Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network security emergency responding method

A network security and emergency response technology, applied in the network field, can solve problems such as errors, unsatisfactory linkage system effects, and difficulties in comprehensively analyzing network situations in balance and coordination, and achieve the effect of accurate strategies

Active Publication Date: 2012-07-18
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF4 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the event diagnosis link in this technology cannot handle certain events in a humane manner, which directly leads to the error situation that the firewall cuts off all access rights of the IP due to suspected malicious actions of the IP.
The balance and coordination of false positives and false negatives and the difficulty of comprehensive analysis of the network situation lead to the unsatisfactory effect of the linkage system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security emergency responding method
  • Network security emergency responding method
  • Network security emergency responding method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] Such as figure 2 As shown, the specific implementation method of the emergency strategy recommendation process of the present invention is as follows:

[0032] 1) The basic attribute of the event is a set of attribute key-value pairs generated by the system after extracting the security event report of the network probe, which is an important basis for diagnosing the event. The specific properties vary according to different network probes, as shown in the following table:

[0033] Table 1 Basic attributes of Trojan horse communication monitoring probe alarm events

[0034]

[0035] Table 2 Basic properties of alarm events of virus spread monitoring probes

[0036] serial number

Attributes

attribute description

1

time

security incident time

2

devId

The device ip of the source probe

3

srcMac

Source Mac address

4

dstMac

Destination Mac address

5

srcIp

source ip add...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network security emergency responding method belonging to the technical field of networks. The method comprises the following steps of: (1) establishing a network security emergency strategy base at a server side, and setting the attribute of each strategy in the strategy base; (2) reporting a security event report detected from a network environment to be detected by a network probe to a server; (3) extracting information on the event type and the event attribute of the current security event report by the server; (4) finding a strategy with a matched type by the server according to the event type, if the strategy with the matched type is a universal strategy, adding the strategy into a selectable strategy list, or else, matching each attribute in security attributes of the strategy with each attribute of an event, if each attribute is matched with a certain attribute in the attributes of the event, adding the strategy into the selectable strategy list, and if each attribute is not matched with a certain attribute in the attributes of the event, giving up the strategy; and (5) returning the selectable strategy list of the current security event to a user by the server. The strategy recommended by the invention is accurate and optimized more and more.

Description

technical field [0001] The invention mainly relates to malicious code emergency response work in a large-scale network environment, in particular to a network security emergency response method, which belongs to the field of network technology. Background technique [0002] With the rapid development of computer technology, network applications have been recognized worldwide, and its rapid development is irresistible. At the same time, the security situation of the network is worrying. The top priority is how to ensure that personal data will not be stolen, important data will not be destroyed, and network services will not be interrupted. Therefore, network security issues are directly related to the further application and development of computer networks. In this way, emergency response to specific security events is particularly important. [0003] The key technologies of emergency response include: intrusion detection, event diagnosis, isolation and rapid recovery of...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
Inventor 程瑶冯登国应凌云苏璞睿
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com