Abnormality detection method and device for detecting abnormal operation of a work system

An operating system and anomaly detection technology, which is applied in the field of information security and can solve the problem of wasting system computation.

Pending Publication Date: 2020-05-08
ACER CYBER SECURITY INC
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In this way, it brings a lot of inconvenience to users and wastes a lot of system computing power

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Abnormality detection method and device for detecting abnormal operation of a work system
  • Abnormality detection method and device for detecting abnormal operation of a work system
  • Abnormality detection method and device for detecting abnormal operation of a work system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] In order to help users quickly understand the abnormal peak period of the operating system or the degree of abnormality of the operating system at different time intervals, the present invention provides an abnormal detection method and device for detecting abnormal operation of the operating system. Readers will be able to understand the creative spirit of the present invention through the following contents.

[0022] figure 1 It is a schematic diagram showing an abnormality detection device 10 according to an embodiment of the present invention. The device 10 may include a processing unit 100 and a storage unit 300 .

[0023] The storage unit 300 is used for storing various software, data and various program codes required for the operation of the device 10 . The storage unit 300 can be, for example, any form of fixed or removable random access memory (Random Access Memory, RAM), read-only memory (Read-only Memory, ROM), flash memory (Flash Memory), hard disk ( Har...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an abnormality detection method and device for detecting abnormal operation of a work system. The method and device are suitable for detecting abnormal operation of the work system. The method comprises the following steps: calculating the use amount safety range of the operation system in one or more time periods according to historical data streams; and according to the current data flow and the usage amount safety range, calculating an abnormal ratio corresponding to one or more time periods; selecting one or more abnormal time periods from the one or more time periods according to the threshold value and the abnormal ratio; calculating an anomaly indicator for each of the one or more anomaly periods based on the historical data stream and the current data stream; and ranking one or more abnormal time periods according to the abnormal indexes.

Description

technical field [0001] The invention relates to information security technology, in particular to a method and device for detecting abnormal operation of an operating system. Background technique [0002] For the behaviors of login account and password that the user needs to perform when using the operating system (Operating System, OS), the system will record the relevant data of these behaviors in the log. When these behaviors increase in a specific range, it may represent a change in the user's behavior or a hacker intrusion into the operating system. If the number of usage behaviors in a fixed period is abnormal, it means that the usage behaviors in the fixed period are inconsistent with the usage behaviors recorded in the same fixed period in history. Based on this, the existing technology can establish different abnormality prediction models for different time periods, so as to judge whether an abnormality occurs in the corresponding time period according to the abnor...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F11/34
CPCG06F11/3438G06F11/3409
Inventor 李俊贤利建宏吴君勉孙明功张宗铨许银雄黄琼莹蔡宗宪
Owner ACER CYBER SECURITY INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap