Method and system for detecting threats in network and electronic device

A detection method and network technology, applied in the field of network information security, can solve the problems of users who are difficult to detect deliberate malicious behavior, difficult to detect, threats, etc., to reduce time complexity and space complexity, and improve universal The effect of reducing misjudgment rate

Active Publication Date: 2018-10-02
INST OF INFORMATION ENG CAS
View PDF5 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] However, in the construction of user behavior patterns, most of the existing methods are to find a basic user portrait in the behavior of all users, compare each user with this basic user portrait, and if the difference is large, it will be identified as a threat user
This modeling method is based on multi-domain behavior drivers, and it is difficult to detect malicious users
This type of insider threat agent disguises himself as the same as the surrounding users and hides his threat

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting threats in network and electronic device
  • Method and system for detecting threats in network and electronic device
  • Method and system for detecting threats in network and electronic device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] In order to make the objectives, technical solutions and advantages of the present invention clearer, the following will clearly and completely describe the technical solutions in the present invention in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are of the present invention. Some embodiments, not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of the present invention.

[0027] When conducting network threat detection, network internal threat detection cannot be regarded as a single data or time-driven problem, it should be a combination of these two aspects. Based on this idea, the embodiment of the present invention proposes an accurate, effective and unsupervised method for detecting insider threats. Combining the advantages of multi-domain...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and system for detecting threats in a network and an electronic device. The method comprises: on the basis of different characteristics of user behavior data, multi-dimensionality detection is carried out on the user behavior data based on multi-domain behavior driving and time behavior driving; according to an entropy weight method, an abnormal score value based onmulti-domain behavior driving and an abnormal score value based on time behavior driving in the multi-dimensionality detection result are fused and thus a threat in a network is determined. Therefore, universality of the operation process is improved effectively; the time complexity and space complexity of the operation are reduced; and thus the costs are lowered.

Description

Technical field [0001] The present invention relates to the technical field of network information security, and more specifically, to a method, system and electronic equipment for detecting network internal threats. Background technique [0002] In the field of information security, the losses caused by internal threats are far greater than the losses caused by external threats, and internal threats are more likely to cause data leakage problems. Compared with external threats, internal threats require more time to resolve. [0003] The malicious activities used by insider threats are usually carried out in the following stages: the cracker enters the system or network; the cracker investigates the nature of the system or network in order to understand the vulnerable places and the locations that can cause the most damage with the least effort; establish a work area, Malicious activities are carried out in it; finally, actual destructive actions are carried out. [0004] Existing ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425H04L63/1441
Inventor 王妍吕遒健王丹吴峥嵘吕彬李宁
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap