Check patentability & draft patents in minutes with Patsnap Eureka AI!

Vulnerability-based security event association method and related equipment

A security event and vulnerability technology, which is applied in the field of vulnerability-based security event correlation, can solve the problems that the accuracy of correlation results and correlation efficiency cannot be satisfied at the same time, and achieve the effect of simple modification operation

Pending Publication Date: 2022-05-24
BEIJING UNIV OF POSTS & TELECOMM +1
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, the main security event correlation analysis techniques include correlation methods based on probabilistic similarity, correlation methods based on environmental status, and correlation methods based on causality, etc., but none of them can satisfy the accuracy and efficiency of correlation results at the same time.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability-based security event association method and related equipment
  • Vulnerability-based security event association method and related equipment
  • Vulnerability-based security event association method and related equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] In order to make the objectives, technical solutions and advantages of the present application more clearly understood, the present application will be further described in detail below with reference to specific embodiments and accompanying drawings.

[0046] It should be noted that, unless otherwise defined, the technical terms or scientific terms used in the embodiments of the present application shall have the usual meanings understood by those with ordinary skills in the field to which the present application belongs. "First", "second" and similar words used in the embodiments of the present application do not indicate any order, quantity or importance, but are only used to distinguish different components. "Comprises" or "comprising" and similar words mean that the elements or things appearing before the word encompass the elements or things recited after the word and their equivalents, but do not exclude other elements or things. Words like "connected" or "connec...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a security event association method based on vulnerabilities and related equipment, and aims to establish a vulnerability library by analyzing attributes of vulnerabilities existing in a network, extract utilization relationships in vulnerability attribute information, and establish an attack path by using a causal association analysis technology. Wherein the vulnerability library only needs to be established once, the modification operation is very simple, and the attack path is automatically updated along with the update of the vulnerability library. According to the association method, the association of the security events is pre-judged from the perspective of static analysis. According to the method, attack paths can be extracted from massive alarm events and used as associated events, and the security event association efficiency can be improved while the event analysis difficulty can be effectively reduced.

Description

technical field [0001] The present application relates to the technical field of network security events, and in particular, to a vulnerability-based security event correlation method and related devices. Background technique [0002] At this stage, the form of network attack is mainly multi-step attack. If an attacker wants to obtain data or destroy the normal operation of the device, he usually needs to go through the steps of information collection, infiltration, lateral movement, attack, and data return. The implementation of each step involves many technologies and generates corresponding security data, and the data is not isolated and often has some correlation. Many large-scale network security incidents are often composed of a series of small security incidents according to certain rules, causing serious harm. It is therefore necessary to correlate scattered security data to uncover larger potential threats. [0003] The security event correlation analysis technol...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 金正平刘冰赵浩亮秦素娟时忆杰
Owner BEIJING UNIV OF POSTS & TELECOMM
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com