Security event log processing method and device and storage medium

A technology of security event and processing method, applied in the field of security event log processing method, device and storage medium, can solve the problems of neglect and incomplete analysis, and achieve the effect of improving the efficiency of security operation

Active Publication Date: 2020-03-27
TENCENT TECH (SHENZHEN) CO LTD
View PDF18 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] This application provides a security event log processing method, device and storage medium, which can solve the problem t...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security event log processing method and device and storage medium
  • Security event log processing method and device and storage medium
  • Security event log processing method and device and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] In order to make the purpose, technical solution and advantages of the present application clearer, the implementation manners of the present application will be further described in detail below in conjunction with the accompanying drawings.

[0029] Before explaining the security event log processing method provided in the embodiment of the present application in detail, the application scenario and implementation environment provided in the embodiment of the present application are firstly introduced.

[0030] Firstly, the application scenarios provided by the embodiments of the present application are introduced.

[0031] In order to protect assets and data from being leaked, enterprises usually deploy security devices at all levels to protect their assets and data, such as traffic firewalls, intrusion detection devices, virus protection devices and other security devices. Security devices can detect security threats, security problems, etc., and send them to the SO...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a security event log processing method and device and a storage medium, and belongs to the technical field of network security. The method comprises the following steps: extracting a plurality of entity identifiers and entity description information related to a security event from a security event log, wherein the plurality of entity identifiers comprise internet protocolIP addresses; determining an association relationship among the plurality of entity identifiers according to the entity description information; and taking each entity identifier in the plurality of entity identifiers as a node in a network relationship graph, and constructing an edge in the network relationship graph according to an association relationship among the plurality of entity identifiers to obtain the network relationship graph. In this way, the incidence relation between the nodes corresponding to the entity identifiers can be visually displayed in the obtained network relation graph, that is, comprehensive analysis is conducted on the basis of global information, so that technicians can conveniently and rapidly find entities needing to be highly concerned, and the safety operation efficiency can be improved.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a security event log processing method, device and storage medium. Background technique [0002] With the development of network security technology, enterprises will deploy security devices to protect their assets and data. Security devices can detect security threats, security problems, etc., and send them to SOC (SecurityOperation Center, Security Operation Center) in the form of security event logs. In this way, a large number of security event logs will be stored in the SOC, and the information is messy and huge. Therefore, it is necessary to process the security event logs so that technicians can find the most noteworthy security events and ensure safe operation. [0003] In the related technology, when processing the security event log, information such as domain names and IP (Internet Protocol, Internet Protocol) addresses that appear in all stored sec...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08H04L29/12
CPCH04L63/1425H04L63/1416H04L63/1433H04L67/02H04L61/35
Inventor 毛婷伟梁玉洪春华
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap