Threat intelligence-based network security detection method and system

A network security and intelligence technology, applied in the field of network security, can solve the problems of false positives on the user side, no correlation analysis effectiveness analysis, low matching accuracy, etc., and achieve the effect of improving accuracy

Inactive Publication Date: 2018-03-20
SANGFOR TECH INC
View PDF13 Cites 37 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In existing solutions, only single-dimensional threat intelligence databases are used to match customer traffic, such as IP addresses, domain names, URLs, etc., and single-dimensional threat intelligence databases are matched without correlation analysis of threat intelligence data in various dimensions. Sexual analysis, the matching accuracy is relatively low, and when the matching is wrong, it is easy to cause false positives on the user side

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Threat intelligence-based network security detection method and system
  • Threat intelligence-based network security detection method and system
  • Threat intelligence-based network security detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] Embodiments of the present invention provide a method and system for network security detection based on threat intelligence, which are used to improve the accuracy of network security detection.

[0041] In order to enable those skilled in the art to better understand the solutions of the present invention, the following will clearly and completely describe the technical solutions in the embodiments of the present invention in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments are only It is an embodiment of a part of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts shall fall within the protection scope of the present invention.

[0042] The terms "comprising" and "having" in the description and claims of the present invention and the above drawings, as well...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a threat intelligence-based network security detection method and system, aiming at improving the accuracy of network security detection. The method provided by the embodiment of the invention includes the following steps: periodically acquiring threat intelligence data from at least one preset website; grouping associated data in the threat intelligence data according to a preset rule to form at least one threat intelligence group, wherein the threat intelligence group includes at least one type of the threat intelligence data, and each type of the threat intelligence data includes one or more pieces of data; and performing multidimensional matching on acquired network access data of a target terminal and the threat intelligence data in the threatintelligence group, and calculating target threat intelligence data that is successfully matched, and if the number of the target threat intelligence data that is successfully matched exceeds a presetnumber, determining that the target terminal is infected with a virus.

Description

technical field [0001] The invention relates to the field of network security, in particular to a threat intelligence-based network security detection method and system. Background technique [0002] With the continuous growth of new threats and attacks typified by APT, enterprises and organizations increasingly need to rely on sufficient and effective security threat intelligence to help them better deal with these new threats in the process of preventing external attacks. A market for security threat intelligence analysis emerged and is thriving. [0003] The current threat intelligence system is only a platform for data sharing and exchange, focusing on the threat intelligence data of various security vendors, ignoring some of the threat intelligence data distributed in various Internet forums and websites, and using a single-dimensional threat intelligence database to match customers. Traffic, such as: IP address, domain name, URL, etc. [0004] In existing solutions, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/26
CPCH04L43/16H04L63/1408H04L63/145
Inventor 张斌
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap