Intrusion response strategy generation method and device

A strategy and meta-policy technology, applied in the field of information security, can solve problems such as the inability to effectively guarantee response utility, and achieve the effect of ensuring accuracy and high response utility.

Active Publication Date: 2019-09-27
INST OF INFORMATION ENG CAS
View PDF8 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, current intrusion response strategy metho...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrusion response strategy generation method and device
  • Intrusion response strategy generation method and device
  • Intrusion response strategy generation method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017] In order to make the objectives, technical solutions, and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be described clearly and completely in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of the embodiments of the present invention, not all the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of the present invention.

[0018] The existing response strategy generation scheme mainly solves the two problems of the selection of measures in the intrusion response and the selection of the deployment points of measures. However, in practice, in order to resist the attack as accurately as possible, the generated response strategy also needs to solve the fol...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides an intrusion response strategy generation method and device, and the method comprises the steps: determining a candidate measure set and a deployment point set for responding to an attack according to received alarm information and a network topological structure; taking the measures, the deployment points and the time sequence of the measure deployment as three dimensions of the array, taking the duration of the measure execution as elements in the array, and encoding the candidate strategies by using the three-dimensional array to generate a plurality of candidate strategies; carrying out iterative evolution on the plurality of candidate strategies based on a genetic algorithm according to a preset fitness function until a preset condition is met, and obtaining a target strategy so as to realize intrusion prevention, wherein each strategy comprises at least one meta-strategy, and each meta-strategy comprises a measure, a deployment point, a time sequence of measure deployment and measure execution duration. The time sequence and the execution duration of deployment of each selection measure are determined while the measure and the deployment point are selected, so that the accuracy of the generation strategy is ensured, and higher safety benefits can be obtained.

Description

Technical field [0001] The invention relates to the technical field of information security, in particular to a method and device for generating an intrusion response strategy. Background technique [0002] With the rapid growth of the network scale, intrusion events have become increasingly complex in recent years and often cause serious consequences. In order to resist attacks, intrusion response systems are designed to generate appropriate response strategies to eliminate potential impacts and reduce system risks. Most of the existing intrusion response strategy methods focus on selecting appropriate measures and deployment points. In terms of measure selection, existing methods usually select one or more measures to deal with malicious behaviors and provide a balance between attack losses and measures gains. The existing single measure selection method usually considers the intrusion cost, collateral loss, and measure security benefits, etc., sorts the measures and selects ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/12H04L63/1441H04L63/20
Inventor 郭云川李凤华张晗李勇俊房梁张玲翠
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap