Rule base updating method and device, electronic device and readable storage medium
A library update and rule technology, applied in the field of network security, can solve the problems of false negatives, slow rule base update speed, and low rule base update efficiency.
Active Publication Date: 2021-02-02
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF9 Cites 1 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
However, with the emergence of new abnormal network data, the rules in the rule base need to be updated in time. Related technologies need to manually screen the abnormal network data and manually update the rule base based on the abnormal network data, which makes the update speed of the rule base slower. Less efficient and less accurate
At the same time, the rule base that cannot be updated in time will also lead to a large number of false positives and false negatives, and the reliability of network security protection is poor.
[0003] Therefore, the problems of low update efficiency, poor accuracy, and poor reliability of network security protection in related technologies are technical problems that need to be solved by those skilled in the art
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0045] In order to make the purposes, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments It is only a part of the embodiments of the present application, but not all the embodiments. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.
[0046] Please refer to figure 1 , figure 1 It is a flow chart of a method for updating a rule base provided by the embodiment of this application. The method includes:
[0047] S101: Obtain the data to be tested, use the rule base to detect abnormal data of the data to be tested, and obtain a detection result.
[0048] The ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a rule base updating method and device, an electronic device and a computer readable storage medium, and the method comprises the steps: obtaining to-be-detected data, carryingout the abnormal data detection of the to-be-detected data through employing a rule base, and obtaining a detection result; filtering first abnormal data corresponding to the detection result from the to-be-detected data to obtain to-be-classified data; performing classification processing on the to-be-classified data by utilizing the classification model to obtain second abnormal data; generating rule information corresponding to the second abnormal data, and updating the rule base by utilizing the rule information. According to the method, the classification model is used for further detecting the to-be-classified data, the second abnormal data which cannot be detected by the rule base in the to-be-detected data is detected, the rule base is updated in a targeted mode based on the second abnormal data, the updating efficiency and accuracy of the rule base are improved, false alarms and missing alarms can be reduced through the rule base updated in time, and the reliability of network security protection is improved.
Description
technical field [0001] The present application relates to the technical field of network security, and in particular to a method for updating a rule base, a device for updating a rule base, electronic equipment, and a computer-readable storage medium. Background technique [0002] With the advent of the era of big data and artificial intelligence, and the widespread application of 5G networks, the data volume of network traffic is increasing, and the network environment is becoming more and more complex and diverse. For network security protection, related technologies generally use a rule-based network firewall to perform rule matching on data, and determine network data that meets the requirements of the rules as abnormal data. However, with the emergence of new abnormal network data, the rules in the rule base need to be updated in time. Related technologies need to manually screen the abnormal network data and manually update the rule base based on the abnormal network d...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): H04L29/06
CPCH04L63/0263
Inventor 陈胜范渊吴卓群
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD