Big data platform defense method for advanced sustainable threat attacks

A big data platform, a technology for defenders, applied in the fields of instruments, character and pattern recognition, electrical components, etc., can solve the problems of concealment, difficulty to find, and APT attack time-consuming

Active Publication Date: 2021-03-30
BEIHANG UNIV
View PDF6 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The technology of the present invention solves the problem: because the APT attack takes a long time and is relatively hidden, it is difficult to fin

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Big data platform defense method for advanced sustainable threat attacks
  • Big data platform defense method for advanced sustainable threat attacks
  • Big data platform defense method for advanced sustainable threat attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] A big data platform defense method for advanced sustainable threat attacks proposed by the present invention needs to solve the following two problems: 1) Since APT attacks are highly concealed, which method should the defender choose for defense, and how to find hidden APT attack traffic in normal traffic is a problem that must be solved; 2) When an APT attack is detected, what defense strategy the defender should adopt to maximize its own interests is also a problem that must be solved.

[0047] Main realization thought of the present invention is:

[0048] Such as figure 2 As shown, there are three roles in the model, namely APT attacker, big data platform and third-party intelligence agency. APT attackers will launch attacks on big data platforms, and at the same time obtain intelligence from third-party intelligence agencies to assist attack decisions. The big data platform will use the APT detection and defense system to defend against attacks initiated by attac...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a big data platform defense method for advanced sustainable threat attacks. The method comprises the following steps: 1, constructing an APT attack and defense model, and carrying out income analysis; 2, enabling the defense party to evaluate and determine a target resource value, executing defense action cost, and obtaining information cost from an information institution;3, training a random forest classifier for APT attack flow identification; 4, training a decision tree classifier, and establishing the decision tree classifier; 8, repeating the steps 4-7, and establishing a plurality of decision tree classifiers to form a random forest classifier; 9, inputting the data in the test set into a random forest classifier to obtain a prediction result set, and comparing the prediction result set with an experiment result to obtain the accuracy of effectively identifying the APT attack by the defense party and the defense failure probability of the defense party;and 10, obtaining a defense strategy. The method is closer to an actual attack and defense scene, can recognize the flow data, and theoretically knows how to select a proper defense strategy by a defense party.

Description

technical field [0001] The invention relates to a big data platform defense method for advanced sustainable threat attacks, belonging to the technical field of cyberspace security. Background technique [0002] In recent years, Advanced Persistent Threat (APT) attacks have occurred frequently, and information security threats have become more and more serious. APT attacks have become one of the most harmful attack methods due to their strong targeting, good concealment, and difficulty in detection. APT attackers often carry out attacks through social engineering, zero-day vulnerabilities and other means, and traditional network attack defense technologies are difficult to effectively defend against. Therefore, how to effectively identify APT attacks and specify a reasonable defense strategy has become a current research hotspot. [0003] Game theory studies the decision-making when the behavior of the decision-making subject interacts, the equilibrium of this decision-maki...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06K9/62
CPCH04L63/1416H04L63/1441G06F18/24323G06F18/214
Inventor 尚涛张锋任旭杰姜亚彤刘建伟
Owner BEIHANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap