CN111538614A - 一种操作系统的时序异常操作行为检测方法 - Google Patents
一种操作系统的时序异常操作行为检测方法 Download PDFInfo
- Publication number
- CN111538614A CN111538614A CN202010353357.3A CN202010353357A CN111538614A CN 111538614 A CN111538614 A CN 111538614A CN 202010353357 A CN202010353357 A CN 202010353357A CN 111538614 A CN111538614 A CN 111538614A
- Authority
- CN
- China
- Prior art keywords
- data
- encoder
- behavior
- abnormal
- layer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000002159 abnormal effect Effects 0.000 title claims abstract description 32
- 238000000034 method Methods 0.000 title claims abstract description 22
- 230000006399 behavior Effects 0.000 claims abstract description 32
- 238000013528 artificial neural network Methods 0.000 claims abstract description 14
- 206010000117 Abnormal behaviour Diseases 0.000 claims abstract description 9
- 239000011159 matrix material Substances 0.000 claims description 22
- 238000001514 detection method Methods 0.000 claims description 5
- 238000010586 diagram Methods 0.000 claims description 5
- 238000012549 training Methods 0.000 claims description 5
- 230000006870 function Effects 0.000 claims description 4
- ORILYTVJVMAKLC-UHFFFAOYSA-N Adamantane Natural products C1C(C2)CC3CC1CC2C3 ORILYTVJVMAKLC-UHFFFAOYSA-N 0.000 claims description 3
- 235000004257 Cordia myxa Nutrition 0.000 claims description 3
- 244000157795 Cordia myxa Species 0.000 claims description 3
- 230000004913 activation Effects 0.000 claims description 3
- 230000007246 mechanism Effects 0.000 claims description 3
- 238000011176 pooling Methods 0.000 claims description 3
- 238000012545 processing Methods 0.000 claims description 3
- 238000005457 optimization Methods 0.000 claims 1
- 230000006835 compression Effects 0.000 abstract description 2
- 238000007906 compression Methods 0.000 abstract description 2
- 238000012423 maintenance Methods 0.000 abstract description 2
- 230000007547 defect Effects 0.000 description 2
- 238000000605 extraction Methods 0.000 description 2
- 238000013179 statistical model Methods 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000002372 labelling Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000002787 reinforcement Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0706—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0766—Error or fault reporting or storing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/045—Combinations of networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Biophysics (AREA)
- Data Mining & Analysis (AREA)
- Life Sciences & Earth Sciences (AREA)
- Artificial Intelligence (AREA)
- Biomedical Technology (AREA)
- Quality & Reliability (AREA)
- Computational Linguistics (AREA)
- Health & Medical Sciences (AREA)
- Evolutionary Computation (AREA)
- General Health & Medical Sciences (AREA)
- Molecular Biology (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Software Systems (AREA)
- Error Detection And Correction (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010353357.3A CN111538614B (zh) | 2020-04-29 | 2020-04-29 | 一种操作系统的时序异常操作行为检测方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010353357.3A CN111538614B (zh) | 2020-04-29 | 2020-04-29 | 一种操作系统的时序异常操作行为检测方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111538614A true CN111538614A (zh) | 2020-08-14 |
CN111538614B CN111538614B (zh) | 2024-04-05 |
Family
ID=71978934
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010353357.3A Active CN111538614B (zh) | 2020-04-29 | 2020-04-29 | 一种操作系统的时序异常操作行为检测方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111538614B (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112445957A (zh) * | 2020-11-05 | 2021-03-05 | 西安电子科技大学 | 社交网络异常用户检测方法、系统、介质、设备、终端 |
CN113934616A (zh) * | 2021-12-16 | 2022-01-14 | 深圳市活力天汇科技股份有限公司 | 一种基于用户操作时序判断异常用户的方法 |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109188502A (zh) * | 2018-07-05 | 2019-01-11 | 中国科学技术大学 | 一种基于自编码器的束流位置监测器异常检测方法及装置 |
CN109241946A (zh) * | 2018-10-11 | 2019-01-18 | 平安科技(深圳)有限公司 | 异常行为监控方法、装置、计算机设备及存储介质 |
CN109492767A (zh) * | 2018-11-09 | 2019-03-19 | 济南浪潮高新科技投资发展有限公司 | 一种应用于无监督领域基于自编码器的异常检测方法 |
CN110177108A (zh) * | 2019-06-02 | 2019-08-27 | 四川虹微技术有限公司 | 一种异常行为检测方法、装置及验证系统 |
CN110263807A (zh) * | 2019-05-13 | 2019-09-20 | 杭州安恒信息技术股份有限公司 | 基于auto-encoder的异常行为检测方法 |
CN110502895A (zh) * | 2019-08-27 | 2019-11-26 | 中国工商银行股份有限公司 | 接口异常调用确定方法及装置 |
CN110533752A (zh) * | 2019-07-23 | 2019-12-03 | 深圳大学 | 一种人体动作编辑模型的生成方法、存储介质及电子设备 |
US20190391574A1 (en) * | 2018-06-25 | 2019-12-26 | Nec Laboratories America, Inc. | Early anomaly prediction on multi-variate time series data |
CN111050170A (zh) * | 2019-12-06 | 2020-04-21 | 山东浪潮人工智能研究院有限公司 | 基于gan的图片压缩系统构建方法、压缩系统及方法 |
-
2020
- 2020-04-29 CN CN202010353357.3A patent/CN111538614B/zh active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190391574A1 (en) * | 2018-06-25 | 2019-12-26 | Nec Laboratories America, Inc. | Early anomaly prediction on multi-variate time series data |
CN109188502A (zh) * | 2018-07-05 | 2019-01-11 | 中国科学技术大学 | 一种基于自编码器的束流位置监测器异常检测方法及装置 |
CN109241946A (zh) * | 2018-10-11 | 2019-01-18 | 平安科技(深圳)有限公司 | 异常行为监控方法、装置、计算机设备及存储介质 |
CN109492767A (zh) * | 2018-11-09 | 2019-03-19 | 济南浪潮高新科技投资发展有限公司 | 一种应用于无监督领域基于自编码器的异常检测方法 |
CN110263807A (zh) * | 2019-05-13 | 2019-09-20 | 杭州安恒信息技术股份有限公司 | 基于auto-encoder的异常行为检测方法 |
CN110177108A (zh) * | 2019-06-02 | 2019-08-27 | 四川虹微技术有限公司 | 一种异常行为检测方法、装置及验证系统 |
CN110533752A (zh) * | 2019-07-23 | 2019-12-03 | 深圳大学 | 一种人体动作编辑模型的生成方法、存储介质及电子设备 |
CN110502895A (zh) * | 2019-08-27 | 2019-11-26 | 中国工商银行股份有限公司 | 接口异常调用确定方法及装置 |
CN111050170A (zh) * | 2019-12-06 | 2020-04-21 | 山东浪潮人工智能研究院有限公司 | 基于gan的图片压缩系统构建方法、压缩系统及方法 |
Non-Patent Citations (2)
Title |
---|
ZHANZHONG PANG ETL AL.: "prediction based deep autoencoding model for anomaly detection", 《ASION CONFERENCE ON COMPUTER VISION ACCV 2018》, pages 1 - 10 * |
柳青秀;马红占;褚学宁;马斌彬;王峥;: "基于长短时记忆―自编码神经网络的风电机组性能评估及异常检测", 计算机集成制造系统, no. 12, pages 233 - 243 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112445957A (zh) * | 2020-11-05 | 2021-03-05 | 西安电子科技大学 | 社交网络异常用户检测方法、系统、介质、设备、终端 |
CN113934616A (zh) * | 2021-12-16 | 2022-01-14 | 深圳市活力天汇科技股份有限公司 | 一种基于用户操作时序判断异常用户的方法 |
CN113934616B (zh) * | 2021-12-16 | 2022-03-18 | 深圳市活力天汇科技股份有限公司 | 一种基于用户操作时序判断异常用户的方法 |
Also Published As
Publication number | Publication date |
---|---|
CN111538614B (zh) | 2024-04-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Chang et al. | Anomaly detection for industrial control systems using k-means and convolutional autoencoder | |
CN113094707B (zh) | 一种基于异质图网络的横向移动攻击检测方法及系统 | |
CN113961922A (zh) | 一种基于深度学习的恶意软件行为检测与分类系统 | |
US10785243B1 (en) | Identifying evidence of attacks by analyzing log text | |
Gao | Network intrusion detection method combining CNN and BiLSTM in cloud computing environment | |
CN111600919A (zh) | 基于人工智能的web检测方法和装置 | |
CN111538614B (zh) | 一种操作系统的时序异常操作行为检测方法 | |
Ali et al. | RX_myKarve carving framework for reassembling complex fragmentations of JPEG images | |
CN112052451A (zh) | 一种webshell检测方法和装置 | |
CN112738014A (zh) | 一种基于卷积时序网络的工控流量异常检测方法及系统 | |
CN115905959A (zh) | 基于缺陷因子的电力断路器关联性故障分析方法及装置 | |
CN113095433B (zh) | 入侵检测网络结构模型的训练方法 | |
CN116647391A (zh) | 基于并行自编码器与权重丢弃的网络入侵检测方法及系统 | |
KR102307632B1 (ko) | 적대적 재귀 오토인코더 기반 기업정보시스템 사용자 이상행위 탐지 시스템 및 방법 | |
CN115344563A (zh) | 数据去重方法及装置、存储介质、电子设备 | |
Ganesh et al. | Autoencoder Based Network Anomaly Detection | |
CN111797732B (zh) | 一种对采样不敏感的视频动作识别对抗攻击方法 | |
CN113536299A (zh) | 一种基于贝叶斯神经网络的入侵检测系统的设计方法 | |
Wang et al. | Purchase Pattern Based Anti-Fraud Framework in Online E-Commerce Platform Using Graph Neural Network | |
CN114662143B (zh) | 一种基于图嵌入的敏感链接隐私保护方法 | |
Bu et al. | Unusual Human Behavior Detection System in Real-Time Video Systems | |
Wu et al. | Tree-based model with advanced data preprocessing for large scale hard disk failure prediction | |
CN116738272A (zh) | 一种移动广告点击流量中异常数据检测方法及系统 | |
Li | Hard Disk Drive Failure Detection with Recurrence Quantification Analysis | |
CN116881904A (zh) | 程序安全性检测方法、装置、计算机设备和存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20240306 Address after: 250100 building S02, No. 1036, Langchao Road, high tech Zone, Jinan City, Shandong Province Applicant after: Shandong Inspur Scientific Research Institute Co.,Ltd. Country or region after: Zhong Guo Address before: 250100 First Floor of R&D Building 2877 Kehang Road, Sun Village Town, Jinan High-tech Zone, Shandong Province Applicant before: JINAN INSPUR HIGH-TECH TECHNOLOGY DEVELOPMENT Co.,Ltd. Country or region before: Zhong Guo |
|
GR01 | Patent grant | ||
GR01 | Patent grant |