Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Precise network attack detection and early warning platform

A network attack and platform technology, applied in the field of network security, can solve problems such as excessive storage space occupied by full-flow data, inability to format and retrieve, and inconvenient storage

Inactive Publication Date: 2019-12-06
贵州银智科技发展有限公司
View PDF3 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, according to the above analysis, due to the concealment and particularity of APT attacks, traditional security devices are usually unable to effectively detect the various stages of APT attacks, and cannot generate corresponding alarms. Security personnel spend a lot of energy on alarm logs Analysis is often futile
If the idea of ​​full-flow collection is adopted, on the one hand, storage is inconvenient, and the full-flow data generated every day will take up too much storage space, and organizations usually do not have enough resources to support long-term storage; on the other hand, full-flow data includes Structured data, unstructured data, covering multiple formats such as video, pictures, text, etc., cannot be formatted and retrieved directly, and security personnel cannot find valuable information from massive data

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Precise network attack detection and early warning platform
  • Precise network attack detection and early warning platform
  • Precise network attack detection and early warning platform

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0034] see Figure 1-4 , the present invention provides a technical solution: a precise network attack detection and early warning platform, including a multi-engine sandbox subsystem 1, an auxiliary detection subsystem 2 and a data analysis subsystem 3, and the multi-engine sandbox subsystem 1 includes an application-level sandbox 11. The system sandbox 12 and the concurrent sample execution module 13. The output terminal of the multi-engine sandbox subsystem...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a precise network attack detection and early warning platform. The precise network attack detection and early warning platform comprises a multi-engine sandbox subsystem, an auxiliary detection subsystem and a data analysis subsystem; the data analysis subsystem comprises a correlation analysis system and a big data architecture-based data analysis system, and the correlation analysis system comprises a sandbox intermediate result correlation module, an alarm rule correlation module, an alarm and flow correlation module and a flow modeling analysis module; the auxiliarydetection subsystem comprises an AV module and an IDS module, According to the platform, a layered defense structure is adopted to divide the system into an auxiliary detection subsystem system whichfocuses on known threat detection, a multi-engine sandbox detection subsystem which focuses on malicious behavior detection and a data analysis subsystem; for each stage of the APT attack, the accurate network attack detection and early warning platform can perform effective detection and timely early warning on the APT attack in the stages of single-point breakthrough, back door installation, secret channel establishment, data stealing and the like.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a precise network attack detection and early warning platform. Background technique [0002] Advanced persistent threat (Advanced Persistent Threat, referred to as APT) is a kind of network information system that can bypass various traditional security detection and protection measures, and steal the core data and various information of the network information system by means of careful camouflage, targeted attacks, long-term latency, and continuous penetration. Type of intelligence attacks. Facts have proved that traditional security devices are no longer able to resist complex and hidden APT attacks. [0003] The framework of the traditional security defense system generally includes: access control, security isolation, border detection / defense, terminal defense, network audit, access control, etc. The security products involved include: firewall, IDS / IPS, anti-virus...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L63/1416H04L63/1425H04L63/145H04L63/1433H04L63/1466H04L41/0631H04L41/145
Inventor 田洪鸿尚华马德龙
Owner 贵州银智科技发展有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com