Network attack tracing method and device

A network attack and attack graph technology, applied in the computer field, can solve problems such as inability to carry out effective protection, and achieve the effect of improving traceability efficiency

Active Publication Date: 2020-09-04
BEIJING QIYI CENTURY SCI & TECH CO LTD
View PDF5 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, for the advanced persistent threat attacks carried out by hackers through network vulnerabilities, for example, the existing methods cannot provide effective protection, and the source of the network attack needs to be located for effective protection.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack tracing method and device
  • Network attack tracing method and device
  • Network attack tracing method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] In order to make the purpose, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application.

[0047] In the embodiment of the present application, a network attack source tracing method is provided in order to solve the problem of relying too much on manpower and low tracing efficiency in attack source tracing. This method can be applied to any electronic device, such as a server that manages each host, and the like.

[0048] It should be noted that the host in this embodiment of the present application refers to devices such as network servers.

[0049] Such as figure 1 As shown, the specific process of network attack source tracing is as follows:

[0050] Step 101, obtaining each abnormal host and the login behavior relationship diagram of each ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a network attack tracing method and device. The method comprises the following steps: obtaining each abnormal host and a login behavior relation graph of each abnormal host, wherein the login behavior relation graph comprises login behaviors occurring between the abnormal host and the behavior association host, the abnormal host is a host where network abnormality occurs,the behavior association host is a host logging in the abnormal host, and / or the behavior association host is a host logged in by the abnormal host; obtaining a sub-attack graph generated by each abnormal host, the sub-attack graph comprising a link from a starting process to an attack process; and generating a network attack graph according to the sub-attack graph of each abnormal host and the login behavior relationship graph, the network attack graph including the sub-attack graph of the abnormal host, and the sub-attack graphs of different abnormal hosts being connected according to loginbehaviors occurring between the behavior association host and the abnormal hosts. The method is used for effectively and quickly performing attack tracing.

Description

technical field [0001] The present application relates to the field of computer technology, and in particular to a network attack source tracing method and device. Background technique [0002] In recent years, with the continuous popularization of the network, the attack techniques and attack methods used by network attackers have also developed new trends. Therefore, network security issues also require network users to pay constant attention and take effective security protection measures. [0003] Among the protective measures adopted in the prior art, common network attacks can be effectively dealt with by setting a firewall or the like. However, for hackers using network vulnerabilities, such as advanced persistent threat attacks, the existing methods cannot provide effective protection, and the source of network attacks needs to be located to provide effective protection. Therefore, how to effectively and quickly trace the source of the attack is an urgent problem t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/08H04L63/126
Inventor 翁迟迟
Owner BEIJING QIYI CENTURY SCI & TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap