Network safety management system based on alarm strategy

A network security and management system technology, applied in transmission systems, electrical components, etc., can solve the problems of lack of correction and management of alarm information, unimportant, outdated, etc.

Inactive Publication Date: 2016-12-07
林杨
View PDF0 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The security management system in related technologies integrates various security products and facilities, builds a huge database, and supports the correction of the priority level of security events, which provides a good data source f

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network safety management system based on alarm strategy
  • Network safety management system based on alarm strategy
  • Network safety management system based on alarm strategy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0045] see figure 1 , figure 2 , the network security management system based on the alarm policy in this embodiment includes a security event collection module 1, a risk real-time assessment module 2, an alarm policy acquisition module 3 and an alarm execution module 4 connected in sequence; the security event collection module 1 is used to pass The network security device performs normalization processing on the security log, generates a security event, and collects the security event; the risk real-time assessment module 2 is used to assess the risk of the security event; A security event with a risk threshold sends out warning information; the warning strategy acquisition module 3 is used to receive the warning information and obtain a corresponding warning strategy; the warning execution module 4 is used to execute the warning according to the warning strategy.

[0046] The risk real-time assessment module 2 includes:

[0047] (1) An evaluation index system generation ...

Embodiment 2

[0057] see figure 1 , figure 2 , the network security management system based on the alarm policy in this embodiment includes a security event collection module 1, a risk real-time assessment module 2, an alarm policy acquisition module 3 and an alarm execution module 4 connected in sequence; the security event collection module 1 is used to pass The network security device performs normalization processing on the security log, generates a security event, and collects the security event; the risk real-time assessment module 2 is used to assess the risk of the security event; A security event with a risk threshold sends out warning information; the warning strategy acquisition module 3 is used to receive the warning information and obtain a corresponding warning strategy; the warning execution module 4 is used to execute the warning according to the warning strategy.

[0058] The risk real-time assessment module 2 includes:

[0059] (1) An evaluation index system generation ...

Embodiment 3

[0069] see figure 1 , figure 2 , the network security management system based on the alarm policy in this embodiment includes a security event collection module 1, a risk real-time assessment module 2, an alarm policy acquisition module 3 and an alarm execution module 4 connected in sequence; the security event collection module 1 is used to pass The network security device performs normalization processing on the security log, generates a security event, and collects the security event; the risk real-time assessment module 2 is used to assess the risk of the security event; A security event with a risk threshold sends out warning information; the warning strategy acquisition module 3 is used to receive the warning information and obtain a corresponding warning strategy; the warning execution module 4 is used to execute the warning according to the warning strategy.

[0070] The risk real-time assessment module 2 includes:

[0071] (1) An evaluation index system generation ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network safety management system based on an alarm strategy The system comprises a safety event collecting module, a real-time risk evaluation module, an alarm strategy obtaining module and an alarm execution module; the safe event collecting module normalizes safety logs via a network safety device, generates a safety event and collects the safety event; the real-time risk evaluation module evaluates the risk degree of a safety event; alarm information is emitted for the safety event whose risk degree is greater than a risk degree threshold; the alarm strategy obtaining module receives the alarm information and obtains the corresponding alarm strategy; and the alarm execution module executes the alarm according to the alarm strategy. According to the invention, the alarm information itself is corrected and managed, the controllability, instantaneity and flexibility of network safety are improved, and the reliability of output alarm information is ensured.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a network security management system based on an alarm strategy. Background technique [0002] At present, the security management system for the network concentrates firewalls, anti-virus equipment, intrusion detection equipment, vulnerability scanning equipment, etc., correlates security events generated by various security products, and uses correlation analysis algorithms and risk estimation methods to discover risk, generate alarm information in a timely manner, form a centralized monitoring and management network platform, and effectively resist network security threats. [0003] The security management system in related technologies integrates various security products and facilities, builds a huge database, and supports the correction of the priority level of security events, which provides a good data source for event correlation analysis and risk assessment, bu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/20H04L63/1416
Inventor 不公告发明人
Owner 林杨
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap