Method and device for researching and judging security alarm threats

A threatening and safe technology, applied in the field of network security, can solve the problem of insufficient utilization of historical intelligence data, and achieve the effect of comprehensive research and judgment results, accurate judgment results, and reasonable threat coefficient

Active Publication Date: 2021-12-17
NO 15 INST OF CHINA ELECTRONICS TECH GRP +2
View PDF6 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, the present invention provides a method and device for researching and judging security alarm threats, the main purpose of which is to solve the problem of insufficient utilization of historical intelligence data in existing security alarm threat research and judgment in the prior art, and propose a method based on correlation reasoning Security alarm threat analysis method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for researching and judging security alarm threats
  • Method and device for researching and judging security alarm threats
  • Method and device for researching and judging security alarm threats

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0035] figure 1 It shows a flow chart of a method for analyzing and judging security alarm threats provided by an embodiment of the present invention; figure 1 As shown, the technical solution of the method described in this embodiment comprises the following steps:

[0036] S1: Construct a network security intelligence knowledge map based on historical intelligence database data, classify intelligence data, identify its attributes, determine the explicit relationship between various types of data, and enter the generated threat entities and entity relationships into the knowledge map;

[0037] S2: Analyze the security alarm data to be studied and extract elements of each threat entity, perform association reasoning based on the network security intelligence knowledge map, and form a security alarm association subgraph of the security alarm data, which is used to describe the security alarm data The relationship between the elements of the threat entity;

[0038] figure 2 ...

Embodiment 2

[0076] Furthermore, as an implementation of the methods shown in the above embodiments, another embodiment of the present invention also provides a security alarm threat analysis and judgment device. This device embodiment corresponds to the foregoing method embodiment. For the convenience of reading, this device embodiment does not repeat the details in the foregoing method embodiment one by one, but it should be clear that the device in this embodiment can correspond to the foregoing method implementation. Everything in the example. In the device of this embodiment, there are following modules:

[0077] 1. Build a knowledge map module: configured to build a network security intelligence knowledge map based on historical intelligence database data; the technical solution implemented by this module corresponds to step 1 in Embodiment 1.

[0078] 2. Correlation subgraph module: configured to analyze the security warning data to be studied and judge and extract elements of each...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a security alarm threat research and judgment method and device, belonging to the technical field of network security. The method includes: constructing a network security intelligence knowledge graph based on historical intelligence database data, forming a security alarm correlation subgraph of security alarm data on this basis, performing entity threat coefficient calculation on the security alarm correlation subgraph, and obtaining the information of each threat entity element. The entity threat coefficient comprehensively calculates the security alarm threat degree of the security alarm data. The present invention applies the knowledge map technology to the field of threat intelligence, builds a network security intelligence knowledge map based on historical intelligence database data, and makes full use of the historical threat behavior of threat entity elements in the threat research and judgment of security alarms, making the judgment results more accurate.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and device for researching and judging security alarm threats. Background technique [0002] The threat analysis and judgment of security alarms is to analyze the threat degree and authenticity of the alarms captured by the monitoring operation and maintenance system. The threat analysis and judgment of security alarms is based on the analysis of data such as black and white lists, sensitive operations, and network behaviors, and the threat source subject that triggers the alarm is identified and risk analyzed. Through the analysis of multiple dimensions of security alarms, the threat analysis of network behaviors is realized. [0003] At present, security alarm threat analysis is based on artificial intelligence algorithms such as neural network and deep learning to conduct threat analysis on network behavior itself, capture network communication behavior, reso...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/24H04L29/12G06F16/36G06N5/02G06N5/04
CPCH04L63/1408H04L63/18H04L41/142G06F16/367G06N5/02G06N5/04H04L61/4511
Inventor 任传伦王淮刘晓影乌吉斯古愣俞赛赛张先国王玥金波任秋洁
Owner NO 15 INST OF CHINA ELECTRONICS TECH GRP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap