A database security exception identification method and system
An anomaly identification and database technology, applied in digital data protection, electronic digital data processing, computer security devices, etc., can solve problems such as the inability to effectively identify malicious behaviors in multilateral databases, and achieve the effect of accurate security detection
Active Publication Date: 2021-10-12
杭州美创科技股份有限公司
View PDF6 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0003] The present invention mainly solves the problem in the prior art that the database is based on the known malicious behavior behavior feature library, and the security judgment is based on the known rules, and there is no effective identification of multilateral database malicious behaviors, and provides a database security anomaly identification method and system
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment
[0057] In this embodiment, a database security anomaly identification system, such as figure 2 As shown, it includes an acquisition unit 1 , an extraction unit 2 , a matching unit 3 , a determination unit 4 and an alarm unit connected in sequence.
[0058] The acquisition unit acquires real-time database instruction data;
[0059] An extraction unit extracts behavioral features from real-time database instruction data, and the behavioral features include access domains and operation domains;
[0060] The matching unit performs feature matching on the behavioral features according to the known malicious feature database, and determines whether it is a known malicious behavior;
[0061] The judging unit is configured to judge the same-origin session access domain and the same-origin session operation domain for the behavior characteristics of the non-known malicious behavior, and then judge the abnormal behavior;
[0062] The alarm unit judges the abnormal access domain and t...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a method and system for identifying database security anomalies. The method includes the steps of: acquiring real-time database instruction data; extracting behavioral features, performing feature matching on the behavioral features according to a known malicious feature database, performing abnormal behavior judgment, and performing abnormal alarms . The system includes an acquisition unit, an extraction unit, a matching unit, a judgment unit and an alarm unit connected in sequence. The present invention obtains and classifies and extracts the real-time instruction data of the database, first matches the known malicious feature database, and then judges the abnormal behavior based on the data related to the access domain and the operation domain. Database security check.
Description
technical field [0001] The invention relates to the technical field of database security analysis, in particular to a database security anomaly identification method and system. Background technique [0002] Traditional database security anomaly identification is only based on the known malicious behavior signature database, and the known malicious signature database is based on its own relevant rule characteristics and behavior judgments to confirm whether the current database access request is normal, whether there is risk or known attack behavior. Because it relies on its own relevant matching rules or strategies, it often leads to a large number of false positives and false negatives in terms of security issues, and is often at a disadvantage in intelligence updates and threat sniffing; at the same time, because its security judgment is based on rules, The rules are often a collection of known threats, which has led to the current traditional database security strategy s...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/55G06F21/62G06F11/32
CPCG06F11/327G06F21/554G06F21/6218
Inventor 刘隽良王月兵柳遵梁覃锦端王中天毛菲
Owner 杭州美创科技股份有限公司