Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network space security threat detection method and system based on heterogeneous graph embedding

A network space and threat detection technology, applied in the computer field, can solve the problems of single detection object and low precision, and achieve the effect of improving the accuracy and comprehensiveness of detection

Active Publication Date: 2020-04-03
INST OF INFORMATION ENG CAS
View PDF7 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] The embodiment of the present invention provides a cyberspace security threat detection method and system based on heterogeneous graph embedding to solve the defects of single cyberspace security threat detection object, low precision and excessive reliance on detection sample training in the prior art , to achieve the purpose of effective detection of cyberspace security threats

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network space security threat detection method and system based on heterogeneous graph embedding
  • Network space security threat detection method and system based on heterogeneous graph embedding
  • Network space security threat detection method and system based on heterogeneous graph embedding

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0034] figure 1 The sequence-based threat detection method in the prior art provided for the implementation of the present invention and a schematic diagram of cyberspace security threat detection based on the login behavior structure diagram, wherein figure 1 (a) shows the acquired entity behavior data for any three days, and for the conven...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a heterogeneous graph embedding-based network space security threat detection method and system. The method comprises the steps of obtaining entity behavior data; associating all data items in the entity behavior data according to the meta-attribute association relationship to obtain a data item sequence, and constructing a heterogeneous graph based on thedata item sequence; converting each node in the heterogeneous graph into a low-dimensional vector based on a graph embedding learning method, and obtaining vectorized expression of each node; and analyzing and processing the features of the vectorized expression to judge whether the data item corresponding to the vectorized expression is a malicious behavior or not. According to the embodiment, the heterogeneous graph for threat detection is established, entity behavior data items are simplified and represented in a vectorized mode, data item level threat detection for network space security is provided, later manual correction is not needed, labeled data items serve as training samples, and the detection precision and the detection feasibility are effectively improved.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a method and system for detecting cyberspace security threats based on heterogeneous graph embedding. Background technique [0002] Modern information systems have become an important and irreplaceable part of today's enterprises and organizations. However, the system is always at risk of cyberspace security threats. The main cyberspace security threats are manifested in two aspects, one is internal attack threat, and the other is advanced persistent threat (APT attack). [0003] Insider attack threats usually come from internal malicious employees who have legitimate access to information systems and have the threat of using access rights to destroy the confidentiality, integrity, or availability of information systems. The threat subject of an APT attack usually first infiltrates into the hosts in the target network and steals legal accounts and permissions, and then uses th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06K9/62
CPCH04L63/1416H04L63/1425G06F18/2323
Inventor 文雨刘福承张东雪张博洋杨纯杜莹莹郑阳孟丹
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products