Computer attack information storage method and device and electronic equipment

An information storage and computer technology, applied in the field of network security, can solve the problems of being unable to trace the source of the attack, unable to reproduce the attack method, etc., and achieve the effect of increasing the difficulty of identification, increasing the difficulty of destroying, and reducing the possibility

Pending Publication Date: 2022-03-22
BEIJING ANTIY NETWORK SAFETY TECH CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, when a network security attack occurs on a computer, some local log files, process behavior and other information on the computer may be deleted by hackers, making it impossible to trace the source of the attack and reproduce the attack method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Computer attack information storage method and device and electronic equipment
  • Computer attack information storage method and device and electronic equipment
  • Computer attack information storage method and device and electronic equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0025] see figure 1 As shown, a computer attack information storage method provided by an embodiment of the present invention includes:

[0026] S01. Monitor the target log file stored in the local first storage area.

[0027] The local refers to the local computer (or client computer).

[0028] The first storage area refers to a preset storage area of ​​the local storage hard disk.

[0029] Log files are files that record events that occur during the operation of an operating system or other software, or messages between different users of communication software. The target log file refers to the log file that can be used to trace the source of the attack and reproduce the attack method when a network security attack event occurs locally, such as the local system and process behavior logs.

[0030] S02. Obtain the newly generated first log in the target log file.

[0031] S03. Encrypt the acquired first log using a first encryption algorithm, and synchronize the encrypted...

Embodiment 2

[0050] see figure 2 As shown, the embodiment of the present invention provides a computer attack information storage device, including: a log file monitoring module 201, configured to monitor the target log files stored in the local first storage area; a log file acquisition module 202, configured to acquire the The newly generated first log in the target log file; the log file encryption module 203 is used to encrypt the obtained first log using the first encryption algorithm, and synchronize the encrypted first log to the second local storage Save in the area.

[0051] An embodiment of the present invention provides a computer attack information storage device. The first log of the target log file stored in the first storage area is encrypted by the log file encryption module 203, which increases the difficulty of identifying the target log file. By encrypting the encrypted The first log is synchronized to the second storage area for storage, so that the second storage are...

Embodiment 3

[0061] see image 3 As shown, the embodiment of the present invention provides an electronic device, the electronic device includes: a housing 301, a processor 302, a memory 303, a circuit board 304 and a power supply circuit 305, wherein the circuit board 304 is placed in the housing 301 Inside the enclosed space, the processor 302 and the memory 303 are arranged on the circuit board 304, and the power supply circuit 305 is used to supply power for each circuit or device of the above-mentioned electronic equipment; the memory 303 is used to store executable program code; the processor 302 passes The executable program code stored in the memory 303 is read to run a program corresponding to the executable program code, which is used to execute the data transmission method described in any one of the foregoing first aspects.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a computer attack information storage method and device and electronic equipment, and relates to the technical field of network security. The method and the device are invented for solving the problem that attack techniques cannot be reproduced due to deletion of target log files. The computer attack information storage method comprises the following steps: monitoring a target log file stored in a local first storage area; obtaining a first log newly generated in the target log file; and encrypting the obtained first log by adopting a first encryption algorithm, and synchronizing the encrypted first log to a local second storage area for storage. The method is suitable for application scenes for storing computer attack information.

Description

technical field [0001] The invention relates to the technical field of network security. In particular, it relates to a computer attack information storage method, device and electronic equipment. Background technique [0002] A network security attack may occur locally on the computer, and some destructive activities may be performed locally on the computer. After a network security attack event occurs locally on the computer, in order to discover unknown new network attack behaviors, understand the attacker's intention, and take targeted countermeasures to determine the priority of massive events, it is necessary to trace the source of the network security attack event and reproduce it. attacks, etc. However, when a network security attack occurs on a computer, some local log files, process behavior and other information on the computer may be deleted by hackers, making it impossible to trace the source of the attack and reproduce the attack method. Contents of the inv...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/40H04L67/1097G06F21/62G06F21/60
CPCH04L63/1425H04L63/0428H04L67/1097G06F21/602G06F21/6209G06F2221/2107
Inventor 宋丹成孙晋超
Owner BEIJING ANTIY NETWORK SAFETY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap