Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Attack event tracking and tracing method and system, terminal and storage medium

A technology for attacking events and events, applied in the field of network security, can solve the problems of high labor cost, inability to guarantee the accuracy of traceability, and low efficiency of traceability.

Active Publication Date: 2020-10-30
BEIJING GAS GRP
View PDF7 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Aiming at the deficiencies of the existing technology, this application provides a method, system, terminal and storage medium for tracking and tracing attack events, which solves the problems of high labor cost, low efficiency of tracing and tracing caused by the existing security alarm log investigation, and the inability to guarantee Technical issues such as the accuracy of traceability

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack event tracking and tracing method and system, terminal and storage medium
  • Attack event tracking and tracing method and system, terminal and storage medium
  • Attack event tracking and tracing method and system, terminal and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] In order to make the purposes, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments It is a part of the embodiments of this application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0043] Please refer to figure 1 , figure 1 It is a flow chart of an attack event tracking method provided in the embodiment of this application, the method 100 includes:

[0044] S101: Obtain the original alarm log, and obtain key field information that triggers the alarm according to the alarm log;

[0045] S102: Associate and trace the key field ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an attack event tracking and tracing method and system, a terminal and a storage medium, and the method comprises: obtaining an original alarm log, and obtaining key field information triggering an alarm according to the alarm log; performing associated tracing on the key field information, and obtaining all associated events related to a key field on an attacked machine from an original log; aggregating the associated event with an alarm name to obtain a complete attack path; and summarizing related attack information of a specific time / stage dimension, and presenting the related attack information in an attack chain view angle. According to the invention, association traceability is carried out through the abnormal log alarm information of the attack event, the safety alarm logs are used as clues to be stringed to form real safety events, scattered safety events are associated, and the technical problems that due to existing safety alarm log checking, the laborcost is high, the tracking and tracing efficiency is low, and the tracking and tracing accuracy cannot be guaranteed are solved.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a method, system, terminal and storage medium for tracking and tracing attack events. Background technique [0002] With the rapid expansion of the network scale and the rapid growth of the business volume, in the existing security protection system, the security log alarm is an indispensable functional module. However, as the number of business servers continues to increase and the cost of hacking attacks continues to decrease, security alarm logs continue to increase. It is very difficult for enterprise professional operation and maintenance personnel to trace the source of an attack event among thousands of security alarm logs. Not only does it require professional operation and maintenance personnel to search manually, resulting in high labor costs, low tracking and traceability efficiency, and the accuracy of traceability cannot be guaranteed. It can be s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F16/14G06F16/17G06F11/30G06F11/32
CPCG06F11/3082G06F11/327G06F16/148G06F16/1734
Inventor 王广清方铁城申彦龙刘颖
Owner BEIJING GAS GRP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com