Network attack organization detection method, device, equipment and readable storage medium

A network attack and detection method technology, applied in the field of network security, can solve problems such as easy deviation, incomplete information elements, and inability to effectively analyze the attack purpose, so as to reduce dependence and improve accuracy.

Active Publication Date: 2021-12-17
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF4 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method is only inference, and the existing information is time-sensitive. When the attack method is updated, or the information elements are incomplete, the inference based on the existing information is prone to deviation, and then the context supplement error occurs, resulting in the inability to effectively analyze Identify the purpose of the attack and associate it with a specific network attack organization

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack organization detection method, device, equipment and readable storage medium
  • Network attack organization detection method, device, equipment and readable storage medium
  • Network attack organization detection method, device, equipment and readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] In order to enable those skilled in the art to better understand the solution of the present invention, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments. Apparently, the described embodiments are only some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0055] see figure 1 , figure 1 It is an implementation flowchart of a detection method for a network attack organization in an embodiment of the present invention, and the method may include the following steps:

[0056] S101: When a target network attack is detected, acquire target attack characteristics of the target network attack.

[0057] During network operation, the cloud service detects network atta...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network attack organization detection method, which comprises the following steps: when a target network attack is detected, obtaining a target attack feature of the target network attack; performing honeypot environment matching on the target attack features by using a preset rule base; judging whether the honeypot environment is successfully matched or not; if yes, pulling target attack traffic corresponding to the target network attack to the matched target honeypot environment, and capturing an attack sample and attack context information according to the target attack traffic by using the target honeypot environment; analyzing the attack sample to obtain sample recognition information; and determining a target attack organization according to the attack context information and the sample recognition information. By applying the detection method of the network attack organization provided by the invention, the dependence on known information is reduced, and the accuracy of the detection of the network attack organization is improved. The invention further discloses a network attack organization detection device and equipment and a storage medium, which have corresponding technical effects.

Description

technical field [0001] The present invention relates to the technical field of network security, in particular to a detection method, device, equipment and computer-readable storage medium of a network attacking organization. Background technique [0002] Threat intelligence is some kind of evidence-based knowledge, including context, mechanism, indication, meaning and actionable advice, which is related to existing or brewing threats or hazards faced by assets, and can be used by assets-related entities to assess threats or Provide information to support hazard response or treatment decisions. Most of the threat intelligence mentioned in the industry can be regarded as threat intelligence in a narrow sense. Its main content is the identification of compromises used to identify and detect threats, such as file HASH (hash value), IP (Internet Protocol, network interconnection Protocol), domain name, program running path, registry entries, etc., and related attribution labels...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1491H04L63/1425H04L63/1433H04L63/1466
Inventor 许久围范渊吴卓群王欣
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap