Security information management system and method based on general normalized labeling language

A security information and management system technology, applied in the direction of security communication devices, transmission systems, digital transmission systems, etc., can solve the problems of self-defined calculation of unextractable data, unstandardized data types, etc., and achieve the effect of facilitating on-site maintenance

Inactive Publication Date: 2009-03-25
BEIJING VENUS INFORMATION TECH +1
View PDF0 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantages of this method are: Unable to normalize unknown data types; Unable to perform custom op

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security information management system and method based on general normalized labeling language
  • Security information management system and method based on general normalized labeling language
  • Security information management system and method based on general normalized labeling language

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0036] Embodiment 1 This embodiment describes the grammar rules of the VNML language in detail.

[0037] The VNML language is based on the XML language, using the elements of the XML language to represent categories, and the attributes of XML to represent characteristics. At the same time, some extended features are introduced, mainly including types, constants, and functions. Regarding the VNML language grammar rules, the detailed description is as follows

[0038] 1. Naming convention

[0039] Combinations of capitalized English letters, numbers, and underscores, such as Name and SubNet, are legal names.

[0040] 2. Type

[0041] The concept of type is introduced in VNML language, a type is used to represent the data of the same format and meaning, and these types correspond to the types in C and C++ languages.

[0042] 3. Constants

[0043] Constants in the VNML language use some specific numbers to represent specific meanings, for example, the number 1024 represents an ...

Embodiment 2

[0120] Example 2 as figure 1 As shown, the system shown in this figure is a specific embodiment of the composition structure of a normalization engine. The normalization engine shown in the figure can realize the interpretation and compilation of VNML language; complete log sample data normalization, data format and type conversion; and output data according to the specified data structure. The normalization engine is mainly composed of five modules: data structure module, normalization scheduling module, rule management module, mapping management module and type conversion module. The specific functions of each module are as follows:

[0121] Normalized scheduling module: it is the main module of the normalized engine, such as figure 1 According to the processing flow shown in the system design, the normalized scheduling module is responsible for scheduling and managing four major functional modules, including the data structure management module, rule management module, ma...

Embodiment 3

[0126] Example 3 as figure 2 As shown, the specific steps of the present invention are as follows: first, the manual analysis and definition stage: analyze the log sample data, and define the data structure of normalization, and apply the self-defined VNML language definition to reasonably normalize the data structure of the given log sample; then It loads the defined data structure, normalization rules and mapping rules, and normalizes the log sample data through the normalization engine.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A system and a method for safety information management based on universal standardized label language create the system design on the basis of the grammatical rule of the VNML language. The system actively or passively acquires security incidents from all systems including an intrusion detection system, a firewall, an operating system, application software and an anti-virus system; and the transformation into a rule in accordance with the standard format of the VNML language is conducted according to the data format of the incidents. The system comprises a standardized scheduling module, a data structure management module, a rule management module, a mapping management module and a type conversion module. The guiding star standardized label language can customize various data structures and the standardized strategies thereof according to journals or alarming sample formats of different users to design standardized safety information management systems that satisfy the requirements of different users; and the system can provide a user-customizable interface, thereby bringing convenience to developers and the users to conduct field maintenance and management.

Description

technical field [0001] The present invention relates to a security information management system and method based on a generalized label language, which belongs to the field of security information management system (SIMS for short); specifically, it belongs to the core key technology of the security information management system - security event data Normalize the technical field. Background technique [0002] Security Information Management (SIM) technology is used to collect, analyze and correlate security event information from the entire enterprise, and can be divided into four different stages: normalization, aggregation, correlation and virtualization. Security information management technology specifically refers to collecting and analyzing security incident information, detecting security incidents in a timely manner, and taking corresponding network security management measures. [0003] Traditional security systems are established independently and gradually, suc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/00G06F17/30
Inventor 段文国
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap