Unlock instant, AI-driven research and patent intelligence for your innovation.

A test method, device and equipment for an intelligence analysis engine

An analysis engine and testing method technology, applied in the field of intelligence analysis engine testing methods, equipment and readable storage media, and devices, can solve problems such as low test efficiency and limited test data coverage, so as to improve test efficiency and coverage. efficiency, improve reliability

Active Publication Date: 2022-05-17
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The purpose of this application is to provide a test method, device, equipment and readable storage medium for an intelligence analysis engine, to solve the problem that the current test scheme of an intelligence analysis engine is based on manual implementation, has limited test data coverage, and low test efficiency question

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A test method, device and equipment for an intelligence analysis engine
  • A test method, device and equipment for an intelligence analysis engine
  • A test method, device and equipment for an intelligence analysis engine

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0052] The first embodiment of the test method for an intelligence analysis engine provided by the application is introduced below, see figure 1 , embodiment one includes:

[0053] S101. Collect threat intelligence data to obtain a first threat intelligence data set.

[0054] Due to the huge amount of threat intelligence (tens of millions), in practical applications, high-performance search engines (including but not limited to Elasticsearch) can be used for data collection. Then the threat intelligence data is preprocessed, including data parsing, standardization, filling and other processes, and finally the threat intelligence data is stored, specifically in the form of a JSON document, to obtain the first threat intelligence data set.

[0055] S102. Generate a threat label for each piece of threat intelligence data in the first threat intelligence data set according to the data content of the threat intelligence data.

[0056] Then, according to the data content of the th...

Embodiment 2

[0070] The following begins to introduce in detail the second embodiment of the test method of an intelligence analysis engine provided by the application, see figure 2 , embodiment two specifically includes:

[0071] S201. Collect threat intelligence data, and store the threat intelligence data. Generate threat tags for each piece of threat intelligence data.

[0072] Suppose the threat intelligence data A is as follows: threat type: Trojan, threat source type: IP, threat source address: 1.2.3.4, data source credibility: 0.6, intelligence source credibility: 0.8.

[0073] Then the threat label of the threat intelligence data A is: threat type: Trojan horse, threat source type: IP, data source credibility: 0.6, intelligence source credibility: 0.8.

[0074] S202. Acquire the intelligence analysis rules of the intelligence analysis engine, perform data standardization on the intelligence analysis rules, and obtain a plurality of key-value pair data, each key-value pair data ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

This application discloses a test method for an intelligence analysis engine, which realizes the function test and verification of the intelligence analysis engine in a fully automated form, and significantly improves the test efficiency; threat intelligence data is obtained through online collection, compared with Through log playback or artificially generated data, the validity of test data can be guaranteed; threat intelligence data can be fully checked by generating threat tags for threat intelligence data, which is conducive to improving the coverage of test data; during the test process, Match the sub-rules and threat intelligence data through the threat label, use the threat intelligence data in each sub-rule to perform a functional test on the sub-rule, and compare the actual analysis results with the time limit of the analysis results to locate specific problems The purpose of the function point. In addition, the present application also provides a testing device, equipment and readable storage medium of an intelligence analysis engine, and its technical effect corresponds to that of the above-mentioned method.

Description

technical field [0001] The present application relates to the field of computer technology, in particular to a testing method, device, equipment and readable storage medium of an intelligence analysis engine. Background technique [0002] According to the 2014 Security Threat Intelligence Services Market Guide, threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implicit and practical recommendations. Threat intelligence describes existing or imminent threats or hazards to assets and can be used to inform subjects to take some kind of response to the threat or hazard. That is, threat intelligence is often relevant information about threats, which may be existing known or upcoming unknowns. [0003] The intelligence analysis engine is a type of security analysis engine, which is used to discover threats or dangers to assets through public resources, and then propose actions or security measures to the subject (enterprise, etc.), ultima...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/36G06F16/953
CPCG06F11/3688G06F16/953
Inventor 刘昊范渊刘博
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD