Unlock instant, AI-driven research and patent intelligence for your innovation.

Attack chain information analysis method and system

An analysis method and intelligence technology, applied in the field of network security, can solve problems such as inability to produce synergies, and achieve the effect of facilitating dynamic deployment and facilitating defense strategies

Active Publication Date: 2020-11-10
武汉思普崚技术有限公司
View PDF4 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Traditional security detection can only resist security threats from a certain aspect, forming an island of security defense, lacking correlation analysis of massive information security data, and unable to produce synergistic effects

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack chain information analysis method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The preferred embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings, so that the advantages and features of the present invention can be more easily understood by those skilled in the art, so as to define the protection scope of the present invention more clearly.

[0036] figure 1 A general flow chart of the attack chain intelligence analysis method provided by this application, the method includes:

[0037] The data collector collects the mirrored traffic of the switch, network traffic logs, security device logs, and raw data of transmitted files, and receives vulnerability information, virus database information, and intelligence data of network attack behavior characteristics from multiple different data sources. Raw data and intelligence data are cached;

[0038] Collect the operating status data, IP data, domain name information, URL information, transmission data packets, and database dynamic informa...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an attack chain intelligence analysis method and system, and the method comprises the steps: collecting data information of a plurality of ways, preprocessing the data information into an intelligence data flow, overcoming a defect that the information in the prior art is only from a locally generated event and behavior, analyzing a high-frequency project group of the intelligence data flow, and obtaining a tree-shaped structure of the information data flow; using different machine learning models to analyze the information data flow and the tree structure, and performing parallel tracing to obtain an infection surface, which is convenient for administrators to dynamically deploy defense strategies.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a method and system for analyzing attack chain intelligence. Background technique [0002] With the rapid development of network technology, the degree of informationization of enterprises is getting higher and higher, and the degree of dependence on information systems has also reached a very high level, which has also led to information security issues such as various new types of network attacks and sensitive information leakage. Traditional security detection can only resist security threats from a certain aspect, forming an island of security defense, lacking correlation analysis of security data of massive information, and unable to produce synergistic effects. [0003] There is an urgent need for a targeted attack chain intelligence analysis method and system. Contents of the invention [0004] The purpose of the present invention is to provide a meth...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F16/28G06F16/2458G06N20/20
CPCG06F2216/03G06F16/2465G06F16/288G06N20/20H04L63/20H04L63/302
Inventor 段彬
Owner 武汉思普崚技术有限公司