Attacked path reduction method, electronic device and computer readable storage medium

A technology of attack path and computer program, which is applied in the Internet field and can solve problems such as perception invalidity

Inactive Publication Date: 2019-02-12
中国移动通信集团海南有限公司
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] 1. The threat detected by the attack discovery is basically a single point and a single moment;
[0004] 2. The method of using this attack to discover threats makes the network security response ineffective against Advanced Persistent Threat (APT) perception

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attacked path reduction method, electronic device and computer readable storage medium
  • Attacked path reduction method, electronic device and computer readable storage medium
  • Attacked path reduction method, electronic device and computer readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to make the purpose, features and advantages of the present application more obvious and understandable, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described The embodiments are only some of the embodiments of the present application, but not all of them. Based on the embodiments in this application, all other embodiments obtained by those skilled in the art without making creative efforts belong to the scope of protection of this application.

[0045] In the prior art, for traffic analysis of intrusion detection equipment or algorithm models, a large number of single-point and single-time threats are basically found, and there is a problem of being unable to perceive APT attacks. The embodiment of this application provides an attack path restoration method. It can discover the tree-like threat ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an attacked path reduction method, an electronic device and a computer readable storage medium. By acquiring target attack events related to to-be-reduced assets in attack events generated on the basis of alarms and determining whether an identity of the to-be-reduced asset in each target attack event is a source IP or a target IP, target attack events in which the to-be-reduced assets are victims and attack stages of the target attack events are determined; and then on the basis of occurrence time and the attack stage of each target attack event in which the to-be-reduced asset is the victim, an attacked path of the to-be-reduced asset is reduced. Based on the description above, it can be known that according to the application, the attacked paths are reduced on the basis of roles of the assets in the target attack events and the occurrence time and the attack stages of the target attack events; and in consideration of a case that the target attack events occurin a period of time, the reduced attacked paths can reflect laws of attacks from which the assets suffer in a certain time so as to benefit for improving the threat perception ability and the prediction ability of a network.

Description

technical field [0001] The present application relates to the technical field of the Internet, and in particular to a method for restoring an attack path, an electronic device, and a computer-readable storage medium. Background technique [0002] Intrusion Kill Chain is a framework proposed by Lockheed Martin security experts in 2011 to protect computer and network security. They mentioned that cyberattacks occur in stages and can be interrupted by establishing effective defense mechanisms at each stage. However, the current methods of attack discovery mainly rely on intrusion detection equipment or algorithm models to analyze traffic. This method of attack discovery has the following disadvantages: [0003] 1. The threat detected by the attack discovery is basically a single point and a single moment; [0004] 2. The method of using this attack to discover threats makes the network security response ineffective for advanced persistent threats (Advanced Persistent Threat, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1433H04L63/1441H04L63/20
Inventor 李映壮王瑶周政成
Owner 中国移动通信集团海南有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap