Acquisition agent deployment method and device

A collection tree and collection technology, which is applied in the field of network security and can solve problems such as under-collection and over-collection

Active Publication Date: 2019-11-08
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF9 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In order to overcome the problem of over-collection or under-collection easily caused by the above-mentioned existing collection agent deployment method, or at least partially solve the above-mentioned problems, embodiments of the present invention provide a collection agent deployment method and device

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Acquisition agent deployment method and device
  • Acquisition agent deployment method and device
  • Acquisition agent deployment method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] In order to more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description These are some embodiments of the present invention. Those skilled in the art can also obtain other drawings based on these drawings without creative work.

[0028] In one embodiment of the present invention, a collection agent deployment method is provided, figure 1 It is a schematic diagram of the overall flow of the collection agent deployment method provided by the embodiment of the present invention, the method includes: S101, according to the target network-data service library, data service-threat event library, threat event-feature beacon library and collection agent-threat detection atom The data item library builds a network threat-collection tree; am...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an acquisition agent deployment method and an acquisition agent deployment device. The method comprises the steps of constructing a threat-acquisition tree of a network according to a target network-data service library, a data service-potential threat event attribute library, a threat event-feature beacon library and an acquisition agent-threat detection atomic data item library; for any potential threat event, obtaining a risk value of the potential threat event according to the confidence degree of the potential threat event monitored by the acquisition agent and theinfluence of the potential threat event; determining whether each equipment node is a risk point or not according to the risk value of each potential threat event and the threat-acquisition tree; anddeploying the acquisition agent on the risk point according to the risk point in the network, the acquisition capability of the acquisition agent and a preset constraint condition. According to the invention, the data acquisition capability is improved, and resources consumed by data acquisition and analysis are reduced.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a collection agent deployment method and device. Background technique [0002] There are a large number of important devices and systems in large-scale and complex information networks. In order to monitor the operating status of these devices and systems and discover potential threats in time, it is necessary to deploy collection agents to collect the operating status of devices and systems and the massive data and logs they generate. [0003] The existing collection agent deployment scheme mainly deploys collection agents on nodes such as data generation and aggregation. Existing deployment methods mainly consider factors such as network topology or deployment cost, and generally use methods such as mirroring to achieve data collection. However, this collection agent deployment method is not suitable for large-scale complex information networks, because th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0281H04L63/1408H04L63/1433H04L63/302
Inventor 李凤华陈黎丽郭云川王震张玲翠
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap