Forensic and traceability method for integrated network attacks, system, equipment and storage media

A technology for network attack and forensics data, applied in the field of network security, can solve problems such as hidden security risks and complicated operations, and achieve the effect of solving cumbersome design and solving problems with hidden security risks.

Active Publication Date: 2019-03-19
北京中睿天下信息技术有限公司
View PDF3 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The purpose of the embodiments of the present invention is to provide an integrated method, system, device, and storage medium for network attack forensics and source tracing, so as to solve the complex operation and potential safety hazards of the existing network attack forensic and source tracing technology due to the use of mobile storage devices for data exchange in the forensics link The problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Forensic and traceability method for integrated network attacks, system, equipment and storage media
  • Forensic and traceability method for integrated network attacks, system, equipment and storage media
  • Forensic and traceability method for integrated network attacks, system, equipment and storage media

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0028] The embodiment of the present invention provides an integrated network attack forensics traceability system applicable to various application scenarios, which can discover, identify, audit, and trace the abnormal behavior and attack activities of the enterprise network and internal hosts, evaluate the enterprise network security status, clarify potential security threat. First, it has powerful malware identification capabilities, which can help users discover security problems and hidden dangers within the network; second, it solves the detection problem of APT (Advanced Persistent Threat, advanced persistent threat) attacks, and can help enterprises, institutions and countries The security department discovers the attack and traces the source.

[0029] The integrated network attack evidence collection and traceability system has a variety of product forms and supports multiple deployment methods. It can not only meet the needs of enterprise batch collection or normali...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

An embodiment of the invention discloses a forensic and traceability method for integrated network attacks, a system, equipment and a storage media, which relates to the technical field of network security. An embodiment of the invention innovatively realizes the integrated operation of forensics and traceability by improving software and hardware technology. When the forensic and traceability ofnetwork attacks is performed by using the embodiment of the present invention, the forensics, analysis, traceability, and archiving are all executed on one device, and an external device is not required for assistant in data transfer and import and export, so that the design complexity and security risks of existing equipment can be solved.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to an integrated network attack evidence and source tracing method, system, device and storage medium. Background technique [0002] Forensics and traceability of cyber attacks involve two operations, one is forensics and the other is traceability. Forensics needs to be carried out on the target host, the purpose is to obtain host information and a complete evidence chain; traceability is generally completed in the traceability system, which requires analysis software and a traceability database. [0003] The current evidence collection process generally uses mobile storage devices for data exchange. The process is as follows: first use a mobile storage device to store the software, insert it into the user’s host computer for installation, and perform evidence collection after the installation; and then import the data into the traceability system through the mobile storag...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425H04L63/1441H04L63/145H04L63/20H04L2463/146
Inventor 刘庆林魏海宇刘海洋吴小勇白应东熊文砚谢辉
Owner 北京中睿天下信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap