Active machine learning system for hazardous host detection

A machine learning and machine learning model technology, applied in the transmission system, electrical components, etc., can solve the problems of missing and processing important alarm information, high false alarm rate, large alarm volume, etc., and achieve strong adaptability and learning initiative Effect

Active Publication Date: 2017-05-31
浙江航芯科技有限公司
View PDF4 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0017] In order to overcome the existing safety information and event management system that has a large number of alarms and a high false alarm rate, resulting in the failure to deal with alarms in time and the possible omission of important alarm information, the present invention provides an active machine learning method for dangerous host monitoring system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Active machine learning system for hazardous host detection
  • Active machine learning system for hazardous host detection
  • Active machine learning system for hazardous host detection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0064] An active machine learning system for risky host monitoring that leverages SIEM alert information, various security logs, and analyst investigative notes to flag hosts with a high likelihood of compromise. The system includes data collection, feature engineering, label generation, machine learning, feedback algorithms for active learning analyst insights, and real-time alerting. The six parts are connected sequentially. After the data collection part collects and integrates various security-related information in the enterprise network, it is passed to the feature engineering part, and the feature engineering part standardizes the data and extracts features. After processing, the extracted feature vector is passed to the machine learning part as input data, and the label is generated by analyzing and mining the security analyst's investigation notes, extracting the security status label of the host, and sending it to the machine learning part as Learning objectives, the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an active machine learning system for hazardous host detection. Hosts high in possibility of being destroyed are marked by the aid of SIEM (security information and event management) warning information, various safety logs and research notes of analysts. The active machine learning system comprises parts including data collection, feature engineering, mark production, machine learning, feedback algorithms of active learning analyst insights, real-time warning and the like; natural language progressing, text mining and graphics-based methods are adopted, targets are generated and characteristics are created for machine learning; a machine learning mechanism of deep belief network, multilayer deep neutral network, random forest, support vector machine, Logistic regression and the like are adopted for machine learning. The hazardous hosts in the network can be accurately detected, false alarm rate is greatly reduced, host security detection requests and SOC (security operation center) actual investigation are considered, important security events can be handled in time, and labor cost is reduced while network security monitoring capability is improved.

Description

technical field [0001] The invention belongs to the technical field of network security and machine learning, and in particular relates to an active machine learning system for detecting dangerous hosts. Background technique [0002] With the popularization and application of computer networks, especially the Internet, the network has become an important infrastructure on which people's production and life depend. At the same time, the importance of network security has become increasingly prominent. Nowadays, network security has become the key to determining whether the scope of network applications can be greatly expanded and the value of network applications can be maximized. [0003] Cybersecurity incidents, especially data breaches, can have significant financial and reputational impacts on businesses. In 2015, IBM and the Ponemon Research Institute conducted research on the losses caused by data breaches to 62 companies. The results showed that the average loss cause...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425H04L63/1433
Inventor 冯望烟吴淑宁张立钢
Owner 浙江航芯科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap