Civil aviation air traffic control network security detection early warning platform
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A technology of network security and security monitoring, applied in the field of network security, can solve problems such as poor visualization ability, weak threat intelligence ability, file and mail filtering and file dynamic detection ability, etc., and achieve the effect of realizing informatization
Pending Publication Date: 2021-10-08
中国民用航空局空中交通管理局
View PDF4 Cites 33 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
[0014] (1) The protection of traditional security equipment is insufficient: users deploy about dozens of different types of security equipment from different manufacturers, and there are a large number of alarms. The real threat is submerged in the massive alarm and log information and is difficult to find
[0015] (2) Abnormal files and new types of threats are difficult to find: file and email filtering and file dynamic detection capabilities are insufficient, and hidden malicious codes and behaviors cannot be found
[0016] (3) Threat intelligence capabilities are weak: data outreach malicious URLs or IPs, APT high-persistent attacks, low-frequency account brute force cracking and other new threats are not discovered in time
[0017] (4) Difficult to protect against insider threats: insider forwarding and springboard attacks cannot be effectively detected and found
[0018] (5) Lack of fast means to trace the source: the analysis efficiency of massive logs is low, the visualization ability is poor, and the difficulty and cycle of event source tracing will increase
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0069] Embodiment 1 of the present application provides a civil aviation traffic management network security detection and early warning platform, including a security information collector, website and application monitoring, situation analysis center and distributed computing storage nodes, in which various collectors, website and application monitoring, situation The analysis center and distributed computing nodes are deployed separately on the internal and external networks; the following describes each component in detail:
[0070] (1) Security information collectors include asset collectors, log collectors, full flow collection systems, vulnerability collectors and security configuration collectors;
[0071] Among them, the asset collector includes servers, network devices, security devices, databases and application systems, etc., which can automatically scan and detect assets in the network and accurately identify them;
[0072] The log collector is used to collect log...
Embodiment 2
[0134] Embodiment 2 of this application provides a detailed example of the civil aviation management network security detection and early warning platform disclosed in this application:
[0135] First, build a basic platform team building first; specifically, build a big data basic platform based on the hadoop ecology, integrate and secondary develop big data technology architectures such as Spark, Flink, Kafka, and Elasticsearch, to meet the real-time requirements of the platform for collecting data Application requirements of different scenarios such as flow analysis, interactive offline analysis, correlation analysis and deep learning; develop a unified data collection module group, integrate log collection, basic data collection, asset detection, and intelligence collection functions, and select corresponding data for different data types Storage method, establish database association method, complete and label the generalized data by association;
[0136] At the same time...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
PUM
Login to view more
Abstract
The invention discloses a civil aviation air traffic control network security detection early warning platform. The platform comprises a security information collector, a website and application monitoring unit, a situation analysis center and a distributed computing storage node; the security information collector comprises an asset collector, a log collector, a full-flow collection system, a vulnerability collector and a security configuration collector; the website and application monitoring unit provides real-time safety monitoring; the situation analysis center adopts multiple intelligent analysis methods to analyze situation elements, perceives various network security situations and carries out security monitoring, and provides a security situation visual display and application interaction interface; and the distributed computing storage node realizes distributed storage, full-text indexing and analysis of security events. By adopting the civil aviation air traffic control network security detection early warning platform of the technical schemes provided by the invention, a long-acting monitoring mechanism and unified website monitoring and early warning can be established, so that centralized management, batch processing and automatic safety monitoring of the safety of each website are realized, and the safety risks of important websites and information systems are comprehensively summarized.
Description
technical field [0001] This application relates to the technical field of network security, in particular to a platform for detection and early warning of network security of civil aviation control. Background technique [0002] Next-generation threats typically use multiple means and go through multiple stages as they penetrate a network to steal information. Attackers use a combination of web, email, and file-based attacks. Current firewalls, IPS, antivirus, and web security gateways have little ability to stop attackers using advanced zero-day exploits, one-off malware, and APTs. [0003] These hybrid, multi-stage attacks are successful because traditional security techniques rely on static signature-based or list-based pattern matching techniques. Many zero-day and targeted threats infiltrate systems by hiding new types of implanted malware on innocent web pages or in downloadable files such as JPEG images and PDF documents. Or they use personalized phishing emails se...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to view more 
Login to view more