CN105656693B - 一种基于回归的信息安全异常检测的方法及系统 - Google Patents
一种基于回归的信息安全异常检测的方法及系统 Download PDFInfo
- Publication number
- CN105656693B CN105656693B CN201610145683.9A CN201610145683A CN105656693B CN 105656693 B CN105656693 B CN 105656693B CN 201610145683 A CN201610145683 A CN 201610145683A CN 105656693 B CN105656693 B CN 105656693B
- Authority
- CN
- China
- Prior art keywords
- alarm
- time
- module
- abnormality detection
- recurrence
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0604—Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
- H04L41/064—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis involving time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Abstract
Description
Claims (1)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610145683.9A CN105656693B (zh) | 2016-03-15 | 2016-03-15 | 一种基于回归的信息安全异常检测的方法及系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610145683.9A CN105656693B (zh) | 2016-03-15 | 2016-03-15 | 一种基于回归的信息安全异常检测的方法及系统 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105656693A CN105656693A (zh) | 2016-06-08 |
CN105656693B true CN105656693B (zh) | 2019-06-07 |
Family
ID=56493586
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610145683.9A Active CN105656693B (zh) | 2016-03-15 | 2016-03-15 | 一种基于回归的信息安全异常检测的方法及系统 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105656693B (zh) |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108259202A (zh) * | 2016-12-29 | 2018-07-06 | 航天信息股份有限公司 | 一种ca监测预警方法和ca监测预警系统 |
JP6761793B2 (ja) | 2017-10-13 | 2020-09-30 | 日立オートモティブシステムズ株式会社 | 車両用制御装置 |
CN109444232B (zh) * | 2018-12-26 | 2024-03-12 | 苏州同阳科技发展有限公司 | 一种多通道智能化污染气体监测装置与扩散溯源方法 |
CN110519266B (zh) * | 2019-08-27 | 2021-04-27 | 四川长虹电器股份有限公司 | 一种基于统计学方法的cc攻击检测的方法 |
CN112118141B (zh) * | 2020-09-21 | 2021-12-17 | 中山大学 | 面向通信网络的告警事件关联压缩方法及装置 |
CN112785142B (zh) * | 2021-01-19 | 2023-11-24 | 翰克偲诺水务集团有限公司 | 物联网污水处理设备预警智慧工单方法及其系统 |
CN113552856B (zh) * | 2021-09-22 | 2021-12-10 | 成都数之联科技有限公司 | 工艺参数根因定位方法和相关装置 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103441982A (zh) * | 2013-06-24 | 2013-12-11 | 杭州师范大学 | 一种基于相对熵的入侵报警分析方法 |
CN104601604A (zh) * | 2014-06-12 | 2015-05-06 | 国家电网公司 | 网络安全态势分析方法 |
CN105357063A (zh) * | 2015-12-14 | 2016-02-24 | 成都为帆斯通科技有限公司 | 一种网络空间安全态势实时检测方法 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2013027970A1 (ko) * | 2011-08-19 | 2013-02-28 | 고려대학교 산학협력단 | 네트워크의 이상증후를 탐지하는 장치 및 방법 |
-
2016
- 2016-03-15 CN CN201610145683.9A patent/CN105656693B/zh active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103441982A (zh) * | 2013-06-24 | 2013-12-11 | 杭州师范大学 | 一种基于相对熵的入侵报警分析方法 |
CN104601604A (zh) * | 2014-06-12 | 2015-05-06 | 国家电网公司 | 网络安全态势分析方法 |
CN105357063A (zh) * | 2015-12-14 | 2016-02-24 | 成都为帆斯通科技有限公司 | 一种网络空间安全态势实时检测方法 |
Non-Patent Citations (1)
Title |
---|
"网络异常的检测与诊断方法";邹柏贤;《小型微型计算机系统》;20040430;第25卷(第4期);第506-510页 |
Also Published As
Publication number | Publication date |
---|---|
CN105656693A (zh) | 2016-06-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105656693B (zh) | 一种基于回归的信息安全异常检测的方法及系统 | |
CN105808368B (zh) | 一种基于随机概率分布的信息安全异常检测的方法及系统 | |
AU2017200941B2 (en) | Telemetry Analysis System for Physical Process Anomaly Detection | |
CN108292296B (zh) | 用于利用复发性模式创建时间序列数据的时段分布图的方法 | |
CA2926603C (en) | Event correlation across heterogeneous operations | |
US10419268B2 (en) | Automated scoring of unstructured events in information technology environments | |
US10592308B2 (en) | Aggregation based event identification | |
US11201865B2 (en) | Change monitoring and detection for a cloud computing environment | |
US20160308725A1 (en) | Integrated Community And Role Discovery In Enterprise Networks | |
EP3671466B1 (en) | Unsupervised anomaly detection for arbitrary time series | |
EP2487860B1 (en) | Method and system for improving security threats detection in communication networks | |
Yang et al. | A time efficient approach for detecting errors in big sensor data on cloud | |
CN105095048B (zh) | 一种基于业务规则的监控系统告警关联处理方法 | |
EP3206153A1 (en) | Cyber security | |
US9292408B2 (en) | Automated detection of a system anomaly | |
CN111324639B (zh) | 数据监测方法、装置及计算机可读存储介质 | |
CN103441982A (zh) | 一种基于相对熵的入侵报警分析方法 | |
Tianfield | Cyber security situational awareness | |
US11074652B2 (en) | System and method for model-based prediction using a distributed computational graph workflow | |
CN105471623A (zh) | 一种基于模糊场景的关键ip地址安全报警关联分析方法 | |
CN109597746A (zh) | 故障分析方法及装置 | |
Solmaz et al. | ALACA: A platform for dynamic alarm collection and alert notification in network management systems | |
US20160162348A1 (en) | Automated detection of a system anomaly | |
CN102158372A (zh) | 一种分布式系统异常检测方法 | |
Spathoulas et al. | Methods for post-processing of alerts in intrusion detection: A survey |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 210012, Nanjing high tech Zone, Jiangsu, Nanjing Software Park, No. 99 unity Road, Eagle building, block A, 14 floor Applicant after: Nanjing Liancheng science and technology development Limited by Share Ltd Address before: A small road in Yuhuatai District of Nanjing City, Jiangsu province 210012 Building No. 158 Building 1 new ideal Applicant before: NANJING LIANCHENG TECHNOLOGY DEVELOPMENT CO., LTD. |
|
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: 210000 14F, building A, Eagle building, 99 solidarity Road, Nanjing Software Park, Nanjing hi tech Zone, Jiangsu Applicant after: Nanjing Liancheng science and technology development Limited by Share Ltd Address before: 210000, Nanjing high tech Zone, Jiangsu, Nanjing Software Park, No. 99 unity Road, Eagle building, block A, 14 floor Applicant before: Nanjing Liancheng science and technology development Limited by Share Ltd |
|
CB02 | Change of applicant information | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A method and system of information security anomaly detection based on regression Effective date of registration: 20220112 Granted publication date: 20190607 Pledgee: Bank of Hangzhou Limited by Share Ltd. Nanjing branch Pledgor: NANJING LIANCHENG TECHNOLOGY DEVELOPMENT CO.,LTD. Registration number: Y2022980000420 |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right |