Association analysis method and association analysis system

A correlation analysis and correlation data technology, applied in the field of information security, can solve problems such as strong concealment, inability to discover cycles, and inability to realize long-term correlation analysis, etc., to achieve the effect of long cycle and strong concealment

Inactive Publication Date: 2016-06-15
CEC CYBERSPACE GREAT WALL
View PDF11 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, there are the following technical problems in the prior art: the prior art schemes are traditional detection technology based on feature matching and event analysis technology based on sing

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Association analysis method and association analysis system
  • Association analysis method and association analysis system
  • Association analysis method and association analysis system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] In order to enable those skilled in the art to better understand the technical solutions of the present invention, the present invention will be described in detail below in conjunction with the accompanying drawings.

[0055] figure 1 It is a flow chart of an association analysis method provided in Embodiment 1 of the present invention, such as figure 1 As shown, the method includes:

[0056] Step 101, the receiving module receives original data.

[0057] In this embodiment, raw data may include raw events and / or raw traffic. The raw data may be real-time raw data. The receiving module can receive the preprocessed raw data.

[0058] In this embodiment, before the receiving module receives the original data, the preprocessing module may also preprocess the original data. Since the format of the original data before preprocessing is different, it is necessary to perform format processing on the original data through the preprocessing process. Specifically, the prep...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an association analysis method and an association analysis system. The method comprises the steps that: a receiving module receives original data; a real-time analysis module carries out real-time association processing on the original data according to a real-time association rule to generate association data; and a continuous analysis module judges whether the association data are abnormal according to an analysis rule and generates an alarm event when judging that the association data are abnormal. In the association analysis method in the technical scheme provided by the invention, the receiving module receives the original data, the real-time analysis module carries out the real-time association processing on the original data according to the real-time association rule to generate the association data, the continuous analysis module judges whether the association data are abnormal according to the analysis rule and generates the alarm event when judging that the association data are abnormal, and long-term association analysis is realized, so attack behaviors with long periods and strong concealment can be found.

Description

technical field [0001] The invention relates to the field of information security, in particular to an association analysis method and an association analysis system. Background technique [0002] At present, with the development of the information technology field, the attack methods and technologies are becoming more and more complex, and multiple steps are often required to complete an intrusion event, especially in recent years, Advanced Persistent Threat (APT) events have been frequently reported around the world. , APT incidents refer to long-term, planned and organized cyber attacks against specific objects that steal data and have strong concealment capabilities. The period of such incidents lasts for several years, and border detection devices can be bypassed. [0003] However, there are the following technical problems in the prior art: the prior art schemes are traditional detection technology based on feature matching and event analysis technology based on single...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24
CPCH04L63/1425H04L41/06H04L41/0604H04L41/0631H04L63/1416H04L63/1466
Inventor 廖飞鸣王萍
Owner CEC CYBERSPACE GREAT WALL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap