Method and system for detecting abnormal service behaviors

A business system and anomaly detection technology, applied in the field of information security, can solve the problems of underreporting of attack behavior, inability to formulate reasonable security configuration rules, and cumbersome security configuration rules, etc.

Inactive Publication Date: 2014-03-12
BEIJING VENUS INFORMATION TECH +1
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This solution can detect some abnormal business behaviors, but it has the following deficiencies: First, relying on managers to formulate a complete set of security configuration rules is too cumbersome. Once an attack behavior not included in the rules occurs, it will lead to Secondly, some attack behaviors cannot be found from one or several database access behavior records, such as the modification frequency of a certain access record within 24 hours, and it is impossible to formulate reasonable security configuration rules for this type of attack behavior , detect by analyzing one or several database access records

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting abnormal service behaviors
  • Method and system for detecting abnormal service behaviors

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] The implementation of the present invention will be described in detail below in conjunction with the accompanying drawings and examples, so as to fully understand and implement the process of how to apply technical means to solve technical problems and achieve technical effects in the present invention.

[0043] figure 1 It is a schematic flowchart of an embodiment of a method for detecting abnormal business behavior in the present invention. Such as figure 1 As shown, the method embodiment mainly includes the following steps:

[0044]Step S110, storing the audit records of the security audit equipment, including the real-time audit records of the current observation point, and the historical audit records before the current observation point;

[0045] Step S120, setting the monitoring object to be monitored and the corresponding monitoring type of the monitoring object;

[0046] The monitoring objects include database table names, and corresponding operation types ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for detecting abnormal service behaviors, which comprises the following steps of: establishing a model of normal service system access behaviors of users according to historical audit records prior to a current detection point of safety audit equipment; and analyzing real-time audit records of the safety audit equipment, comparing the real-time audit records with the normal behavior model, and judging whether the service access behaviors of the users are abnormal or not. The invention also provides a system for detecting abnormal service behaviors. The method and the system for detecting abnormal service behaviors can detect attack behaviors, which are legal in terms of service flow, but still bring about destruction to a service system actually, according to audit records of the safety audit equipment.

Description

technical field [0001] The invention relates to the field of information security, in particular to a method and system for detecting abnormal business behavior. Background technique [0002] With the development of information technology, Internet-oriented business systems with database servers as the core have been increasingly widely used, such as online banking systems and electronic ticket booking systems. Since the key data of the business system is stored in the database server and is closely related to the entire business process, it is particularly important to ensure the information security of the database server. In order to better protect the database server, network security audit equipment has been widely used. It can monitor and record the user's access information to the server in real time, and once any illegal access behavior (such as unauthenticated access and unauthorized access) is found, the violation can be blocked. [0003] Although the use of secu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L12/24H04L29/06
Inventor 周涛叶润国刘晖姚熙
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap