Database security auditing method and device and electronic equipment

A security audit and database technology, applied in the field of information security, can solve problems such as inability to identify, discover new user behavior, and inability to audit new user behavior, and achieve the effect of ensuring that it is not leaked.

Active Publication Date: 2019-07-05
CHINA MOBILE GRP GUANGDONG CO LTD +1
View PDF8 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method cannot identify special scenarios. The user's behavior of obtaining sensitive information in the database may change according to the structure of the database itself. However, the audit cannot customize these characteristic behaviors; nor can it discover new user behaviors, so new user behaviors cannot be identified. audit user behavior

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Database security auditing method and device and electronic equipment
  • Database security auditing method and device and electronic equipment
  • Database security auditing method and device and electronic equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] The specific implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. The following examples are used to illustrate the present invention, but are not intended to limit the scope of the present invention.

[0024] figure 1 It is a schematic flow chart of a database security audit method according to an embodiment of the present invention, such as figure 1 The database security audit methods shown include:

[0025] S100, acquiring DPI database log data in real time, and acquiring SQL statement access events according to the log data;

[0026] DPI (Deep packet inspection, deep packet inspection) big data system contains sensitive information such as user location and business usage, and the daily maintenance work not only involves the intervention of third-party personnel, but also involves complex environmental requirements for different operations with different permissions...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a database security auditing method and device and electronic equipment. The method comprises the steps of obtaining DPI database log data in real time, and obtaining an SQL statement access event according to the log data; matching the SQL statement access event with a preset user behavior rule base, wherein the preset user behavior rule base is a rule base of user behaviors obtained by performing association analysis according to historical log data and/or real-time log data of the DPI database; and if the SQL statement access event is not matched with a preset user behavior rule base or partially not matched with the preset user behavior rule base, determining the danger level of the SQL statement access event. According to the method, the association rule can beadjusted according to the structural change of the database and the new behavior of the user, the user behavior is dynamically discovered, and the auditing strategy is adjusted, so that the method adapts to different application scenarios and novel user behaviors, and an effective database security guarantee can be provided.

Description

technical field [0001] The present invention relates to the field of information security, and more specifically, to a database security audit method, device and electronic equipment. Background technique [0002] The most basic problem to be solved in the database security audit service is the collection of security elements, as well as the normalization of events and the definition of event audit rules. In terms of security element collection, one method is to use network mirroring to collect data packets for accessing the database, analyze the data packets through protocols, extract database access statements and return data content as security analysis objects, and then extract security elements through certain rules; The advantage of this method is that the information collected by the specific port of the database is more comprehensive, including both access information and return information. The disadvantage is that the cost of hardware deployment is high, and the pr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62
CPCG06F21/6218G06F2221/2107
Inventor 范永方罗志全毛平平詹晓航陈章耀戴天弓谢识常张兵战陈焕文
Owner CHINA MOBILE GRP GUANGDONG CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap