Intelligent Analysis Method of Intranet Security Threat

An intelligent analysis and security technology, applied in the direction of secure communication devices, digital transmission systems, complex mathematical operations, etc., can solve problems such as model degradation, logs are easy to be tampered, and cannot be used in combination, so as to improve security and improve analysis efficiency , the effect of improving efficiency

Active Publication Date: 2022-03-04
NANKAI UNIV
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the present invention is to solve the problem that when a large number of logs are generated on the intranet, these logs are easy to be tampered with, cannot be combined and used, and the model will degenerate, resulting in the inability to obtain comprehensive and accurate results for prediction. Learned Intelligent Analysis Method for Intranet Security Threats

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intelligent Analysis Method of Intranet Security Threat
  • Intelligent Analysis Method of Intranet Security Threat
  • Intelligent Analysis Method of Intranet Security Threat

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] The present invention takes the detection of abnormal logs as an example for specific description. Any log parsing algorithm that obtains a log template set by inputting a set of original log streams can be used in this method, and the method flow is as follows: figure 1 In this embodiment, four log parsing algorithms, IPLoM, Drain, DrainV1, and LogSig, are used as examples, and the specific introduction is as follows:

[0056] IPLoM is a log parsing algorithm. This algorithm is divided into four steps when parsing logs, and all logs are input at the beginning. The first step is to divide all original logs into different groups according to the length; the second step is to continue grouping the original logs in groups with the same log length. Count all words in the same position of all log records, find the position with the least unique words, and classify according to these unique words. Group raw logs with the same unique word into a group. The third step will o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention proposes an intelligent analysis method for intranet security threats, which is applied to the field of network security. Realized by the following methods: 1. Calculation of multi-model inconsistency scores, including: Step 1.1, generating a log template set; Step 1.2, calculating inconsistency scores; 2. Intranet security threat intelligence analysis method, including: Step 2.1, calculate P-Value; Step 2.2, predict the log flow to be tested based on statistical learning. The present invention uses artificial intelligence analysis instead of manual analysis to realize log analysis; changes the log storage method in the local area, and uses blockchain for safe storage, and realizes the combined use of logs generated by different devices in the intranet; The method supports a variety of log parsing models to achieve multi-model collaboration; the statistical learning method is used to improve the ability to detect abnormal logs.

Description

technical field [0001] The invention belongs to the field of computer network security. Background technique [0002] With the development of the network, the amount of logs generated by the device is increasing, which is difficult to analyze manually; due to the development of technology, the logs originally stored locally face a huge risk of being tampered with; currently, in the intranet, the device cannot The encountered attack behavior notifies other devices in the same network; a single model will degrade over time, resulting in the inability to obtain comprehensive and accurate detection results. Therefore, it is necessary to build a model that can use artificial intelligence to analyze logs, use blockchain to store logs more securely, use the advantages of the intranet to detect abnormal logs, and use multi-model collaboration to defend against models. Spot the threat. Contents of the invention [0003] The purpose of the present invention is to solve the problem...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/00H04L67/01G06F17/18
CPCH04L63/1425G06F17/18
Inventor 王志肖旭航谢学说李涛
Owner NANKAI UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap