Network security incident association analysis system

A network security and event correlation technology, applied in the field of network security event correlation analysis system, can solve problems such as inability to produce synergistic effects, and achieve long-term management effects

Active Publication Date: 2011-04-27
JIANGSU ELECTRIC POWER CO +2
View PDF3 Cites 59 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The security system established by this method can generally only prevent security threats from a certain aspect, thus forming isolated islands of security defense, which cannot produce synergistic effects
On the other hand, t

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security incident association analysis system
  • Network security incident association analysis system
  • Network security incident association analysis system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The present invention is described in detail below in conjunction with accompanying drawing:

[0029] The network security event correlation analysis system of the present invention includes four layers: a network security event collection layer, a communication network layer, a correlation analysis layer and a management display layer.

[0030] The network security event collection layer is the most basic part of the system, such as figure 1 It is a principle diagram of collecting network security events of the present invention. It is installed next to the core switching equipment of the network system on site at each key monitoring point of the computer network. It includes status collection equipment, log collection equipment, and network data packet collection equipment. Install status collection equipment, log collection equipment, and network data packet collection equipment on site. After relevant configuration, the data of network security events can be obtain...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a network security incident association analysis system comprising a network security incident collection layer, a communication network layer, an association analysis layer and a management presentation layer. A set of Web structure-based on-line association analyzing and monitoring system capable of distributed network security incident collection, multi-point implementation association analysis, center comprehensive judgment and real-time communication is built by carrying out digital management of whole processes of unified collection, transmission, analysis, distribution and the like to complex IT (Information Technology) resources in a computer network and various security logs and incidents which are continuously generated in the operational process of the security defense facilities of the computer network, utilizing an incident associativity prediction principle and combining incident flow space-time window filter, log string leading match quick dynamic analysis and a polydimensional mass incident strong algorithm to carry out association analysis on situations before, during and after network security incidents to the network security incidents. The network security incident association analysis system is used for effectively managing the security of complex IT resources in the computer network for a long term, can truly and accurately reflect the network information security of the computer network and the security situation of the business system data, and provides a quantitative standard for checking the information security level of the computer network.

Description

technical field [0001] The present invention relates to a correlation analysis system, specifically a real-time monitoring of IT resource operation, security real-time monitoring, and risk real-time monitoring in a computer network system, which realizes complex IT resources and their related information in computer networks of enterprises and organizations. All kinds of security logs and events that are continuously generated during the operation of security defense facilities are collected, transmitted, analyzed, and released in a comprehensive and real-time manner. Background technique [0002] Today's enterprises and organizations are facing a more complicated situation in the field of IT information security than ever before, which includes endless intrusions and attacks from outside enterprises and organizations, as well as violations and leaks from within enterprises and organizations. In order to continuously cope with new security challenges, enterprises and organi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/26
Inventor 霍雪松孙大雁黄强吴玉林李汇群尹飞官国飞祝永晋
Owner JIANGSU ELECTRIC POWER CO
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap