Unlock instant, AI-driven research and patent intelligence for your innovation.

Intelligent analysis method for intranet security threats

An intelligent analysis and security technology, applied to electrical components, complex mathematical operations, transmission systems, etc., can solve problems such as model degradation, logs are easy to be tampered with, and cannot be combined and used, so as to improve efficiency, improve analysis efficiency, and improve security. sexual effect

Active Publication Date: 2019-07-12
NANKAI UNIV
View PDF5 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the present invention is to solve the problem that when a large number of logs are generated on the intranet, these logs are easy to be tampered with, cannot be combined and used, and the model will degenerate, resulting in the inability to obtain comprehensive and accurate results for prediction. Learned Intelligent Analysis Method for Intranet Security Threats

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intelligent analysis method for intranet security threats
  • Intelligent analysis method for intranet security threats
  • Intelligent analysis method for intranet security threats

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] The present invention takes the detection of abnormal logs as an example for specific description. Any log parsing algorithm that obtains a log template set by inputting a set of original log streams can be used in this method, and the method flow is as follows: figure 1 In this embodiment, four log parsing algorithms, IPLoM, Drain, DrainV1, and LogSig, are used as examples, and the specific introduction is as follows:

[0056] IPLoM is a log parsing algorithm. This algorithm is divided into four steps when parsing logs, and all logs are input at the beginning. The first step is to divide all original logs into different groups according to the length; the second step is to continue grouping the original logs in groups with the same log length. Count all words in the same position of all log records, find the position with the least unique words, and classify according to these unique words. Group raw logs with the same unique word into a group. The third step will o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an intelligent analysis method for intranet security threats, and is applied to the field of network security. The method is realized through the following steps of: 1, calculating a multi-model inconsistency score, which comprises the following steps of: 1.1, generating a log template set; 1.2, calculating an inconsistency score; 2, carrying out an intranet security threatintelligent analysis method comprising the following steps: 2.1, calculating P-Value; 2.2, predicting the to-be-tested log flow based on statistical learning. Artificial intelligence analysis rather than manual analysis is utilized to realize log analysis; a storage mode of storing the logs in the local is changed, and secure storage is carried out by adopting a block chain, and combined use of the logs generated by different devices in the intranet is achieved; the method supports multiple log analysis models, and multi-model collaboration is achieved; and by utilizing a statistical learningmethod, the detection capability on the abnormal logs is improved.

Description

technical field [0001] The invention belongs to the field of computer network security. Background technique [0002] With the development of the network, the amount of logs generated by the device is increasing, which is difficult to analyze manually; due to the development of technology, the logs originally stored locally face a huge risk of being tampered with; currently, in the intranet, the device cannot The encountered attack behavior notifies other devices in the same network; a single model will degrade over time, resulting in the inability to obtain comprehensive and accurate detection results. Therefore, it is necessary to build a model that can use artificial intelligence to analyze logs, use blockchain to store logs more securely, use the advantages of the intranet to detect abnormal logs, and use multi-model collaboration to defend against models. Spot the threat. Contents of the invention [0003] The purpose of the present invention is to solve the problem...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F17/18
CPCH04L63/1425G06F17/18
Inventor 王志肖旭航谢学说李涛
Owner NANKAI UNIV