Supercharge Your Innovation With Domain-Expert AI Agents!

Security situation awareness response method and device based on multi-iteration verification

A security posture and iterative technology, applied in the field of network security, can solve problems such as difficulty in traceability, difficulty in traceability of security issues, difficulty in obtaining attack chains, etc., and achieve the effect of solving difficulty in traceability

Active Publication Date: 2021-09-07
南京聚铭网络科技有限公司
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 1. An automated response and disposal plan is proposed, but in fact the automated disposal capability is relatively low, and semi-automatic or manual disposal still dominates;
[0006] 2. It is impossible or very difficult to find similar problems that may exist in similar devices or applications, making it difficult to trace the source, and it is difficult to obtain a complete attack chain or the root cause of the problem;
[0007] 3. When a safety problem occurs, it is difficult to repeatedly verify and compare if the problem occurs after a certain treatment, so it is basically impossible to evaluate the treatment effect
[0008] Aiming at the relatively low automatic processing capability in related technologies, the difficulty in tracing the source of safety problems, and the basic inability to evaluate the solution effect, no effective solutions have been proposed so far.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security situation awareness response method and device based on multi-iteration verification
  • Security situation awareness response method and device based on multi-iteration verification
  • Security situation awareness response method and device based on multi-iteration verification

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0059]In order to enable those skilled in the art to better understand the solution of the present application, the technical solution in the embodiment of the application will be clearly and completely described below in conjunction with the accompanying drawings in the embodiment of the application. Obviously, the described embodiment is only It is an embodiment of a part of the application, but not all of the embodiments. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without creative efforts shall fall within the scope of protection of this application.

[0060] It should be noted that the terms "first" and "second" in the description and claims of the present application and the above drawings are used to distinguish similar objects, but not necessarily used to describe a specific sequence or sequence. It should be understood that the data so used may be interchanged under appropriate circumstances for ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security situation awareness response method and device based on multiple iteration verification. The method comprises the steps of obtaining related data of a network outlet and an internal boundary, obtaining related network session metadata and a network sampling packet, obtaining related information such as a process, a port change, a file change and a registry change of host operation, obtaining related configuration information of a host, and collecting related content for a special application; performing feature analysis on the security problem according to the collected related information; clustering analysis is carried out according to safety problems found in the environment and static, semi-static and dynamic data, and hosts with similar characteristics are screened out for clustering evaluation; and analyzing the influence degree according to the hosts similar to the problem hosts obtained by clustering evaluation, and generating a disposal request. According to the method and the device, the technical problem that the disposal effect cannot be evaluated basically due to low automation capability, difficulty in tracing and difficulty in repeated verification is solved.

Description

technical field [0001] The present application relates to the field of network security, in particular, to a security situation awareness response method and device based on multiple iterative verification. Background technique [0002] Network security situational awareness is to acquire, understand, and display security elements that can cause changes in the network situation in a large-scale network environment, and to predict future network security development trends accordingly. [0003] As mentioned above, the main content of network security situational awareness includes the acquisition of security situation, the understanding of security situation and the prediction of security situation; in addition, based on the above three main contents, network security situational awareness should also include processing, and related responses to network security situations, so as to realize the so-called PPDR model (ie Policy, Prevention, Detection as well as Response ),...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06F21/57
CPCH04L63/1416H04L63/1433G06F21/577
Inventor 不公告发明人
Owner 南京聚铭网络科技有限公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com