Threat intelligence processing method and apparatus

A processing method and intelligence technology, applied in the field of data security, can solve the problems of inability to find malicious files in a timely and comprehensive manner, poor real-time performance and coverage, and achieve the effect of ensuring real-time and coverage

Active Publication Date: 2018-08-28
BEIJING QIANXIN TECH
View PDF7 Cites 45 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, in the process of realizing the present invention, the inventor found that the above-mentioned security software in the prior art has at least the following problems: most of the existing security software checks and kills malicious files a...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Threat intelligence processing method and apparatus
  • Threat intelligence processing method and apparatus
  • Threat intelligence processing method and apparatus

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0062] The specific embodiments of the present invention will be further described below in conjunction with the accompanying drawings. The following examples are only used to illustrate the technical solution of the present invention more clearly, but not to limit the protection scope of the present invention.

[0063] figure 1 It shows a schematic flowchart of a threat intelligence processing method provided in this embodiment, including:

[0064] S101. Obtain IOC (Indicator of Compromise, threat indicator) data of multi-source intelligence, and preprocess the IOC data to obtain data to be analyzed;

[0065] Wherein, the multi-source intelligence includes: intelligence information provided by the enterprise's self-produced intelligence, third-party intelligence aggregation part, and cloud intelligence center.

[0066] The preprocessing refers to normalizing the IOC data to facilitate subsequent data analysis.

[0067] S102. Input the data to be analyzed into a threat inte...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Embodiments of the invention disclose a threat intelligence processing method and apparatus. The method comprises the steps of obtaining threat index IOC data of multisource intelligence, and preprocessing the IOC data to obtain to-be-analyzed data; inputting the to-be-analyzed data to a threat intelligence detection model for performing detection to obtain a threat detection result; and if the to-be-analyzed data is judged to be threat intelligence according to the threat detection result, sending the threat detection result to a display terminal for performing display. The apparatus comprises a data preprocessing module, a data detection module and a result display module. According to the threat intelligence processing method and apparatus, the threat index data of the multisource intelligence is obtained and is preprocessed and detected to obtain the threat detection result, and after the threat intelligence is determined, the threat detection result is sent to the display terminalfor performing display, so that the timeliness and the coverage rate of malicious IP detection and malicious file searching and killing are ensured.

Description

technical field [0001] Embodiments of the present invention relate to the technical field of data security, and in particular to a method and device for processing threat information. Background technique [0002] With the continuous development of the Internet, the way of information security attacks has changed into "precise and targeted attacks". These attacks will collect accurate information on the target before the attack, actively dig out the relevant vulnerabilities of the target, and then choose the opportunity to attack the target. Therefore, how to provide accurate and timely early warning of possible attacks before an attack occurs has become an urgent security issue for enterprises today. [0003] At present, there are various defense methods to deal with the hacker's intrusion. For example, security software such as NetShield, anti-virus software, security guard, and network bodyguard can resist hacker intrusions to a certain extent and maintain network secur...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/55H04L29/06
CPCG06F21/552H04L63/101H04L63/1425H04L63/1441
Inventor 白敏高浩浩汪列军韩志立
Owner BEIJING QIANXIN TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap