User behavior sequence anomaly detection method, terminal and storage medium

An anomaly detection and user technology, applied in the field of data processing, can solve problems such as inability to identify abnormal behaviors, data and information security cannot be guaranteed, and achieve the effect of overcoming many pain points, clear steps, and high scalability
CN112491877APending Publication Date: 2021-03-12中孚安全技术有限公司 +3
2 Cites 4 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
中孚安全技术有限公司
Publication Date
2021-03-12

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention provides a user behavior sequence anomaly detection method, a terminal and a storage medium. The method comprises the steps of obtaining user behavior information in a preset time period; aggregating the characteristic attributes according to a sequence; configuring behaviors of the user in a preset time period into row vectors, and then forming a behavior row vector time sequence; extracting behavior row vector time sequences of any two users, calculating correlation coefficients, and judging vector similarity; searching the optimal distance between the behavior row vector timesequences of the two users by adopting a dynamic warping algorithm; calculating a distance average value and a standard deviation among all users; and if the distance between the user and other usersis greater than +3 times of the standard deviation of the average value, judging that the user is an abnormal user. User behavior details can be analyzed, the problems that a feature matrix cannot begenerated and sequence lengths are inconsistent due to the fact that a user does not have continuous behaviors are solved, and the false alarm rate of anomaly detection is reduced. Therefore, abnormalbehaviors hidden in the group can be identified, and the security of data information is ensured.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the technical field of data processing, in particular to an anomaly detection method based on user behavior sequence similarity, a terminal and a storage medium. Background technique

[0002] With the continuous development of science and technology, data information has become an important carrier at present. Data information carries enterprise information, user information, transaction information and communication information. Data information plays a very important role for everyone and every enterprise.

[0003] The abnormal problem of data information is a problem that needs to be paid attention to at present. For data anomalies, traffic analysis based on big data mining can dynamically and comprehensively search for malicious behaviors in the intranet. The IPS / IDS in the prior art, that is, the intrusion detection system, is a network security device that monitors network transmissions in real time, and sends an alarm...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More