Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for converting security alarm into security event and storage medium

A security event and event technology, applied in the field of network security, can solve problems such as alarm merging and failure to eliminate alarm storms, and achieve the effects of ensuring effectiveness, eliminating alarm storms, and improving attack accuracy

Pending Publication Date: 2022-03-15
SHANGHAI GUAN AN INFORMATION TECH
View PDF1 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the alarm notification system does not merge the alarms, and it does not eliminate the alarm storm in essence.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for converting security alarm into security event and storage medium
  • Method and device for converting security alarm into security event and storage medium
  • Method and device for converting security alarm into security event and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0060]In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the embodiments of the present invention. Obviously, the described embodiments are part of the present invention Examples, not all examples. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0061] Such as figure 1 As shown, the first embodiment of the present invention discloses a method for converting security alarms into security events, which is used to convert alarms into security events using at least one preset event strategy, the event strategy includes alarm merging strategy, event output Policy and event information policy, including the following steps:

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a device for converting a security alarm into a security event, and a storage medium. The method comprises the following steps: acquiring first alarm data; extracting or creating an event ID of the first alarm data by using an alarm merging strategy, so as to classify the first alarm data belonging to the same event ID to obtain second alarm data; performing user-defined assignment on the second alarm data by using an event output strategy to obtain third alarm data; and grouping the third alarm data by using an event information strategy to obtain a security event. According to the method, the event strategy process can be flexibly configured, the event ID of the alarm data is extracted or created by using the event strategy, the first alarm data belonging to the same event ID is classified, and the classified alarm data is subjected to self-defined assignment and grouping to generate the related security event. And through a mode of storing and merging the alarm data, the alarm storm is eliminated, and the analysis and response cost of threats is reduced.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method, device and storage medium for converting a security alarm into a security event. Background technique [0002] At present, in the security protection system, most enterprises and units use the method of stacking security devices, and completely rely on security device alarms in the daily security operation process. However, in actual operation, although the names of security devices or the names of alarms generated are different, most of them are actually data generated based on the detection of characteristics and behaviors. Therefore, it is common to see the same asset contain a large number of repeated alarms in the actual environment. [0003] Due to the large number of assets, a large number of alarms will be generated. The characteristics are short intervals and large numbers. It is impossible to distinguish whether these alarms belong to the repeated be...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06F16/2455G06F16/248G06F16/28
CPCG06F21/554G06F16/2455G06F16/248G06F16/285
Inventor 陆海涛陈宇耀张瀚之胡绍勇
Owner SHANGHAI GUAN AN INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com