Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network penetration identification method based on interactive behavior analysis

A network penetration and identification method technology, applied in the direction of electrical components, transmission systems, etc., can solve problems such as high complexity, sensitive behavior data, and thresholds that cannot be adaptively adjusted, and achieve the effect of improving training speed and accuracy

Inactive Publication Date: 2019-08-16
哈尔滨英赛克信息技术有限公司
View PDF3 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] There are many papers on attack recognition, but as long as they are as follows: first, based on statistical analysis, this method can have a high detection rate for abnormalities that show obvious changes in data statistics, but usually requires a certain Threshold, when the behavior pattern changes, the threshold cannot be adjusted adaptively; the second is based on data mining, this method is especially suitable for massive behavior analysis, mining the relationship between behaviors, but the mining algorithm is more sensitive to behavior data; the third is Based on machine learning, this method does not require prior knowledge of domain experts, but it is complex and requires a long training time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network penetration identification method based on interactive behavior analysis
  • Network penetration identification method based on interactive behavior analysis
  • Network penetration identification method based on interactive behavior analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The technical solution of the present invention will be further described below in conjunction with the accompanying drawings, but it is not limited thereto. Any modification or equivalent replacement of the technical solution of the present invention without departing from the spirit and scope of the technical solution of the present invention should be covered by the present invention. within the scope of protection.

[0023] The present invention provides a network penetration identification method based on interactive behavior analysis, such as figure 1 As shown, the specific steps of the method are as follows:

[0024] Step 1. Data preprocessing

[0025] (1) Use Sebek to collect interactive behavior data.

[0026] Sebek is a security tool that can capture the keystroke records of the host. The captured data format is: [time stamp IP address process ID command user ID] text, where,

[0027] The timestamp indicates the time of the keystroke;

[0028] The IP addre...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network penetration identification method based on interactive behavior analysis, and the method comprises the steps: employing a Seek client to collect the interactive behavior data of a honeypot machine as an analysis object, carrying out feature extraction and cleaning, feature classification and feature coding on collected data to form a feature sequence; according tothe characteristic that an interactive behavior characteristic sequence has uncertain length and time sequence, adopting an LSTM model as an attack recognition classifier, analyzing an activation function, a loss function and a gradient descent algorithm respectively, selecting an appropriate model to be used as the model, and then optimizing a training model through multiple times of hyper-parameter parameter adjustment. Modeling is carried out according to the time sequence of capturing behavior data features, the features are screened to reduce the feature dimension, and the training speedand precision of the model are improved through feature coding. Through repeated parameter tuning training, the penetration attack identification accuracy and the false alarm rate of the model are obviously superior to those of other models.

Description

technical field [0001] The invention relates to a network penetration identification method, in particular to a network penetration identification method based on interaction behavior analysis. Background technique [0002] Network penetration attack is a systematic and progressive comprehensive attack method. Its attack target is clear, the attack purpose is often not so single, and the harm is also very serious. The steps of the attacker to carry out the attack are very systematic. Assuming that they have obtained the authority of the website server in the target network, they will not only be satisfied with controlling this server, but will use this server to continue to invade the target network and obtain the entire network Permissions for all hosts in . In order to realize the penetration attack, the attack method adopted by the attacker is not limited to a simple Web script vulnerability attack. Attackers will comprehensively use multiple attack methods such as remo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1441
Inventor 杨武
Owner 哈尔滨英赛克信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com