CN103905418A - 一种多维度检测防御apt的系统及方法 - Google Patents
一种多维度检测防御apt的系统及方法 Download PDFInfo
- Publication number
- CN103905418A CN103905418A CN201310559032.0A CN201310559032A CN103905418A CN 103905418 A CN103905418 A CN 103905418A CN 201310559032 A CN201310559032 A CN 201310559032A CN 103905418 A CN103905418 A CN 103905418A
- Authority
- CN
- China
- Prior art keywords
- dimension
- rule
- detection
- module
- default
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Alarm Systems (AREA)
- Geophysics And Detection Of Objects (AREA)
Abstract
Description
Claims (12)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310559032.0A CN103905418B (zh) | 2013-11-12 | 2013-11-12 | 一种多维度检测防御apt的系统及方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310559032.0A CN103905418B (zh) | 2013-11-12 | 2013-11-12 | 一种多维度检测防御apt的系统及方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103905418A true CN103905418A (zh) | 2014-07-02 |
CN103905418B CN103905418B (zh) | 2017-02-15 |
Family
ID=50996572
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310559032.0A Active CN103905418B (zh) | 2013-11-12 | 2013-11-12 | 一种多维度检测防御apt的系统及方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103905418B (zh) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105119783A (zh) * | 2015-09-30 | 2015-12-02 | 北京奇艺世纪科技有限公司 | 网络请求数据的检测方法及装置 |
CN105430001A (zh) * | 2015-12-18 | 2016-03-23 | 北京奇虎科技有限公司 | Apt攻击的检测方法、终端设备、服务器及系统 |
CN106341426A (zh) * | 2016-11-11 | 2017-01-18 | 中国南方电网有限责任公司 | 一种防御apt攻击的方法及安全控制器 |
CN106612287A (zh) * | 2017-01-10 | 2017-05-03 | 厦门大学 | 一种云存储系统的持续性攻击的检测方法 |
CN107370755A (zh) * | 2017-08-23 | 2017-11-21 | 杭州安恒信息技术有限公司 | 一种多维度深层次检测apt攻击的方法 |
CN108337217A (zh) * | 2017-03-31 | 2018-07-27 | 北京安天网络安全技术有限公司 | 基于六维空间流量分析模型的木马回联检测系统及方法 |
CN108337216A (zh) * | 2017-03-31 | 2018-07-27 | 北京安天网络安全技术有限公司 | 一种六维空间流量安全分析模型生成方法及系统 |
CN110891048A (zh) * | 2015-12-24 | 2020-03-17 | 华为技术有限公司 | 一种检测终端安全状况方法、装置及系统 |
CN113315784A (zh) * | 2021-06-23 | 2021-08-27 | 深信服科技股份有限公司 | 一种安全事件的处理方法、装置、设备和介质 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1878093A (zh) * | 2006-07-19 | 2006-12-13 | 华为技术有限公司 | 安全事件关联分析方法和系统 |
CN101035111A (zh) * | 2007-04-13 | 2007-09-12 | 北京启明星辰信息技术有限公司 | 一种智能协议解析方法及装置 |
CN101471933A (zh) * | 2007-12-28 | 2009-07-01 | 英业达股份有限公司 | 通过网络链路数据动态更新入侵检测规则的方法 |
CN102594625A (zh) * | 2012-03-07 | 2012-07-18 | 北京启明星辰信息技术股份有限公司 | 一种apt智能检测分析平台中的白数据过滤方法及系统 |
CN103312679A (zh) * | 2012-03-15 | 2013-09-18 | 北京启明星辰信息技术股份有限公司 | 高级持续威胁的检测方法和系统 |
US20130276122A1 (en) * | 2012-04-11 | 2013-10-17 | James L. Sowder | System and method for providing storage device-based advanced persistent threat (apt) protection |
-
2013
- 2013-11-12 CN CN201310559032.0A patent/CN103905418B/zh active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1878093A (zh) * | 2006-07-19 | 2006-12-13 | 华为技术有限公司 | 安全事件关联分析方法和系统 |
CN101035111A (zh) * | 2007-04-13 | 2007-09-12 | 北京启明星辰信息技术有限公司 | 一种智能协议解析方法及装置 |
CN101471933A (zh) * | 2007-12-28 | 2009-07-01 | 英业达股份有限公司 | 通过网络链路数据动态更新入侵检测规则的方法 |
CN102594625A (zh) * | 2012-03-07 | 2012-07-18 | 北京启明星辰信息技术股份有限公司 | 一种apt智能检测分析平台中的白数据过滤方法及系统 |
CN103312679A (zh) * | 2012-03-15 | 2013-09-18 | 北京启明星辰信息技术股份有限公司 | 高级持续威胁的检测方法和系统 |
US20130276122A1 (en) * | 2012-04-11 | 2013-10-17 | James L. Sowder | System and method for providing storage device-based advanced persistent threat (apt) protection |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105119783A (zh) * | 2015-09-30 | 2015-12-02 | 北京奇艺世纪科技有限公司 | 网络请求数据的检测方法及装置 |
CN105119783B (zh) * | 2015-09-30 | 2020-01-31 | 北京奇艺世纪科技有限公司 | 网络请求数据的检测方法及装置 |
CN105430001A (zh) * | 2015-12-18 | 2016-03-23 | 北京奇虎科技有限公司 | Apt攻击的检测方法、终端设备、服务器及系统 |
CN110891048A (zh) * | 2015-12-24 | 2020-03-17 | 华为技术有限公司 | 一种检测终端安全状况方法、装置及系统 |
US11431676B2 (en) | 2015-12-24 | 2022-08-30 | Huawei Technologies Co., Ltd. | Method, apparatus, and system for detecting terminal security status |
CN110891048B (zh) * | 2015-12-24 | 2021-09-03 | 华为技术有限公司 | 一种检测终端安全状况方法、装置及系统 |
CN106341426A (zh) * | 2016-11-11 | 2017-01-18 | 中国南方电网有限责任公司 | 一种防御apt攻击的方法及安全控制器 |
CN106612287A (zh) * | 2017-01-10 | 2017-05-03 | 厦门大学 | 一种云存储系统的持续性攻击的检测方法 |
CN106612287B (zh) * | 2017-01-10 | 2019-05-07 | 厦门大学 | 一种云存储系统的持续性攻击的检测方法 |
CN108337217B (zh) * | 2017-03-31 | 2020-04-24 | 北京安天网络安全技术有限公司 | 基于六维空间流量分析模型的木马回联检测系统及方法 |
CN108337216B (zh) * | 2017-03-31 | 2020-02-07 | 北京安天网络安全技术有限公司 | 一种六维空间流量安全分析模型生成方法及系统 |
CN108337216A (zh) * | 2017-03-31 | 2018-07-27 | 北京安天网络安全技术有限公司 | 一种六维空间流量安全分析模型生成方法及系统 |
CN108337217A (zh) * | 2017-03-31 | 2018-07-27 | 北京安天网络安全技术有限公司 | 基于六维空间流量分析模型的木马回联检测系统及方法 |
CN107370755B (zh) * | 2017-08-23 | 2020-03-03 | 杭州安恒信息技术股份有限公司 | 一种多维度深层次检测apt攻击的方法 |
CN107370755A (zh) * | 2017-08-23 | 2017-11-21 | 杭州安恒信息技术有限公司 | 一种多维度深层次检测apt攻击的方法 |
CN113315784A (zh) * | 2021-06-23 | 2021-08-27 | 深信服科技股份有限公司 | 一种安全事件的处理方法、装置、设备和介质 |
Also Published As
Publication number | Publication date |
---|---|
CN103905418B (zh) | 2017-02-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103905418A (zh) | 一种多维度检测防御apt的系统及方法 | |
Narayanan et al. | Early detection of cybersecurity threats using collaborative cognition | |
CN107454109B (zh) | 一种基于http流量分析的网络窃密行为检测方法 | |
CN108259449B (zh) | 一种防御apt攻击的方法和系统 | |
US9661003B2 (en) | System and method for forensic cyber adversary profiling, attribution and attack identification | |
CN109829310B (zh) | 相似攻击的防御方法及装置、系统、存储介质、电子装置 | |
Nguyen | Navigating jus ad bellum in the age of cyber warfare | |
US9083741B2 (en) | Network defense system and framework for detecting and geolocating botnet cyber attacks | |
US9215208B2 (en) | Network attack offensive appliance | |
CN103718170A (zh) | 用于事件的分布式基于规则的相关的系统和方法 | |
EP3646218A1 (en) | Cyber-security system and method for weak indicator detection and correlation to generate strong indicators | |
US9081957B2 (en) | Dynamic operational watermarking for software and hardware assurance | |
US11343263B2 (en) | Asset remediation trend map generation and utilization for threat mitigation | |
US20230418938A1 (en) | Attack kill chain generation and utilization for threat analysis | |
CN103986706A (zh) | 一种应对apt攻击的安全架构设计方法 | |
Uddin et al. | Intrusion detection system to detect DDoS attack in gnutella hybrid P2P network | |
Buchyk et al. | Devising a method of protection against zero-day attacks based on an analytical model of changing the state of the network sandbox | |
Shalaginov et al. | Malware beaconing detection by mining large-scale dns logs for targeted attack identification | |
Narayanan et al. | Cognitive techniques for early detection of cybersecurity events | |
Whitham | Automating the generation of fake documents to detect network intruders | |
IL258345B2 (en) | A rapid framework for ensuring cyber protection, inspired by biological systems | |
CN114095186A (zh) | 威胁情报应急响应方法及装置 | |
KR102179439B1 (ko) | 정상/위협 트래픽 재활용을 위한 메타 정보 플랫폼 장치 및 방법 | |
Afenu et al. | Industrial Control Systems Security Validation Based on MITRE Adversarial Tactics, Techniques, and Common Knowledge Framework | |
US20190109865A1 (en) | Pre-Crime Method and System for Predictable Defense Against Hacker Attacks |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: 100080 Beijing city Haidian District minzhuang Road No. 3, Tsinghua Science Park Building 1 Yuquan Huigu a Patentee after: Beijing ahtech network Safe Technology Ltd Address before: 100080 Haidian District City, Zhongguancun, the main street, No. 1 Hailong building, room 1415, room 14 Patentee before: Beijing Antiy Electronic Installation Co., Ltd. |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: APT multi-dimensional detection and defense system and method Effective date of registration: 20181119 Granted publication date: 20170215 Pledgee: Shanghai Pudong Development Bank Limited by Share Ltd Harbin branch Pledgor: Beijing ahtech network Safe Technology Ltd Registration number: 2018990001084 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20200508 Granted publication date: 20170215 Pledgee: Shanghai Pudong Development Bank Limited by Share Ltd Harbin branch Pledgor: BEIJING ANTIY NETWORK TECHNOLOGY Co.,Ltd. Registration number: 2018990001084 |