Suspicious threat index active validation method and system based on source-opening information

A verification method and technology of indicators, applied in the field of active verification of suspicious threat indicators, can solve the problems of inability to monitor open intelligence sources, incomplete open intelligence sources, and high cost, and avoid problems with low intelligence coverage, easy implementation, and low cost. Effect

Active Publication Date: 2019-01-11
INST OF INFORMATION ENG CAS
View PDF10 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This approach is passive, complex
Moreover, the public intelligence sources for fixed-point monitoring are incomplete, and it is impossible to monitor all public intelligence sources
In addition, it is necessary to analyze and organize information from different intelligence sources, which is costly

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Suspicious threat index active validation method and system based on source-opening information
  • Suspicious threat index active validation method and system based on source-opening information
  • Suspicious threat index active validation method and system based on source-opening information

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The present invention will be described in further detail below through specific embodiments and accompanying drawings.

[0039] This embodiment provides an active verification system for suspicious threat indicators based on open source information, such as figure 1 As shown, it includes: query design module, information collection module, data processing module, model training module, and index verification module.

[0040] The query design module is used to design a specific query statement to complete the query combination of suspicious threat indicators and specific scenarios, so as to quickly locate all public information related to suspicious threat indicators on the Internet;

[0041] The information collection module is used to collect and crawl the result information retrieved on the Internet according to specific query statements, so as to provide knowledge basis for the later verification of suspicious threat indicators.

[0042] The data processing module ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention relates to a suspicious threat index active validation method and system based on source-opening information. The method comprises the following steps of: 1) designing a specialquery statement, wherein the special query statement is combination of suspicious threat indexes and special scenes; 2) collecting and crawling result information obtained through retrieval on the internet according to the special query statement; 3) performing structuring processing of the related source-opening information in the result information to obtain structural data; 4) employing the structural data to fully learn the hidden features and train a corresponding classification model; and 5) employing the classification model to verify the malevolence of the suspicious threat indexes inthe special scenes so as to identify the network threat. The system comprises a query design module, an information collection module, a data processing module, a model training module and an index verification module. The suspicious threat index active validation method and system based on source-opening information can efficiently and accurately complete the verification of the suspicious threatindexes to help users with identification of high-class threat attack so as to ensure network safety.

Description

technical field [0001] The invention belongs to the technical field of cyberspace security, and in particular relates to an active verification method and system for suspicious threat indicators based on open source information. Background technique [0002] In recent years, advanced network threats represented by APT (Advanced Persistent Threats) have grown rapidly and become increasingly complex. In order to ensure network security, some security companies, security vendors, or security researchers will publish professional articles such as security reports and technical blogs on the Internet to analyze existing advanced threat attacks and their technical details. This information helps people quickly understand the evolution and implementation process of existing cyber threats, discover early signs of attacks in a timely manner, and make appropriate defense responses. [0003] Suspicious threat indicators refer to indicators found in network traffic or logs that are not ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/08H04L63/1416H04L63/205
Inventor 亚静张盼盼柳厅文王玉斌李全刚王学宾时金桥
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap