Network threat analysis method and system

A technology of threat analysis and network, which is applied in the field of network threat analysis system, can solve the problems of missed reporting, excessive requirements of security management personnel, high false alarm rate, etc., and achieve the effect of effective threat monitoring

Inactive Publication Date: 2019-12-20
GUIZHOU POWER GRID CO LTD
View PDF6 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] In the use of these methods, various problems have been found, including high false positive rate, a large number of missed negative problems, and high requirements for security managers, so that most organizations cannot make the product play the expected detection role. Therefore, it has not been widely recognized by the market

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network threat analysis method and system
  • Network threat analysis method and system
  • Network threat analysis method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] Aiming at the problems existing in the prior art, the embodiment of the present invention provides a method for network threat analysis, such as figure 1 As shown, the method may specifically include the following steps:

[0041] Step 1. Reorganize the restore file according to the network behavior of the computer system.

[0042] Specifically, from the analysis of the attack path of advanced sustainable threats, the vast majority of attacks come from web surfing, phishing emails, and file sharing. Based on this monitoring system, the decoding and restoration capabilities of the above related application protocols are provided, specifically including: HTTP, SMTP, POP3, IMAP, FTP, etc.

[0043] Furthermore, in order to detect threats more accurately, the analysis system takes into account the attack characteristics of advanced persistent threats, and performs a complete file restoration analysis on key file types. The system supports the following file decoding:

[004...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network threat analysis method and system. The English name of the network threat analysis system is ThreatAnalysis Center (hereinafter referred to as TAC for short). Known and unknown malicious software and files entering a network through a webpage, an e-mail or other online file sharing modes can be effectively detected, APT attack behaviors utilizing 0day vulnerabilities are discovered, and a client network is protected from various risks caused by attacks such as 0day. According to the TAC system, a multi-core virtualization platform is adopted, and higher performance and higher detection rate are achieved through a parallel virtual environment detection and stream processing mode. The system comprises four core detection assemblies: a reputation detection engine, a virus detection engine, a static detection engine (including vulnerability detection and shellcode detection) and a dynamic sandbox detection engine, through parallel detection of multiple detection technologies, a 0day attack and an unknown attack can be effectively detected while a known threat is detected, so that an advanced sustainable threat can be effectively monitored.

Description

technical field [0001] The invention belongs to the field of computer network security, and specifically relates to a network threat analysis system, which is used to protect customer networks from various risks caused by 0day attacks. Background technique [0002] Today, governments and businesses alike face an ever-evolving cyber threat environment. The original hacker attack was to attack media websites for the purpose of gaining influence and self-satisfaction, but now it has evolved into an attack for economic and political purposes. Attackers can directly obtain benefits by stealing intellectual property rights, and can also invade and steal customers' personal financial information, or even directly encrypt documents and carry out naked extortion, and what's more, destroy the other party's services and even the country's infrastructure. The change in motivation also brought about a change in the way of attack. From the widespread and aimless attack threat in the pas...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1408H04L63/1433H04L63/145H04L63/1483H04L63/20
Inventor 陈晖方曦邵亮喻群贾力祝嘉伟肖乾詹乐贵魏莉莉周子雅姜丹
Owner GUIZHOU POWER GRID CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap