Unlock instant, AI-driven research and patent intelligence for your innovation.

An intelligent configuration method of security policy based on target awareness

A security policy and intelligent configuration technology, applied in the field of information security, can solve the problems of further improvement of security policy configuration and defense goals, the impact of security policy configuration correctness on network connectivity service availability, heavy manual operation of policy configuration workload, etc. , to achieve the effect of rapid configuration, timely and efficient response

Active Publication Date: 2022-07-05
NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
View PDF12 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in a large-scale network, there are many types and quantities of security protection devices. The policy configuration methods of different types of devices are different. The policy configuration requirements of similar devices in different usage scenarios are also different and focused. The correctness of security policy configuration There are also complex impacts on network connectivity, service availability, etc.
[0003] With the granularity of security policy control becoming more and more refined, higher requirements are put forward for the professional ability of security management and operation and maintenance personnel. The workload of policy configuration is heavy and manual operations inevitably make mistakes. These negligence leave opportunities for attackers
At the same time, under the background of the development of intelligent information technologies such as artificial intelligence and machine learning, the means of network attacks are also showing a trend of intelligence. Attackers can implement targeted attack means according to the target situation, and can also change the attack method according to the characteristics of the target. It also prompts the network security protection system to use intelligent means to detect problems in time, quickly adjust strategies and implement accurate responses. The research on network security policy configuration technology is also gradually developing in the direction of automation and intelligence. A variety of strategy automatic generation and verification analysis methods such as defense intent, but the adaptability and adaptability of security policy configuration and defense goals still need to be further improved

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An intelligent configuration method of security policy based on target awareness
  • An intelligent configuration method of security policy based on target awareness
  • An intelligent configuration method of security policy based on target awareness

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0030] refer to Figure 1 to Figure 5 As shown in the figure, the present invention discloses a method for intelligent configuration of security policies based on target perception. The method for intelligent configuration of security policies includes at least four stages: target perception, policy generation, analysis and detection, and acceptance optimization. The system model is as follows: figure 1As shown, the four stages constitute a dynamic, closed-loop working model, which embodies the characteristics of intelligent response and continuous optimization.

[0031] Preferably, in the target sensing step, the node information, traffic information, topology information and threat information of the target network are acquired through active detection and / or passive monitoring, and the state of the target network is analyzed and sensed. Through comprehensive analysis and perception of the accurate state of the target network, it provides information support for the generati...

Embodiment 2

[0050] On the basis of Example 1, refer to figure 2 As shown, the present invention also discloses an implementation framework for the intelligent configuration method of the security policy. Its core is information detection, target perception and intelligent analysis and processing, which realizes fast and efficient security policy configuration and deployment, reduces the complicated operations of security management and maintenance personnel, and assists them in making security protection decisions.

[0051] The implementation architecture includes a detection layer, a perception layer, a processing layer and a presentation layer.

[0052] The detection layer: perform active and passive network and target detection through data communication interface services, including discovering network nodes through active scanning and detection, monitoring network intercommunication session relationships through traffic collection such as mirroring, and collecting policies for secur...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security policy intelligent configuration method based on target perception. By designing the process of target real-time perception, policy intelligent generation, policy analysis and detection, and policy intelligent optimization, the policy intelligent configuration is closely related to the defense target state, and security protection is realized. Intelligent configuration, rapid response and continuous optimization of policies help security operation and maintenance personnel to quickly configure security protection policies and respond to various network security threats in a timely and efficient manner.

Description

technical field [0001] The invention belongs to the field of information security, and in particular relates to a method for intelligently configuring a security policy based on target perception. Background technique [0002] With the rapid development of computer network technology, the scale of various information networks has become increasingly large and complex. Under the background of the rapid evolution of information technology and the increasingly serious security threats faced by networks and information systems, enterprises' awareness of information security protection Gradually strengthen the security of sensitive data and systems by deploying multi-layer security protection methods such as hosts, networks, applications, and data, which further increases the scale and complexity of information networks. For the security management and operation and maintenance personnel of the enterprise, it is usually necessary to manage and maintain multiple security areas of ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/205
Inventor 卿昱伍荣宋焱淼邓永晖许光利周佳黄兴赖德刚罗林
Owner NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP