Misdeclaration self-adapting network safety situation predication method

A technology of network security and prediction method, which is applied in the field of network security situation prediction of self-adaptive false alarm, can solve the problems of ignoring alarm information and loss, and achieves the effect of reducing false alarm rate, enhancing practicability and high reliability

Active Publication Date: 2015-04-01
STATE GRID CORP OF CHINA +3
View PDF5 Cites 44 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

What's more, if a large number of false alarms (false alarms) are generated for a long time, network administrators will ignore the alarm information generated by the prediction model, and the prediction of network security situation will lose the meaning of existence

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Misdeclaration self-adapting network safety situation predication method
  • Misdeclaration self-adapting network safety situation predication method
  • Misdeclaration self-adapting network safety situation predication method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040]The specific implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings.

[0041] figure 1 The structural diagram of false alarm adaptive network security situation prediction is given, which mainly includes five parts: security threat alarm event extraction, alarm event false alarm elimination, neural network learning, online prediction and prediction result confirmation, and prediction model adjustment . Security threat alarm event extraction Extracts security threat alarm events from security protection software such as firewalls, network intrusion detection tools, and host intrusion detection tools, and analyzes and extracts information such as the time when the threat occurred, the target IP address and port number, and threat type; alarm Elimination of event false alarms Filter security threat alarm events based on host system and network abnormal information, delete false security threat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a misdeclaration self-adapting network safety situation predication method, comprising the following steps: (1) extracting alarm events in a safety protection software; (2) eliminating misdeclaration in the alarm events based on a system host and network abnormal information to form an exact training sample set; (3) training the sample set by using a neutral network learning algorithm to build a predication model; (4) performing on-line predication and confirming the predication result; (5) if the predication result is misdeclaration, marking the current predication event sequence to be negative example, implementing increment neutral network learning and adjusting the predication model. By utilizing the method, the problems that too much many misdeclaration exist in the network safety situation predication and cannot be eliminated automatically are solved, the network safety situation predication model training sample set is built exactly, the predication model is built effectively, the predication result is confirmed automatically to eliminate the misdeclaration and adjust the predication model automatically, the number of misdeclaration generated in subsequent predication is reduced, and the reliability and practicability of the method are enhanced.

Description

technical field [0001] The invention relates to a network security method of a computer network, in particular to a false alarm self-adaptive network security situation prediction method. Background technique [0002] With the rapid development of information technologies such as computers and communications, the Internet has become increasingly popular around the world in all aspects of people's work, study and life. By the end of 2013, the Internet had covered nearly 40% of the world's population, and the number of users had reached 2.7 billion. In China, the number of Internet users has also grown rapidly to 618 million. Its applications are also growing rapidly, among which the development of e-commerce and social networking has further promoted the prosperity of the Internet. However, with the wide application of the Internet, its security issues are becoming increasingly prominent. Driven by the pursuit of interests, revenge, and destruction, network attackers and ha...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L29/06
Inventor 何高峰管小娟张涛马媛媛陈璐黄秀丽王玉斐张波陈亚东
Owner STATE GRID CORP OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap