Unlock instant, AI-driven research and patent intelligence for your innovation.
Automatic security event handling method and system based on knowledge reasoning
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A security event and knowledge reasoning technology, applied in the field of intelligent operation and maintenance disposal prediction, can solve the problems of security operation and maintenance experts' disposal experience that cannot be reused, cannot be dynamically expanded, and security incidents are backlogged, so as to achieve digital asset protection, high degree of automation, The effect of expanding the application field
Active Publication Date: 2022-02-15
SHANDONG ZHONGFU INFORMATION IND
View PDF16 Cites 1 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
Security operation and maintenance experts filter according to the level and type of security incidents, screen out the security incidents they are concerned about, conduct analysis and judgment and investigate and collect evidence to determine the degree of harm of security incidents and their scope of influence. However, the inventors found that this method is in In practical applications, there are fixed methods, inability to dynamically expand, and low processing efficiency, which lead to a continuous backlog of security incidents. The experience of security operation and maintenance experts cannot be reused, and it is impossible to fundamentally solve the problem that the backlog of security incidents has become dormant data.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0035] The purpose of this embodiment is to provide a method for automatically handling security events based on knowledge reasoning.
[0036] Such as figure 1 As shown, a method for automatic handling of security events based on knowledge reasoning, including:
[0037] Obtain pending security events;
[0038] Based on the pre-built knowledge reasoning system, the security events are graded, judged, and processed to obtain the disposal results; wherein, the knowledge reasoning system is based on the production rule reasoning method, using the pre-stored security event set and the handling rule set, through The inference engine performs hierarchical processing of security events and determines the corresponding handling rules for security events;
[0039] Transform the obtained treatment results and input them into the knowledge reasoning system.
[0040] Further, the knowledge reasoning system includes a fact set, a handling rule set, and an inference engine, the fact set s...
Embodiment 2
[0079] The purpose of this embodiment is to provide a security event automatic handling system based on knowledge reasoning.
[0080] An automatic security event handling system based on knowledge reasoning, including:
[0081] a data acquisition unit, which is used for pending security events;
[0082] The disposition result acquisition unit is used to conduct hierarchical research and judgment processing on the security event based on the pre-built knowledge reasoning system to obtain the disposition result; wherein, the knowledge reasoning system is based on the production rule reasoning method, using Event collection and disposal rule collection, through the inference engine to classify security events, determine the corresponding disposal rules of security events;
[0083] The treatment rule extension unit is used to transform the obtained treatment results and input them into the knowledge reasoning system.
[0084] In further embodiments, there is also provided:
[0...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
PUM
Login to View More
Abstract
The invention provides an automatic security event handling method and system based on knowledge reasoning, and belongs to the technical field of intelligent operation and maintenance handling prediction. The scheme comprises the steps: obtaining a to-be-handled security event; based on a pre-constructed knowledge reasoning system, carrying out grading research and judgment processing on the security event to obtain a processing result, wherein the knowledge reasoning system is based on a production type rule reasoning method, a security event set and a disposal rule set which are stored in advance are utilized, the security event is subjected to stage processing through a reasoning engine, and a disposal rule corresponding to the security event is determined; and converting the obtained treatment result, and inputting the converted treatment result into the knowledge reasoning system.
Description
technical field [0001] The invention belongs to the technical field of intelligent operation and maintenance disposal prediction, and in particular relates to a method and system for automatic disposal of security events based on knowledge reasoning. Background technique [0002] The statements in this section merely provide background information related to the present invention and do not necessarily constitute prior art. [0003] SIEM (Security Information and Event Management) and SOC (Security Operation Center) security products are becoming more and more popular (hereinafter collectively referred to as security event management systems). Organizations that use security event management systems to protect core assets have generated and accumulated a large number of security incidents. Limited to the development level of related technologies, the security event managementsystem still needs the participation of security operation and maintenance experts to conduct resear...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to View More 
Login to View More