Network security operation service method
The invention provides a network security operation service method, which comprises the following steps: determining attacker preferences according to a vulnerability report, a vulnerability database and known vulnerabilities and characteristics of a target system, and optimizing vulnerability scann...
Saved in:
Main Authors | , |
---|---|
Format | Patent |
Language | Chinese English |
Published |
10.11.2023
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | The invention provides a network security operation service method, which comprises the following steps: determining attacker preferences according to a vulnerability report, a vulnerability database and known vulnerabilities and characteristics of a target system, and optimizing vulnerability scanning and honeypot technologies; a firewall and an IDS are configured through configured network settings, and a protected honeypot system is obtained; according to the honeypot with the complete log and monitoring function, simulating and adding false sensitive data in the honeypot, and regularly changing the bait and configuration of the honeypot to obtain a regularly updated honeypot; the method comprises the following steps: monitoring a periodically updated honeypot, evaluating the monitored honeypot activity and attacker behavior, generating a risk evaluation report, and determining the attacker behavior and the system risk; determining whether to reuse the honeypot based on the attacker behavior, the system ri |
---|---|
Bibliography: | Application Number: CN202311048431 |