Internal threat real-time detection method based on agent

A technology of real-time detection and detection system, applied in the field of information system security, can solve problems such as difficulty in guaranteeing practicability, improve agility and reliability, enhance intelligence and adaptive ability, and facilitate real-time detection and operational intervention. Effect
CN106982231AInactive Publication Date: 2017-07-25ηŽ‹ζŒ―θΎ‰
4 Cites 17 Cited by

Patent Information

Authority / Receiving Office
CN Β· China
Patent Type
Applications(China)
Current Assignee / Owner
ηŽ‹ζŒ―θΎ‰
Publication Date
2017-07-25
Estimated Expiration
Not applicable Β· inactive patent

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses an internal threat real-time detection method based on an agent, belongs to the technical field of information system security and aims at ensuring the internal network data security through adoption of a detection assembly based on an agent technology. The internal threat real-time detection method based on the agents comprises the specific steps that a client agent program is installed, before a user accesses service data on a database server host, the agent program judges an identity and authority of the user, and only the user passing through authentication can access data; in a process of processing licensed service data by the user, the agent program monitors behaviors of the user in real time and records the behaviors of the user in a log file; and after the user finishes processing the licensed service data, the agent program calls a corresponding signing mechanism according to a demand of the user to sign a part processed the user, so the modification of the user for the service data has non-repudiation.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention specifically relates to an Agent-based real-time detection method for internal threats, which belongs to the technical field of information system security. Background technique

[0002] Among the various security threats faced by information systems, although the number of internal threats is far less than that of external attacks, the losses and harms caused are greater. In recent years, the WikiLeaks incident has once again aroused widespread attention from all walks of life to the issue of insider threats. The endless incidents of insider threats have made this topic enduring. Because internal employees know better than external personnel which data is worth stealing and which data is not valuable after being stolen. Moreover, internal malicious operations are more likely to be ignored by enterprise organizations. Therefore, the internal threat problem has gradually become the focus of research by security experts at home and abroad...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More