Network security log key information extraction method and system

A key information and network security technology, which is applied in the field of network security log key information extraction, can solve the problems of no monitoring object analysis and integration, and the inability to meet the security protection requirements of the network environment, so as to reduce the analysis workload, have strong directivity, and target clear effect

Active Publication Date: 2019-09-24
THE THIRD RES INST OF MIN OF PUBLIC SECURITY
View PDF6 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, traditional analysis methods cannot meet the security protection requirements of the current network environment
[0003] At present, there are already a large number of association analysis methods, such as IP association and domain name association, etc., but most of these association analysis methods start from the macro, such as the WHOIS information base, etc., such as exploring how many IP addresses a domain name has used, and how many The IP address layer has been used by multiple domain names, etc., but the same monitoring object (one unit) has not been analyzed and integrated

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security log key information extraction method and system
  • Network security log key information extraction method and system
  • Network security log key information extraction method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0055]It should be noted that, in the case of no conflict, the embodiments of the present invention and the features in the embodiments can be combined with each other.

[0056] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments, but not as a limitation of the present invention.

[0057] In order to solve the above problems, the present invention now provides a method for extracting key infor...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network security log key information extraction method and system, and relates to the field of network monitoring. The method comprises the following steps of S1, acquiring a firewall alarm log and an internal gateway login log from a network security log; S2, processing the firewall alarm log to obtain an intranet result IP list, wherein the intranet result IP list comprises a plurality of intranet IP addresses; S3, retrieving in the internal gateway login log according to the internal network result IP list, and generating an internal network user use record list according to a retrieval result, wherein the intranet user usage record list comprises each intranet IP address, and an allocation log and user login information corresponding to the intranet IP address; and S4, storing the intranet user use record list into a pre-generated to-be-analyzed database for further analysis and use. By combining the firewall alarm log and the internal gateway login information, the internal network IP address is matched, the analysis workload is reduced, the target is clear, and the directivity is high.

Description

technical field [0001] The invention relates to the technical field of network monitoring, in particular to a method and system for extracting key information from network security logs. Background technique [0002] Network security is an important issue related to national security and sovereignty, social stability, and national economic development. Its importance has become more and more important with the acceleration of global informatization. At the same time, with the deepening of information technology and the rapid development of the Internet, network intrusion incidents are increasing, which has brought huge economic losses to people. Some even threaten national security. The detection and defense of network intrusion events is a key issue in network security assurance. In traditional methods, researchers analyze network intrusion behaviors from network security logs, data traffic, malicious code, system vulnerabilities and other channels. However, traditional ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L2463/146
Inventor 彭如香李祺杨涛凡友荣姜国庆
Owner THE THIRD RES INST OF MIN OF PUBLIC SECURITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap