Supercharge Your Innovation With Domain-Expert AI Agents!

Evidence obtaining method, server and firewall

A server and cloud server technology, applied in the field of communication security, can solve problems such as low processing efficiency and inability to respond to all users efficiently, and achieve the effect of improving accuracy and improving the efficiency of forensics

Active Publication Date: 2017-10-03
SANGFOR TECH INC
View PDF2 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] With this security forensics method, security experts generally need about 2 days of work to analyze a user’s network and corresponding security events, resulting in low processing efficiency. If a large number of user security events occur, it is impossible to efficiently respond to all users.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Evidence obtaining method, server and firewall
  • Evidence obtaining method, server and firewall
  • Evidence obtaining method, server and firewall

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0065] The embodiment of the present invention provides a method for obtaining evidence, a server, and a firewall, which are used to automatically read the client IP and the security log related to the client IP according to the security log association method, and use the security log to determine the security log related to the client IP. The associated first IP and the first security log associated with the first IP are then used to extract the first IP and the first security log corresponding to the intrusion rule by using the intrusion rule matching method, so as to achieve the purpose of automatic forensics.

[0066] Because the present invention can automatically read the security log through the server, and use the intrusion rules to automatically compare the first IP and the first security log related to the first IP, without manual comparison, thereby improving the accuracy of evidence collection and the efficiency of evidence collection.

[0067] With the rapid deve...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses an evidence obtaining method, a server and a firewall for improving the evidence obtaining accuracy and the evidence obtaining efficiency. The method provided by the embodiment of the invention comprises the following steps: obtaining the IP of a client; obtaining a security log related to the IP of the client; determining a first IP associated with the IP of the client and a first security log related to the IP in the security log; obtaining an invasion rule, and matching the invasion rule with the first security log; and extracting the first IP corresponding to the invasion rule and the first security log in the case of matching success. The invention further provides a server and a firewall for improving the evidence obtaining accuracy and the evidence obtaining efficiency.

Description

technical field [0001] The invention relates to the field of communication security, in particular to a method for obtaining evidence, a server and a firewall. Background technique [0002] With the rapid development of the Internet, the online transaction volume of enterprises and individual users is increasing day by day, and network operation has become a new fashion in society. However, while the Internet facilitates information exchange, it also provides a "safe way" for viruses to infect and spread rapidly. The virus reaches the other end from one end of the network and runs it without any protective measures on the computer, resulting in network paralysis. The system collapse poses a serious threat to the security and development of the information society and causes huge losses. To solve this problem and meet users' requirements for network security, a secure and efficient network security solution is needed. [0003] At present, in the face of security incidents r...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/0236H04L63/0263H04L63/1425
Inventor 余文毅李凯
Owner SANGFOR TECH INC
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com