User portrait grouping and behavior analysis method and system based on log data of network security equipment

A network security and behavior analysis technology, applied in transmission systems, character and pattern recognition, instruments, etc., can solve problems such as user unauthorized access, economic loss of enterprises, abnormal access behavior cannot be well checked out, etc.

Pending Publication Date: 2020-02-11
XI AN JIAOTONG UNIV
View PDF9 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the security device cannot detect abnormal access behaviors of internal users who have been allowed to enter, such as user account abuse, user unauthorized access, and users' unauthorized access to and modification of important data.
These abnormal behaviors have extremely high risks for the enterprise cloud platform, and once they occur, they will bring immeasurable serious consequences and economic losses to the enterprise

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • User portrait grouping and behavior analysis method and system based on log data of network security equipment
  • User portrait grouping and behavior analysis method and system based on log data of network security equipment
  • User portrait grouping and behavior analysis method and system based on log data of network security equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] The implementation of the present invention will be described in detail below in conjunction with the drawings and examples.

[0050] The method in the present invention will be divided into two parts: offline modeling and online analysis, specifically including data acquisition process, feature extraction process, clustering model building process, and online user behavior analysis process. figure 1 It is a block diagram of the user portrait grouping and behavior analysis method based on network security device log data of the present invention. The system of the present invention is illustrated in block diagram form. figure 2 It is a frame diagram of the user portrait grouping and behavior analysis system based on network security device log data of the present invention.

[0051] data acquisition process

[0052] image 3 It is an instance of the user authority data of the network security device. Figure 4 is an instance of network security device user log data...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a user portrait grouping and behavior analysis method and system based on log data of network security equipment. The method mainly comprises the following steps: 1) extractingfeatures from data such as user logs of the network security equipment; 2) carrying out preprocessing and data analysis on the features to obtain relationships between the features and relationshipsbetween the features and user behaviors; 3) constructing a clustering model of the user groups according to the user characteristics; 4) establishing a user portrait according to the clustering model,and determining whether the user has abnormal behaviors or not according to a matching result of the user characteristics and the user portrait; the method is simple to implement and low in calculation complexity; the computing resource overhead of behavior analysis in the user log can be effectively reduced. Compared with the prior art, the invention does not need any additional mark, only needsthe data automatically recorded by the network security equipment, has the advantages of practical application, provides a user grouping method and a portrait matching method with different behaviormodes, and carries out decision-making judgment on whether the user behavior is abnormal or not.

Description

technical field [0001] The invention belongs to the technical field of data mining, and in particular relates to a user portrait grouping and behavior analysis method and system based on network security device log data. Background technique [0002] Due to the importance of the enterprise cloud platform, each enterprise will choose to deploy it behind a security device when building a cloud platform to protect it from attacks from the external network. However, security devices cannot detect the abnormal access behaviors of internal users who have been allowed to enter, such as user account abuse, user unauthorized access, and users' unauthorized access to and modification of important data. These abnormal behaviors have extremely high risks for the enterprise cloud platform, and once they occur, they will bring immeasurable serious consequences and economic losses to the enterprise. [0003] Although network security devices cannot detect abnormal behaviors of internal us...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62H04L29/06
CPCH04L63/1425G06F18/23213
Inventor 周亚东胡博文朱星宇管晓宏
Owner XI AN JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap