Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A network threat detection method, device and network management equipment

A technology for network management equipment and threat detection, which is applied in the field of network management equipment and network threat detection, and can solve problems such as low detection efficiency

Active Publication Date: 2020-11-06
XINHUASAN INFORMATION TECH CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In view of this, the present application provides a network threat detection method, device and network management equipment to solve the problem of low detection efficiency in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A network threat detection method, device and network management equipment
  • A network threat detection method, device and network management equipment
  • A network threat detection method, device and network management equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046]Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with aspects of the present application as recited in the appended claims.

[0047] The terminology used in this application is for the purpose of describing particular embodiments only, and is not intended to limit the application. As used in this application and the appended claims, the singular forms "a", "the", and "the" are intended to include the plural forms as well, unless the context clearly dictates otherwise. It should also be understood that the term ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The application provides a network threat detection method and device, and network management equipment. The method comprises the following steps: receiving target log information reported by networksecurity equipment; determining a target classification feature corresponding to the target log information; determining a target attack stage corresponding to the target classification feature in a mapping relation about each classification feature and each attack state in a preset target kill chain model; and determining a fact that a network node is under network threat when judging that the network node meets the preset threat condition based on the currently determined each target attack stage after determining out at least two target attack stages, wherein the preset threat condition isas follows: generating the stage combination in forward sequence in the target kill chain model according to time order on a time shaft, and the stage combination comprises at least two attack stages.Through the scheme provided by the application, the problem of low detection efficiency in the prior art can be solved.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a network threat detection method, device and network management equipment. Background technique [0002] Security attacks and defenses have always existed and intensified, from the initial single attack to today's APT (Advanced Persistent Threat, Advanced Persistent Threat, Advanced Persistent Threat) attack with strong purpose, long duration and phased occurrence. In order to describe the APT attack, a kill chain model appeared, and based on the attacker's attack idea of ​​APT attack, the existing kill chain model consists of seven attack stages, namely, detection, arming, distribution, utilization, installation, command and control and target actions. [0003] Among them, the characteristics of the end-to-end "chain" of the kill chain model determine that interruption at any stage can lead to interruption of the entire process. As a defender, a counter kil...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/14H04L63/1416H04L63/1425H04L63/145H04L63/1458
Inventor 吕照明陈友琨
Owner XINHUASAN INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products