Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

An attack path restoration method, electronic device and computer-readable storage medium

An attack path and computer program technology, applied in the Internet field, can solve problems such as ineffective perception, and achieve the effect of improving threat perception and threat prediction capabilities

Inactive Publication Date: 2021-10-12
中国移动通信集团海南有限公司
View PDF4 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] 1. The threat detected by the attack discovery is basically a single point and a single moment;
[0004] 2. The method of using this attack to discover threats makes the network security response ineffective against Advanced Persistent Threat (APT) perception

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An attack path restoration method, electronic device and computer-readable storage medium
  • An attack path restoration method, electronic device and computer-readable storage medium
  • An attack path restoration method, electronic device and computer-readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to make the purpose, features and advantages of the present application more obvious and understandable, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described The embodiments are only some of the embodiments of the present application, but not all of them. Based on the embodiments in this application, all other embodiments obtained by those skilled in the art without making creative efforts belong to the scope of protection of this application.

[0045] In the prior art, for traffic analysis of intrusion detection equipment or algorithm models, a large number of single-point and single-time threats are basically found, and there is a problem of being unable to perceive APT attacks. The embodiment of this application provides an attack path restoration method. It can discover the tree-like threat ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an attack path restoration method, an electronic device and a computer-readable storage medium, by acquiring target attack events related to assets to be restored in attack events generated based on alarms, and determining assets to be restored in each target attack event The identity of the target IP is the source IP or the destination IP, so as to determine the target attack event where the asset to be restored is the victim, and the attack stage of the target attack event; then based on the occurrence time and attack stage of each target attack event where the asset to be restored is the victim , to restore the attacked path of the asset to be restored. Based on the above description, it can be seen that this application restores the attacked path based on the role of the asset in the target attack event, the time of occurrence and the attack stage of the target attack event. Given that the target attack event occurred within a period of time, the restored attacked path can be Reflecting the law of attacks on assets within a certain period of time is conducive to improving the threat perception and prediction capabilities of the network.

Description

technical field [0001] The present application relates to the technical field of the Internet, and in particular to a method for restoring an attack path, an electronic device, and a computer-readable storage medium. Background technique [0002] Intrusion Kill Chain is a framework proposed by Lockheed Martin security experts in 2011 to protect computer and network security. They mentioned that cyberattacks occur in stages and can be interrupted by establishing effective defense mechanisms at each stage. However, the current methods of attack discovery mainly rely on intrusion detection equipment or algorithm models to analyze traffic. This method of attack discovery has the following disadvantages: [0003] 1. The threat detected by the attack discovery is basically a single point and a single moment; [0004] 2. The method of using this attack to discover threats makes the network security response ineffective for advanced persistent threats (Advanced Persistent Threat, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1433H04L63/1441H04L63/20
Inventor 李映壮王瑶周政成
Owner 中国移动通信集团海南有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products