Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Accompanying lure generation method and device based on deep learning and data clustering

A technology of data clustering and deep learning, applied in the field of deep learning, can solve problems such as cumbersome bait generation methods, irrelevant business systems, and unequal deployment locations, and achieve the effects of high accuracy, high similarity, and improved capabilities

Active Publication Date: 2020-12-25
北京元支点信息安全技术有限公司
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In the existing technology, the bait generation method is cumbersome, and most of them are manually or directionally generated a certain type of bait, such as file bait, process bait, etc. Among them, the file bait needs to be manually edited; at the same time, the content of the bait is too fake, and even has nothing to do with the business system ; In addition, there is also the problem of wrong deployment location. The existing way of deploying bait is to deploy it in its own honeypot system, rather than deploying it on the user business system or the terminal used by the user; Bait requires automated production, and manual production of bait restricts development

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Accompanying lure generation method and device based on deep learning and data clustering
  • Accompanying lure generation method and device based on deep learning and data clustering
  • Accompanying lure generation method and device based on deep learning and data clustering

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0034] Such as figure 1 , figure 2 As shown, the accompanying decoy generation method based on deep learning and data clustering is characterized in that the method performs the following steps:

[0035] Step 1: Obtain user data, use a pre-established data classification model to classify user data, and add labels to each category of user data after classification;

[0036] Step 2: Establish a confrontational network generation model, and build an adapted cyclic neural network based on the model structure of the confrontational network generation model; the confrontational network generation model is a data conversion model, which converts conventional data into bait data; the cyclic neural network The network is trained based on the existing conventional data and decoy data. At the same time, the conventional data input in the adversarial network generation model and the decoy data converted by the adversarial network generation model are used as input. After the output is ...

Embodiment 2

[0040] On the basis of the previous embodiment, the user data obtained in step 1 includes at least: user behavior data, application usage data, network environment data, login credential data, file data, and traffic data; The established data classification model classifies user data including the following steps: establishing a data classification tree, the data classification tree is a multi-fork tree, including at least two layers, and each node in the data classification tree corresponds to its respective classification type; The training corpus stored in each node in the data classification tree trains the classification model corresponding to each parent node, the training corpus is pre-labeled by type and stored in the corresponding node, and the parent node corresponds to at least one child node, so The classification model is used to divide the corpus into corresponding sub-nodes; the user data is classified step by step through the classification model of each node in...

Embodiment 3

[0045] On the basis of the previous embodiment, the generation model of the confrontation network in the step 2 is a data conversion model, and the conversion of conventional data into decoy data includes the following steps: use the principal component analysis method to perform feature screening on the conventional data, and obtain the intermediate data; performing cluster analysis and supervised learning on the intermediate data to obtain multiple subsets, wherein each subset includes multiple instances; extracting association rules for malicious attack commands in each subset; extracting the extracted The association rules are stored as attack features in the feature label set.

[0046] Specifically, the goal of cluster analysis is to collect data to classify on the basis of similarity. Clustering has roots in many fields, including mathematics, computer science, statistics, biology, and economics. In different application fields, many clustering techniques have been deve...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of deep learning, and specifically relates to a method and device for generating accompanying bait based on deep learning and data clustering. The method performs the following steps: Step 1: Obtain user data, and use a pre-established data classification model to classify user data Classify and add labels to the classified user data of each category; Step 2: Establish an adversarial generative network model, and build an adapted recurrent neural network based on the model structure of the adversarial network generative model. Using the clustering method of deep learning and the text processing method against the generative network algorithm, the purpose of intelligently generating accompanying decoys is achieved. At the same time, the similarity of the generated decoys is higher, which improves the ability to trap attackers.

Description

technical field [0001] The invention belongs to the technical field of deep learning, and in particular relates to a method and device for generating accompanying lures based on deep learning and data clustering. Background technique [0002] Network security usually refers to the security of computer networks, but in fact it can also refer to the security of computer communication networks. Computer communication network is a system that interconnects several computers with independent functions through communication equipment and transmission media, and realizes information transmission and exchange between computers with the support of communication software. The computer network refers to a system that uses communication means to connect several independent computer systems, terminal devices and data devices that are relatively dispersed in the region for the purpose of sharing resources, and exchanges data under the control of the protocol. The fundamental purpose of c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06K9/62G06N3/08H04L29/06
CPCG06N3/08H04L63/1491G06F18/23G06F18/2135G06F18/24323
Inventor 任俊博
Owner 北京元支点信息安全技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com