Threat pursuit method, device and equipment in network security defense

A network security and network technology, applied in the field of network security, can solve problems such as hidden dangers in network security, lack of retrospective detection capabilities, etc., to achieve the effect of improving detection capabilities, enhancing network security defense capabilities, and reducing possibilities

Inactive Publication Date: 2020-02-14
SANGFOR TECH INC
View PDF9 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, existing network threat detection products can only perform real-time detection of network traffic data without retrospective detection capabilities. Therefore, once these unknown latent threats are not found in real-time detection, existing network threat detection products and won't test it again
That is to say, the existing network threat detection products can easily make some network threats slip through the net when the threat intelligence update is insufficient, and once these unknown network threats enter the incubation period, it is difficult to be detected again, forming a network security threat. Hidden danger

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Threat pursuit method, device and equipment in network security defense
  • Threat pursuit method, device and equipment in network security defense
  • Threat pursuit method, device and equipment in network security defense

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] The core of the present application is to provide a threat hunting method, device, equipment and computer-readable storage medium in network security defense, so as to effectively improve the detection capability and further enhance the network security defense capability.

[0055]In order to describe the technical solutions in the embodiments of the present application more clearly and completely, the technical solutions in the embodiments of the present application will be introduced below in conjunction with the drawings in the embodiments of the present application. Apparently, the described embodiments are only some of the embodiments of this application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0056] Please refer to figure 1 , figure 1 A flow chart of a threat hunting method in netw...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a threat pursuit method in network security defense. The method comprises the steps of obtaining updated network threat feature information in threat intelligence; calling a flow record database which is generated and stored in history, and performing matching search on the flow record database according to the network threat feature information, wherein traffic characteristic metadata of historical network traffic is recorded in the traffic record database; and if the matching search succeeds, determining threat activity information in the network according to the traffic feature metadata matched with the network threat feature information. According to the invention, the flow record database is established to store the flow characteristic metadata of the network flow, and the backtracking detection is utilized to effectively improve the detection capability for the network threat and enhance the network security defense capability. The invention also disclosesa threat pursuit device and equipment in network security defense and a computer readable storage medium, which also have the above beneficial effects.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a threat hunting method, device, equipment and computer-readable storage medium in network security defense. Background technique [0002] With the rapid development and wide application of network technology, network security issues have also highlighted its importance. [0003] Due to factors such as the openness of the network and the sharing of network resources, computer networks are vulnerable to attacks by various viruses, hackers, malware and other misconduct. Among these threats, there are some unknown and latent advanced threats. They usually have a long incubation period after a successful intrusion, and do not have too much threat behavior and threat data performance, so it is difficult to be detected by existing network threat detection products. detected. [0004] In fact, a large number of unknown network threats appear every day. Therefore, th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1408H04L63/1416H04L63/1425H04L63/302
Inventor 吕晓滨
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap