Network attack monitoring method and device based on big data

A network attack and big data technology, applied in the field of big data, can solve the problems of a large number of manual analysis, the inability to describe the overall picture of APT attacks efficiently, and the difficulty in discovering potential correlations of security events, so as to achieve good concealment and overcome the need for a large amount of manual work. Analysis, the effect of long attack duration

Inactive Publication Date: 2018-06-29
北信源系统集成有限公司
View PDF5 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, the existing security monitoring methods are difficult to discover the potential correlation between various security events in different locations and in different time period

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack monitoring method and device based on big data
  • Network attack monitoring method and device based on big data
  • Network attack monitoring method and device based on big data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The present invention will be further described in detail below with reference to the drawings and specific embodiments. However, it should be understood that the present invention can be implemented in various forms and should not be limited by the embodiments described here. Rather, these embodiments are provided for more thorough understanding of the present disclosure, and to fully convey the scope of the present disclosure to those skilled in the art.

[0038] The embodiment of the present invention provides a network attack monitoring method based on big data, such as figure 1 As shown, the method includes:

[0039] S1: Collect safety-related data in a super-large space-time range of the information system;

[0040] When it is necessary to collect security-related data within a certain ultra-large space-time range, it is first necessary to specify a data collection plan, including time strategy and space strategy.

[0041] The time policy can specify the start t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network attack monitoring method based on big data. The method comprises the following steps: collecting safety-related data in ultra space-time range of an information system; searching threat basis data related to a network safety threat clue from the safety-related data according to the network safety threat clue; identifying and describing high-level network safety threat according to a threat model and an association analysis model based on the threat basis data. The invention discloses a network attack monitoring device based on big data, the device comprises ahost resource data collection module, a network data collection module, a thread data searching module and a threat identification module. Through the monitoring method disclosed by the invention, thedata in the ultra space-time range can be collected, and the data processing, transmission, integration and analysis can be performed by using the big data platform, thereby discovering the high-level continuity threat with long attack continuing time and good concealing, and the limitation that the current safety monitoring measure only can discover the APT attack discrete clues is overcome.

Description

technical field [0001] The invention belongs to the technical field of big data and relates to big data security analysis, in particular how to collect data and use big data means to solve the monitoring and identification problems of advanced network security threats (such as APT attacks). Background technique [0002] As cyberspace security attacks and defenses gradually rise to the national or regional level, there are more and more cyber attacks that are organized and supported by national or regional backgrounds, and these attacks are clearly directed at a country's key information infrastructure and important information. System, enterprise-level network information system has become the primary target of advanced persistent threats (APT attacks). In recent years, APT attacks have shown the characteristics of long time span, high degree of concealment, strong attack capabilities and support resources. The existing network security monitoring or situational awareness sy...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1416
Inventor 钟力操寒
Owner 北信源系统集成有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap