Attack event tracing method and device, storage medium and computer equipment

A technology of attack events and storage media, applied in the field of network security, can solve problems such as difficult to trace original equipment, achieve the effect of improving the success rate and accuracy of traceability, reducing professional requirements, and reducing personnel costs

Active Publication Date: 2019-04-09
QI AN XIN SECURITY TECH ZHUHAI CO LTD +1
View PDF9 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, this application provides an attack event traceability method and device, storage medium, and computer equipment. Based on the cloud, the device that discovers the attack event can

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack event tracing method and device, storage medium and computer equipment
  • Attack event tracing method and device, storage medium and computer equipment
  • Attack event tracing method and device, storage medium and computer equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] Hereinafter, the present application will be described in detail with reference to the drawings and embodiments. It should be noted that, in the case of no conflict, the embodiments in the present application and the features in the embodiments can be combined with each other.

[0023] In this embodiment, a method for tracing attack events is provided, such as figure 1 As shown, the method includes:

[0024] Step 101, using the cloud to monitor attack events.

[0025] Use the cloud to collect behavior logs from different servers of enterprise users, and monitor the collected behavior logs. If there is an attack event in the collected behavior logs, obtain a series of behavior logs related to the attack event. In order to determine the attacked end device corresponding to the attack event based on the obtained series of behavior logs.

[0026] Wherein, the behavior logs in each server come from different client devices, and the client devices may be computer devices, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an attack event tracing method and device, a storage medium and a computer device. The method comprises the steps: monitoring an attack event by using a cloud; acquiring behavior chain information of the attack event according to an attacked end device corresponding to the monitored attack event; and determining attack initiating end equipment which initiates the attack event according to the behavior chain information of the attack event. The attack initiating end of the attack event can be rapidly determined according to the determined attack initiating end equipment,the tracing success rate and accuracy are improved, and a scientific basis is provided for follow-up security defense work. Meanwhile, the professional requirement for operation and maintenance personnel is lowered, and the personnel cost is lowered.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a method and device, a storage medium, and a computer device for tracing an attack event. Background technique [0002] At present, the network security environment is undergoing profound changes. With the diversification of attack methods, the professionalization, organization, and even nationalization of attack teams, the aggravation of attack and defense inequality, the large number of traditional security devices deployed by enterprise users are still difficult to effectively cope with the increasing A serious threat situation. [0003] In the existing security protection system, the security log alarm is an indispensable functional module, but with the increasing number of enterprise servers and the decreasing cost of hacker attacks, the security alarm log continues to increase, and the professional operation and maintenance personnel of the enterprise It...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/069H04L63/1416H04L63/1425H04L2463/146
Inventor 陈俊儒
Owner QI AN XIN SECURITY TECH ZHUHAI CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap