Network security log alarm processing method based on big data analysis technology

A technology of network security and analysis technology, applied in the field of network security log alarm processing based on big data analysis technology, can solve the problems such as the large variety and quantity of network security logs, and the inability of timely and efficient processing of alarm event messages, so as to improve the quality of analysis Effect

Active Publication Date: 2021-11-19
STATE GRID CORP OF CHINA +2
View PDF8 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The present invention provides a network security log alarm processing method based on big data analysis technology, which is used to solve the problem in the prior art that due to the large number and types of network security logs, the generated alarm event messages cannot be processed in a timely and efficient manner

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security log alarm processing method based on big data analysis technology
  • Network security log alarm processing method based on big data analysis technology
  • Network security log alarm processing method based on big data analysis technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0037] see figure 1 , the embodiment of the present invention provides a network security log alarm processing method based on big data analysis technology, comprising the following steps:

[0038] Step S1: Collect logs generated by various types of network security devices that require alarm analysis.

[0039] Based on the syslog protocol, the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a network security log alarm processing method based on a big data analysis technology, and the method comprises the steps: obtaining standardized log data with a uniform format through an automatic analysis engine, filtering useless and meaningless logs through a log filtering rule, and then converting the logs into security alarm events through a network attack event classification rule. Then associated alarm events in a certain time range are combined through an alarm rule and an association analysis algorithm, so that repeated alarms are effectively de-duplicated, the repeated occurrence frequency is recorded, and the analysis quality of the alarm events is improved. According to the method, a set of visual, reliable and stable network security log analysis method is established, collected network security log data is subjected to normal form analysis processing in a simple, convenient and rapid mode, log data with unified log attributes are generated, then alarm events generated by logs are subjected to duplicate removal and merging processing, the network security detection efficiency is effectively improved, false alarm and repetition of alarms are reduced, and therefore the pressure of alarm analysis processing is relieved.

Description

technical field [0001] The invention relates to the technical field of electric power information systems, in particular to a network security log alarm processing method based on big data analysis technology. Background technique [0002] In recent years, information network security incidents have occurred frequently, and the security situation has become increasingly severe. With the expansion of network boundaries and the increase of network security devices, the log data generated by various network security devices has grown rapidly, and a large number of log events requires security operation and maintenance personnel. Identify and process, which contains many duplicate logs and invalid junk logs, and different security vendors have different attack signature databases, and adopt different monitoring and alarm strategies. In order to improve the overall perception of network security, we can only reduce The alarm threshold causes many attack alarms to be falsely repor...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L63/1425H04L41/069H04L41/0604Y02D30/50
Inventor 牛犁青彭详礼刘勇昊向灏帆张烨褚兆良徐远翔
Owner STATE GRID CORP OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap