Intranet attack early warning method and device and storage medium

A storage medium and intranet technology, applied in electrical components, transmission systems, etc., can solve problems such as shallow attack behavior, loss of network system resources, and insufficient use of log analysis, and achieve the effect of preventing attack behavior

Inactive Publication Date: 2019-10-18
广州准星信息科技有限公司
View PDF4 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, power companies use manual analysis methods for a large number of logs generated by firewalls, IDS, IPS and other systems. Manual analysis of abstract log data will cause a heavy workload for network information management personnel, and the analysis of attack behaviors is shallow and cannot be intuitively analyzed. expression, leading to low work efficiency of network information management personnel, making log analysis not fully utilized, and consuming a large amount of human resources of the enterprise
In addition, manual analysis data is not real-time, and attack events cannot be accurately analyzed, which will cause huge losses to network system resources, and corresponding measures cannot be effectively taken in real time to protect network system resources

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intranet attack early warning method and device and storage medium
  • Intranet attack early warning method and device and storage medium
  • Intranet attack early warning method and device and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0037] see Figure 1-3 :

[0038] First embodiment of the invention.

[0039] The embodiment of the present invention provides a method for intranet attack early warning, which at least includes the following steps:

[0040] S1. Acquiring intranet attack event data at regular intervals according to a first preset time interval;

[0041] S2. Preprocess the intranet attack event data to obtain transaction data sets, and store the transaction data sets into the dat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an intranet attack early warning method. The method at least comprises the following steps: obtaining intranet attack event data regularly according to a first preset time interval; preprocessing the intranet attack event data to obtain a transaction data set, and storing the transaction data set in a database; generating an association rule from the transaction data according to an Apriori algorithm, storing the association rule in a database, and automatically updating the association rule; acquiring real-time attack event data regularly according to a second preset time interval, and preprocessing the real-time attack event data to obtain preprocessed data; matching the preprocessed data with the antecedent of the association rule through an exception analyzer toobtain a predicted unknown attack; and displaying the unknown attack and the association rule on a Web interface. According to the method, real-time prediction of the intranet attack event can be accurately realized, so that decision support can be provided for network information management personnel, and attack behaviors can be effectively prevented.

Description

technical field [0001] The invention relates to the technical field of network early warning, in particular to an intranet attack early warning method, device and storage medium. Background technique [0002] At present, the information network of power companies has basically invested in necessary security systems, such as IDS, IPS, firewall and other systems, which can effectively solve some internal network security problems, such as the interception of network attacks and virus defense. However, a large amount of log data generated during the operation of these systems has not been fully utilized, and network information management personnel cannot intuitively, effectively, and factually check the current situation of network information systems being attacked in the first place. Therefore, making full use of a large amount of log data to establish a situational awareness model can pre-perceive and effectively prevent various attacks, so as to provide analysis and decisi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1441H04L63/20
Inventor 冯彩彩成国华李国文蔡志冯景峰
Owner 广州准星信息科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap