Method for extracting network interactive behavioral pattern and analyzing similarity

A similarity analysis, network interaction technology, applied in the field of computer network security, can solve the problem of inability to analyze the relationship between different sources

Inactive Publication Date: 2009-11-18
HUAZHONG UNIV OF SCI & TECH
View PDF0 Cites 34 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] However, these methods only use sequential patterns to detect attack behaviors, and when there

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for extracting network interactive behavioral pattern and analyzing similarity
  • Method for extracting network interactive behavioral pattern and analyzing similarity
  • Method for extracting network interactive behavioral pattern and analyzing similarity

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The embodiment of the present invention adopts a mechanism for similarity analysis of network activity implementers. On the framework of the honeypot system, by analyzing various interactive data captured by the honeypot system, using the sequential pattern technology in data mining, a large number of The behavioral feature sequence pattern of the network activity implementer is excavated from the complex log records, and each network activity implementer who has performed suspicious behavior on the honeypot is defined according to the behavior feature sequence pattern, and each network activity to be defined Actors are defined in the vector space, and the similarity between different network activity performers is quantitatively analyzed using the similarity analysis principle in the vector space model. By analyzing the similarities between different network activity implementers, it is possible to carry out deeper association and research on network activity implemente...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for extracting a network interactive behavioral pattern and analyzing similarity, which comprises the following steps: the behavior of a network activity implementer is monitored on a honey-pot host computer; the captured journal information is transmitted to a journal server; the journal server associates journals to a behavior sequence belonging to a particular network activity implementer according to the source address and the process information in the journal information; the behavior sequence of the network activity implementer is pretreated before sequence pattern excavation; the behavior sequence data of the pretreated network activity implementer is processed by the sequence excavation; and the similarity between the network activity implementers is analyzed. By analyzing the similarity between the different network activity implementers, the network activity implementers are deeply associated and researched, which has a certain help for judging the purpose of the network activity implementers, adopting corresponding counter-measure for behaviors such as network attack and the like and obtaining the evidence of network attack.

Description

technical field [0001] The invention relates to the field of computer network security, in particular to a method for extracting interactive behavior patterns of network activity implementers and similarity analysis between different network activity implementers. Background technique [0002] With the rapid development of the Internet, its characteristics of openness, interactivity, and decentralization meet people's needs for information sharing, openness, flexibility, and speed. But at the same time, with the continuous expansion of the network scale, there are more and more attacks on the network, which has seriously threatened the security of the network and information. [0003] In the current security situation of the Internet, an asymmetric game is going on between attackers and defenders, especially the information asymmetry. Therefore, security managers first need to have an in-depth understanding of attackers, including their attack techniques, skills and tactics...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L12/24H04L29/06G06F17/30
Inventor 黄本雄黄毅青胡广温杰
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap