Auditing method for screening round entry events

An event and abnormal event technology, applied in computing, special data processing applications, instruments, etc., can solve the problems of increasing audit labor, time cost, low audit effect, poor efficiency, etc., to reduce misjudgment of audit results, improve Audit efficiency, reduce inefficiency effect

Active Publication Date: 2017-05-31
广州市申迪计算机系统有限公司
View PDF4 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] 1. The variety of circumvention events (such as: inter-device interfaces, security scans and other non-manual operations that must be directly accessed between devices, or special behavior events that do not access the 4A system due to business needs) makes it difficult to deal with Accurate screening of bypass events is prone to a large number of misjudged audit results, and the audit effect is low. When manually confirming bypass events for the secon

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Auditing method for screening round entry events
  • Auditing method for screening round entry events
  • Auditing method for screening round entry events

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0046] Example 1

[0047] See figure 1 , Is the flowchart of the audit method for identifying bypass login events provided in the first embodiment. The method includes the following steps:

[0048] S1: The log is compressed by the classification compression engine at a preset time granularity and classified by key content to obtain a compression table.

[0049] This step is used to compress large-scale logs. Specifically, the preset time granularity is set according to actual conditions and is not specifically limited here. In this embodiment, the preset time granularity is 4 hours. The key content includes: platform, equipment, account number, operation content, operation result, IP source, audit exception type.

[0050] In this embodiment, during specific implementation, the classification compression engine divides the large-scale log table every four hours into the same key fields as the key fields according to the platform, device, account, operation content, operation result, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an auditing method for screening round entry events. The auditing method includes the steps: S1 compressing logs according to preset time granularity and key content classification by a classified compression engine to obtain a compression table; S2 screening class round events in the compression table by a screening auditing engine to obtain non-class round events in the compression table, and acquiring round logs 4A by the non-class round events; S3 decompressing parts of the round logs 4A by a decompression engine according to preset decompression rules; S4 displaying the round logs 4A in a combined manner. Parts of the parts of the round logs 4A do not comfort to other abnormal event auditing rules. By the auditing method, the class round events and the non-class round events can be effectively distinguished, auditing result misjudgment is decreased, mass round events can be rapidly and visually displayed, auditing manpower and time investment is reduced, and auditing efficiency is improved.

Description

technical field [0001] The invention relates to computer system information security application technology, in particular to an audit method for screening circumvention login events. Background technique [0002] In today's era of explosive development of the Internet, the informatization of the core business of governments and enterprises is also increasing day by day. Information security has become a sensitive nerve line of the people, and a crisis of trust is imminent. It is the responsibility of enterprises to protect customer information security, and it is also the trust of customers in enterprises. bottom line. Faced with increasingly severe information security risks, it is imperative to resist intrusion and strengthen internal control. [0003] In 1995, the international network security community first proposed the concept of a 4A (Authentication, Account, Authorization, Audit) unified security management platform solution, officially taking identity authenticat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/31G06F17/30
CPCG06F16/1815G06F21/31
Inventor 卢杰华吕潇秦泳霖
Owner 广州市申迪计算机系统有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap