Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Attack chain topology construction method and device

A construction method and topology technology, applied in the field of attack chain topology construction, which can solve the problems of inability to assess the attack risk of similar assets, inability to obtain attack surface data, and lack of attack stage division.

Active Publication Date: 2021-04-30
中能融合智慧科技有限公司
View PDF13 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The embodiment of the present invention provides a method and device for constructing an attack chain topology, so as to at least solve the problem that the existing technology mainly relies on manual analysis, cannot obtain the data of the entire attack surface, cannot evaluate the attack risk that similar assets may suffer, and divide the attack stages Technical issues such as lack of uniformity

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack chain topology construction method and device
  • Attack chain topology construction method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach

[0029] As a preferred implementation, the method for constructing the attack chain topology also includes:

[0030] S110. Send a first asset information request, where the first asset information request includes the first target IP;

[0031] S112. Obtain first asset information, where the first asset information includes the first target IP, the first asset identifier, the first sensitive data, the first login account and its authorization status;

[0032] S114. Improve the attack chain topology according to the first asset information.

[0033] This preferred implementation mode obtains asset information through target IP and improves the attack chain topology, thereby helping to combine and analyze asset information and attack information, thereby knowing asset risks in a timely manner, and early screening or eliminating security threats.

[0034] As a preferred implementation, the method for constructing the attack chain topology also includes:

[0035]S116. Send an asso...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an attack chain topology construction method and device, and the method comprises the steps: obtaining network attack alarm information which comprises a first alarm identification; sending a first alarm log request, wherein the first alarm log request comprises the first alarm identifier; obtaining a first alarm log, wherein the first alarm log comprises the first alarm identifier, a first source IP, a first target IP, a first trigger alarm condition and first trigger alarm time; and constructing the attack chain topology according to the first alarm log. According to the method, the attack chain topology is established, so the whole process of the security event can be visually known, the visual feeling of the attack process is improved, and the method is suitable for threat perception changes in a new normal state.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method and device for constructing an attack chain topology. Background technique [0002] Network attacks are very harmful to networks and information systems. It is necessary to study, model and analyze the process of network attacks, and then carry out targeted defense. Cyberattacks often have multiple stages, with the attacker gaining more privileges, information, and resources to penetrate deeper within the targeted system. [0003] The cyber attack chain provides a model for describing cyber attacks, decomposing complex attacks into mutually non-exclusive stages or layers. [0004] In the prior art, network attack information is obtained by manually analyzing attack logs of a certain network attack, and possible attack types and attack stages are manually analyzed to explore ways to eliminate network threats. The manual method has many disadvantages, such as: only the da...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/145H04L63/1425H04L63/20
Inventor 曹洋张金山徐浩然
Owner 中能融合智慧科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com