Abnormal behavior detection method and device, electronic equipment and storage medium

A behavioral and abnormal technology, applied in error detection/correction, electrical digital data processing, instrumentation, etc., to solve problems such as inaccurate detection results

Active Publication Date: 2020-08-14
HANGZHOU HIKVISION DIGITAL TECH
View PDF7 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the embodiment of the present invention is to provide a detection method, device, electronic equipment and storage medium for abnormal behavior, so as to solve the problem of inaccurate detection results in the current abnormal behavior detection method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Abnormal behavior detection method and device, electronic equipment and storage medium
  • Abnormal behavior detection method and device, electronic equipment and storage medium
  • Abnormal behavior detection method and device, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach

[0182] As an implementation manner of the embodiment of the present invention, the above method may also include:

[0183] When it is determined that the log records included in the data slice are log records generated by abnormal behavior, an alarm message is output.

[0184] In one embodiment, the electronic device can construct and output alarm information for each data piece of the log to be detected belonging to the abnormal category, or the data piece of the log records included in the abnormal behavior, so as to prompt related staff in a timely manner.

[0185] Wherein, the alarm information may include: log source of the log to be detected, abnormal behavior detection time, log start time, end time and log type of the target data piece, and other information. The target data slice is the data slice of the log to be detected belonging to the abnormal category, or the included log record is the data slice of the log record generated by the abnormal behavior.

[0186] C...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Embodiments of the invention provide an abnormal behavior detection method and device, electronic equipment and a storage medium. The method comprises the steps of obtaining a to-be-detected log; dividing the adjacent log records of which the generation time intervals are not greater than a preset threshold value into the same data piece to obtain a plurality of data pieces; generating a log vector according to the log type of the log record included in each data piece; and based on the distance between each log vector and each category center point, determining whether the log record is a logrecord generated by an abnormal behavior, the category center point being a category center point obtained by clustering log vector samples corresponding to data slice samples obtained by dividing log samples obtained in advance. Due to the fact that when the data pieces are divided, the adjacent log records with the interval of the generation time not larger than the preset threshold value are divided into the same data piece, the log records generated by continuous physical behaviors cannot be divided into different data pieces, and the log records corresponding to abnormal behaviors can beaccurately determined.

Description

technical field [0001] The present invention relates to the technical field of equipment abnormal behavior detection, in particular to a detection method, device, electronic equipment and storage medium for abnormal behavior. Background technique [0002] Since abnormal behaviors will threaten the security of network devices, the detection of abnormal behaviors is particularly important. The logs generated by various physical behaviors will have certain rules and conform to certain behavior patterns. Therefore, abnormal behaviors can be determined by analyzing and processing the logs. The currently widely used log-based abnormal behavior detection is to detect log data that does not conform to the behavior pattern, and then determine that the behavior corresponding to the log data is an abnormal behavior. [0003] The current log-based abnormal behavior detection method is as follows: first obtain the log data, then slice the data according to a fixed time or a fixed number...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/30G06K9/62
CPCG06F11/3072G06F18/23213
Inventor 王滨张峰王星李志强万里徐文渊殷丽华李超
Owner HANGZHOU HIKVISION DIGITAL TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap