Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Abnormal behavior detection method, device and system and computer readable storage medium

A detection method and detection device technology, applied in the field of data security, can solve problems such as lack of consideration of data quality, complicated use, slow running speed, etc., and achieve the effects of improving computing performance, enhancing intuitiveness, and convenient use

Pending Publication Date: 2022-03-25
SHANGHAI GUAN AN INFORMATION TECH
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At this stage, abnormal user entity behavior detection is usually carried out using model training algorithms, and there are still deficiencies and areas to be improved, which are mainly reflected in the following aspects: 1) Failure to fully mine and extract features, and cannot make full use of multi-dimensional features; 2) Most abnormal behavior detection methods such as authentication (brute force cracking, abnormal time login, etc.), time series and other detection models use characteristics or rules are relatively simple; 3) more or less lack of consideration of data quality, even multi-dimensional The multi-rule anomaly detection model is not satisfactory and convincing in the processing of the original data input into the algorithm model; 4) the use is more complicated and the running speed is slow; 5) the accuracy of the detection results is not enough, or the results Accuracy regulation is not flexible enough
[0004] For the above-mentioned problems existing in the prior art, there is not yet an effective solution

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Abnormal behavior detection method, device and system and computer readable storage medium
  • Abnormal behavior detection method, device and system and computer readable storage medium
  • Abnormal behavior detection method, device and system and computer readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0031] In order to solve the problems of insufficient feature extraction, low reliability of processed data, slow detection speed and insufficient detection accuracy in the prior art, the present invention provides a method for detecting abnormal behavior. figure 1 is a flow chart of the abnormal behavior detection method provided by the embodiment of the present invention, such as figure 1 As shown, the method includes:

[0032] S1. Obtain the operation beha...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an abnormal behavior detection method, device and system and a computer readable storage medium. The method comprises the steps that expert experience knowledge is adopted, and intelligent selection operation behaviors of people correspond to multi-dimensional operation characteristic values; and selecting an optimal K value, normalizing an operation characteristic value, then carrying out K-means clustering, carrying out detection on a clustered result through an idea of integrating the clustering result into a peer group to obtain an abnormal behavior, and visualizing the abnormal behavior. According to the invention, sufficient and rapid feature selection is carried out; all the features are normalized, so that the detection sensitivity is improved; an optimal K-means clustering algorithm is adopted to obtain a clustering center and a clustering category so as to facilitate detection of abnormal behaviors; abnormal behavior judgment is carried out in a peer-to-peer group mode, and threshold parameters can be regulated and controlled, so that the detection speed and accuracy are improved; and the detection result is visualized after dimension reduction, so that the detection result is more common, intuitive and clear.

Description

technical field [0001] The present invention relates to the field of data security, in particular to an abnormal behavior detection method, device, system and computer-readable storage medium. Background technique [0002] In recent years, data security has gradually risen to the level of national security, and many industries such as mobile communications, telecommunications, power grids, real estate, big data centers, education and other institutions or departments have emerged urgent needs for big data security protection. However, the complexity of the Internet topology, the concealment of network attacks, the diversity of attack methods, the irregularity of hacker attacks, and the advancement of hacker technical capabilities have made the security environment increasingly tense. Therefore, targeted product technologies such as situational awareness and User Entity Behavior Analysis (UEBA) emerged as the times require. Looking at these emerging product technologies, the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06K9/62
CPCG06F21/552G06F18/23213G06F18/2433
Inventor 许云风马振邹武王启凡陶景龙殷钱安夏玉明
Owner SHANGHAI GUAN AN INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com