Unlock instant, AI-driven research and patent intelligence for your innovation.

Advanced threat attack assessment method and device, electronic equipment and storage medium

An advanced and attacker's technology, applied in the field of network security, can solve the problem of not being able to accurately discover typical targeted attacker identities or attack events

Pending Publication Date: 2022-07-08
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF7 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the embodiments of the present application is to provide an advanced threat attack assessment method, device, electronic equipment, and storage medium. Based on the targeted characteristics of advanced threat attacks, it can accurately locate the target unit of the targeted attack, and solve the problem that existing methods cannot accurately Identify issues with typical targeted attacker identities or attack events

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Advanced threat attack assessment method and device, electronic equipment and storage medium
  • Advanced threat attack assessment method and device, electronic equipment and storage medium
  • Advanced threat attack assessment method and device, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0060] The technical solutions in the embodiments of the present application will be described below with reference to the accompanying drawings in the embodiments of the present application.

[0061] It should be noted that like numerals and letters refer to like items in the following figures, so once an item is defined in one figure, it does not require further definition and explanation in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second", etc. are only used to distinguish the description, and cannot be understood as indicating or implying relative importance.

[0062] see figure 1 , figure 1 This is a flowchart of a method for evaluating an advanced threat attack provided in an embodiment of the present application. This method can be applied to big data security analysis of products or situational awareness projects such as supervisory units. It can output the results of attack events by means of alerts and judgme...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides an advanced threat attack assessment method and device, electronic equipment and a storage medium, and relates to the technical field of network security. The method comprises the following steps: acquiring global attack data of any attacker on all target units; performing dispersion analysis on the global attack data to obtain a statistical result vector formed by attack times of each target unit in a preset time window; within a preset time span, performing persistence analysis on the global attack data to obtain a plurality of statistical result vectors; and performing subscript position difference processing of a local maximum value on the plurality of statistical result vectors to obtain an advanced threat attack target unit, so that the target unit of targeted attack can be accurately positioned based on the characteristics of the advanced threat attack, and the security of the advanced threat attack is improved. The problem that an attacker identity or an attack event with typical pertinence cannot be accurately found through an existing method is solved.

Description

technical field [0001] The present application relates to the technical field of network security, and in particular, to an advanced threat attack assessment method, apparatus, electronic device and storage medium. Background technique [0002] Advanced persistent threat attack is a long-term uninterrupted network attack using software and hardware vulnerabilities and social engineering principles. Before launching an attack, the attacker accurately collects the business process and target system of the attacked object, and digs out the vulnerabilities of the trusted system and application of the attacked object. The purpose of core data and intelligence collection is to be highly concealed and difficult for users to discover. [0003] This type of attack is usually a continuous network attack process aimed at a specific target, and has strong targeted characteristics. For example, APT attacks against my country are mainly aimed at important infrastructure and organization...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40
CPCH04L63/1425H04L63/1433
Inventor 鲍青波万卉李金戈
Owner BEIJING TOPSEC NETWORK SECURITY TECH