Data processing method, device and equipment and machine readable storage medium

A data processing and processor technology, applied in the field of communication, can solve the problem of poor portrait effect of attackers, and achieve high efficiency and accurate portrait effect

Pending Publication Date: 2021-10-08
NEW H3C SECURITY TECH CO LTD
View PDF0 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] In view of this, the present disclosure provides a data processing method, device, electronic device, and machine-readable storage medium, so as to improve the above-mentioned problem of ineffective acquisition of attacker portraits

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data processing method, device and equipment and machine readable storage medium
  • Data processing method, device and equipment and machine readable storage medium
  • Data processing method, device and equipment and machine readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The terminology used in the embodiments of the present disclosure is only for the purpose of describing a specific embodiment, rather than limiting the present disclosure. As used in this disclosure and the claims, the singular forms "a", "the" and "the" are intended to include the plural forms as well, unless the context clearly dictates otherwise. It should also be understood that the term "and / or" as used herein is meant to include any and all possible combinations of one or more of the associated listed items.

[0026] It should be understood that although terms such as first, second, and third may be used in the embodiments of the present disclosure to describe various information, such information should not be limited to these terms. These terms are only used to distinguish information of the same type from one another. For example, without departing from the scope of the present disclosure, first information may also be called second information, and similarly,...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a data processing method and device, equipment and a machine readable storage medium. The method comprises the following steps: receiving a security alarm log; classifying the security alarm logs associated with the same attack source IP into a group, and calculating attack features associated with the attack source IP associated with the group of security alarm logs by a preset rule according to the security alarm logs of the same group; and carrying out clustering calculation according to the attack features associated with each attack source IP, and obtaining an attacker portrait according to a calculation result. Through the technical scheme disclosed by the invention, the security alarm reported by the security equipment is analyzed according to the attack event of each attack source, the attack behavior characteristics of the attack source on a single target are extracted, then the attack behaviors of the attack source on a plurality of attack targets are calculated and analyzed, the attack behavior characteristics of the attack source are extracted, and on the basis, the attack sources are classified by utilizing clustering calculation, the attacker portrait is finally obtained, the efficiency is high, and the portrait is accurate.

Description

technical field [0001] The present disclosure relates to the technical field of communications, and in particular, to a data processing method, device, device, and machine-readable storage medium. Background technique [0002] Network security is getting more and more attention in today's era, and border defense equipment has become the standard equipment for enterprise information construction. In the face of increasing network security attacks, identifying the attack behavior characteristics of attackers is a topic of concern in the network security industry. It has considerable research value for increasing external attack predictions and identifying attackers' attack methods. [0003] K-means is a commonly used clustering algorithm based on Euclidean distance, which believes that the closer the distance between two targets, the greater the similarity. [0004] The LCS (Long Common Sequence, longest common subsequence) algorithm is used to find the longest common substri...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06K9/62
CPCG06F21/55G06F18/23
Inventor 赵志伟
Owner NEW H3C SECURITY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap