Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for storing massive security incidents

A security event, massive technology, applied in the field of power information network, can solve the problem of low efficiency of security event storage, and achieve the effect of solving low efficiency and improving efficiency

Active Publication Date: 2015-08-26
STATE GRID CORP OF CHINA +1
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The invention provides a method for storing massive security events, which solves the problem of low storage efficiency of security events

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for storing massive security incidents
  • Method for storing massive security incidents
  • Method for storing massive security incidents

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] Due to the huge number of security events in the power information network, the collection rate of security events has exceeded 10,000 per second. The key point of the IT operation audit analysis of the power information network becomes how to read massive security events in real time and efficiently and perform multiple Dimensional statistical analysis. The traditional method of storing security events in the hard disk database and then performing audit analysis has become unfeasible. Due to the physical limitations of hard disk I / O, firstly, massive security events cannot be effectively stored, and secondly, security events can be read from the hard disk. efficiency is also extremely low. Therefore, the embodiment of the present invention speeds up writing and reading rates of security events by designing a memory buffer pool technology, thereby making real-time and multi-dimensional analysis of ultra-large-scale security event streams possible.

[0056]The memory bu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method for storing massive security incidents and relates to field of electric power information, wherein the method of the invention solves the problem that the storage efficiency of the security incident is low and the method comprises the steps as follows: configuring a security incident internal storage buffer pool, wherein the security incident internal storage buffer pool comprises three sub-buffers which are a first sub-buffer for storing active security incidents, a second sub-buffer for storing non-active security incidents and a global work area for storing public management information and monitor message. Each sub-buffer comprises a storage interface and a reading interface; evaluating activeness of the security incidents to be stored, storing the security incidents in the first sub-buffer or the second sub-buffer according to the evaluating result. The technical solution provided by the invention is suitable for electric power information network and realizes the classified and partitioned storage of the security incidents via the internal storage buffer pool.

Description

technical field [0001] The invention relates to the field of electric power information network, in particular to a method for storing massive security events. Background technique [0002] With the improvement of the intelligence of the power network, the number of application systems and various devices deployed in the power information network has increased sharply, and it is extremely urgent to effectively and timely audit and analyze IT operations in complex environments. The data basis of security audit is anti-virus system, firewall, intrusion detection system, vulnerability scanning system, UTM, running host, switch, router, database system, middleware and other log events, status events and network packet information. In the current network environment, the logs of various devices have become massive data. As the main log type, syslog is widely supported by various operating systems, network devices and security devices, and has become an important standard for logs...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F12/08G06Q10/06
Inventor 陈连栋白涛刘成龙张磊李井泉宋峥峥赵炜孔明黄镜宇崔志坤王静辛锐付强王震周文芳
Owner STATE GRID CORP OF CHINA