Check patentability & draft patents in minutes with Patsnap Eureka AI!

An enterprise network anomaly detection method and system based on a dynamic storage network

An anomaly detection and dynamic storage technology, which is applied in transmission systems, digital transmission systems, secure communication devices, etc., can solve problems such as poor effects of anomaly detection technology, and achieve the effects of convenient origin tracking, reducing dependencies, and ensuring safety

Active Publication Date: 2022-06-28
SHANDONG INSPUR SCI RES INST CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In this context, the previously mentioned anomaly detection techniques work poorly

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An enterprise network anomaly detection method and system based on a dynamic storage network
  • An enterprise network anomaly detection method and system based on a dynamic storage network
  • An enterprise network anomaly detection method and system based on a dynamic storage network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0047] An enterprise network anomaly detection method based on a dynamic storage network, comprising the following steps:

[0048]S1 takes the new event as the current event C, normalizes the current event C into a set of preset fields, takes out K recent windows from the database as the relevant context, and represents the historical event with S;

[0049] S2 converts the current event C and historical event S into multi-digit digital vectors Q and F through field-level embedding and event-level encoding. The specific steps are:

[0050] S201 preselects a periodic continuous bag of words model to calculate the embedding vector of each field of the current event C and the historical event S, and obtains the corresponding field-level embedding vectors Q and F;

[0051] S202 The field-level embedding vectors Q and F are sent to the bi-directional gated recurrent unit Bi-GRU, and the coding vectors of the field-level embedding vectors Q and F are expressed as Q and F=[f 1 ,f 2 ...

Embodiment 2

[0087] An enterprise network anomaly detection system based on a dynamic storage network, comprising a data preparation module, a presentation layer module, a storage formation module, a temporary storage module, a prediction layer module and an anomaly detection module;

[0088] Data preparation module: take the new event as the current event C, normalize the current event C into a set of preset fields, take out the K recent windows from the database as the relevant context, and denote the historical event as S ;

[0089] The presentation layer module includes a vector conversion module and a code conversion module;

[0090] Vector conversion module: Pre-select a periodic continuous bag of words model to calculate the embedding vector of each field of the current event C and historical event S, and obtain the corresponding field-level embedding vectors Q and F;

[0091] The transcoding module sends the field-level embedding vectors Q and F to the bi-directional gated recurre...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a dynamic storage network-based enterprise network anomaly detection method and system, belonging to the field of network security detection; the detection system of the invention implicitly encodes the workflow path of the underlying system through an iterative reminder process, and passes through a temporary storage module It is stored so that it can provide important clues that related events may become potential malicious activities, which facilitates origin tracing and at the same time realizes potential correlation detection between different events in different domains, reducing the dependence on adjacent events The invention improves the sensitivity of the detection method for abnormal network detection, ensures the security of the enterprise network, and reduces the security threats borne by the enterprise network.

Description

technical field [0001] The invention discloses an enterprise network abnormality detection method and system based on a dynamic storage network, and relates to the technical field of network security detection. Background technique [0002] The intranet is based on the technology of the Internet, especially the World Wide Web. It is mainly used for information exchange within an enterprise or organization, but it can still be connected to the Internet through a proxy server. With the increasing number of network applications, enterprise networks are facing a variety of network threats. Fragile internal network, different user rights and scattered confidential information are the main reasons why enterprise networks need to rely on anomaly detection technology for maintenance; [0003] Anomaly detection technology has been widely used in the field of predictive maintenance. By discovering the abnormal operation behavior in the network log data, it can trace the source of th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40H04L67/12H04L41/142
CPCH04L63/1425H04L67/12H04L63/20H04L41/142
Inventor 吴振东李锐于治楼安程治
Owner SHANDONG INSPUR SCI RES INST CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com