Realizing method of network attack event quantitative hierarchical algorithm

A network attack and implementation method technology, applied to electrical components, transmission systems, etc., can solve problems such as inconsistency and inaccurate classification of security events

Inactive Publication Date: 2016-04-27
中国南方电网有限责任公司信息中心 +1
View PDF3 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method realizes quantitative and graded calculation of security events generated by security equi

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Realizing method of network attack event quantitative hierarchical algorithm
  • Realizing method of network attack event quantitative hierarchical algorithm
  • Realizing method of network attack event quantitative hierarchical algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] A method for implementing a fault-tolerant distributed security event data transmission protocol, characterized in that:

[0038] A. Obtain network attack events by means of Syslog protocol or log text reading. Each network attack event is called Event, and the regular expression algorithm is used to analyze the quintuple information of the network attack event. The quintuple information includes: attack Source IP, attack destination IP, attack start time, attack end time, attack severity level, the attack severity level includes qualitative expressions of "serious" and "slight";

[0039] B. Map the attack severity level of the network attack event into values ​​of 1, 2, 3, 4, 5, 6, 7, and 8 through the event level mapping table, and this value is called the network attack qualitative rating value pv;

[0040] C. Collect the traffic packet data of the attacked network through the mirror traffic technology, and use the traffic analysis algorithm to obtain the network ses...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a realizing method of network attack event quantitative hierarchical algorithm. According to the method, network attack events reported by a safety device are collected; a regular expression algorithm is used to obtain network attack qualitative hierarchical values (pv); network mirror image traffic is collected in real time; session information related to the attach events is obtained according to a traffic analyzing algorithm; network attack quantitative hierarchical values (cv) are obtained basing on the whole network influence ratio of the attack events; therefore, the quantitative hierarchy of the attack events is realized. According to the method, the quantitative hierarchical calculation is carried out to the safety events generated by the safety device; the problem that the current safety events are inaccurate and non-uniform in hierarchy is solved; and effective and reliable basis is provided for safety decision.

Description

technical field [0001] The invention relates to the field of information security, in particular to the field of auditing and analysis of network security events. Background technique [0002] The "Internet +" strategy is to use the Internet platform and information communication technology to combine the Internet with all walks of life, including traditional industries, to create a new ecology in new fields. In this strategic context, the importance of network security has risen to the height of national strategy. "Network Security Law of the People's Republic of China" "In order to maintain national security and social public order, and to deal with major social security incidents, the State Council or the people's governments of provinces, autonomous regions, and municipalities directly under the Central Government may, with the approval of the State Council, Temporary measures such as restrictions on network communication are adopted." In such an environment, it is nec...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425H04L63/1433
Inventor 梁志宏樊凯吕华辉赵俊峰胡岸波
Owner 中国南方电网有限责任公司信息中心
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap