Network threat information association system and method

An information association and network technology, applied in the field of network systems, can solve problems such as low efficiency and inability to threaten information aggregation, and achieve the effect of rapid association analysis

Active Publication Date: 2020-11-13
新浪技术(中国)有限公司
View PDF8 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the embodiments of the present invention is to provide a network threat information association analysis system and method to solve the problem of the low efficiency of manually performing association analysis on various network threat information in the face of a huge amount of information, and the threat information cannot be effectively analyzed. Aggregate, quickly form powerful threat analysis questions

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network threat information association system and method
  • Network threat information association system and method
  • Network threat information association system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] The embodiment of the present invention provides a network threat information association analysis system and method.

[0021] In order to enable those skilled in the art to better understand the technical solutions in the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described The embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

[0022] Such as figure 1 As shown, the embodiment of the present invention provides a network threat information correlation analysis system, the system includes: a log collection server 10, a log collection database 1...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a network threat information association analysis system and method. The system comprises a log collection server, a log collection database, an intelligence association analysis server and an association analysis result database, the log collection server collects threat information logs from the threat information monitoring systems in a preset data collection mode and records the threat information logs in a log collection database according to a preset data format; the threat information log comprises an IP address; and the information associationanalysis server acquires the threat description information of each IP address from the open source threat information query system, merges the threat description information with the threat information log containing the same IP address in the log acquisition database, obtains an association analysis result corresponding to each IP address, and stores the association analysis result in the association analysis result database. Through the embodiment of the invention, rapid association analysis of various kinds of network threat information is realized, the threat information is effectively aggregated, and powerful threat analysis is rapidly formed.

Description

technical field [0001] The invention relates to the technical field of network systems, in particular to a network threat information association analysis system and method. Background technique [0002] With the continuous expansion of network scale and the increase of network attack methods, network systems can obtain threat information in various ways, such as: distributed denial of service attack (Distributed denial of service attack, DDOS) threat early warning system, anti-grabbing station Detection system, Internet Data Center (IDC) firewall system, Open Threat Exchange (Open Threat Exchange, OTX) open source threat intelligence query system, etc. [0003] Due to the different sources of threat information obtained, there are different data formats and information analysis methods, forming islands of threat information. However, in order to aggregate and analyze various threat information, the existing technology requires workers to log in to their respective informat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1433H04L63/20
Inventor 盛洋康宇
Owner 新浪技术(中国)有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap