Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for determining threat event based on aggregated information

A basic information and event technology, applied in the field of network security, can solve the problems of not being able to display the ins and outs of threat events in great detail, not being able to deal with threat events in a targeted manner, and not being able to judge threat events, so as to achieve the effect of improving security

Active Publication Date: 2020-12-15
北京微步在线科技有限公司
View PDF10 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This type of system can only show that multiple alarm logs will be generated, and the alarm logs are not related to each other. It cannot display the ins and outs of a threat event in great detail. In this way, it is impossible to judge the specific threat event, and the device cannot target specific events. Targeted handling of threat events

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for determining threat event based on aggregated information
  • Method and device for determining threat event based on aggregated information
  • Method and device for determining threat event based on aggregated information

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] Various aspects and features of the present application are described herein with reference to the accompanying drawings.

[0051] It should be understood that various modifications may be made to the embodiments applied for herein. Accordingly, the above description should not be viewed as limiting, but only as exemplifications of embodiments. Those skilled in the art will envision other modifications within the scope and spirit of the application.

[0052] The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the application and, together with the general description of the application given above and the detailed description of the embodiments given below, serve to explain the embodiments of the application. principle.

[0053] These and other characteristics of the present application will become apparent from the following description of preferred forms of embodiment given as non-limiting examp...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a device for determining a threat event based on aggregated information. The method comprises the following steps: receiving a trigger event of aggregated alarm information; aggregating the alarm information through a preset index of the alarm information; and determining a threat event related to the alarm information through the aggregated alarm information.By adopting the scheme provided by the invention, the alarm information can be aggregated according to the preset index of the alarm information, the threat event related to the alarm information canbe determined according to the aggregated alarm information, and the threat event is determined based on the aggregated information of the plurality of pieces of alarm information, so that a relatively complete threat event can be determined, targeted processing can be carried out based on the determined threat event, and the security is improved.

Description

technical field [0001] The present application relates to the field of network security, in particular to a method and device for determining threat events based on aggregated information. Background technique [0002] Intrusion detection has become an important link in the field of network and information security. Intrusion detection refers to the real-time monitoring of network transmission when hackers invade the host, such as intrusion detection system, which is a kind of real-time monitoring of network transmission. A network security device that sends out an alert or takes proactive response measures at any time. This type of system can only show that multiple alarm logs will be generated, and the alarm logs are not related to each other. It cannot display the ins and outs of a threat event in great detail. In this way, it is impossible to judge the specific threat event, and the device cannot target specific events. Threat events are targeted. [0003] In view of t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24G06K9/62
CPCH04L63/14H04L63/145H04L63/20H04L41/0631G06F18/25
Inventor 陈杰王蕴澎
Owner 北京微步在线科技有限公司