Unlock instant, AI-driven research and patent intelligence for your innovation.

Threat intelligence evaluation method and device, equipment and storage medium

An evaluation method and intelligence technology, applied in the field of network security, can solve the problems of low evaluation efficiency and inability to obtain comprehensive and accurate evaluation results, and achieve the effect of improving evaluation efficiency and accurate value evaluation.

Pending Publication Date: 2021-07-20
EVERSEC BEIJING TECH
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, the existing threat intelligence evaluation methods usually use security personnel to manually analyze and evaluate the value of each threat intelligence after obtaining the threat intelligence provided by each intelligence source, so as to obtain the contribution of each intelligence source, which cannot be obtained Comprehensive and accurate evaluation results, and low evaluation efficiency

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Threat intelligence evaluation method and device, equipment and storage medium
  • Threat intelligence evaluation method and device, equipment and storage medium
  • Threat intelligence evaluation method and device, equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0032] Figure 1A It is a flow chart of a method for evaluating threat intelligence provided by Embodiment 1 of the present invention. This embodiment is applicable to accurately evaluating the value of threat intelligence when threat information is obtained. This method can be implemented by the method in the embodiment of the present invention Threat intelligence evaluation device to perform, the device can be implemented by software and / or hardware, and integrated in electronic equipment, the method specifically includes the following steps:

[0033] S110. Obtain threat intelligence to be evaluated, and determine a data processing manner of the threat intelligence.

[0034] Among them, threat intelligence is a compromise identifier used to identify and detect threats, and can specifically include file hash values, Internet protocol addresses, domain names, program running paths, and registry entries; through threat intelligence, enterprises or organizations can identify curr...

Embodiment 2

[0050] figure 2 It is a flowchart of a method for evaluating threat intelligence provided by Embodiment 2 of the present invention. This embodiment is embodied on the basis of the above-mentioned embodiments. In this embodiment, according to the data processing method and content of threat intelligence, respectively Determining the first classification category and the second classification category of the threat intelligence, and determining the corresponding target classification category, and then determining the value score corresponding to the current threat intelligence, the method specifically includes:

[0051] S210. Obtain threat intelligence to be evaluated, and determine a data processing manner of the threat intelligence.

[0052] S220. Classify the threat information according to the data processing manner of the threat information, so as to obtain a first classification category of the threat information.

[0053] S230. Determine whether the threat information ...

Embodiment 3

[0063] image 3 It is a flowchart of a threat intelligence evaluation method provided by Embodiment 3 of the present invention. This embodiment is embodied on the basis of the above embodiments. In this embodiment, after obtaining the value score of threat intelligence, the corresponding quality score, and then obtain the comprehensive score corresponding to the threat intelligence, and obtain the comprehensive score corresponding to each intelligence source. The method specifically includes:

[0064] S310. Obtain threat intelligence to be evaluated, and determine a data processing manner of the threat intelligence.

[0065] S320. Classify the threat information according to the data processing manner of the threat information, so as to obtain a first classification category of the threat information.

[0066] S330. Acquire a value score of the threat intelligence according to the first category of the threat intelligence.

[0067] S340. Acquire the quality score of the thre...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a threat intelligence evaluation method and device, equipment and a storage medium. The method comprises the steps of obtaining to-be-evaluated threat intelligence, and determining a data processing mode of the threat intelligence, according to the data processing mode of the threat intelligence, classifying the threat intelligence to obtain a first classification category of the threat intelligence, according to the first classification category of the threat intelligence, acquiring the value score of the threat intelligence, realizing accurate value evaluation of the threat intelligence, meanwhile, according to the classification category of the threat intelligence, automatically acquiring the value score of the threat intelligence, and improving the evaluation efficiency of the threat intelligence.

Description

technical field [0001] Embodiments of the present invention relate to the technical field of network security, and in particular, to a threat intelligence evaluation method, device, equipment, and storage medium. Background technique [0002] With the rapid development of the Internet, especially the mobile Internet, different network attacks have become more industrialized and group-oriented, and network intrusion methods have become more diverse and complex, making traditional security solutions continue to be challenged. Obtaining high-quality threat intelligence to quickly understand threat information within an enterprise or organization is of great significance to improving network security. [0003] Threat intelligence is evidence-based knowledge that describes existing or upcoming threats or dangers to assets, and can be used to inform subjects to take corresponding responses to related threats or dangers. At present, the existing threat intelligence evaluation meth...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F16/28G06Q10/06
CPCG06F16/285G06Q10/06393
Inventor 刘志强王方圆尚程阿曼太梁彧蔡琳杨满智王杰田野金红陈晓光傅强
Owner EVERSEC BEIJING TECH