Attack detecting method and device

An attack detection and scenario technology, which is applied in the field of information management and can solve the problem that the correlation analysis method is not suitable for complex scenarios.

Inactive Publication Date: 2012-07-11
BEIJING VENUS INFORMATION TECH +2
View PDF5 Cites 43 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The invention provides an attack detection method and device, which solves th

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack detecting method and device
  • Attack detecting method and device
  • Attack detecting method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] Most of the existing rule association analysis systems are based on finite state automata technology. In the case of a large number of rules, the number of states will be relatively large, which directly affects the calculation speed of the association analysis, and the system operation efficiency is seriously reduced.

[0049] In order to solve the above problems, embodiments of the present invention provide an attack detection method and device. Using the attack detection method provided by the embodiment of the present invention, when looking for associated security events, the fast matching and association of associated security events among massive events can be realized according to set association rules. The technical solution provided by the invention can realize efficient matching and correlation analysis of security events in the case of complex correlation rules.

[0050] Embodiments of the present invention will be described in detail below in conjunction w...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an attack detecting method and an attack detecting device, relates to the field of information management, and solves the problem that a correlation analysis mode is not applicable to complicated scenes. The attack detecting method comprises the steps of: extracting scene security events conforming to preset association rules; carrying out correlation analysis on the security events; and determining that the attack is detected when correlation analysis results conform to the association rules. The technical scheme provided by the invention is applicable to information security, and the associated multi-event attach detection is realized.

Description

technical field [0001] The invention relates to the field of information management, in particular to an attack detection method and device. Background technique [0002] In order to alleviate the increasingly serious information security problems, more and more enterprises and institutions have deployed network security equipment such as firewalls, intrusion detection systems (Intrusion Detection Systems, IDS), and abnormal traffic detection systems, which effectively reduce the security risks of information systems. These traditional network security devices can capture, flow reassemble, and protocol analyze data packets in the network according to the set detection rules, discover attack events in the network, and respond according to the set method. However, a threatening attack behavior is often composed of a series of related attack events. These attack events will trigger different network security devices to generate several related alarm messages. Traditional networ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L29/06
Inventor 周涛廖江李靖段文国诸葛凌霄
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap