Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Data processing method and device thereof

A data processing and alarm technology, applied in the field of data processing, can solve the problems of alarm log loss, affecting the analysis of network attack events, etc., and achieve the effect of comprehensive and accurate analysis, good reception, and avoiding discarding

Active Publication Date: 2019-01-29
NEUSOFT CORP
View PDF5 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of the above problems, the present invention provides a data processing method and device to solve the problem that the loss of alarm logs affects the analysis of network attack events and the network security assessment when a large number of attacks break out

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data processing method and device thereof
  • Data processing method and device thereof
  • Data processing method and device thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0071] Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

[0072] The embodiment of the present invention provides a method for data processing, such as figure 1 As shown, the method includes:

[0073] 101. Obtain original alarm logs within a preset period of time.

[0074] In this embodiment, the original alarm log is for the behavior data of recording an attack on a certain network generated during the firewall's defense of the network, but the method in this embodiment is not limited t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a data processing method and a device thereof, wherein the data processing method and the device thereof relate to the technical field of a firewall. The data processing methodand the device settle a problem of incapability of performing network attack event analysis and network safety evaluation when a large number of attacks occur. The data processing method comprises the steps of acquiring an original alarm log in a preset time period, wherein the original log is a record of behavior data to a certain network attack; performing first classification clustering on theoriginal alarm log according to the core attribute of the original alarm log, thereby obtaining a plurality of original alarm clusters; performing second classification clustering on the plurality oforiginal alarm clusters according to an association relation in an attack graph for obtaining a plurality of final alarm clusters, wherein the attack graph is the communication graph which is composed of the plurality of original alarm clusters and displays a network attack process in the preset time period; combining the alarm logs included in the plurality of final alarm clusters for obtaininga new alarm log and replacing the original alarm log by the new alarm log. The data processing method and the device thereof are applied to an alarm log processing process.

Description

technical field [0001] The present invention relates to the technical field of firewalls, in particular to a data processing method and device. Background technique [0002] In the Internet era, in order to protect the security of the internal network, users usually use a firewall between the internal network and the external network to construct a protective barrier for the internal network to protect the internal network from illegal user attacks. When the firewall monitors an illegal attack, in addition to defending against the attack, it will also send an alarm to inform the user in a timely manner, and generate an alarm log to be stored in the log database, so as to analyze the network attack event after the attack and monitor the network security. Evaluate. [0003] Since every attack will alarm, even the same alarms will be repeatedly generated and recorded in the log database, so there are a large number of alarm logs stored in the log data database. However, the s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/06
CPCH04L41/069H04L63/1416H04L63/1425
Inventor 刘芳宁李拓
Owner NEUSOFT CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com