APT (Advanced Persistent Threat) attack detection method based on big data behavior sequence analysis

A technology of sequence analysis and attack detection, applied to electrical components, transmission systems, etc., can solve the problems of low accuracy and low accuracy of APT attack detection, and achieve the effect of improving accuracy and overcoming threats

Active Publication Date: 2016-01-20
THE PLA INFORMATION ENG UNIV
View PDF5 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For example, the patent No. CN103916406A discloses "An APT attack detection system an...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • APT (Advanced Persistent Threat) attack detection method based on big data behavior sequence analysis
  • APT (Advanced Persistent Threat) attack detection method based on big data behavior sequence analysis
  • APT (Advanced Persistent Threat) attack detection method based on big data behavior sequence analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0034] Such as figure 1 Shown is a kind of APT attack detection method based on big data behavior sequence analysis disclosed by the present invention, comprising the following steps:

[0035] S101. Detecting the user's operation behavior, and constructing a user operation behavior sequence library;

[0036] When it is necessary to perform network threat detection on the user's operation behavior, firstly, the user's operation behavior is detected, and the de...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an APT (Advanced Persistent Threat) attack detection method based on big data behavior sequence analysis. The method comprises the following steps of detecting an operation behavior of a user, and constructing a user operation behavior sequence database; optimizing the user operation behavior sequence database; extracting a user operation behavior sequence based on a big data method; performing matching analysis on the extracted user operation behavior sequence and a behavior sequence in the user operation behavior sequence database, and outputting a matching result; and analyzing the matching result and outputting a threatening behavior. The APT attack detection method based on the big data behavior sequence analysis provided by the invention can improve the accuracy of threat detection, so as to construct a safe and efficient network active defense system, and effectively overcome the threat of APT attacks on network security.

Description

technical field [0001] The invention relates to the technical field of network threat detection, in particular to an APT (Advanced Persistent Threat, Advanced Persistent Penetration) attack detection method based on big data behavior sequence analysis. Background technique [0002] With the rapid development of network technology, the network scale continues to expand, and information services are widely popularized. Many key services, whether for civilian or military use, rely on the network, resulting in more and more frequent network attacks and making the information security situation increasingly serious. Especially in recent years, advanced persistent penetration attacks (APT attacks, Advanced Persistent Threat) targeting specific targets have posed a huge threat to network security. Aurora attack, Stuxnet virus, Flame virus, and Operation Darkmouse are all typical cases of APT attacks. With the continuous popularization of smart terminals, the threat of APT attacks ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1416
Inventor 张瑞杰郭渊博周会娟马骏张俭鸽琚安康杨奎武贾洪勇张琦
Owner THE PLA INFORMATION ENG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap