Method and device for establishing malicious IP address threat intelligence library and preventing malicious attack

An IP address and establishment method technology, applied in the field of network security, can solve problems such as high risk, poor ability to resist network attack behavior, and enterprises cannot predict malicious attack behavior, so as to reduce losses, improve the ability to resist, and reduce risks.

Active Publication Date: 2021-08-06
INDUSTRIAL AND COMMERCIAL BANK OF CHINA
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004]In the existing technology, enterprises cannot predict malicious attacks, and have problems of poor resistance to network attacks and high risks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for establishing malicious IP address threat intelligence library and preventing malicious attack
  • Method and device for establishing malicious IP address threat intelligence library and preventing malicious attack
  • Method and device for establishing malicious IP address threat intelligence library and preventing malicious attack

Examples

Experimental program
Comparison scheme
Effect test

other Embodiment approach

[0099] In other implementation manners, the first time period may also be determined from the perspectives of day and night. Among them, the daytime refers to 7:00 to 22:00 in the area where the enterprise is located, which is the main business hours of the enterprise. Night is from 22:00 to 7:00 the next day in the time zone where the enterprise is located, and it is a non-main business period of the enterprise. Correspondingly, the first time period is, for example, daytime and / or nighttime of N days, and the predetermined condition is that there are attacks during daytime and / or nighttime of N consecutive days, and the average number of daily attacks exceeds 3000 times.

[0100] During specific implementation, the first time period and predetermined conditions may be adjusted according to actual conditions, and specific values ​​thereof are not limited herein.

[0101] The banning of IP addresses refers to the prohibition of access to the IP address that initiates the atta...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and device for establishing a malicious IP address threat intelligence library and preventing a malicious attack, and the method comprises the steps: screening out IP address information of which the page view meets a preset condition in a continuous first time period according to IP address information accessed by an enterprise business system; according to the banning / unbanning information of the IP addresses, screening out the IP addresses of which the difference between the banning moment of the same IP address and the banning moment of the next time is smaller than a preset difference; according to the attack logs of the network attack protection devices, screening out IP addresses contained in the attack logs of all the network attack protection devices in a continuous second time period; according to the access log information of the enterprise e-commerce platform and the banning / unbanning information of the IP addresses, screening out the IP addresses of which the access amount exceeds a predetermined amount in a continuous third time period and which have banning history; and establishing a malicious IP address threat intelligence library according to the screened IP addresses. According to the invention, passivity can be changed into active, the network attack resisting capability of enterprises is improved, and the risk is reduced.

Description

technical field [0001] This article relates to the field of network security, in particular to a method and device for establishing a malicious IP address threat intelligence database, and a method and device for preventing malicious attacks. Background technique [0002] At present, most enterprises can only passively wait for defense in the face of network attacks, or prevent the same malicious attacks from happening again based on past malicious attacks. [0003] In the prior art, enterprises cannot predict malicious attacks, and have problems of poor resistance to network attacks and high risks. Contents of the invention [0004] In the prior art, enterprises cannot predict malicious attacks, and have problems of poor resistance to network attacks and high risks. [0005] In order to solve the above technical problems, the first aspect of this paper provides a method for establishing a malicious IP address threat intelligence database, including: [0006] Obtain the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1433H04L63/1416H04L63/1425H04L63/1466H04L63/02H04L63/0236
Inventor 王佳音周佳铭成浩淼
Owner INDUSTRIAL AND COMMERCIAL BANK OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap