaction data stream.

[0036] It should be noted that the solution in the embodiment of the present application can be applied to each target node of the cloud platform. The target node mentioned in the embodiment of the present application refers to a node in the cloud platform that faces the network and faces various network threats, such as a control node and a network node of the cloud platform.

[0037] In the embodiment of this application, a packet capture program can be configured on the target node, and by monitoring the network card of the target node, sniff all networ...

Embodiment 2

[0077] On the basis of Embodiment 1, this embodiment takes a more specific implementation manner as an example to further illustrate the solution adopted in the embodiment of the present application.

[0078] see Figures 2 to 4 as shown, figure 2 It shows an IPS (Intrusion Prevention System, intrusion prevention system) security component provided in the embodiment of the application applied to the target node of the cloud platform. Based on the IPS security component, the IPS provided in the embodiment of the application can be realized. Threat handling methods. Among them, the cloud platform is implemented based on the OpenStack architecture.

[0079] see figure 2 As shown, the IPS security component includes five parts: data acquisition module, preprocessing module, threat detection module, disposal module and security management module.

[0080] After the IPS security component is installed and enabled, first, the data acquisition module is implemented through the p...

Embodiment 3

[0105] Based on the same inventive concept, an embodiment of the present application also provides a threat processing device 100, which is applied to a target node of a cloud platform. see Figure 5 as shown, Figure 5 shown with figure 1 The illustrated method corresponds to the threat processing apparatus 100 . It should be understood that for the specific functions of the threat processing apparatus 100, reference may be made to the above description, and to avoid repetition, detailed description is appropriately omitted here. The threat processing device 100 includes at least one software function module that can be stored in a memory in the form of software or firmware or solidified in the operating system of the threat processing device 100 . specifically:

[0106] see Figure 5 As shown, the threat processing apparatus 100 is applied to the target node of the cloud platform, and includes: a capture module 101 , an extraction module 102 and a processing module 103 ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

This application provides a threat processing method, device, electronic equipment, and computer-readable storage medium. The method is applied to the target node of the cloud platform, including: grabbing its own network interaction data stream; extracting from the network interaction data stream Data flow characteristics; input data flow characteristics into the pre-trained threat behavior detection model to determine whether there is currently a threat behavior, and when there is a threat behavior, the type of threat behavior that exists; when there is a threat behavior, from the preset In the defense strategy, determine the target defense strategy corresponding to the type of threat behavior, and execute the target defense strategy. This realizes the monitoring and handling of network threats to the cloud platform itself, and strengthens the security protection of the cloud platform.

Description

technical field [0001] The present application relates to the technical field of information processing, and in particular, relates to a threat processing method, device, electronic equipment, and computer-readable storage medium. Background technique [0002] At present, most of the security protection methods for cloud platforms on the market are realized by the way of leading traffic. That is, by establishing a virtualized security resource pool (usually an independent set of servers) on the cloud, deploying relevant security products on it, and guiding the data traffic entering and leaving the cloud platform to the security resource pool first, and then flowing into the cloud platform, In this way, security protection against network intrusions can be realized. [0003] However, this method cannot monitor and deal with the network threats of the cloud platform itself, especially the security components and protection strategies based on the cloud platform architecture a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 燕玮许凤凯张尼贾星威吴云峰白翼铭
Owner CHINA ELECTRONICS CORP 6TH RES INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com