Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Threat intelligence analysis method and system based on ant colony algorithm

An ant colony algorithm and analysis method technology, applied in the field of network security, can solve the problems of high time cost, waste of manpower and material resources, different judgment results of the same traffic information, etc., to achieve the effect of simple calculation operation, reduction of analysis time, and saving of manpower and material resources

Active Publication Date: 2020-05-08
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF3 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Because the experience of different personnel is not at the same level, there is a possibility that the analysis of the same flow information may have different judgment results
In addition, the traditional method cannot deal with complex flow information, and wastes a lot of manpower and material resources, and the time cost is high

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Threat intelligence analysis method and system based on ant colony algorithm
  • Threat intelligence analysis method and system based on ant colony algorithm
  • Threat intelligence analysis method and system based on ant colony algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0030] refer to figure 1 An ant colony algorithm-based threat intelligence analysis method provided in an embodiment of the present invention may include the following steps:

[0031] Step S101, acquiring traffic information of a host to be detected.

[0032] In the embodiment of the present invention, the device for obtaining the flow information of the host to be detected includes, but is not limited to: a network probe. Wherein, the network probe can access the host to be detected, capture data packets on the host to be detected, filter and analyze the data packets, and obtain traffic information. The flow information may include at least one of the following keywords: access port behavior, attack frequency, and attack importance. Wherein, the attack importance may refer to the importance of pheromone in the ant colony algorithm.

[0033] Step S102, using the ant colony algorithm pheromone to calculate the target pheromone of the traffic information of the host to be det...

Embodiment 2

[0070] refer to Figure 4 , a threat intelligence analysis system based on an ant colony algorithm provided by an embodiment of the present invention may include the following modules:

[0071] Obtaining module 11, is used for obtaining the flow information of host computer to be detected;

[0072] Calculation module 12, for utilizing the ant colony algorithm pheromone to calculate the target pheromone of the traffic information of the host to be detected;

[0073] The first determination module 13 is configured to determine the flow information of the host to be detected as threat intelligence if the target pheromone reaches a preset threshold.

[0074] An ant colony algorithm-based threat intelligence analysis system provided by an embodiment of the present invention includes: first using the acquisition module to obtain the traffic information of the host to be detected, and then using the ant colony algorithm pheromone calculation formula and the calculation module to cal...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a threat intelligence analysis method and system based on an ant colony algorithm, and relates to the technical field of network security, and the method comprises the steps: firstly obtaining flow information of a to-be-detected host, and then calculating the target pheromone of the flow information of the to-be-detected host through employing the pheromone of an ant colonyalgorithm; and if the target pheromone reaches a preset threshold, determining the flow information of the to-be-detected host as threat intelligence. The target pheromone corresponding to the flow information of the to-be-detected host is calculated based on the flow information of the to-be-detected host, whether the flow information of the to-be-detected host is threat information or non-threat information can be determined based on the target pheromone, complex flow information can be dealt with, the calculation operation is simple, manpower and material resources are saved, and the analysis time is shortened.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to an ant colony algorithm-based threat intelligence analysis method and system. Background technique [0002] The current conventional method for detecting threat intelligence is to screen and check through human experience. Since the experience of different personnel is not at the same level, there is a possibility that the analysis of the same flow information may have different judgment results. In addition, the traditional method cannot deal with complex flow information, and wastes a lot of manpower and material resources, and the time cost is high. Contents of the invention [0003] The purpose of the present invention is to provide a threat intelligence analysis method and system based on an ant colony algorithm, which can deal with complex traffic information, has simple calculation and operation, saves manpower and material resources, and reduces analysis time....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/55G06N3/00
CPCG06F21/55G06N3/006
Inventor 杨春雷范渊黄进
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com