Attack path restoration method and apparatus

An attack path and attacked technology, which is applied in the communication field, can solve the problems of affecting normal business operation, limited restoration ability, and low analysis efficiency, so as to achieve the effect of more effective enterprise security improvement, enhanced restoration ability, and improved analysis efficiency

Active Publication Date: 2018-10-23
CHINA MOBILE GRP GUANGDONG CO LTD +1
View PDF5 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The embodiment of the present invention provides an attack path restoration method and device, which are used to overcome the defects of low analysis efficiency, limited restoration ability and affecting normal business operation in the existing attack path restoration method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack path restoration method and apparatus
  • Attack path restoration method and apparatus
  • Attack path restoration method and apparatus

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0056] In the first aspect, the embodiment of the present invention provides a method for restoring an attack path, such as figure 1 shown, including:

[0057] S101. Obtain the alarm events recorded on each network device, and when it is determined that the attacked device described in the alarm event satisfies a preset attack condition, determine the attacked device as an attack target; wherein, the preset The attack condition is determined according to the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an attack path restoration method and apparatus. According to the method, through comprehensive analysis on a security event alarm, and a connection relationship of each device in a network topology, a connection relationship between each of respective lists of an attacker, an internal network weak point, an attack source and the attacker and each set of device is obtained, thereby finishing restoration of an attack process. Compared with the existing path restoration method, the method provided by the embodiment of the invention can go deep into an internal network todiscover a security weak point in internal network protection, so that an attack path is traced to the source and thus the method is more effective to improve the enterprise security and improves theanalysis efficiency; and meanwhile, a noise of an uncritical connection in massive security events can further be shielded and only an attack path coming into effect is traced to the source; moreover, all attacks can be restored, so the restoration capacity is improved; and in addition, according to the method provided by the invention, while the attack path is restored, an operating service is not affect and thus the normal operation of the service can be kept.

Description

technical field [0001] Embodiments of the present invention relate to the field of communication technologies, and in particular to a method and device for restoring an attack path. Background technique [0002] With the rapid development of the Internet, network attacks are also intensified, especially DDOS and other types of attacks. Attackers take advantage of the rapid and extensive interconnectivity of the network, making traditional security measures basically useless and seriously threatening the security of enterprises; and network attacks Most of the attackers use forged IP addresses, which makes it difficult for the attacked to determine the location of the attack source, thus making it impossible to implement targeted protection strategies. All these make the tracking technology of reverse tracking the source of the attack an important part of the network active defense system. It plays a vital role in minimizing the current effect of the attack and deterring the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1433H04L63/1441H04L63/1458
Inventor 余筱蕙蔡国威钟雪慧李彬郝建忠郑浩彬
Owner CHINA MOBILE GRP GUANGDONG CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap