Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network attack prediction method and device

A network attack and prediction method technology, applied in the field of network security, can solve the problems of maintaining network security, inability to predict network attack behavior, disadvantage, etc.

Pending Publication Date: 2022-02-25
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF9 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in practice, it is found that the existing technology can only identify network attack behaviors, but cannot predict network attack behaviors, which is not conducive to timely maintenance of network security.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack prediction method and device
  • Network attack prediction method and device
  • Network attack prediction method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0057] Please see figure 1 , figure 1 A schematic flowchart of a network attack prediction method is provided for the embodiment of the present application. Among them, the network attack prediction method includes:

[0058] S101. Obtain network attack behavior data to be detected.

[0059]In the embodiment of this application, the network attack behavior data includes network attack behavior data and associated log data in a long historical period, specifically including data related to attack events, such as attack program data, web page (WEB) attack data, and blasting data. etc., extract the attack source IP and target IP fields to obtain the relevant data of the attack event.

[0060] S102. Preprocessing the network attack behavior data to obtain preprocessed data.

[0061] In the embodiment of the present application, the preprocessing of the network attack behavior data mainly includes processing such as filtering invalid attack behaviors and extracting attack behavi...

Embodiment 2

[0080] Please see figure 2 , figure 2 It is a schematic flowchart of another network attack prediction method provided in the embodiment of the present application. Such as figure 2 As shown, wherein, the network attack prediction method includes:

[0081] S201. Obtain an original prediction model and network attack behavior sample data.

[0082] In the embodiment of the present application, the network attack behavior sample data in the range of the most recent period before the current moment may be used for sequence behavior modeling and model training.

[0083] In the embodiment of the present application, the network attack behavior sample data includes network attack behavior sample data and associated log sample data in a long historical period, and specifically includes related sample data of attack events, such as attack program sample data, webpage (WEB) Attack sample data, blasting sample data, etc., extract the attack source IP and target IP fields to obtain...

Embodiment 3

[0152] Please see image 3 , image 3 It is a schematic structural diagram of a network attack prediction device provided in an embodiment of the present application. Such as image 3 As shown, the network attack prediction device includes:

[0153] An acquisition unit 310, configured to acquire network attack behavior data to be detected;

[0154] The first preprocessing unit 320 is configured to preprocess the network attack behavior data to obtain preprocessed data;

[0155] A sequence construction unit 330, configured to construct an attack event sequence according to preprocessed data;

[0156] The prediction unit 340 is configured to perform prediction processing on the attack event sequence through a pre-built network attack prediction model to obtain a prediction result;

[0157] The determining unit 350 is configured to determine the attacked target address and the attack probability corresponding to the attacked target address according to the prediction result....

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a network attack prediction method and device, and relates to the technical field of network security. The network attack prediction method comprises the following steps: firstly, obtaining to-be-detected network attack behavior data; preprocessing the network attack behavior data to obtain preprocessed data; constructing an attack event sequence according to the preprocessed data; further performing prediction processing on the attack event sequence through a pre-constructed network attack prediction model to obtain a prediction result; and finally, determining an attacked target address and an attacked probability corresponding to the attacked target address according to the prediction result. Therefore, network attack behaviors can be predicted, the prediction accuracy is high, and the network security can be further maintained in time.

Description

technical field [0001] The present application relates to the technical field of network security, in particular, to a network attack prediction method and device. Background technique [0002] The current network attacks are becoming more and more frequent, and the forms of network attacks and the application of new tools are emerging in an endless stream. In particular, attacks on key network information infrastructure often cause serious losses and even endanger network security. In the prior art, a regular expression matching a log format is usually set by a regular matching algorithm to identify whether a network attack is underway. However, it is found in practice that the existing technology can only identify network attack behaviors, but cannot predict network attack behaviors, which is not conducive to timely maintenance of network security. Contents of the invention [0003] The purpose of the embodiments of the present application is to provide a network attac...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/40G06N3/04G06N3/08
CPCH04L63/1425H04L63/1416G06N3/08G06N3/044
Inventor 鲍青波
Owner BEIJING TOPSEC NETWORK SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com