Abnormal access behavior detection method and system, storage medium and terminal

A detection method and access relationship technology, which is applied in the field of network security, can solve problems such as the failure of normal detection and bypass of security devices, and achieve the effect of improving security risks and security performance

Pending Publication Date: 2020-08-28
SANGFOR TECH INC
View PDF5 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, the industry generally uses intrusion detection equipment for intranet security detection, but intranet detection is generally based on traditional security detection rules, and unknown threats such as 0day and anti-virus tools may be bypassed
Secondl

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Abnormal access behavior detection method and system, storage medium and terminal
  • Abnormal access behavior detection method and system, storage medium and terminal
  • Abnormal access behavior detection method and system, storage medium and terminal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] In order to make the purposes, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments It is a part of the embodiments of this application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0040] At present, intrusion detection equipment is widely used in the industry, and the detection equipment is connected to the terminal for detection. However, the intrusion detection equipment can only detect some obvious network attacks, but it is difficult to detect inconspicuous network attacks such as traffic theft and access behavior forgery. ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an abnormal access behavior detection method. The method comprises the steps of recording an access relationship set of access behaviors of a terminal; inputting the access behavior characteristics of the access relationship set into an access detection model,wherein the access detection model is a model obtained by training access behavior characteristics in historical access data of the terminal; and determining whether the access behavior in the access relationship set is an abnormal access behavior or not according to an output result of the access detection model. The potential safety hazard of the terminal can be greatly improved, and the safety performance of the terminal is improved. The invention further provides an abnormal access behavior detection system,a computer readable storage medium and a terminal, which have the above beneficial effects.

Description

technical field [0001] The present application relates to the field of network security, in particular to a method for detecting abnormal access behavior, a detection system, a computer-readable storage medium and a terminal. Background technique [0002] At present, malicious attackers often need to first obtain a certain terminal in the intranet during the actual penetration test and intrusion process, and use this as a springboard to infiltrate the intranet. Since many security devices are often deployed on the intranet, sensitive behaviors are easily discovered by security devices. Experienced malicious attackers often use some hidden methods to carry out horizontal attacks on the intranet, using some unconventional attack methods, avoiding Killing tools or even unpublished 0day attacks can be used to steal sensitive information, obtain higher privileges, install backdoor Trojan horses, or perform intranet roaming and other operations. At present, the industry generally...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1425
Inventor 蒲大峰
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap