Threat detection method, device and equipment and storage medium
The invention discloses a threat detection method. The method comprises the steps of collecting weblog monitored in real time; performing threat detection on the weblog by utilizing a threat detectionmodel to obtain a detection result; if the detection result represents that the behavior of the webl...
Saved in:
| Main Author | |
|---|---|
| Format | Patent |
| Language | Chinese English |
| Published |
12.05.2020
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | The invention discloses a threat detection method. The method comprises the steps of collecting weblog monitored in real time; performing threat detection on the weblog by utilizing a threat detectionmodel to obtain a detection result; if the detection result represents that the behavior of the weblog is abnormal, determining a target attack link to which the weblog with the abnormal behavior belongs based on an attack chain of a network space security framework; and taking the target attack link in the attack chain and all preorder attack links of the target attack link as attacked links tocomplete threat detection of the weblog. The invention further discloses a threat detection device and equipment and a storage medium. Threat capture is carried out from the global perspective of theattack chain, and the security defense capability is improved.
本发明公开了一种威胁检测方法,包括:采集实时监测的网络日志;利用威胁检测模型,对所述网络日志进行威胁检测,获得检测结果;若所述检测结果表征所述网络日志的行为异常,则基于网络空间安全框架的攻击链,确定所述行为异常的网络日志所属的目标攻击环节;将所述攻击链中所述目标攻击环节及该目标攻击环节的所有前序攻击环节作为被攻陷环节,完成对所 |
|---|---|
| AbstractList | The invention discloses a threat detection method. The method comprises the steps of collecting weblog monitored in real time; performing threat detection on the weblog by utilizing a threat detectionmodel to obtain a detection result; if the detection result represents that the behavior of the weblog is abnormal, determining a target attack link to which the weblog with the abnormal behavior belongs based on an attack chain of a network space security framework; and taking the target attack link in the attack chain and all preorder attack links of the target attack link as attacked links tocomplete threat detection of the weblog. The invention further discloses a threat detection device and equipment and a storage medium. Threat capture is carried out from the global perspective of theattack chain, and the security defense capability is improved.
本发明公开了一种威胁检测方法,包括:采集实时监测的网络日志;利用威胁检测模型,对所述网络日志进行威胁检测,获得检测结果;若所述检测结果表征所述网络日志的行为异常,则基于网络空间安全框架的攻击链,确定所述行为异常的网络日志所属的目标攻击环节;将所述攻击链中所述目标攻击环节及该目标攻击环节的所有前序攻击环节作为被攻陷环节,完成对所 |
| Author | PANG SIMING |
| Author_xml | – fullname: PANG SIMING |
| BookMark | eNrjYmDJy89L5WRwCMkoSk0sUUhJLUlNLsnMz1PITS3JyE_RAYqUZSanKiTmpSikFpZmFuSm5pWAecUl-UWJ6alAhSmZpbk8DKxpiTnFqbxQmptB0c01xNlDN7UgPz61uCAxOTUvtSTe2c8QCEzMTQ1MHI2JUQMAxkoyzQ |
| ContentType | Patent |
| DBID | EVB |
| DatabaseName | esp@cenet |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: EVB name: esp@cenet url: http://worldwide.espacenet.com/singleLineSearch?locale=en_EP sourceTypes: Open Access Repository |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Medicine Chemistry Sciences Physics |
| DocumentTitleAlternate | 威胁检测方法、装置、设备和存储介质 |
| ExternalDocumentID | CN111147504A |
| GroupedDBID | EVB |
| ID | FETCH-epo_espacenet_CN111147504A3 |
| IEDL.DBID | EVB |
| IngestDate | Fri Jul 19 14:52:00 EDT 2024 |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | Chinese English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-epo_espacenet_CN111147504A3 |
| Notes | Application Number: CN201911399397 |
| OpenAccessLink | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20200512&DB=EPODOC&CC=CN&NR=111147504A |
| ParticipantIDs | epo_espacenet_CN111147504A |
| PublicationCentury | 2000 |
| PublicationDate | 20200512 |
| PublicationDateYYYYMMDD | 2020-05-12 |
| PublicationDate_xml | – month: 05 year: 2020 text: 20200512 day: 12 |
| PublicationDecade | 2020 |
| PublicationYear | 2020 |
| RelatedCompanies | SANGFOR TECHNOLOGIES INC |
| RelatedCompanies_xml | – name: SANGFOR TECHNOLOGIES INC |
| Score | 3.3924026 |
| Snippet | The invention discloses a threat detection method. The method comprises the steps of collecting weblog monitored in real time; performing threat detection on... |
| SourceID | epo |
| SourceType | Open Access Repository |
| SubjectTerms | CALCULATING COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS COMPUTING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRICITY PHYSICS TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION |
| Title | Threat detection method, device and equipment and storage medium |
| URI | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20200512&DB=EPODOC&locale=&CC=CN&NR=111147504A |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV3dS8MwED_m_HzTquj8oIL0yaJp0308FHVpyxDWDamyt5G2KZtgN12L4F9vLnbOF33MBcJx4b5yv7sAXIpmQhMnS812kt6YVNjE5B0iTIo1Lh5zS6imsH7Y7D3Rh5EzqsHLshdGzQn9UMMRpUYlUt8LZa_nq0csT2ErF9fxVJJmt0HkekaVHeMTCbEMr-v6w4E3YAZjLguN8NFFy0BxlPn9GqxjGI1z9v3nLnalzH-7lGAXNobytLzYg9rnRINttvx5TYOtflXw1mBTITSThSRWWrjYh7togqGenopCAaly_fsf6CtJQcXXeZ7q4q2cKiyQWiEGUloOHUvp5esBXAR-xHqmZGr8I4ExC1f824dQz2e5OAJdpgqCy1vI7KxDSdxqO1nGnVZKeUZJasXH0Pj7nMZ_myewg9LEMjmxTqFevJfiTHrfIj5XYvsC9A6J5Q |
| link.rule.ids | 230,309,786,891,25594,76903 |
| linkProvider | European Patent Office |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV3dT4MwEL_M-THfFDU6vzAxPEkUKGN7IOrKCOrGFoNmb6RAyWYimwIx8a-3rcz5oo-9Js3lmrv27n53B3BOWzGKzTRR23FypSJqaCrpaFRFPMdFIqJTURQ28FveE7ofm-MavCxqYUSf0A_RHJFpVMz0vRD2er4MYjkCW5lfRlNGml27ge0olXfMQySarjhduzcaOkOsYGxjX_EfbW4ZEG9lfrsCqxZzCYWr9NzlVSnz30-KuwVrI3ZaVmxD7XMiQQMvJq9JsDGoEt4SrAuEZpwzYqWF-Q7cBBP-1ZMTWgggVSZ_z4G-YBSu-DLJEpm-lVOBBRIrjoFklkPmqfTydRfO3F6APZUxFf5IIMT-kn9jD-rZLKP7IDNXgRJ2C6mRdpAWWW0zTYlpJYikSEv06ACaf5_T_G_zFBpeMOiH_Tv_4RA2uWR5ylzTj6BevJf0mL3ERXQiRPgFjD-Mzw |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Apatent&rft.title=Threat+detection+method%2C+device+and+equipment+and+storage+medium&rft.inventor=PANG+SIMING&rft.date=2020-05-12&rft.externalDBID=A&rft.externalDocID=CN111147504A |