Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network threat detection method and system

A threat detection and network technology, applied in transmission systems, digital transmission systems, electrical components, etc., can solve problems such as business impact, attack damage, lack of timely response, etc., to strengthen baseline and standardized management, improve security, and effectively The effect of discovering cyber threats

Pending Publication Date: 2022-04-05
THE INT PEACE MATERNITY & CHILD HEALTH HOSPITAL OF CHINA WELFARE INST
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Most of the existing technologies are judged based on the signature database of known attack methods. When the audit log does not match the signature database, the attack has caused substantial damage, business has been affected, and security incidents have occurred. The backup of the system configuration is only It is used for recovery after the system is attacked, and lacks the ability to respond in time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network threat detection method and system
  • Network threat detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0037] It should be noted that, in the case of no conflict, the embodiments of the present invention and the features in the embodiments can be combined with each other.

[0038] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments, but not as a limitation of the present invention.

[0039] The present invention provides a network threat detection method, which is applicable to the detection of...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A network threat detection method is suitable for detection of network threats, and is characterized by comprising the following steps: S1, a system executes a network threat detection process, and then collects a current log file of the system and a current configuration file of the system; s2, processing according to the current configuration file of the system to obtain configuration change information of the system; s3, comparing the current log file of the system with the configuration change information: if the current log file of the system does not accord with the configuration change information, indicating that the configuration change is abnormal, and then returning to the step S1 to wait for the system to execute the next network threat detection process; and if yes, indicating that the configuration change is normal, and then returning to the step S1 to wait for the system to execute the next network threat detection process. Through an automatic processing method associated with logs and configuration, network threats can be effectively found, the safety of operation and maintenance can be improved, and baseline and standard management of configuration is enhanced.

Description

technical field [0001] The present invention relates to a network threat detection method and system, in particular to a network threat detection method and system based on log audit and configuration baseline correlation. Background technique [0002] In existing security products, audit logs are usually used to deal with network threats, and the audit logs are uniformly retained and archived for problem query and response audit; and the configuration is usually backed up for system disaster recovery and version Compare. There is no more in-depth utilization. [0003] Most of the existing technologies are judged based on the signature database of known attack methods. When the audit log does not match the signature database, the attack has caused substantial damage, business has been affected, and security incidents have occurred. The backup of the system configuration is only It is used for recovery after the system is attacked, and lacks the ability to respond in time. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40H04L67/30
Inventor 陈昌杰陈磊
Owner THE INT PEACE MATERNITY & CHILD HEALTH HOSPITAL OF CHINA WELFARE INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products