Unlock instant, AI-driven research and patent intelligence for your innovation.

User behavior monitoring method, system and equipment based on bastion host and medium

A bastion machine and behavioral technology, applied in hardware monitoring, neural learning methods, biological neural network models, etc., can solve problems such as inability to effectively discover and process security issues, leakage of private information, and inability to monitor in real time, so as to reduce manpower input, The effect of avoiding safety hazards and losses and avoiding false positives

Inactive Publication Date: 2021-08-20
长沙市到家悠享家政服务有限公司
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] In the existing technology, privileged personnel such as operation and maintenance and DBA only have historical records when accessing the system, and auditing often requires personnel to log in regularly and check
However, with the demand for data security audits, the processing and analysis requirements of more and more massive data, etc., the existing methods can no longer meet the needs of effectively discovering and processing security problems, and cannot monitor and discover problematic user behaviors in real time, so that it is impossible to avoid network traffic in time. Online data security risks include but are not limited to economic losses, privacy information leakage and other hazards and accidents

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • User behavior monitoring method, system and equipment based on bastion host and medium
  • User behavior monitoring method, system and equipment based on bastion host and medium
  • User behavior monitoring method, system and equipment based on bastion host and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0039] Combine below figure 1 A flowchart illustrating the main steps of one embodiment of the method of the present invention is shown.

[0040] In step S110, preset rules for judging whether the user behavior is an abnormal behavior.

[0041] In one embodiment, based on corresponding business operations in actual application scenarios, rules for judging detected user behaviors are preset. For example, it can be based on the combination of the corresponding actual application scenarios and the corresponding business operation behavior, according to the normal behavior of business personnel (users), or misoperation behavior, and the behavior of illegal users (hackers, etc.) invading personnel, etc. Set different rules.

[0042] Further, according to the actual application scenario, the correct / normal business operators are usually in the majority, while the abnormal operators are in the minority, based on the actual application scenario and its corresponding business, determ...

example 3

[0048] Example 3 of an application, taking the working status as an example, setting sensitive operation rules such as:

[0049] Combined with business scenarios, the working status of business personnel is screened. If they are personnel who have applied for resignation, the operation alarm level of the bastion machine will be raised to the highest level, and the trigger conditions of sensitive rules will be reduced. For example: according to the working status, the user behavior of a business person in a specific working status in a specific period of time is regarded as an abnormal behavior. If there is an unsafe instruction library, an alarm will be issued immediately. This is the difference between this embodiment and other bastion machine monitoring methods in combination with business scenarios.

[0050] An application example 4, taking the information association between business operation equipment and business personnel as an example, set sensitive operation rules s...

Embodiment 2

[0072] In order to make the object, technical solution and advantages of the present invention clearer, the implementation of the system of the present invention will be further described in detail below in conjunction with specific embodiments and with reference to the accompanying drawings.

[0073] In one embodiment of the present invention, the user behavior monitoring system based on the bastion machine mainly includes a rule module, which is used to preset judgment rules; Analysis to predict whether it is an abnormal behavior; the processing module is used to call the police when the user behavior is abnormal.

[0074] Here, will combine image 3 A block diagram showing the main structure of an embodiment of the system of the present invention will be described. In this embodiment, the system at least includes a rule module 110 , an analysis module 120 and a processing module 130 .

[0075] The rule module 110 is configured to preset rules for judging whether the user ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of data security auditing, and is particularly suitable for visual monitoring of log management. The invention provides a user behavior monitoring method, system, equipment and medium based on a bastion host, and aims to overcome the defects of untimely abnormal alarm, difficult and inflexible operation and maintenance, excessive manpower consumption and the like caused by the fact that privileged personnel such as operation and maintenance, DBA and the like only have historical records when accessing a system and audit needs to log in and check at regular intervals. The objective of the invention is to solve the technical problem of how to analyze and predict whether monitored user behaviors are abnormal or not based on the support of real-time data streams of a deployed bastion host by combining preset judgment rules of user behavior habits, so that sensitive operations can be found in time, human input is reduced, false alarms are avoided, and rule and data analysis combination can be realized flexibly and variably.

Description

technical field [0001] The invention belongs to the technical field of data security auditing, is particularly suitable for visual monitoring of log management, and more specifically relates to a user behavior monitoring method, system, equipment and medium based on a bastion machine. Background technique [0002] In the existing technology, privileged personnel such as operation and maintenance and DBA only have historical records when accessing the system, and auditing often requires personnel to log in and check regularly. However, with the demand for data security audits, the processing and analysis requirements of more and more massive data, etc., the existing methods can no longer meet the needs of effectively discovering and processing security problems, and cannot monitor and discover problematic user behaviors in real time, so that it is impossible to avoid network traffic in time. Online data security risks include but are not limited to economic losses, privacy in...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/34G06N3/08
CPCG06F11/3438G06N3/08G06N3/088
Inventor 周合月刘欢欢武晓虎
Owner 长沙市到家悠享家政服务有限公司