Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network attack tracing method, device and equipment

A network attack and attack source technology, applied in the computer field, can solve problems such as poor reliability and low efficiency

Active Publication Date: 2020-10-09
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF5 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The purpose of this application is to provide a network attack source tracing method, device, equipment and readable storage medium to solve the current monitoring work of security incidents and the analysis work of network attack routes mainly through manual processing, resulting in low efficiency and reliability poor problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack tracing method, device and equipment
  • Network attack tracing method, device and equipment
  • Network attack tracing method, device and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0053] The following is an introduction to Embodiment 1 of a network attack source tracing method provided by this application, see figure 1 , embodiment one includes:

[0054] S101, monitor the target network, and generate an alarm log when an attack event occurs;

[0055] S102. According to the alarm log, respectively judge whether the attack source and the attack target belong to the intranet, and obtain the attack direction of the attack event;

[0056] S103. Store the attack direction and quintuple information of the attack event in a database, wherein the quintuple information includes the IP address of the attack source and the IP address of the attack target;

[0057] S104. If the attack direction of the attack event is that the internal network attacks the external network or the internal network attacks the internal network, match the quintuple information in the database with the attack source of the attack event as the attack target;

[0058] S105. Generate a net...

Embodiment 2

[0071] see figure 2 , embodiment two specifically includes:

[0072] S201. Monitor the target network, and generate an alarm log when an attack event occurs;

[0073] S202. According to the alarm log and the geographic database, respectively determine whether the attack source and the attack target belong to the intranet, and obtain the attack direction of the attack event;

[0074] S203. If the attack target belongs to the intranet, judge whether the attack target is a server, and obtain the attack target type of the attack event, and the attack target type includes an intranet server and a personal PC;

[0075] S204. Determine the attack phase of the attack event according to the attack operation records in the alarm log, where the attack phase includes vulnerability detection, penetration intrusion, authority acquisition, command control, and data theft;

[0076] This embodiment traces the attack process, and divides the threat activities of the attack process into five ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network attack tracing method. According to the network attack tracing method, attack events in a network can be automatically monitored, an attack source and an attack target are distinguished according to an intranet or an extranet, an attack direction of a security event is determined, then the attack direction, an IP address of the attack source and an IP address of the attack target are stored in a database, finally, information related to the attack event is matched from the database, and a network attack path is generated according to a matching result. The purposes of automatically monitoring the attack event and analyzing the network attack path related to the attack event are achieved, and the network security is remarkably improved. In addition, the invention further provides a network attack tracing device, equipment and a readable storage medium, which have the technical effects corresponds to that of the network attack tracing method.

Description

technical field [0001] The present application relates to the field of computer technology, and in particular to a network attack source tracing method, device, equipment and readable storage medium. Background technique [0002] With the widespread use of the network, the safe, stable and reliable operation of the network system is becoming more and more important. Therefore, the problem of network security has attracted more and more users' attention. [0003] At present, manual management is generally based on the security protection center, which requires manual statistics of network security incidents and manual processing of security incidents. Due to the unreliability brought by manual processing, it may lead to problems such as network paralysis and data leakage. [0004] In addition, for the various attack methods of the attacker, for example, most attackers will use forged IP addresses, so that the target of the attack cannot determine the unknown of the attacker,...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416Y02D30/50
Inventor 金璐璐范渊
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com