Unlock instant, AI-driven research and patent intelligence for your innovation.

A Credible Behavior Base Generation Method Based on Semantic Analysis

A technology of semantic analysis and behavior, applied in the field of network security, can solve problems such as high performance consumption, and achieve the effect of efficient establishment and wide application range

Active Publication Date: 2022-03-18
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantage of this technical solution is that it needs to run through the entire access cycle and consumes a lot of performance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Credible Behavior Base Generation Method Based on Semantic Analysis
  • A Credible Behavior Base Generation Method Based on Semantic Analysis
  • A Credible Behavior Base Generation Method Based on Semantic Analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The specific implementation manners of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0030] The method for generating a trusted behavior library based on semantic analysis of the present invention comprises the following steps:

[0031] (1) Log parsing and standardization

[0032] Configure the log analysis format in the log audit device, connect the log generated by the business system to the log audit device and analyze it, and obtain the behavior information that meets the requirements of the analysis format; the behavior information includes source IP, destination IP, request url, behavior and request time.

[0033] (2) Similarity calculation

[0034] Establish a behavior library for storing behavior information, and set the calculation cycle T and similarity threshold G for comparison;

[0035] Obtain the behavior information of the log in step (1) in real time, and use the ratio function of python's str...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to network security technology and aims to provide a method for generating a trusted behavior library based on semantic analysis. The method includes: log parsing and standardization; elemental comparison of the log behavior information acquired in real time with all behavior information stored in the behavior library, and calculation of their similarity while traversing the comparison; according to the relationship between the similarity and the threshold, classification processing The behavior information of the log; after a calculation period T, store several records of behavior samples in the behavior library; establish a trusted behavior library through the K-means algorithm. The present invention acquires behavior information after analyzing standardized logs, obtains a behavior library through behavior similarity calculation, uses K-means algorithm to cluster the behavior library, deletes outliers, and obtains a credible behavior library. This method has a wide range of applications and can efficiently establish credible behavior samples.

Description

technical field [0001] The invention relates to network security technology, in particular to a method for generating a trusted behavior database based on semantic analysis. Background technique [0002] Abnormal behavior detection (Abnormal behavior detection) is the main research direction of the intrusion detection system at present, and its characteristic is that unknown attack patterns can be discovered by monitoring the abnormal behavior of the system. The key to abnormal behavior detection is to establish a normal usage pattern and use this pattern to compare and judge the current user behavior. [0003] There are some research results on credible behavior recognition in the prior art, such as: [0004] Chinese invention patent application CN103593609B provides a method and device for credible behavior identification. The method includes: presetting credible behavior data sets and untrustworthy behavior data sets; obtaining the focus behavior data of the target page ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/55G06K9/62
CPCG06F21/552G06F18/23213
Inventor 刘博范渊杨锦峰聂桂兵龙文洁
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD