CN105681274B - 一种原始告警信息处理的方法及装置 - Google Patents
一种原始告警信息处理的方法及装置 Download PDFInfo
- Publication number
- CN105681274B CN105681274B CN201510958909.2A CN201510958909A CN105681274B CN 105681274 B CN105681274 B CN 105681274B CN 201510958909 A CN201510958909 A CN 201510958909A CN 105681274 B CN105681274 B CN 105681274B
- Authority
- CN
- China
- Prior art keywords
- attack
- source
- destination
- alarm information
- original alarm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/069—Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510958909.2A CN105681274B (zh) | 2015-12-18 | 2015-12-18 | 一种原始告警信息处理的方法及装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510958909.2A CN105681274B (zh) | 2015-12-18 | 2015-12-18 | 一种原始告警信息处理的方法及装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105681274A CN105681274A (zh) | 2016-06-15 |
CN105681274B true CN105681274B (zh) | 2019-02-01 |
Family
ID=56189597
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510958909.2A Active CN105681274B (zh) | 2015-12-18 | 2015-12-18 | 一种原始告警信息处理的方法及装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105681274B (zh) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111294233A (zh) * | 2018-12-11 | 2020-06-16 | 国网信息通信产业集团有限公司 | 网络告警统计分析方法、系统及计算机可读存储介质 |
CN110362536A (zh) * | 2019-07-15 | 2019-10-22 | 北京工业大学 | 基于告警关联的日志密文检索方法 |
CN110809010B (zh) * | 2020-01-08 | 2020-05-08 | 浙江乾冠信息安全研究院有限公司 | 威胁信息处理方法、装置、电子设备及介质 |
CN112131249A (zh) * | 2020-09-28 | 2020-12-25 | 绿盟科技集团股份有限公司 | 一种攻击意图识别方法及装置 |
CN112887310B (zh) * | 2021-01-27 | 2022-09-20 | 华南理工大学 | 一种提升网络攻击风险评估效率的方法、设备及介质 |
CN113489680B (zh) * | 2021-06-07 | 2023-10-24 | 广发银行股份有限公司 | 网络攻击威胁等级评估模型、评估方法、终端及介质 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101034974A (zh) * | 2007-03-29 | 2007-09-12 | 北京启明星辰信息技术有限公司 | 基于时间序列和事件序列的关联分析攻击检测方法和装置 |
CN101076013A (zh) * | 2006-05-19 | 2007-11-21 | 上海三零卫士信息安全有限公司 | 一种网络数据智能漂移引导系统及其数据漂移引导方法 |
CN101242278A (zh) * | 2008-02-18 | 2008-08-13 | 华中科技大学 | 网络多步攻击意图在线识别方法 |
CN101272286A (zh) * | 2008-05-15 | 2008-09-24 | 上海交通大学 | 网络入侵事件关联检测方法 |
CN101697545A (zh) * | 2009-10-29 | 2010-04-21 | 成都市华为赛门铁克科技有限公司 | 安全事件关联方法、装置及网络服务器 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7725936B2 (en) * | 2003-10-31 | 2010-05-25 | International Business Machines Corporation | Host-based network intrusion detection systems |
-
2015
- 2015-12-18 CN CN201510958909.2A patent/CN105681274B/zh active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101076013A (zh) * | 2006-05-19 | 2007-11-21 | 上海三零卫士信息安全有限公司 | 一种网络数据智能漂移引导系统及其数据漂移引导方法 |
CN101034974A (zh) * | 2007-03-29 | 2007-09-12 | 北京启明星辰信息技术有限公司 | 基于时间序列和事件序列的关联分析攻击检测方法和装置 |
CN101242278A (zh) * | 2008-02-18 | 2008-08-13 | 华中科技大学 | 网络多步攻击意图在线识别方法 |
CN101272286A (zh) * | 2008-05-15 | 2008-09-24 | 上海交通大学 | 网络入侵事件关联检测方法 |
CN101697545A (zh) * | 2009-10-29 | 2010-04-21 | 成都市华为赛门铁克科技有限公司 | 安全事件关联方法、装置及网络服务器 |
Non-Patent Citations (1)
Title |
---|
解析防火墙规则的专家系统的研究与实现;王玉刚;《中国优秀博硕士学位论文全文数据库(硕士) 信息科技辑》;20061215;全文 |
Also Published As
Publication number | Publication date |
---|---|
CN105681274A (zh) | 2016-06-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105681274B (zh) | 一种原始告警信息处理的方法及装置 | |
CN109922075B (zh) | 网络安全知识图谱构建方法和装置、计算机设备 | |
Li | Using genetic algorithm for network intrusion detection | |
CN104811447B (zh) | 一种基于攻击关联的安全检测方法和系统 | |
JP6528448B2 (ja) | ネットワーク攻撃監視装置、ネットワーク攻撃監視方法、及びプログラム | |
CN107819731B (zh) | 一种网络安全防护系统及相关方法 | |
CN107888607A (zh) | 一种网络威胁检测方法、装置及网络管理设备 | |
KR100910761B1 (ko) | 프로세스 행위 예측 기법을 이용한 비정형 악성코드 탐지방법 및 그 시스템 | |
CN110545280B (zh) | 一种基于威胁检测准确度的量化评估方法 | |
CN112819336A (zh) | 一种基于电力监控系统网络威胁的量化方法及系统 | |
KR101692982B1 (ko) | 로그 분석 및 특징 자동 학습을 통한 위험 감지 및 접근제어 자동화 시스템 | |
TWI476628B (zh) | 以惡意程式特徵分析為基礎之資安風險評估系統 | |
CN108462714A (zh) | 一种基于系统弹性的apt防御系统及其防御方法 | |
CN109376537B (zh) | 一种基于多因子融合的资产评分方法及系统 | |
CN108200095B (zh) | 互联网边界安全策略脆弱性确定方法及装置 | |
CN110474878A (zh) | 基于动态阈值的DDoS攻击态势预警方法和服务器 | |
CN113992386A (zh) | 一种防御能力的评估方法、装置、存储介质及电子设备 | |
CN114143064A (zh) | 一种多源网络安全告警事件溯源与自动处置方法及装置 | |
CN111885011B (zh) | 一种业务数据网络安全分析挖掘的方法及系统 | |
CN113381980A (zh) | 信息安全防御方法及系统、电子设备、存储介质 | |
CN104580087A (zh) | 一种免疫网络系统 | |
CN106453235A (zh) | 网络安全方法 | |
CN116094817A (zh) | 一种网络安全检测系统和方法 | |
CN107623677B (zh) | 数据安全性的确定方法和装置 | |
CN115694965A (zh) | 一种电力行业网络安全密网系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20200313 Address after: 100089 Beijing city Haidian District Road No. 4 North wa Yitai three storey building Co-patentee after: NSFOCUS TECHNOLOGIES Inc. Patentee after: NSFOCUS INFORMATION TECHNOLOGY Co.,Ltd. Co-patentee after: Shenzhou Lvmeng Chengdu Technology Co.,Ltd. Address before: 100089 Beijing city Haidian District Road No. 4 North wa Yitai three storey building Co-patentee before: NSFOCUS TECHNOLOGIES Inc. Patentee before: NSFOCUS INFORMATION TECHNOLOGY Co.,Ltd. |
|
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: 100089 Beijing city Haidian District Road No. 4 North wa Yitai three storey building Co-patentee after: NSFOCUS TECHNOLOGIES Inc. Patentee after: NSFOCUS Technologies Group Co.,Ltd. Co-patentee after: Shenzhou Lvmeng Chengdu Technology Co.,Ltd. Address before: 100089 Beijing city Haidian District Road No. 4 North wa Yitai three storey building Co-patentee before: NSFOCUS TECHNOLOGIES Inc. Patentee before: NSFOCUS INFORMATION TECHNOLOGY Co.,Ltd. Co-patentee before: Shenzhou Lvmeng Chengdu Technology Co.,Ltd. |