A real-time detection method and system based on threat behavior

A technology of real-time detection and behavior, applied in transmission systems, digital transmission systems, secure communication devices, etc., can solve the problems of lack of timeliness in static network threat analysis methods, and achieve the effect of solving the lack of timeliness

Active Publication Date: 2022-08-09
北京安博通金安科技有限公司
View PDF1 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] This application provides a real-time detection method and system based on threat behavior to solve the problem of lack of timeliness in static network threat analysis methods

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A real-time detection method and system based on threat behavior
  • A real-time detection method and system based on threat behavior
  • A real-time detection method and system based on threat behavior

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] In order to enable the staff in this technology field to better understand the technical solutions in this application, the following examples will be combined with the attached figures in the embodiments of this application to clearly and complete the technical scheme in the embodiments of this application. Obviously, the description is described as described Examples are only a part of the implementation examples of this application, not all embodiments. Based on the embodiments in this application, all other embodiments obtained by ordinary technical personnel in the art under the premise of not creating creative labor should be the scope of this application protection.

[0026] In response to the problem of network protection, related technologies are mainly divided into two categories: "traditional risk assessment methods" and "modern risk assessment methods". Traditional risk assessment methods include faulty tree analysis, fault mode impact and harm analysis, and Mar...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiments of the present application provide a real-time detection method and system based on threat behavior, which are applied to the technical field of computer security management. By selecting the application semantics according to the occurrence scene of the threat event, according to the analysis strategy of the threat event, sorting and combining them into a semantic rule template or a semantic rule configuration file. Then, a semantic rule object tree is generated according to the semantic rule template or the semantic rule configuration file, and the semantic rule object tree includes nodes corresponding to the application semantics in the semantic rule template. Finally, according to the semantic rule object tree, a directed acyclic graph is generated for checking the target behavior feature log corresponding to the threat event step by step. When the threat event changes, the semantic rule template or semantic rule configuration file can also be redefined to generate a new semantic rule object tree, and the directed acyclic graph can be updated to detect the target behavior feature log corresponding to the changed threat event in real time. Solve the problem of lack of timeliness of static network analysis threat events.

Description

Technical field [0001] This application involves the field of computer security management, especially a real -time detection method and system based on threatening behavior. Background technique [0002] With the in -depth application of new generation of IT technologies such as cloud computing and big data in various industries, the IT scale and complexity of government -enterprise institutions have continued to increase, and various types of data such as network traffic and logs have also increased. A large amount of network data is mixed with threat data to threaten the security of government and enterprise networks. Therefore, the data needs to be screened to obtain the relevant data of the threatening incident and protect the threat event in a timely manner. [0003] For network security protection, documents (CN108924084B) mentioned that related technologies are mainly divided into two types: "traditional risk assessment method" and "modern risk assessment method". Traditi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/1416H04L63/1425
Inventor 张洋
Owner 北京安博通金安科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap