Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Auditing method for screening round entry events

An event and abnormal event technology, applied in computing, special data processing applications, instruments, etc., can solve the problems of increasing audit labor, time cost, low audit effect, poor efficiency, etc., to reduce misjudgment of audit results, improve Audit efficiency, reduce inefficiency effect

Active Publication Date: 2017-05-31
广州市申迪计算机系统有限公司
View PDF4 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] 1. The variety of circumvention events (such as: inter-device interfaces, security scans and other non-manual operations that must be directly accessed between devices, or special behavior events that do not access the 4A system due to business needs) makes it difficult to deal with Accurate screening of bypass events is prone to a large number of misjudged audit results, and the audit effect is low. When manually confirming bypass events for the second time, the cost of audit labor and time is increased;
[0013] 2. Due to the large scale of data, it is very difficult for auditors to view and review thousands of logs with the same operation results, and the audit efficiency is not good. Directly displaying each such log is useless for log auditors. In practical terms, illegal intrusions other than illegal operations cannot be found through manual secondary confirmation, and there are potential safety hazards

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Auditing method for screening round entry events
  • Auditing method for screening round entry events
  • Auditing method for screening round entry events

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0047] see figure 1 , is a flow chart of the audit method for screening bypass login events provided in Embodiment 1. The method comprises the steps of:

[0048] S1: Compress the logs with the preset time granularity and key content classification through the classification compression engine to obtain the compression table.

[0049] This step is used to compress large-scale logs. Specifically, the preset time granularity is set according to actual conditions, and is not specifically limited here. In this embodiment, the preset time granularity is 4 hours. The key content includes: platform, device, account, operation content, operation result, IP source, and audit exception type.

[0050] In this embodiment, during specific implementation, the large-scale log table within every four hours is divided into the same division as the key field according to the platform, device, account, operation content, operation result, IP source, and audit exception type by the classificati...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an auditing method for screening round entry events. The auditing method includes the steps: S1 compressing logs according to preset time granularity and key content classification by a classified compression engine to obtain a compression table; S2 screening class round events in the compression table by a screening auditing engine to obtain non-class round events in the compression table, and acquiring round logs 4A by the non-class round events; S3 decompressing parts of the round logs 4A by a decompression engine according to preset decompression rules; S4 displaying the round logs 4A in a combined manner. Parts of the parts of the round logs 4A do not comfort to other abnormal event auditing rules. By the auditing method, the class round events and the non-class round events can be effectively distinguished, auditing result misjudgment is decreased, mass round events can be rapidly and visually displayed, auditing manpower and time investment is reduced, and auditing efficiency is improved.

Description

technical field [0001] The invention relates to computer system information security application technology, in particular to an audit method for screening circumvention login events. Background technique [0002] In today's era of explosive development of the Internet, the informatization of the core business of governments and enterprises is also increasing day by day. Information security has become a sensitive nerve line of the people, and a crisis of trust is imminent. It is the responsibility of enterprises to protect customer information security, and it is also the trust of customers in enterprises. bottom line. Faced with increasingly severe information security risks, it is imperative to resist intrusion and strengthen internal control. [0003] In 1995, the international network security community first proposed the concept of a 4A (Authentication, Account, Authorization, Audit) unified security management platform solution, officially taking identity authenticat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/31G06F17/30
CPCG06F16/1815G06F21/31
Inventor 卢杰华吕潇秦泳霖
Owner 广州市申迪计算机系统有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products