Unlock instant, AI-driven research and patent intelligence for your innovation.

A kind of apt threat prediction method and system

A system and algorithm technology, applied in the field of network security, can solve problems such as loopholes in defense measures, missed APT attacks, massive data analysis, etc., to ensure security and prevent APT attacks.

Active Publication Date: 2016-09-21
保定浪潮云计算有限公司
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, for threats lurking in the analysis of massive data, the above defense measures have loopholes, and it is difficult to analyze all massive data, so lurking APT attacks may be missed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A kind of apt threat prediction method and system
  • A kind of apt threat prediction method and system

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach

[0117] Taking the prediction method of APT security threat situation as an example, the present invention is described in detail. Its specific implementation is as follows:

[0118] Step 1: Give the conceptual model of APT security threat situation awareness, and analyze the process and results of APT security threat situation awareness. Then, on the basis of the conceptual model, combined with the idea of ​​data fusion and hierarchical analysis, the framework of APT security threat situational awareness system is established. Due to the complexity and heterogeneity of data sources on which APT security threat situation awareness is based, in order to ensure the real-time requirements of the situation understanding process, simple data-level fusion technology is adopted. Preliminary processing is performed on a large amount of original security data to obtain standardized asset data sets, threat data sets, vulnerability data sets, and network structure data sets. On this bas...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a deduplication method, which includes: collecting massive heterogeneous security data, and performing correlation analysis on the massive heterogeneous security data; according to the correlation analysis results, establishing a system framework for APT security threat situational awareness; based on Multi-level and multi-angle situation assessment, establish a system framework for APT security threat situation assessment, and evaluate the APT security threat situation; establish an APT security threat development model, and predict APT security threats; according to the prediction, if a potential If there is a threat, give an early warning. The invention provides data and theoretical support for the safety guarantee work by establishing an APT attack threat development model, effectively prevents APT attacks, and ensures data security.

Description

technical field [0001] The invention relates to network security technology, in particular to an APT threat prediction method and system. Background technique [0002] APT (Advanced Persistent Threat) -------- advanced persistent threat. It refers to the attack form in which organizations (especially governments) or small groups use advanced attack methods to carry out long-term and continuous network attacks on specific targets. The principle of APT attack is more advanced and advanced than other attack forms. Its advanced nature is mainly reflected in the fact that APT needs to accurately collect the business process and target system of the attack object before launching an attack. During the collection process, the attack It will actively dig out the vulnerabilities of the trusted system and application program of the attacked object, and form the C&C network required by the attacker based on these vulnerabilities. This behavior does not take any actions that may trigge...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 丛戎何志平刘璧怡周恒钊
Owner 保定浪潮云计算有限公司