Abnormal behavior detection method and device

A detection method and behavior technology, applied in the field of information security, can solve the problems of unsatisfactory detection effect, high false detection rate and high missed detection rate

Active Publication Date: 2018-03-09
CHINA MOBILE GROUP SHAIHAI +1
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] The present invention provides a method and device for detecting abnormal behaviors, which are used to solve the problems of high false detection rate and missed detection rate and unsatisfactory detection effects in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Abnormal behavior detection method and device
  • Abnormal behavior detection method and device
  • Abnormal behavior detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0075] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, rather than all embodiments . Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0076] figure 1 An exemplary flow chart of an abnormal behavior detection method provided by an embodiment of the present invention is shown, as shown in figure 1 shown, including the following steps:

[0077] S101: Obtain business behavior data of the target object;

[0078] S102: Perform Fourier transform on the business behavior data to obtain frequency information and first amplitude information of the business behavior data;

[007...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of information security, in particular to an abnormal behavior detection method and device. The problem that in the prior art, the false detecting rate andthe loss detecting rate are high is solved. The method mainly comprises the steps that business behavior data of a target object is obtained and then subjected to Fourier transform, frequency information and first amplitude information of the business behavior data are obtained; according to the frequency information, a to-be-used evaluation model of the target object is obtained; according to the frequency information and the to-be-used evaluation model, second amplitude information of the target object is obtained; if a difference value of the first amplitude information and the second amplitude information is larger than a first threshold value, it is determined that the business behavior of the target object is an abnormal behavior. Accordingly, different models are adopted for different business behavior data types and frequency, and pertinence is better achieved; meanwhile, period analysis and Fourier frequency domain analysis are adopted, fluctuation interference is filtered out, and then the false detecting rate and the loss detecting rate are lowered.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to an abnormal behavior detection method and device. Background technique [0002] Abnormal behavior analysis is a new technology to discover potential threats in advance. It is a technology that detects abnormal behavior events by continuously collecting historical data and then building models based on these data. It is a "dynamic detection" technology, which is different from the general "static detection" technology. The "static detection" technology based on feature detection can only detect existing threats in library files. Abnormal behavior analysis can detect abnormal behavior of users and servers from the network layer to the application layer, and discover potential threats in advance. [0003] The detection models of the current abnormal behavior analysis technology mainly include the following two types: [0004] 1. Statistical Model [0005] The...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F17/18
CPCG06F17/18
Inventor 束俞
Owner CHINA MOBILE GROUP SHAIHAI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap