Unlock instant, AI-driven research and patent intelligence for your innovation.

Method, device and storage medium for establishing a detection network threat model

A detection model and network technology, applied in the application field of network security technology, can solve the problems of detection limitations, complex sandbox technology, and no solution proposed, and achieve the effect of improving accuracy

Active Publication Date: 2019-11-19
HILLSTONE NETWORKS CO LTD
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The sandbox technology is relatively complicated, and its implementation also has high requirements for performance (especially memory and CPU)
[0010] For the above-mentioned problems of detection limitations in the detection of advanced long-term threat attacks in the prior art, no effective solution has been proposed yet

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and storage medium for establishing a detection network threat model
  • Method, device and storage medium for establishing a detection network threat model
  • Method, device and storage medium for establishing a detection network threat model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0042] According to an embodiment of the present invention, an embodiment of a method for establishing a network threat detection model is provided. It should be noted that the steps shown in the flow chart of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, Also, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0043] figure 1 is a schematic flow chart of a method for establishing a detection network threat model according to an embodiment of the present invention, such as figure 1 As shown, the method includes the following steps:

[0044] Step S102, collecting network threat data flow and network security data flow;

[0045] Step S104, establishing a detection model by analyzing the difference between network threat data flow and network security data flow;

[0046] Step S106, adjust ...

Embodiment 2

[0117] According to an embodiment of the present invention, an embodiment of a device applied to the above-mentioned method for establishing a network threat detection model is provided, and an embodiment of the present application provides a device for establishing a network threat detection model, Figure 5 is a schematic flowchart of a device for establishing a network threat detection model according to an embodiment of the present invention, such as Figure 5 shown, including:

[0118] The acquisition module 52 is used to collect network threat data flow and network security data flow; the model building module 54 is used to establish a detection model by analyzing the difference between network threat data flow and network security data flow; the adjustment module 56 is used to Adjust the parameters of the detection model and provide machine learning network threat data flow and network security data flow by presetting the detection efficiency of the detection data...

Embodiment 3

[0127] According to still another aspect of the embodiments of the present invention, there is provided a storage medium, including: the storage medium includes a stored program, wherein, when the program is running, the device where the storage medium is located is controlled to execute the establishment of a detection network threat model in the first embodiment above method.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and device for establishing network threat detection model, a storage medium and a processor. The method comprises the steps of collecting a network threat data stream and a network security data stream; establishing a detection model by analyzing the difference between the network threat data stream and the network security data stream; and adjusting parameters of the detection model by presetting the detection efficiency of detecting the data streams, and providing the network threat data stream and the network security data stream learned by a machine. According to the method, the device, the storage medium and the processor, the technical problem that in the prior art, detection limitation exists in a process of detecting an advanced persistent threat attack is solved.

Description

technical field [0001] The present invention relates to the application field of network security technology, in particular to a method, device, storage medium and processor for establishing and detecting network threat models. Background technique [0002] With the development of the Internet, certain personnel (hackers) carefully plan and implement this kind of intrusion for specific targets, which has achieved commercial or political purposes. Advanced long-term threats often target specific organizations or countries and require high concealment for a long time. Advanced persistent threats consist of three elements: Advanced, Persistent, Threat. Advanced emphasizes the use of sophisticated malware and techniques to exploit vulnerabilities in the system. It has long been implied that hackers will continue to monitor specific targets and obtain data from them. Threats refer to attacks that involve humans in planning. In the advanced long-term threat, hackers use malici...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/0236H04L63/1416H04L63/145
Inventor 陆骋怀於大维尚进蒋东毅董浩谢军李矩希
Owner HILLSTONE NETWORKS CO LTD