CN107786492A - Network security situation evaluating method based on integrated classifier - Google Patents
Network security situation evaluating method based on integrated classifier Download PDFInfo
- Publication number
- CN107786492A CN107786492A CN201610719966.XA CN201610719966A CN107786492A CN 107786492 A CN107786492 A CN 107786492A CN 201610719966 A CN201610719966 A CN 201610719966A CN 107786492 A CN107786492 A CN 107786492A
- Authority
- CN
- China
- Prior art keywords
- data
- network
- security situation
- assessment
- method based
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
- G06F18/241—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
- G06F18/2415—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches based on parametric or probabilistic models, e.g. based on likelihood ratio or false acceptance rate versus a false rejection rate
- G06F18/24155—Bayesian classification
Abstract
The invention discloses a kind of network security situation evaluating method based on integrated classifier, wherein, including:Gather networks security situation assessment data;Carry out data prediction and dimension is chosen;Data after data prediction and dimension are chosen carry out assessment classification according to ID3 graders;ID3 graders carry out assessing sorted result carries out assessment classification according to Naive Bayes Classifier;Weighted calculation networks security situation assessment fraction, the assessment classification to three channels of each network sample is weighted, to obtain the last security evaluation fraction of each network sample.Network security situation evaluating method of the invention based on integrated classifier, the effective safe early warning for improving network are horizontal.
Description
Technical field
The invention belongs to technical field of network security, more particularly to a kind of network safety situation based on integrated classifier is commented
Estimate method.
Background technology
With the fast development of Internet technology, various information security issues also occur in succession, and network security problem is increasingly
Seriously.Networks security situation assessment technology can reflect security status on the whole, and the development trend of security situation is entered
Row prediction and early warning, are Strengthens network security providing method, are the key links in network security system.In recent years, network is pacified
Full Situation Assessment technology has turned into the study hotspot of domestic and international network safety filed, to improve the safe early warning of network level.
The content of the invention
It is an object of the invention to provide a kind of network security situation evaluating method based on integrated classifier, for solving
Above-mentioned problem of the prior art.
A kind of network security situation evaluating method based on integrated classifier of the present invention, wherein, including:Gather network peace
Full Situation Assessment data;Carry out data prediction and dimension is chosen;Data after data prediction and dimension are chosen are divided according to ID3
Class device carries out assessment classification;ID3 graders assess sorted result and according to Naive Bayes Classifier assess dividing
Class;Weighted calculation networks security situation assessment fraction, the assessment classification to three channels of each network sample are weighted, with
Obtain the last security evaluation fraction of each network sample.
According to the network security situation evaluating method based on integrated classifier an embodiment, wherein, dimension choose bag
Include:Selected training set is designated as A, and data volume is n in A, chooses m component and carries out security evaluation, assessment number of dimensions is s=s1+s2+
s3, wherein S1For the number of dimensions of configuration data, S2For the number of dimensions of service data, S3To invade the number of dimensions of data;By network sample
This collection A is divided into A1、A2、A3, wherein A1Configuration data collection is represented, there is s1Individual dimension, A2Service data collection is represented, there is s2Individual dimension
Degree, A3Intrusion detection data are represented, there is s3Individual dimension, 3 channels are divided to carry out assessment classification safely component and network sample.
According to the network security situation evaluating method based on integrated classifier an embodiment, wherein, collection network peace
Full Situation Assessment data by professional detecting system by being obtained.
According to the network security situation evaluating method based on integrated classifier an embodiment, wherein, carry out data it is pre-
Processing includes:Outlier processing, Data Discretization and standardization, missing values processing and correlation processing.
According to the network security situation evaluating method based on integrated classifier an embodiment, wherein, carry out exceptional value
Processing, including:By the descending arrangement of data, its upper quartile Q3 is calculated, median, lower quartile Q1, is further counted
Calculate exceptional value boundary up and down:Q3+3IQR (interquartile-range IQR), A1-3IQR, the value beyond boundary are defined as extreme exceptional value;It is right
In the exceptional value detected, handled using two methods of value revision and deletion data.
According to the network security situation evaluating method based on integrated classifier an embodiment, wherein, carry out data from
Dispersion and standardization include:The first step:By the nonumeric type data of networks security situation assessment data by setting rule, turn
It is changed to numerical value 1-10;Second step:Using attribute construction method, make all the dimension numerical value and network of networks security situation assessment data
Security is proportionate, and is converted into numerical value 1-10.
According to the network security situation evaluating method based on integrated classifier an embodiment, wherein, carry out missing values
Processing step includes:For the missing data of networks security situation assessment data, using data interpolation and two kinds of hands of data are deleted
Section, processing method is selected according to the practical significance of missing values.
According to the network security situation evaluating method based on integrated classifier an embodiment, wherein, carry out correlation
Processing is to carry out correlation processing by SPSS or Python.
According to the network security situation evaluating method based on integrated classifier an embodiment, wherein, data prediction
Data after being chosen with dimension carry out assessment classification according to ID3 graders to be included:By network sample set A1、A2、A3Enter one by component
Step division, obtains Ai,j, i=1,2,3;J=1,2 ..., m;Classification collection:B={ 1,2,3,4,5 }, practical significance corresponding to 1-5
For:Security is low, in it is low, in, it is middle high, high.
According to the network security situation evaluating method based on integrated classifier an embodiment, wherein, ID3 graders enter
The sorted result of row assessment carries out assessment classification according to Naive Bayes Classifier to be included:The first step:Determine network sample set C
={ C1,C2,...,Cm, comprising m conditional attribute, i.e. m component, each element is designated as c, c=(c1,c2,...,cm);Second
Step:Category set H={ 1,2,3,4,5 }, each element are designated as hk(1≤k≤5);3rd step:And if only if P (hk|c)>P(hj|
C), 1≤k, j≤m, j ≠ k, by given network sample c=(c1,c2,...,cm) it is assigned to class hk, P is probable value;According to shellfish
This theorem of leaf, hasBecause P (c) is constant for all classifications, therefore it need to only maximize P
(hk)P(c|hk), have againWherein,nkIt is class hkIn training sample
The instance number of concentration, n are training sample sums;P(ci|hk)=nki/nk, nkiIt is attribute ciOn be categorized as hkNetwork sample number
Amount.
To sum up, a kind of network security situation evaluating method based on integrated classifier of the invention, with reference to ID3 decision trees point
Class device and Naive Bayes Classifier establish model, carry out double classification to the network sample hardware data collected, finally lead to
Cross weighted calculation and obtain safety situation evaluation value, the effective safe early warning for improving network is horizontal.
Brief description of the drawings
Fig. 1 show 3 kinds of channel various dimensions networks security situation assessment data structure diagrams of a component;
Fig. 2 a- Fig. 2 c show grader f process charts;
Fig. 3 a- Fig. 3 c show grader g process chart.
Embodiment
To make the purpose of the present invention, content and advantage clearer, with reference to the accompanying drawings and examples, to the present invention's
Embodiment is described in further detail.
A kind of network security situation evaluating method based on integrated classifier of the present invention, with reference to ID3 decision tree classifiers
Model is established with Naive Bayes Classifier, double classification is carried out to the network sample hardware data that collects, finally by adding
Safety situation evaluation value is calculated in power.
A kind of network security situation evaluating method based on integrated classifier of the present invention includes:Gather network safety situation
Assessment packet includes:Fig. 1 show 3 kinds of channel various dimensions networks security situation assessment data structure diagrams of a component, such as Fig. 1 institutes
Show the various nets such as substantial amounts of main frame, server, router, fire wall and intruding detection system in computer network architecture be present
Network hardware, referred to as component.Networks security situation assessment data are mainly derived from 3 kinds of channels:Configuration information, operation information, invasion
Information.Networks security situation assessment data are obtained by the inspection software on each networking component, wherein, invade information
It can be obtained by Snort intruding detection systems, 360 safety detecting systems etc..
Carry out data prediction and dimension is chosen:
Basic data:Training network sample set A0, A0Include multiple samples (i.e. multiple networks), network sample set A0In it is every
Data includes m0Individual module information, each module information include 3 kinds of common s of channel again0Individual dimension data.
Data prediction:Different dimensions data sense is different;Naive Bayes Classifier is insensitive to missing values, and requires
Between dimension independently of each other;Exceptional value in initial data be present.Therefore, it is necessary to be pre-processed to initial data, i.e., data are clear
Wash.
(1) outlier processing is carried out, including:
All dimension numerical value of networks security situation assessment data, factor data collection are in not necessarily normal distribution, and we use
Simple and effective box traction substation method verifies exceptional value.Box traction substation principle:By the descending arrangement of data, its upper quartile is calculated
Q3, median, lower quartile Q1, further calculate exceptional value boundary up and down:Q3+3IQR (interquartile-range IQR), A1-3IQR,
Value beyond boundary is defined as extreme exceptional value.
For the exceptional value detected, according to the practical significance of exceptional value, using value revision and delete at two kinds of data
Reason method.Value revision method is similar with following data interpolatings.
(2) Data Discretization and standardization are carried out:
The discrete normalized target to be reached is:It is 1-10 by the processing of all data normalizations, wherein, the bigger table of numerical value
Show that the dimension security of the component is higher.
Discrete normalized step includes:
The first step:By the nonumeric type data of networks security situation assessment data by setting rule, numerical value 1-10 is converted to.
Second step:Using attribute construction method, make all dimension numerical value and network security of networks security situation assessment data
Property is proportionate, and is converted into numerical value 1-10.
(3) missing values processing step includes:
For the missing data of networks security situation assessment data, mainly (inserted using data interpolation according to certain rule
Enter numerical value 1-10) and two kinds of means of data are deleted, processing method is selected according to the practical significance of missing values.Interpolation method can be used and drawn
Ge Lang interpolation methods etc..
(4) correlation processing includes:
It is the set of the homogeneous data of multiple network samples in one dimension, when two dimensions for having correlation are classified
It is also easy to produce redundancy.The coefficient correlation of any two dimension is calculated, for two stronger dimensions of correlation, an influence can be rejected
Little dimension.Correlation calculations can utilize coefficient correlation calculation formula, can also use SPSS, Python etc. directly to calculate.
Carry out data prediction and dimension is chosen, finally selected training set is designated as A, and data volume is n in A, chooses m component
Security evaluation is carried out, assessment number of dimensions is s=s1+s2+s3, wherein s1、s2、s3The respectively number of dimensions of configuration data, operation number
According to number of dimensions, invade data number of dimensions.
Network sample set A is divided into A1、A2、A3, wherein A1Configuration data collection is represented, there is s1Individual dimension, A2Represent operation
Data set, there is s2Individual dimension, A3Intrusion detection data are represented, there is s3Individual dimension.Divide 3 channels safely to component and network sample
Assessment classification is carried out, in order to finally weight to obtain final networks security situation assessment fraction to three parts assessment result.With A1
Exemplified by, data mode is as follows:
A1=(a1,a2,...,an), aiIt is m × s1Matrix;
Represent the numerical value of each dimension of a component of some network sample
Set, includes s1Individual dimensional information, by taking the firewall configuration information of some network sample as an example,
Fig. 2 a- Fig. 2 c show grader f process charts, as shown in Fig. 2 a- Fig. 2 c, including:
Grader f, the pretreated data of the first step are subjected to assessment classification according to ID3 graders;To obtain each group
The assessment classification of 3 channels of part;
Target:Safety evaluation is carried out to each component of each network sample.
Component sample set:By network sample set A1、A2、A3Further divided by component, obtain Ai,j, i=1,2,3;J=1,
2,…,m.
Classification collection:B={ 1,2,3,4,5 }, practical significance corresponding to 1-5 are:Security is low, in it is low, in, it is middle high, high.
The collection of classification collection obtains its recommendation typically by specific software such as 360 protection capacity of safety protection software etc. in training set,
Numerical value 1-5 is converted into by discrete normalized method above again.
Fig. 3 a- Fig. 3 c show grader g process chart, as shown in Fig. 3 a- Fig. 3 c, the first step is pretreated
Data carry out assessment classification according to grader g;To obtain the assessment of three channels of each network sample classification;
Network sample set:The classification results of first grader are regarded as to the network sample set of this grader:In order to make it easy to understand, under
State it is bright in, we are unified to be designated as C={ C by three network sample sets1,C2,...,Cm}。
Naive Bayes Classifier flow is:
The first step:Determine network sample set C={ C1,C2,...,Cm, comprising m conditional attribute, i.e. m component, each
Element is designated as c, c=(c1,c2,...,cm)。
Second step:Category set H={ 1,2,3,4,5 }, each element are designated as hk(1≤k≤5)。
3rd step:And if only if P (hk|c)>P(hj| c), 1≤k, j≤m, j ≠ k, by given network sample c=(c1,
c2,...,cm) it is assigned to class hk, P is probable value.
According to Bayes' theorem, haveBecause P (c) is constant for all classifications,
Therefore it need to only maximize P (hk)P(c|hk), have again
Wherein
nkIt is class hkIn the instance number that training sample is concentrated, n is training sample sum.
P(ci|hk)=nki/nk, nkiIt is attribute ciOn be categorized as hkNetwork sample size.
Training network sample data can be obtained by 360 protection capacity of safety protection software and grader f classification results.
Assessment classification is carried out to component and network 3 channels of sample point:The present invention builds together vertical two graders, wherein, f is
Decision tree ID3 graders, assessment classification is carried out to each component safety of each network sample;G is Naive Bayes Classifier, net
Network sample set is the classification collection of f graders, and assessment classification is carried out safely to the overall network of each network sample.
(3) weighted calculation networks security situation assessment fraction, the assessment to three channels of each network sample classify into
Row weighting, to obtain the last security evaluation fraction of each network sample.
By double classification above, each network sample ai3 assessed values are obtained, are designated asNow by three dimensions
Degree is weighted, and generates final valuation functions e, network sample aiNetworks security situation assessment fraction be designated as Si(0≤Si≤
100):
Empirically determined weight parameter, it is 0.4 temporarily to take service data weights, and configuration and invasion data weights are 0.3, i.e.,
Finally valuation functions are:
A kind of network security situation evaluating method based on integrated classifier of the present invention.With reference to ID3 decision tree classifiers
Model is established with Naive Bayes Classifier, double classification is carried out to the network sample hardware data that collects, finally by adding
Safety situation evaluation value is calculated in power.The effective safe early warning for improving network is horizontal.
Described above is only the preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art
For member, without departing from the technical principles of the invention, some improvement and deformation can also be made, these are improved and deformation
Also it should be regarded as protection scope of the present invention.
Claims (10)
- A kind of 1. network security situation evaluating method based on integrated classifier, it is characterised in that including:Gather networks security situation assessment data;Carry out data prediction and dimension is chosen;Data after data prediction and dimension are chosen carry out assessment classification according to ID3 graders;ID3 graders carry out assessing sorted result carries out assessment classification according to Naive Bayes Classifier;Weighted calculation networks security situation assessment fraction, the assessment classification to three channels of each network sample are weighted, To obtain the last security evaluation fraction of each network sample.
- 2. the network security situation evaluating method based on integrated classifier as claimed in claim 1, it is characterised in that dimension is selected Take including:Selected training set is designated as A, and data volume is n in A, chooses m component and carries out security evaluation, assessment number of dimensions is s=s1+s2+ s3, wherein S1For the number of dimensions of configuration data, S2For the number of dimensions of service data, S3To invade the number of dimensions of data;Network sample set A is divided into A1、A2、A3, wherein A1Configuration data collection is represented, there is s1Individual dimension, A2Represent service data Collection, there is s2Individual dimension, A3Intrusion detection data are represented, there is s3Individual dimension, to component and point 3 channels progress safely of network sample Assess classification.
- 3. the network security situation evaluating method based on integrated classifier as claimed in claim 1, it is characterised in that collection net Network safety situation evaluation data by professional detecting system by being obtained.
- 4. the network security situation evaluating method based on integrated classifier as claimed in claim 1, it is characterised in that enter line number Data preprocess includes:Outlier processing, Data Discretization and standardization, missing values processing and correlation processing.
- 5. the network security situation evaluating method based on integrated classifier as claimed in claim 4, it is characterised in that carry out different Constant value processing, including:By the descending arrangement of data, its upper quartile Q3 is calculated, median, lower quartile Q1, is further calculated abnormal Boundary above and below value:Q3+3IQR (interquartile-range IQR), A1-3IQR, the value beyond boundary are defined as extreme exceptional value;For the exceptional value detected, handled using two methods of value revision and deletion data.
- 6. the network security situation evaluating method based on integrated classifier as claimed in claim 4, it is characterised in that enter line number Include according to discretization and standardization:The first step:By the nonumeric type data of networks security situation assessment data by setting rule, numerical value 1-10 is converted to;Second step:Using attribute construction method, all dimension numerical value for making networks security situation assessment data are in internet security Positive correlation, it is converted into numerical value 1-10.
- 7. the network security situation evaluating method based on integrated classifier as claimed in claim 4, it is characterised in that lacked Mistake value processing step includes:For the missing data of networks security situation assessment data, using data interpolation and two kinds of means of data are deleted, according to scarce The practical significance selection processing method of mistake value.
- 8. the network security situation evaluating method based on integrated classifier as claimed in claim 4, it is characterised in that carry out phase The processing of closing property is to carry out correlation processing by SPSS or Python.
- 9. the network security situation evaluating method based on integrated classifier as claimed in claim 1, it is characterised in that data are pre- Data after processing and dimension selection carry out assessment classification according to ID3 graders to be included:By network sample set A1、A2、A3By component Further division, obtains Ai,j, i=1,2,3;J=1,2 ..., m;Classification collection:B={ 1,2,3,4,5 }, practical significance corresponding to 1-5 are:Security is low, in it is low, in, it is middle high, high.
- 10. the network security situation evaluating method based on integrated classifier as claimed in claim 1, it is characterised in that ID3 points Class device, which assess sorted result and carries out assessing classification according to Naive Bayes Classifier, to be included:The first step:Determine network sample set C={ C1,C2,...,Cm, include m conditional attribute, i.e. m component, each element It is designated as c, c=(c1,c2,...,cm);Second step:Category set H={ 1,2,3,4,5 }, each element are designated as hk(1≤k≤5);3rd step:And if only if P (hk| c) > P (hj| c), 1≤k, j≤m, j ≠ k, by given network sample c=(c1, c2,...,cm) it is assigned to class hk, P is probable value;According to Bayes' theorem, haveBecause P (c) is constant for all classifications, therefore only P (h need to be maximizedk)P(c|hk), have againWherein,nkIt is class hkIn the instance number that training sample is concentrated, n is training sample sum;P(ci|hk)=nki/nk, nkiIt is attribute ciOn be categorized as hkNetwork sample size.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610719966.XA CN107786492A (en) | 2016-08-24 | 2016-08-24 | Network security situation evaluating method based on integrated classifier |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610719966.XA CN107786492A (en) | 2016-08-24 | 2016-08-24 | Network security situation evaluating method based on integrated classifier |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107786492A true CN107786492A (en) | 2018-03-09 |
Family
ID=61388541
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610719966.XA Pending CN107786492A (en) | 2016-08-24 | 2016-08-24 | Network security situation evaluating method based on integrated classifier |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107786492A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108632081A (en) * | 2018-03-26 | 2018-10-09 | 中国科学院计算机网络信息中心 | Network Situation appraisal procedure, device and storage medium |
CN109005173A (en) * | 2018-08-02 | 2018-12-14 | 北京航空航天大学 | A kind of car networking abnormal intrusion detection method based on traffic flow density variation |
CN111968268A (en) * | 2020-06-29 | 2020-11-20 | 南斗六星系统集成有限公司 | New energy vehicle health condition remote evaluation method and system |
CN114598486A (en) * | 2020-12-03 | 2022-06-07 | 华中科技大学 | Service flow-oriented threat level classification method and system in SDN (software defined network) |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2015091225A1 (en) * | 2013-12-16 | 2015-06-25 | Philip Morris Products S.A. | Systems and methods for predicting a smoking status of an individual |
EP3002686A1 (en) * | 2014-09-30 | 2016-04-06 | Accenture Global Services Limited | Language identification |
-
2016
- 2016-08-24 CN CN201610719966.XA patent/CN107786492A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2015091225A1 (en) * | 2013-12-16 | 2015-06-25 | Philip Morris Products S.A. | Systems and methods for predicting a smoking status of an individual |
EP3002686A1 (en) * | 2014-09-30 | 2016-04-06 | Accenture Global Services Limited | Language identification |
Non-Patent Citations (2)
Title |
---|
姚沛津: ""基于朴素贝叶斯的集成算法研究"", 《中国优秀硕士学位论文全文数据库》 * |
文志诚等: ""基于朴素贝叶斯分类器的网络安全态势评估方法"", 《计算机应用》 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108632081A (en) * | 2018-03-26 | 2018-10-09 | 中国科学院计算机网络信息中心 | Network Situation appraisal procedure, device and storage medium |
CN108632081B (en) * | 2018-03-26 | 2021-10-08 | 中国科学院计算机网络信息中心 | Network situation evaluation method, device and storage medium |
CN109005173A (en) * | 2018-08-02 | 2018-12-14 | 北京航空航天大学 | A kind of car networking abnormal intrusion detection method based on traffic flow density variation |
CN109005173B (en) * | 2018-08-02 | 2020-08-07 | 北京航空航天大学 | Vehicle networking abnormal intrusion detection method based on traffic flow density difference |
CN111968268A (en) * | 2020-06-29 | 2020-11-20 | 南斗六星系统集成有限公司 | New energy vehicle health condition remote evaluation method and system |
CN114598486A (en) * | 2020-12-03 | 2022-06-07 | 华中科技大学 | Service flow-oriented threat level classification method and system in SDN (software defined network) |
CN114598486B (en) * | 2020-12-03 | 2023-04-07 | 华中科技大学 | Service flow-oriented threat level classification method and system in SDN (software defined network) |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106570144B (en) | The method and apparatus of recommendation information | |
CN108566364B (en) | Intrusion detection method based on neural network | |
Kanimozhi et al. | UNSW-NB15 dataset feature selection and network intrusion detection using deep learning | |
CN107786492A (en) | Network security situation evaluating method based on integrated classifier | |
CN103593609B (en) | Trustworthy behavior recognition method and device | |
TW200849917A (en) | Detecting method of network invasion | |
CN108833139B (en) | OSSEC alarm data aggregation method based on category attribute division | |
CN102420723A (en) | Anomaly detection method for various kinds of intrusion | |
CN103095728A (en) | Network security marking system based on behavioral data fusion and method | |
CN103929330A (en) | Domain name service quality evaluation method and system | |
KR20200057903A (en) | Artificial intelligence model platform and operation method thereof | |
CN107590196A (en) | Earthquake emergency information screening and evaluating system and system in a kind of social networks | |
CN106803039B (en) | A kind of homologous determination method and device of malicious file | |
CN112488716B (en) | Abnormal event detection system | |
CN112511351B (en) | Security situation prediction method and system based on MES identification data intercommunication system | |
US20220277174A1 (en) | Evaluation method, non-transitory computer-readable storage medium, and information processing device | |
CN109889436A (en) | A kind of discovery method of spammer in social networks | |
CN107273752A (en) | Leak automatic classification method based on word frequency statisticses and naive Bayesian Fusion Model | |
CN109766441A (en) | File classification method, apparatus and system | |
CN106096413A (en) | A kind of malicious code detecting method based on multi-feature fusion and system | |
Hamid et al. | Profiling phishing email based on clustering approach | |
CN108809989A (en) | A kind of detection method and device of Botnet | |
CN110580570B (en) | Law enforcement analysis method, device and medium | |
Kaiser et al. | Attack hypotheses generation based on threat intelligence knowledge graph | |
Silva et al. | Attackers are not stealthy: Statistical analysis of the well-known and infamous KDD network security dataset |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180309 |
|
RJ01 | Rejection of invention patent application after publication |