Server access risk monitoring method and device

A risk monitoring and server technology, which is applied in the fields of data processing and information security, can solve problems such as the failure of security control of the bastion machine, increase the risk of server access, and fail to guarantee the security and stability of the server system, so as to realize automatic monitoring and improve The effect of detection efficiency and detection comprehensiveness

Active Publication Date: 2021-10-29
INDUSTRIAL AND COMMERCIAL BANK OF CHINA
View PDF6 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Due to emergency needs, the network firewall policy of non-bastion host login cannot be banned under normal circumstances, so there may be unauthorized access behaviors bypassing the bastion host, making the security control of the bastion host invalid, and it is difficult to trace and

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Server access risk monitoring method and device
  • Server access risk monitoring method and device
  • Server access risk monitoring method and device

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0069] In order to make the purpose, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments It is a part of the embodiments of this application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of this application.

[0070] It should be noted that the server access risk monitoring method and device disclosed in this application can be used in the field of information security technology, and can also be used in any field other than the information security technology field. The application of the server access risk monitoring method and device disclosed in this application ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a server access risk monitoring method and device which can be used in the technical field of information security, and the method comprises the steps: obtaining a target login data record with a fortress machine bypassing behavior from a current newly-added log combination of a server system provided with a fortress machine according to preset access risk data features, determining application nodes having an association relationship, and extracting newly added access data between every two associated application nodes; clustering newly-added access data between every two associated application nodes in the target login data records to remove misinformation data in the target login data records, and if data records still exist in the target login data records after the misinformation data are removed, determining the data records as server access risk data. According to the invention, the fortress machine bypassing event can be automatically monitored, the detection efficiency and detection comprehensiveness of the fortress machine bypassing event can be improved, and the false alarm rate of fortress machine bypassing event alarm is reduced.

Description

technical field [0001] The present application relates to the technical field of data processing, in particular to the technical field of information security, and in particular to a server access risk monitoring method and device. Background technique [0002] Data centers often have a large number of servers, and how to manage these servers safely and efficiently has become a necessary work for operation and maintenance personnel. The more common solution is to set up one or more bastion host environments as the entrance to the online server. All servers can only be accessed through the bastion host first. At the same time, the bastion host can manage user access rights, which poses a high risk to users. Commands are intercepted and all operation and maintenance operations are recorded. [0003] Due to emergency needs, the network firewall policy of non-bastion host login cannot be banned under normal circumstances, so there may be unauthorized access behaviors bypassing ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/26H04L12/24G06K9/62
CPCH04L43/08H04L43/50H04L63/08H04L63/1425H04L41/069G06F18/2321G06F18/24
Inventor 石蕊敬涛李新印楼闯宇
Owner INDUSTRIAL AND COMMERCIAL BANK OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap