A method and system for identifying a service logic attack link based on dynamic behavior
By aggregating and multi-dimensionally judging business behavior records, abnormal transfers are identified and attack chains are traced, solving the problems of insufficient accuracy in identifying complex business logic attacks and insufficient path reconstruction in existing technologies, and achieving more efficient attack chain identification and tracing.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- CHINA INT DATA SYST CO LTD
- Filing Date
- 2026-04-24
- Publication Date
- 2026-06-19
AI Technical Summary
Existing technologies struggle to accurately identify the relationships between business behaviors scattered across different times, sessions, or processing stages in complex business logic attack scenarios, resulting in low accuracy in attack chain identification and insufficient path reconstruction capabilities.
By collecting business behavior records, dynamic behavior fragments are aggregated and then subjected to status parsing, permission determination, and credential determination. Combined with preset legal rules, multi-dimensional comparisons are performed to identify abnormal transfers and trace the attack chain through supplementary certification events.
It improves the accuracy of identifying and tracing complex business logic attacks, reduces the false alarm rate, and can more completely reconstruct the attack path.
Smart Images

Figure CN122247741A_ABST