Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method of actively collecting and aggregating data based on multi-source intelligence

A technology of aggregated data and active collection, applied in digital transmission systems, secure communication devices, electrical components, etc., can solve problems such as difficult decision-making, difficult intelligence data quality requirements, difficult to evaluate the real impact of IOC, etc., to strengthen in-depth application and improve Analyzing the Effect of Dimensions

Active Publication Date: 2022-03-18
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF10 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in the actual application process, after machine-readable IOCs such as threat IPs and threat domain names are detected to generate threats, it is difficult to evaluate the real impact of the IOC in the network environment due to insufficient background knowledge and intelligence dimensions. , and it is difficult to provide the next decision
[0003] The existing intelligence data aggregation technology solution is a passive data aggregation technology, which maps and correlates the data that can be collected. However, in the actual application process, it will be found that the type of aggregated data is incomplete. The status quo, such as norms, will lead to the fact that most of the intelligence data is too rich in dimension, or the omission of important intelligence data will occur. Indeed, passive data aggregation is difficult to meet the quality requirements of intelligence data and the application of practical auxiliary judgment and decision-making.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method of actively collecting and aggregating data based on multi-source intelligence
  • Method of actively collecting and aggregating data based on multi-source intelligence
  • Method of actively collecting and aggregating data based on multi-source intelligence

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0041] Example 1, a method based on multi-source intelligence actively acquisition and aggregating data, such as figure 1 As shown, the present invention is mainly by actively broadcasting existing threats IOC data, including threat IP, domain name, file hash), multi-type intelligence source queries, extracts, analyzes, mapping, and finally aggregated to the IOC. Multi-dimensional data, enriched information context information.

[0042] Includes the following steps:

[0043] S1, get IOC data;

[0044] From the threat information database, extract IOC data with high perfection, the IOC data that is not high, according to IP / Domain / Hash, is extracted.

[0045] S2, multi-intelligence source broadcast;

[0046] A multi-channel intelligence source broadcast will be multi-channel, which is a multi-channel intelligence source broadcast, which is:

[0047] The IOC data corresponding to the perfect degree is threatened as the search seed, which is retrieved to the various types of inte...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a method for actively collecting and aggregating data based on multi-source intelligence, comprising the following steps: S1, acquiring IOC data; executing step S2; S2, broadcasting IOC data from multiple intelligence sources; executing step S3; S3, performing steps S2 broadcasts the acquired intelligence data, and maps it to the intelligence dimension; executes step S4; S4, aggregates the data of the intelligence dimension. Through active collection and aggregation, the present invention can effectively solve the problem of incomplete dimensions of existing intelligence data and insufficient context information, and help to form an overall portrait of threat intelligence. Based on the rich intelligence data, it can effectively improve the actual application scenarios The analysis dimension, threat intelligence reliability calculation, and threat impact assessment capabilities strengthen the in-depth application of threat intelligence.

Description

Technical field [0001] The present invention relates to an intelligence acquisition method, and more particularly to a method based on multi-source intelligence actively acquisition and aggregation data. Background technique [0002] The threat information is currently used in safety testing, security defense, tracking traceable application scenarios, and playing its fast, comprehensive warning capabilities in actual application scenarios, effective protection of unknown threats. However, in the actual application process, the IOC, which is often available, the threat, if the threat domain name is detected, and the background knowledge and intelligence dimensions are not rich enough, it is difficult to evaluate the true impact of this IOC in the network environment. And it is difficult to provide the next step. [0003] The existing intelligence data aggregation technology is a passive data aggregation technique, that is, a mapped data that can be collected, but in the actual app...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40H04L61/4511
CPCH04L63/1441H04L63/1433H04L61/4511
Inventor 金丽慧范渊杨勃
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com