Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Threat degree ordering method for server attack sources

A sorting method and threat degree technology, applied in the field of information security, can solve the problems of coarse granularity, users' inability to focus, and network administrators' inability to provide decision-making information, and achieve the effect of improving detection efficiency

Active Publication Date: 2017-10-24
西安交大捷普网络科技有限公司
View PDF5 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Traditional intrusion detection systems show users the attacks that occur in the network in the form of logs. This form of rough granularity prevents users from focusing on real threatening attack sources and cannot provide network administrators with direct decision-making information.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Threat degree ordering method for server attack sources
  • Threat degree ordering method for server attack sources
  • Threat degree ordering method for server attack sources

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] Step 1. Obtain the log information of the server, which includes the attack records of multiple attack sources on the server. The attack process analysis module classifies the attack process of each attack source on the server by classifying the log information. The classification rules are specifically: :

[0034] (1) Divide the log information containing positioning information into the target positioning stage;

[0035] (2) Divide the log information containing port scanning information into the target scanning stage;

[0036] (3) Divide the log information containing vulnerability information into the privilege escalation stage;

[0037] (4) dividing the log information containing virus information into the virus delivery stage;

[0038](5) Divide the log information containing backdoor information into the stage of installing the backdoor;

[0039] Simultaneously count the number of attacks of each attack source on each attack stage of the server, and store the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a threat degree ordering method for server attack sources. The threat degree ordering method for server attack sources includes the steps: acquiring the log information generated in an intrusion detection system of a server; according to the log information, dividing the process of attacking the server by each attack source into a plurality of attack phases, counting the attack number of each attack phase, and according to the threat degree weight given by each attack phase, determining the threat degree of each attack source to the server; and at last, according to the threat degree of each attack source to the server, ordering the threat degree. The threat degree ordering method for server attack sources enables the user to visually obtain the attack source having the highest threat degree to the own server to make corresponding defensive measures timely, thus effectively improving the detection efficiency of the invasion detection system.

Description

technical field [0001] The invention belongs to the technical field of information security, and in particular relates to a method for sorting threat degrees of server attack sources. Background technique [0002] With the development of Internet technology and the continuous improvement of social informatization, the network has gradually become an indispensable part of people's production and life, and network security has received more and more attention. Various security products are used in Detect the threat of attack in the network and maintain the safe operation of the network. However, these security methods can only play a specific role within a certain range. They lack effective data fusion and collaborative management mechanisms. Security managers are unable to respond to these threats of network attacks in a timely manner. For the purpose of grasping the threats of network attacks as a whole and maintaining network security operations, the network threat situatio...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1441H04L63/1466
Inventor 刘彦伯何建锋陈宏伟白肖
Owner 西安交大捷普网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products