Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Real-time detection method and system based on threat behavior

A technology of real-time detection and behavior, applied in transmission systems, digital transmission systems, secure communication devices, etc., can solve the problems of lack of timeliness in static network threat analysis methods, and achieve the effect of solving the lack of timeliness

Active Publication Date: 2022-05-24
北京安博通金安科技有限公司
View PDF10 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] This application provides a real-time detection method and system based on threat behavior to solve the problem of lack of timeliness in static network threat analysis methods

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Real-time detection method and system based on threat behavior
  • Real-time detection method and system based on threat behavior
  • Real-time detection method and system based on threat behavior

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] In order to make those skilled in the art better understand the technical solutions in the present application, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application. Obviously, the described The embodiments are only a part of the embodiments of the present application, but not all of the embodiments. Based on the embodiments in the present application, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of the present application.

[0026] In response to the problem of network protection, related technologies are mainly divided into two categories: "traditional risk assessment methods" and "modern risk assessment methods". Traditional risk assessment methods include fault tree analysis, failure mode impact and criticality analysis, and Markov...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a real-time detection method and system based on threat behaviors, and is applied to the technical field of computer security management. Application semantics are selected according to occurrence scenes of threat events, and a semantic rule template or a semantic rule configuration file is formed through sorting and combination according to analysis strategies of the threat events. And generating a semantic rule object tree according to the semantic rule template or the semantic rule configuration file, wherein the semantic rule object tree comprises nodes corresponding to application semantics in the semantic rule template. And finally, according to the semantic rule object tree, generating a directed acyclic graph used for checking a target behavior feature log corresponding to the threat event step by step. When the threat event is changed, the semantic rule template or the semantic rule configuration file can be redefined to generate a new semantic rule object tree, and the directed acyclic graph is updated to detect the target behavior feature log corresponding to the changed threat event in real time, so that the problem that the static network analysis of the threat event lacks timeliness is solved.

Description

technical field [0001] The present application relates to the technical field of computer security management, and in particular, to a real-time detection method and system based on threat behavior. Background technique [0002] With the in-depth application of new-generation IT technologies such as cloud computing and big data in various industries, the IT scale and complexity of government and enterprise institutions have continued to increase, and the scale of various data such as network traffic and logs has also increased. A large amount of network data is mixed with threat data, threatening the security of government and enterprise networks. Therefore, it is necessary to filter the data to obtain the relevant data of the threat event, and to protect the threat event in time. [0003] For network security protection, the document (CN108924084B) mentions that related technologies are mainly divided into two categories: "traditional risk assessment methods" and "modern r...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40
CPCH04L63/1416H04L63/1425
Inventor 张洋
Owner 北京安博通金安科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com