Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Threat intelligence classification and evolution relationship analysis method

A technology of relational analysis and evolutionary relational diagram, applied in semantic analysis, text database clustering/classification, unstructured text data retrieval, etc., can solve problems such as low information quality, short shelf life, lack of in-depth analysis, etc., to achieve Solve the effects of low quality, information overload, and rich information

Pending Publication Date: 2022-02-18
BEIHANG UNIV
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Not friendly to information security analysts who focus on a certain type of threat intelligence
The low quality of information mainly refers to the insufficient amount of information in the threat intelligence response.
Unanalyzed threat intelligence cannot reflect the whole picture of security incidents, and information security personnel
[0007] At present, the network security platform mainly provides some simple tactical threat intelligence, such as domain name, IP, file HASH, etc. These intelligences have a "short shelf life" and reflect a poor amount of information, making it difficult to apply
In terms of information analysis, only a simple correlation is given, and a deeper analysis is lacking

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Threat intelligence classification and evolution relationship analysis method
  • Threat intelligence classification and evolution relationship analysis method
  • Threat intelligence classification and evolution relationship analysis method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0084] The following is a preferred embodiment of the present invention and the technical solutions of the present invention are further described in conjunction with the accompanying drawings, but the present invention is not limited to this embodiment.

[0085] The invention proposes a method for categorizing threat intelligence and analyzing evolutionary relationships. This technology mainly includes two aspects, the first aspect is the classification technology of threat intelligence, and the second aspect is the evolution analysis method of threat intelligence. The classification method of threat intelligence mainly classifies the threat types of threat intelligence, and the evolution analysis of threat intelligence mainly analyzes the time series evolution relationship between threat intelligence.

[0086] Threat Intelligence Classification Techniques:

[0087] Compared with general corpus information, there are many information security elements in threat intelligence, s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A threat intelligence classification and evolution relationship analysis method is realized through a method in the field of network security. The method comprises: classifying threat types of the threat intelligence through a threat intelligence classification technology, and analyzing a time sequence evolution relationship among the threat intelligence through an evolution analysis technology of the threat intelligence; threat types being classified through four steps of information security element extraction, information security element relation construction, feature engineering and a classification model based on graph convolution attention; according to the threat intelligence evolution analysis technology, calculating whether a time sequence evolution relation exists between threat intelligence or not through two steps of calculating the evolution relation strength between the threat intelligence and constructing a threat intelligence evolution relation graph. According to the method provided by the invention, the information amount reflected by the intelligence is richer, and the application is convenient. And deeper analysis can be given in the aspect of information analysis.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method for categorizing threat intelligence and analyzing evolutionary relationships. Background technique [0002] With the rapid development of the Internet and communication technology, it has also brought hidden dangers to network security. Most of the security problems are spread through the Internet. The scope of cyber attacks has spread from individuals to transportation, industry, energy, finance, aerospace, medical and other fields, seriously threatening the information security of the country and society. Especially in recent years, with the rapid development of emerging business forms such as "Internet +" and "smart manufacturing" and the introduction and realization of the concept of the Internet of Things, network and informatization have penetrated into all aspects of national production and life with an irresistible trend. The borders of safety, persona...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F40/30G06F40/194G06F16/35
CPCG06F40/30G06F40/194G06F16/35
Inventor 李博刘旭东王谷雨赵军葛彬彬
Owner BEIHANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products