A correlation analysis method and system for mail information and malicious code information
A correlation analysis and malicious code technology, applied in transmission systems, digital transmission systems, electrical components, etc., can solve problems such as difficult security situation, difficult to unify the relationship between information, no correlation analysis between email information and malicious code information, etc., to achieve Facilitate in-depth mining and analysis of the effect
Active Publication Date: 2021-10-22
THE THIRD RES INST OF MIN OF PUBLIC SECURITY
View PDF8 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0003] With the rapid development of the network, the security of the network is becoming more and more prominent. However, the existing security devices, security data, and security policies are often scattered and independent. Global correlation makes it difficult to monitor the security situation of the entire network in real time and dynamically
Although the current analysis of persistent attacks has been carried out gradually, for example, in the email analysis process, analysts will analyze which pre-sequence emails are in the current malicious emails, and will continue to monitor the follow-up emails of these emails. The detection work is carried out separately, and it is difficult to unify the information of mail monitoring and malicious code monitoring. Code information for further correlation analysis
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0059]The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.
[0060] It should be noted that, in the case of no conflict, the embodiments of the present invention and the features in the embodiments can be combined with each other.
[0061] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments, but not as a limitation of the present invention.
[0062] In order to solve the above-mentioned problems, the present invention now proposes a correla...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a correlation analysis method and system for mail information and malicious code information, and relates to network security. Step S1, obtaining mail information and malicious code information in the network; Step S2, for each mail information, extracting multi-dimensional key information from the mail information to obtain the first multi-dimensional key information; Step S3, for each malicious code information , extracting multi-dimensional key information from malicious code information to obtain the second multi-dimensional key information; the first and second multi-dimensional key information have the same information content dimension; step S4, correlating the first and second multi-dimensional key information respectively Relevance analysis is performed to obtain correlation values of corresponding information content dimensions; step S5, summing up the correlation values to obtain a total correlation value representing the correlation between email information and malicious code information. The invention has the following beneficial effects: correlation analysis is performed on email information and malicious codes, which is convenient for deep mining and analysis.
Description
technical field [0001] The invention relates to the field of computer security, in particular to a correlation analysis method and system for mail information and malicious code information. Background technique [0002] With the rapid development of informatization construction and IT technology, the application of various network technologies has become more extensive and in-depth. Information resources and asset risks of institutions and individual users are also related to national security and social stability, and have become a new field of hot research and talent demand. Practical and effective measures must be taken in all aspects of law, management, technology, and ethics in order to ensure the "good and fast" stable development of network construction and application. [0003] With the rapid development of the network, the security of the network is becoming more and more prominent. However, the existing security devices, security data, and security policies are o...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/58
CPCH04L63/1416H04L63/145H04L51/212H04L51/42
Inventor 彭如香李祺杨涛凡友荣姜国庆
Owner THE THIRD RES INST OF MIN OF PUBLIC SECURITY