Security event associative analysis method and system

A security event and correlation analysis technology, applied in the field of security event correlation analysis, can solve problems such as lack of practical significance, and achieve the effects of avoiding ambiguity, improving robustness, and improving detection and recognition capabilities
CN1878093AInactive Publication Date: 2006-12-13HUAWEI TECH CO LTD
0 Cites 36 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
HUAWEI TECH CO LTD
Publication Date
2006-12-13
Estimated Expiration
Not applicable · inactive patent

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses an analyzing of correlation method and system of safe affair, which is characterized by the following: adopting paralleling mechanism of regular correlation and statistic correlation; obtaining only one safe affair through arbitration; realizing advantage supplement through two correlation patterns; make up itself defect. The invention avoids fuzziness of statistic correlation and confers regular correlation for detecting ability of unknown attack, which improves self-studying ability for entire detecting system.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the technical field of network security, in particular to a security event correlation analysis method and system. Background technique

[0002] With the development of computer technology and network technology, more and more attention has been paid to security issues. Common security devices include firewalls, intrusion detection systems (IDS: Intrusion Detection System), certificate authority (CA: Certificate Authority) systems, integrity check tools, and antivirus software. These safety components generate alarm messages when abnormal conditions occur. In addition, some systems and applications also generate security-related logs. These alarm messages and logs are collectively referred to as raw alarm events. The original alarm events from different sources often overlap, correlate or depend on each other, and the huge amount of data makes security management more and more complicated. Security administrators need to dea...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More