IP classification method, system and device, electronic equipment and storage medium

A classification system and classification method technology, applied in the field of information security, can solve the problem that the analysis method for network traffic cannot be adapted to the advanced security analysis system, etc., and achieve the effect of avoiding high false alarm rate and accurate selection and control.

Pending Publication Date: 2022-04-29
CHINA TELECOM CORP LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the embodiments of the present invention is to provide an IP classification method, system, device, electronic equipment and storage medium to solve the problem that the existing analysis methods for network traffic cannot meet the needs of the current advanced security analysis system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IP classification method, system and device, electronic equipment and storage medium
  • IP classification method, system and device, electronic equipment and storage medium
  • IP classification method, system and device, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art based on the present application belong to the protection scope of the present invention.

[0048] In order to solve the problem that the existing analysis methods for network traffic cannot meet the needs of the current advanced security analysis system, and provide more efficient and accurate traffic data for the advanced security analysis system, the embodiment of the present invention provides an IP classification method and system , devices, electronic devices, computer readable storage media, and computer program products.

[0049] The IP clas...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides an IP classification method, system and device, electronic equipment and a storage medium, and the method comprises the steps: receiving to-be-classified information sent by a log analysis unit, and calculating a drainage score corresponding to an external attack IP based on the attack behavior information of each external attack IP; based on the attack behavior information of each external attack IP corresponding to each target IP, calculating a drainage score corresponding to the target IP; and for each external attack IP, if the drainage score corresponding to the external attack IP is greater than a first preset score threshold or the drainage score corresponding to a target IP attacked by the external attack IP is greater than a second preset score threshold, determining that the external attack is an abnormal IP. By adopting the method, the problem that the existing analysis method aiming at the network traffic cannot meet the requirements of the current advanced security analysis system is solved, and the accurate selection and control on the storage of the traffic data are realized.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to an IP classification method, system, device, electronic equipment and storage medium. Background technique [0002] In the field of information security, the analysis of network traffic has become an important analysis method in information security analysis. At present, advanced analysis methods such as complex correlation analysis model, AI model, UEBA (User Entity Behavior Analytics, User Entity Behavior Analysis) model are used to directly analyze network traffic and discover network attack events such as APT and 0day. [0003] However, using advanced security analysis methods to analyze network attack events, on the one hand, it does not fully apply the capabilities of traditional security detection equipment and consumes a lot of computing resources. On the other hand, too much positive sample traffic will also lead to a large number of false alarms. At presen...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40
CPCH04L63/1425H04L63/1416
Inventor 谢传中张科峰张静静郑玉谦
Owner CHINA TELECOM CORP LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap