Unlock instant, AI-driven research and patent intelligence for your innovation.

A method and device for evaluating network security alarm confidence

A network security and confidence technology, applied in the field of information security, can solve the problem of low accuracy of network security alarm confidence assessment

Active Publication Date: 2022-04-29
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In order to solve the problem of low accuracy of the existing network security alarm confidence assessment, the embodiment of the present invention provides a network security alarm confidence assessment method and device

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for evaluating network security alarm confidence
  • A method and device for evaluating network security alarm confidence
  • A method and device for evaluating network security alarm confidence

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0073] In order to solve the problem of low accuracy of the existing network security alarm confidence evaluation, the embodiments of the present invention provide a network security alarm confidence evaluation method and device.

[0074] The preferred embodiments of the present invention will be described below in conjunction with the accompanying drawings. It should be understood that the preferred embodiments described here are only used to illustrate and explain the present invention, and are not intended to limit the present invention, and in the absence of conflict, the present invention The embodiments and the features in the embodiments can be combined with each other.

[0075] Such as figure 1 As shown, it is a schematic diagram of the implementation flow of the network security alarm confidence evaluation method provided by the embodiment of the present invention, which may include the following steps:

[0076] S11. Extract key information from logs received within ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and device for evaluating the confidence level of a network security alarm, which are used to solve the problem of low accuracy of the existing network security alarm confidence level assessment. The method includes: generating corresponding triples from the logs received in each preset time period; determining the frequency factor of each triple corresponding to the same type of logs in the current time period and all the corresponding triples of the same type of logs The frequency factor of each entity in the triplet; according to the triplet corresponding to the alarm log to be evaluated and the log of each type in the first N time periods of the time period to be evaluated associated with the entity in the triplet The corresponding triplet constructs an alarm correlation graph; according to the frequency factor of the triples of each data edge forming the alarm correlation graph and the frequency factor of each data point entity constituting the alarm correlation graph, it is determined that the alarm log to be evaluated is Evaluate the alert confidence for the time period.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a method and device for evaluating the confidence level of a network security alarm. Background technique [0002] With the rapid development of network technology, network security threats have increased significantly. Various threat detection devices deployed on the enterprise side generate large-scale network security alarms every day. Due to the dynamic nature of network behavior, there are a considerable proportion of false positives in these alarms. At this stage, there is no effective way to evaluate the confidence level of network security alarms, which leads to the waste of a lot of energy for security operation and maintenance personnel to deal with false positive events. [0003] The existing network security alarm confidence assessment relies on expert knowledge and the black and white lists accumulated during the operation and maintenance process, for e...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40G06F16/18G06F16/36
CPCG06F16/1815G06F16/367H04L41/069H04L41/28H04L63/101
Inventor 张润滋刘文懋刘威歆张胜军陈磊
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD