Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A Method of Abnormal Behavior Discovery Based on Big Data Machine Learning

A technology of machine learning and discovery methods, applied in the field of data security, can solve the problems of narrowing the scope of manual judgment, judgment model accuracy error, single data source, etc., and achieve the goal of reducing human workload, reducing abnormal behavior, and improving accuracy Effect

Active Publication Date: 2021-01-15
BEIJING TONGTECH CO LTD
View PDF15 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] (1) The data source is single, and only the logs are analyzed and processed
[0005] (2) Unable to determine abnormal behavior and users in real time
[0006] (3) All rely on manual statistical analysis, which is costly and prone to wrong judgments on behavior
[0008] Although this application solves the problems in the background technology to a certain extent, all abnormal behaviors in this application need to be judged manually. When vectorizing the original data, the range of abnormal data can be narrowed down to determine Some common-sense abnormal behaviors, narrowing the scope of manual judgment, and when updating the knowledge base, only one algorithm is used to determine the data to train the random forest model. With the subsequent input of new behavior data, errors in the accuracy of the judgment model may occur

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Method of Abnormal Behavior Discovery Based on Big Data Machine Learning
  • A Method of Abnormal Behavior Discovery Based on Big Data Machine Learning
  • A Method of Abnormal Behavior Discovery Based on Big Data Machine Learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0066] see Figure 1-9 , a method for discovering abnormal behavior based on big data machine learning, comprising the following steps:

[0067] S1: Create a working environment: establish a learning unit, a knowledge base unit, an execution unit, and a feedback unit. The learning unit is connected to the knowledge base unit and the execution order, the execution unit is connected to the feedback unit, and the feedback unit is connected to the knowledge base unit. The execution unit includes The rule base module and the behavior judgment module, the behavior judgment module determines the configuration information and metadata required for machine learning to perform analysis tasks, the behavior judgment module is under the guidance of the rule base module, and compares the knowledge base sample data to judge the new log data, The learning unit includes receiving module, feature extraction module and clustering module;

[0068] S2: Data preprocessing: use the learning unit to...

Embodiment 2

[0091] see Figure 10 , a method for discovering abnormal behavior based on big data machine learning, comprising the following steps:

[0092]S1: Create a working environment: establish a learning unit, a knowledge base unit, an execution unit, and a feedback unit. The learning unit is connected to the knowledge base unit and the execution order, the execution unit is connected to the feedback unit, and the feedback unit is connected to the knowledge base unit. The execution unit includes The rule base module and the behavior judgment module, the behavior judgment module determines the configuration information and metadata required for machine learning to perform analysis tasks, the behavior judgment module is under the guidance of the rule base module, and compares the knowledge base sample data to judge the new log data, The learning unit includes receiving module, feature extraction module and clustering module;

[0093] S2: Data preprocessing: use the learning unit to c...

Embodiment 3

[0125] see Figure 11 , a method for discovering abnormal behavior based on big data machine learning, comprising the following steps:

[0126] S1: Create a working environment: establish a learning unit, a knowledge base unit, an execution unit, and a feedback unit. The learning unit is connected to the knowledge base unit and the execution order, the execution unit is connected to the feedback unit, and the feedback unit is connected to the knowledge base unit. The execution unit includes The rule base module and the behavior judgment module, the behavior judgment module determines the configuration information and metadata required for machine learning to perform analysis tasks, the behavior judgment module is under the guidance of the rule base module, and compares the knowledge base sample data to judge the new log data, The learning unit includes receiving module, feature extraction module and clustering module;

[0127] S2: Data preprocessing: use the learning unit to ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for discovering abnormal behavior based on big data machine learning, which includes the following steps: creating a working environment: establishing a learning unit, a knowledge base unit, an execution unit and a feedback unit, and the learning unit is respectively connected to the knowledge base unit and the execution unit , the execution unit is connected with the feedback unit, and the feedback unit is connected with the knowledge base unit; data preprocessing: the raw log data in a cycle is counted by the learning unit. This abnormal behavior discovery method based on big data machine learning establishes a knowledge base for different types of data through the classification of numerical databases and character databases, stores abnormal behavior data and normal behavior data, and can classify and judge data in a targeted manner. Improve the accuracy of the judgment. In addition, the threshold is divided into numerical normal behavior threshold, numerical abnormal behavior threshold, character normal behavior threshold and character abnormal behavior threshold. The threshold range is narrowed to reduce the abnormal behavior that requires human judgment.

Description

technical field [0001] The invention relates to the technical field of data security, in particular to a method for discovering abnormal behaviors based on big data machine learning. Background technique [0002] Traditional network security and data security technologies, such as various software and hardware firewalls, generally adopt a "fence-style" protection strategy, which artificially adds many restrictions to the network and application systems. Any data access action needs to be filtered by all preset rules. It not only affects the user experience of the system, but also increases the operating burden of the system. In addition, in existing security software, generating a built-in rule generally requires multiple stages such as vulnerability discovery, attack simulation, packet analysis, feature extraction, and rule generation. As attack methods are constantly updated, such a rule generation process also needs to be repeated, which consumes a lot of labor costs. M...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F40/289G06K9/62G06N20/00
CPCG06F40/289G06N20/00G06F18/24
Inventor 张春林李利军李春青常江波
Owner BEIJING TONGTECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com