Threat intelligence-based network security detection method and system

A network security and intelligence technology, applied in the field of network security, can solve the problems of false positives on the user side, no correlation analysis effectiveness analysis, low matching accuracy, etc., and achieve the effect of improving accuracy
CN107819783AInactive Publication Date: 2018-03-20SANGFOR TECH INC
13 Cites 37 Cited by

Patent Information

Authority / Receiving Office
CN ยท China
Patent Type
Applications(China)
Current Assignee / Owner
SANGFOR TECH INC
Publication Date
2018-03-20
Estimated Expiration
Not applicable ยท inactive patent

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The embodiment of the invention provides a threat intelligence-based network security detection method and system, aiming at improving the accuracy of network security detection. The method provided by the embodiment of the invention includes the following steps: periodically acquiring threat intelligence data from at least one preset website; grouping associated data in the threat intelligence data according to a preset rule to form at least one threat intelligence group, wherein the threat intelligence group includes at least one type of the threat intelligence data, and each type of the threat intelligence data includes one or more pieces of data; and performing multidimensional matching on acquired network access data of a target terminal and the threat intelligence data in the threatintelligence group, and calculating target threat intelligence data that is successfully matched, and if the number of the target threat intelligence data that is successfully matched exceeds a presetnumber, determining that the target terminal is infected with a virus.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the field of network security, in particular to a threat intelligence-based network security detection method and system. Background technique

[0002] With the continuous growth of new threats and attacks typified by APT, enterprises and organizations increasingly need to rely on sufficient and effective security threat intelligence to help them better deal with these new threats in the process of preventing external attacks. A market for security threat intelligence analysis emerged and is thriving.

[0003] The current threat intelligence system is only a platform for data sharing and exchange, focusing on the threat intelligence data of various security vendors, ignoring some of the threat intelligence data distributed in various Internet forums and websites, and using a single-dimensional threat intelligence database to match customers. Traffic, such as: IP address, domain name, URL, etc.

[0004] In existing solutions, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More