Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Intelligent security policy configuration method based on target perception

A security policy and intelligent configuration technology, applied in the field of information security, can solve the problems of heavy manual operation of policy configuration, the impact of security policy configuration correctness on the availability of network connectivity services, security policy configuration and defense goals need to be further improved, etc.

Active Publication Date: 2021-08-31
NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
View PDF12 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in a large-scale network, there are many types and quantities of security protection devices. The policy configuration methods of different types of devices are different. The policy configuration requirements of similar devices in different usage scenarios are also different and focused. The correctness of security policy configuration There are also complex impacts on network connectivity, service availability, etc.
[0003] With the granularity of security policy control becoming more and more refined, higher requirements are put forward for the professional ability of security management and operation and maintenance personnel. The workload of policy configuration is heavy and manual operations inevitably make mistakes. These negligence leave opportunities for attackers
At the same time, under the background of the development of intelligent information technologies such as artificial intelligence and machine learning, the means of network attacks are also showing a trend of intelligence. Attackers can implement targeted attack means according to the target situation, and can also change the attack method according to the characteristics of the target. It also prompts the network security protection system to use intelligent means to detect problems in time, quickly adjust strategies and implement accurate responses. The research on network security policy configuration technology is also gradually developing in the direction of automation and intelligence. A variety of strategy automatic generation and verification analysis methods such as defense intent, but the adaptability and adaptability of security policy configuration and defense goals still need to be further improved

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intelligent security policy configuration method based on target perception
  • Intelligent security policy configuration method based on target perception
  • Intelligent security policy configuration method based on target perception

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0030] refer to Figure 1 to Figure 5 As shown, the present invention discloses a security policy intelligent configuration method based on target perception, and the security policy intelligent configuration method includes at least four stages: target perception, policy generation, analysis and detection, and acceptance optimization. The system model is as follows figure 1As shown, the four stages constitute a dynamic and closed-loop working model, reflecting the characteristics of intelligent response and continuous optimization.

[0031] Preferably, the target sensing step acquires node information, flow information, topology information and threat information of the target network through active detection and / or passive monitoring, and analyzes and senses the state of the target network. Perceive the accurate status of the target network through comprehensive analysis, and provide information support for the generation of security protection strategies.

[0032] Further,...

Embodiment 2

[0050] On the basis of embodiment 1, refer to figure 2 As shown, the present invention also discloses an implementation framework for the intelligent configuration method of the security policy. Its core is information detection, target perception, and intelligent analysis and processing to achieve fast and efficient security policy configuration and deployment, reduce the complicated operations of security management and maintenance personnel, and assist them in making security protection decisions.

[0051] The implementation architecture includes a detection layer, a perception layer, a processing layer and a presentation layer.

[0052] The detection layer: conduct active and passive network and target detection through data communication interface services, including discovering network nodes through active scanning and detection, monitoring network intercommunication session relationships through traffic collection such as mirroring, and collecting strategies for securi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security policy intelligent configuration method based on target perception, and the method comprises the steps: designing the processes of target real-time perception, policy intelligent generation, policy analysis and detection, and policy intelligent optimization, enabling the policy intelligent configuration to be closely associated with the state of a defense target, thereby achieving the intelligent configuration, quick response and continuous optimization of a security protection policy, assisting safety operation and maintenance personnel are assisted to quickly configure safety protection strategies, and timely and efficiently processing various network safety threats.

Description

technical field [0001] The invention belongs to the field of information security, and in particular relates to an intelligent configuration method of a security policy based on target awareness. Background technique [0002] With the rapid development of computer network technology, the scale of various information networks has become increasingly large and complex. Under the background of the rapid evolution of information technology and the increasingly serious security threats faced by networks and information systems, the awareness of enterprises in information security protection Gradually strengthen the security of sensitive data and systems by deploying multi-layer security protection methods such as hosts, networks, applications, and data, which also further increases the scale and complexity of information networks. For enterprise security management and operation and maintenance personnel, it is usually necessary to manage and maintain multiple security areas of t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/205
Inventor 卿昱伍荣宋焱淼邓永晖许光利周佳黄兴赖德刚罗林
Owner NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com