Collaborative analysis method of information security operation centers

A security management and information security technology, applied in the field of collaborative analysis of the information security management center, can solve the problems of insufficient information security threat detection and prevention capabilities, and achieve the effect of improving the accuracy rate

Active Publication Date: 2015-02-25
GUANGDONG ELECTRONICS IND INST
View PDF18 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0016] The technical problem solved by the present invention is to propose a collaborative analysis method for the information security management center, which can fully mobilize the various SOC For the suspected or undiscovered threats discovered by each SOC, t

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Collaborative analysis method of information security operation centers
  • Collaborative analysis method of information security operation centers
  • Collaborative analysis method of information security operation centers

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] To facilitate the understanding of the present invention, the present invention will be described in detail below with reference to specific embodiments.

[0041] The system structure of the collaborative safety management center involved in the present invention is as follows figure 1 Shown. The system includes: security event management module, security business module, control center, security policy database, log database, and network collaboration module.

[0042] Security Event Management Module

[0043] This module includes: security event collection submodule, security event preprocessing submodule and security event analysis submodule.

[0044] Security event collection submodule

[0045] The security event information sent by various information security devices can be collected in a variety of ways. The collection methods include the following: (1) Collect events based on SNMP Trap and Syslog. (2) Obtain the security related information of the device in various datab...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of information safety, in particular to a collaborative analysis method of information security operation centers. An internetwork collaborative module of one of the security operation centers sends suspected threat information, then a safety event management module analyzes the suspected threat information, and it is determined that a threat is found if the threat meets the standard of a certain attack event; a receiver finding the threat informs a sender of the suspected threat and other security operation centers of confirmation information through the internetwork collaborative module; a requester takes corresponding measures through a safety strategy library; if the sender does not find the threat by himself, correlation analysis of the second stage is carried out by communication between the sender and other receivers; all the security operation centers take corresponding measures for response after receiving the information. The collaborative analysis method of the information security operation centers achieves the collaborative analysis of the information security operation centers and can be used for the security operation centers for information security operation.

Description

Technical field [0001] The invention relates to the technical field of information security, in particular to a collaborative analysis method of an information security management center. Background technique [0002] Security Operation Center (SOC) is a term describing a management platform that can collect, analyze and respond to a variety of information security incidents. The core function of SOC is the detection and response function, which is based on collecting information from various information security equipment Analyze massive security incidents to determine the security status and security trends of the information system under its management, and respond to serious security incidents in a timely manner. [0003] Information security events: log information and alarm information generated by various information security equipment. [0004] With the advancement of my country's informatization construction and the increasing importance of information security from all wal...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1408
Inventor 王伟岳强
Owner GUANGDONG ELECTRONICS IND INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap