Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Log analysis-based vulnerability scanning method, apparatus and device, and storage medium

A vulnerability scanning and vulnerability technology, applied in the field of computer networks, can solve the problem that the attack behavior is not timely and accurate

Inactive Publication Date: 2021-03-16
GUANGZHOU WONFONE TECH
View PDF1 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The embodiment of the present application provides a vulnerability scanning method, device, device, and storage medium based on log analysis to solve the technical problem that the discovery of attack behavior is not timely and accurate enough to make targeted defense

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Log analysis-based vulnerability scanning method, apparatus and device, and storage medium
  • Log analysis-based vulnerability scanning method, apparatus and device, and storage medium
  • Log analysis-based vulnerability scanning method, apparatus and device, and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0047] figure 1 It is a flowchart of a vulnerability scanning method based on log analysis provided by Embodiment 1 of the present invention. The vulnerability scanning method based on log analysis provided in the embodiment can be executed by an operating device corresponding to the vulnerability scanning method based on log analysis. The operating device can be implemented by software and / or hardware. The operating device can be two or more It can be composed of a physical entity, or it can be composed of a physical entity.

[0048] Specifically, refer to figure 1 , the vulnerability scanning method based on log analysis, specifically includes:

[0049] Step S110: Obtain a sample log file corresponding to the sample vulnerability data, and analyze the sample log file to obtain sample feature data.

[0050] In this solution, the sample vulnerability data used for training can be log files accumulated in daily discovery and response to vulnerability attacks, or log files fr...

Embodiment 2

[0076] figure 2 A schematic structural diagram of a log analysis-based vulnerability scanning device provided in Embodiment 2 of the present application is given, refer to figure 2 , the vulnerability scanning device based on log analysis includes a sample acquisition unit 210 , a first training unit 220 , a second training unit 230 , a classification integration unit 240 and a detection classification unit 250 .

[0077] Among them, the sample acquisition unit 210 is used to obtain the sample log file corresponding to the sample vulnerability data, and analyze the sample log file to obtain the sample feature data; the first training unit 220 is used to train the first sample log file according to the sample feature data set. A sub-classifier, the first sub-classifier is used to output the probability of each vulnerability attack type corresponding to the sample log file; the second training unit 230 is used to train the second sub-classification according to the output resu...

Embodiment 3

[0090] image 3 It is a schematic structural diagram of a terminal device provided by Embodiment 3 of the present invention, and the terminal device is a specific hardware presentation solution of the operation device of the above-mentioned vulnerability scanning method based on log analysis. Such as image 3 As shown, the terminal device includes a processor 310, a memory 320, an input device 330, an output device 340, and a communication device 350; the number of processors 310 in the terminal device may be one or more, image 3 A processor 310 is taken as an example; the processor 310, memory 320, input device 330, output device 340, and communication device 350 in the terminal device can be connected through a bus or other methods, image 3 Take connection via bus as an example.

[0091] The memory 320, as a computer-readable storage medium, can be used to store software programs, computer-executable programs and modules, such as program instructions / modules correspondin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a vulnerability scanning method and device based on log analysis, equipment and a storage medium. The method comprises the steps of obtaining a sample log file corresponding to sample vulnerability data, and analyzing the sample log file to obtain sample feature data; training a first sub-classifier according to the sample feature data set, wherein the first sub-classifier is used for outputting the probability that the sample log file corresponds to each vulnerability attack type; training a second sub-classifier according to an output result of the first sub-classifier, wherein the second sub-classifier is used for determining a vulnerability attack type corresponding to the sample log file according to the probability; integrating the first sub-classifier and the second sub-classifier into a vulnerability classifier; and inputting an analysis result of a to-be-detected log file into the vulnerability classifier for classification detection so as to confirm a vulnerability attack type corresponding to the to-be-detected log file. The vulnerability attack type can be quickly and accurately recognized, so that a targeted defense strategy isprovided.

Description

technical field [0001] The embodiments of the present application relate to the field of computer networks, and in particular to a method, device, device and storage medium for vulnerability scanning based on log analysis. Background technique [0002] With the development of the Internet, the number of network users is increasing, and more and more host devices are invested in the Internet. With the development of the Internet, exploiting vulnerabilities to attack hosts is becoming more and more common, and the security of host devices becomes even more important. In order to ensure the safe operation of the host to the greatest extent, it is necessary to monitor the occurrence of host attack behavior in real time, so as to detect the existence of danger in time. [0003] With the continuous upgrading of technology, the existing attack detection methods are becoming more and more complex, and the attack intention is hidden deeper and deeper. There is a high probability tha...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06K9/62
CPCH04L63/1416H04L63/1433G06F18/2431
Inventor 刘伟雄李泳权
Owner GUANGZHOU WONFONE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products