CN103905418B - 一种多维度检测防御apt的系统及方法 - Google Patents
一种多维度检测防御apt的系统及方法 Download PDFInfo
- Publication number
- CN103905418B CN103905418B CN201310559032.0A CN201310559032A CN103905418B CN 103905418 B CN103905418 B CN 103905418B CN 201310559032 A CN201310559032 A CN 201310559032A CN 103905418 B CN103905418 B CN 103905418B
- Authority
- CN
- China
- Prior art keywords
- dimension
- rule
- detection
- detected
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Alarm Systems (AREA)
- Geophysics And Detection Of Objects (AREA)
Abstract
Description
Claims (12)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310559032.0A CN103905418B (zh) | 2013-11-12 | 2013-11-12 | 一种多维度检测防御apt的系统及方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310559032.0A CN103905418B (zh) | 2013-11-12 | 2013-11-12 | 一种多维度检测防御apt的系统及方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103905418A CN103905418A (zh) | 2014-07-02 |
CN103905418B true CN103905418B (zh) | 2017-02-15 |
Family
ID=50996572
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310559032.0A Active CN103905418B (zh) | 2013-11-12 | 2013-11-12 | 一种多维度检测防御apt的系统及方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103905418B (zh) |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105119783B (zh) * | 2015-09-30 | 2020-01-31 | 北京奇艺世纪科技有限公司 | 网络请求数据的检测方法及装置 |
CN105430001A (zh) * | 2015-12-18 | 2016-03-23 | 北京奇虎科技有限公司 | Apt攻击的检测方法、终端设备、服务器及系统 |
CN110891048B (zh) | 2015-12-24 | 2021-09-03 | 华为技术有限公司 | 一种检测终端安全状况方法、装置及系统 |
CN106341426A (zh) * | 2016-11-11 | 2017-01-18 | 中国南方电网有限责任公司 | 一种防御apt攻击的方法及安全控制器 |
CN106612287B (zh) * | 2017-01-10 | 2019-05-07 | 厦门大学 | 一种云存储系统的持续性攻击的检测方法 |
CN108337216B (zh) * | 2017-03-31 | 2020-02-07 | 北京安天网络安全技术有限公司 | 一种六维空间流量安全分析模型生成方法及系统 |
CN108337217B (zh) * | 2017-03-31 | 2020-04-24 | 北京安天网络安全技术有限公司 | 基于六维空间流量分析模型的木马回联检测系统及方法 |
CN107370755B (zh) * | 2017-08-23 | 2020-03-03 | 杭州安恒信息技术股份有限公司 | 一种多维度深层次检测apt攻击的方法 |
CN113315784A (zh) * | 2021-06-23 | 2021-08-27 | 深信服科技股份有限公司 | 一种安全事件的处理方法、装置、设备和介质 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1878093A (zh) * | 2006-07-19 | 2006-12-13 | 华为技术有限公司 | 安全事件关联分析方法和系统 |
CN101035111A (zh) * | 2007-04-13 | 2007-09-12 | 北京启明星辰信息技术有限公司 | 一种智能协议解析方法及装置 |
CN101471933A (zh) * | 2007-12-28 | 2009-07-01 | 英业达股份有限公司 | 通过网络链路数据动态更新入侵检测规则的方法 |
CN102594625A (zh) * | 2012-03-07 | 2012-07-18 | 北京启明星辰信息技术股份有限公司 | 一种apt智能检测分析平台中的白数据过滤方法及系统 |
CN103312679A (zh) * | 2012-03-15 | 2013-09-18 | 北京启明星辰信息技术股份有限公司 | 高级持续威胁的检测方法和系统 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8776236B2 (en) * | 2012-04-11 | 2014-07-08 | Northrop Grumman Systems Corporation | System and method for providing storage device-based advanced persistent threat (APT) protection |
-
2013
- 2013-11-12 CN CN201310559032.0A patent/CN103905418B/zh active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1878093A (zh) * | 2006-07-19 | 2006-12-13 | 华为技术有限公司 | 安全事件关联分析方法和系统 |
CN101035111A (zh) * | 2007-04-13 | 2007-09-12 | 北京启明星辰信息技术有限公司 | 一种智能协议解析方法及装置 |
CN101471933A (zh) * | 2007-12-28 | 2009-07-01 | 英业达股份有限公司 | 通过网络链路数据动态更新入侵检测规则的方法 |
CN102594625A (zh) * | 2012-03-07 | 2012-07-18 | 北京启明星辰信息技术股份有限公司 | 一种apt智能检测分析平台中的白数据过滤方法及系统 |
CN103312679A (zh) * | 2012-03-15 | 2013-09-18 | 北京启明星辰信息技术股份有限公司 | 高级持续威胁的检测方法和系统 |
Also Published As
Publication number | Publication date |
---|---|
CN103905418A (zh) | 2014-07-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103905418B (zh) | 一种多维度检测防御apt的系统及方法 | |
EP3287927B1 (en) | Non-transitory computer-readable recording medium storing cyber attack analysis support program, cyber attack analysis support method, and cyber attack analysis support device | |
US9838426B2 (en) | Honeyport active network security | |
CN108351939A (zh) | 信息处理装置、信息处理方法和信息处理程序 | |
CN107454109A (zh) | 一种基于http流量分析的网络窃密行为检测方法 | |
EP3646218A1 (en) | Cyber-security system and method for weak indicator detection and correlation to generate strong indicators | |
Gupta et al. | Network intrusion detection system using various data mining techniques | |
CN112100545A (zh) | 网络资产的可视化方法、装置、设备和可读存储介质 | |
US9866575B2 (en) | Management and distribution of virtual cyber sensors | |
US11240136B2 (en) | Determining attributes using captured network probe data in a wireless communications system | |
CN110035062A (zh) | 一种网络验伤方法及设备 | |
CN110210213A (zh) | 过滤恶意样本的方法及装置、存储介质、电子装置 | |
CN110620690A (zh) | 一种网络攻击事件的处理方法及其电子设备 | |
Narayanan et al. | Cognitive techniques for early detection of cybersecurity events | |
CN106973051B (zh) | 建立检测网络威胁模型的方法、装置和存储介质 | |
KR101987031B1 (ko) | 네트워크 관제를 위한 정보의 시각화를 제공하는 방법 및 이를 이용한 장치 | |
CN105939314A (zh) | 网络防护方法和装置 | |
Baykara et al. | An overview of monitoring tools for real-time cyber-attacks | |
CN110472132A (zh) | 一种安全舆情信息的获取方法、装置及介质 | |
Yu et al. | A visualization analysis tool for DNS amplification attack | |
JP6067195B2 (ja) | 情報処理装置及び情報処理方法及びプログラム | |
Afenu et al. | Industrial Control Systems Security Validation Based on MITRE Adversarial Tactics, Techniques, and Common Knowledge Framework | |
Prasat et al. | Analysis of Cross-Domain Security and Privacy Aspects of Cyber-Physical Systems | |
Makopa et al. | Internet of Things (IoT) Network Forensic Analysis Using the Raspberry Pi 4 Model B and Open-Source Tools | |
WO2019123449A1 (en) | A system and method for analyzing network traffic |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: 100080 Beijing city Haidian District minzhuang Road No. 3, Tsinghua Science Park Building 1 Yuquan Huigu a Patentee after: Beijing ahtech network Safe Technology Ltd Address before: 100080 Haidian District City, Zhongguancun, the main street, No. 1 Hailong building, room 1415, room 14 Patentee before: Beijing Antiy Electronic Installation Co., Ltd. |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: APT multi-dimensional detection and defense system and method Effective date of registration: 20181119 Granted publication date: 20170215 Pledgee: Shanghai Pudong Development Bank Limited by Share Ltd Harbin branch Pledgor: Beijing ahtech network Safe Technology Ltd Registration number: 2018990001084 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20200508 Granted publication date: 20170215 Pledgee: Shanghai Pudong Development Bank Limited by Share Ltd Harbin branch Pledgor: BEIJING ANTIY NETWORK TECHNOLOGY Co.,Ltd. Registration number: 2018990001084 |