Unlock instant, AI-driven research and patent intelligence for your innovation.

Network security alarm confidence evaluation method and device

A network security and confidence technology, applied in the field of information security, can solve the problem of low accuracy of network security alarm confidence assessment

Active Publication Date: 2020-05-12
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In order to solve the problem of low accuracy of the existing network security alarm confidence assessment, the embodiment of the present invention provides a network security alarm confidence assessment method and device

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security alarm confidence evaluation method and device
  • Network security alarm confidence evaluation method and device
  • Network security alarm confidence evaluation method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0073] In order to solve the problem of low accuracy of the existing network security alarm confidence evaluation, the embodiments of the present invention provide a network security alarm confidence evaluation method and device.

[0074] The preferred embodiments of the present invention will be described below in conjunction with the accompanying drawings. It should be understood that the preferred embodiments described here are only used to illustrate and explain the present invention, and are not intended to limit the present invention, and in the absence of conflict, the present invention The embodiments and the features in the embodiments can be combined with each other.

[0075] Such as figure 1 As shown, it is a schematic diagram of the implementation flow of the network security alarm confidence evaluation method provided by the embodiment of the present invention, which may include the following steps:

[0076] S11. Extract key information from logs received within ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network security alarm confidence evaluation method and device, which are used for solving the problem of low accuracy of the existing network security alarm confidence evaluation. The method comprises the following steps: generating a corresponding triple from logs received in each preset time period; determining the frequency factor of each triad corresponding to the same type of log and the frequency factor of each entity in all triads corresponding to the same type of log in the current time period; according to the triples corresponding to the to-be-evaluated alarm logs and the triples corresponding to the various types of logs in the first N time periods of the to-be-evaluated time periods associated with the entities in the triples, constructing an alarm association graph; and determining the alarm confidence of the alarm log to be evaluated in the time period to be evaluated according to the frequency factors of the triples forming the data edges of the alarm association graph and the frequency factors of the entities forming the data points of the alarm association graph.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a method and device for evaluating the confidence level of a network security alarm. Background technique [0002] With the rapid development of network technology, network security threats have increased significantly. Various threat detection devices deployed on the enterprise side generate large-scale network security alarms every day. Due to the dynamic nature of network behavior, there are a considerable proportion of false positives in these alarms. At this stage, there is no effective way to evaluate the confidence level of network security alarms, which leads to the waste of a lot of energy for security operation and maintenance personnel to deal with false positive events. [0003] The existing network security alarm confidence assessment relies on expert knowledge and the black and white lists accumulated during the operation and maintenance process, for e...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/24H04L29/06G06F16/18G06F16/36
CPCG06F16/1815G06F16/367H04L41/069H04L41/28H04L63/101
Inventor 张润滋刘文懋刘威歆张胜军陈磊
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD