Character terminal feature data extraction method based on behavioral analysis

A technology of characteristic data and behavior analysis, applied in the field of information security, can solve the problems of reducing accuracy and applicability, achieving the effect of broad application space and reducing redundant workload

Active Publication Date: 2013-08-21
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF3 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] Accuracy, high efficiency and wide application range are the key points that the existing related tools are difficult to have at the same time
These points are interrelated and restrict each other. For example, the improvement of accuracy will inevitably lead to the decline of applicability, and the improvement of efficiency will reduce the accuracy.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Character terminal feature data extraction method based on behavioral analysis
  • Character terminal feature data extraction method based on behavioral analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment example

[0067] Suppose a user logs in to a typical Linux system through a network character terminal.

[0068] Assume that the user performs several operations on the terminal.

[0069] Suppose we need to extract which commands the user typed.

[0070] Specific steps:

[0071] (1) When the user logs in to the host system, the host will reply to the user with a large amount of information, such as the system logo, current time, basic user information, etc., as shown in the following characters:

[0072] Last login: Sat Mar 16 12:05:02 2013 from 192.168.50.139

[0073] [usercentos139~]$

[0074] (2) After behavior analysis, it is found that the command line prompt string of interest is located in the last line, so the content before the last ​​will be ignored, and then the string is finally obtained through terminal simulation:

[0075] [usercentos139~]$

[0076] (3) The user starts to type in a command, for example, the user types in the command "ls", that is, two characters "l"...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to information safety, data mining and data auditing, and aims to provide a character terminal feature data extraction method based on behavioral analysis. According to the method, data produced in the interaction process of a client of a user and a host are obtained through network monitoring, the data are analyzed through terminal simulation, the interaction process between the client and the host is restored, and needed content is further extracted according to behavioral rules of man-machine direct interaction in the use process of the client. The method well solves the problem that when data streams of network character terminal equipment are analyzed by means of an automated tool, precision, efficiency and adaptability cannot be achieved at the same time, provides a flexible logic system capable of being improved continuously, and has wide application space.

Description

technical field [0001] The invention relates to information security, data mining and data auditing. It specifically relates to a behavior analysis-based character terminal feature data extraction method Background technique [0002] With the gradual popularization of network technology, people's life and work are increasingly dependent on the network, and the resulting security issues have attracted more and more attention. The network terminal is one of the most commonly used network interaction tools. They are mainly divided into two categories: "character terminal" (such as logging in to a Linux server through the network) and "graphical terminal" (such as using remote desktop to connect to a Windows personal computer). [0003] Although both obtain the control information of the host server through the network to determine the display content on the terminal display, their working principles are completely different - the smallest unit of control information required ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F17/30
Inventor 刘韬吴永越范渊
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap