Unlock instant, AI-driven research and patent intelligence for your innovation.

Anomaly detection method, computer storage medium and program product

An anomaly detection and anomaly technology, applied in the field of data security, can solve problems such as sudden increase of CPU resources, increase of detection data security resources, consumption of processing resources, etc., to achieve the effect of improving hit rate, reducing resource consumption, and reducing quantity

Active Publication Date: 2022-01-18
ALIBABA CLOUD COMPUTING LTD
View PDF3 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the above method consumes a lot of processing resources. For example, a match may involve hundreds of regular expressions, resulting in a sudden increase in the occupied CPU resources.
[0003] In addition, as the rules for judging data security continue to increase, the content that needs to be matched continues to increase. For example, the number of regular expressions involved in the matching process continues to increase, resulting in an increase in the resources required to detect data security.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Anomaly detection method, computer storage medium and program product
  • Anomaly detection method, computer storage medium and program product
  • Anomaly detection method, computer storage medium and program product

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present application, the following will clearly and completely describe the technical solutions in the embodiments of the present application in conjunction with the drawings in the embodiments of the present application. Obviously, the described The embodiments are only some of the embodiments of the present application, but not all of them. All other embodiments obtained by persons of ordinary skill in the art based on the embodiments in the embodiments of the present application shall fall within the protection scope of the embodiments of the present application.

[0022] The specific implementation of the embodiment of the present application will be further described below in conjunction with the accompanying drawings of the embodiment of the present application.

[0023] It should be noted that the solution provided in this embodiment is suitable as a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides an anomaly detection method, a computer storage medium and a program product. The method comprises the steps: obtaining a field value of a to-be-detected target field from a to-be-detected log, extracting the key information of the field value, and obtaining a fingerprint of the to-be-detected log; inquiring whether the fingerprint of the to-be-detected log corresponds to the abnormal operation or not according to a preset corresponding relation between the fingerprint and the abnormal operation, wherein the corresponding relation is obtained according to a result obtained by conducting abnormal operation detection on the field in the historical log and the fingerprint in the historical log; and determining whether to perform abnormal operation detection on the to-be-detected log or not according to a query result. According to the scheme provided by the embodiment of the invention, preliminary abnormal operation detection can be realized through the key information extraction operation and the query operation, and the complexity of the two operations is o (1) so that the resource consumed in the detection process is less.

Description

technical field [0001] The embodiments of the present application relate to the technical field of data security, and in particular to an anomaly detection method, a computer storage medium, and a program product. Background technique [0002] In data security scenarios, the more commonly used method is feature matching, such as matching regular expressions with feature databases, string matching, and other operations. However, the above method consumes a lot of processing resources. For example, a match may involve hundreds of regular expressions, resulting in a sudden increase in CPU resources occupied. [0003] In addition, as the rules for judging data security continue to increase, the content that needs to be matched continues to increase. For example, the number of regular expressions involved in the matching process continues to increase, resulting in an increase in the resources required to detect data security. In view of this, the technical problem that needs to ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F16/14G06F16/18G06F16/2455G06F21/55
CPCG06F16/148G06F16/1815G06F16/24564G06F21/552
Inventor 袁小栋
Owner ALIBABA CLOUD COMPUTING LTD