CN113612641A - Efficient log flow acquisition and intelligent analysis system based on energy network - Google Patents
Efficient log flow acquisition and intelligent analysis system based on energy network Download PDFInfo
- Publication number
- CN113612641A CN113612641A CN202110885211.8A CN202110885211A CN113612641A CN 113612641 A CN113612641 A CN 113612641A CN 202110885211 A CN202110885211 A CN 202110885211A CN 113612641 A CN113612641 A CN 113612641A
- Authority
- CN
- China
- Prior art keywords
- event
- merging
- module
- data
- time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004458 analytical method Methods 0.000 title claims abstract description 32
- 238000013500 data storage Methods 0.000 claims abstract description 30
- 238000012545 processing Methods 0.000 claims abstract description 21
- 238000000034 method Methods 0.000 claims description 18
- 230000008569 process Effects 0.000 claims description 6
- 230000009471 action Effects 0.000 claims description 3
- 238000007405 data analysis Methods 0.000 abstract description 5
- 238000012544 monitoring process Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 238000002955 isolation Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000005034 decoration Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013480 data collection Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012806 monitoring device Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/069—Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/22—Indexing; Data structures therefor; Storage structures
- G06F16/2228—Indexing structures
- G06F16/2255—Hash tables
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2458—Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
- G06F16/2462—Approximate or statistical queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/28—Databases characterised by their database models, e.g. relational or object models
- G06F16/284—Relational databases
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Mining & Analysis (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Probability & Statistics with Applications (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Computational Linguistics (AREA)
- Mathematical Physics (AREA)
- Fuzzy Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
FW | fire wall |
FID | Transverse positive isolating device |
BID | Transverse directionReverse isolation device |
SVR | Server |
SW | Switch |
VEAD | Longitudinal encryption device |
AV | Anti-virus system |
IDS | Intrusion detection system |
DB | Database with a plurality of databases |
DCD | Network safety monitoring device |
apparatus or systems | Event type | Sub-event type | Event library form |
FW | A | B | FW A B |
FID | A | B | FID A B |
SVR | A | B | SVR A B |
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110885211.8A CN113612641A (en) | 2021-08-03 | 2021-08-03 | Efficient log flow acquisition and intelligent analysis system based on energy network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110885211.8A CN113612641A (en) | 2021-08-03 | 2021-08-03 | Efficient log flow acquisition and intelligent analysis system based on energy network |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113612641A true CN113612641A (en) | 2021-11-05 |
Family
ID=78306591
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110885211.8A Pending CN113612641A (en) | 2021-08-03 | 2021-08-03 | Efficient log flow acquisition and intelligent analysis system based on energy network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113612641A (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104954222A (en) * | 2015-05-22 | 2015-09-30 | 东南大学 | Tunnel-mode ESP (electronic stability program) hardware encapsulating device on basis of IPSEC (internet protocol security) protocols |
CN109033431A (en) * | 2018-08-13 | 2018-12-18 | 北京天地和兴科技有限公司 | A kind of efficient electric power networks data acquisition and intelligent analysis system and processing method |
CN110929896A (en) * | 2019-12-04 | 2020-03-27 | 全球能源互联网研究院有限公司 | Security analysis method and device for system equipment |
CN111092865A (en) * | 2019-12-04 | 2020-05-01 | 全球能源互联网研究院有限公司 | Security event analysis method and system |
CN112351004A (en) * | 2020-10-23 | 2021-02-09 | 烟台南山学院 | Computer network based information security event processing system and method |
-
2021
- 2021-08-03 CN CN202110885211.8A patent/CN113612641A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104954222A (en) * | 2015-05-22 | 2015-09-30 | 东南大学 | Tunnel-mode ESP (electronic stability program) hardware encapsulating device on basis of IPSEC (internet protocol security) protocols |
CN109033431A (en) * | 2018-08-13 | 2018-12-18 | 北京天地和兴科技有限公司 | A kind of efficient electric power networks data acquisition and intelligent analysis system and processing method |
CN110929896A (en) * | 2019-12-04 | 2020-03-27 | 全球能源互联网研究院有限公司 | Security analysis method and device for system equipment |
CN111092865A (en) * | 2019-12-04 | 2020-05-01 | 全球能源互联网研究院有限公司 | Security event analysis method and system |
CN112351004A (en) * | 2020-10-23 | 2021-02-09 | 烟台南山学院 | Computer network based information security event processing system and method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102918534B (en) | Inquiry pipeline | |
CN111885012B (en) | Network situation perception method and system based on information acquisition of various network devices | |
US10148540B2 (en) | System and method for anomaly detection in information technology operations | |
CN110650038B (en) | Security event log collecting and processing method and system for multiple classes of supervision objects | |
KR101007899B1 (en) | Pattern discovery in a network security system | |
US20160359886A1 (en) | Method and apparatus for grouping features into bins with selected bin boundaries for use in anomaly detection | |
CN109150869B (en) | Switch information acquisition and analysis system and method | |
WO2017218636A1 (en) | System and method for automated network monitoring and detection of network anomalies | |
CN109361573B (en) | Flow log analysis method, system and computer readable storage medium | |
CN113612763B (en) | Network attack detection device and method based on network security malicious behavior knowledge base | |
CN111581397A (en) | Network attack tracing method, device and equipment based on knowledge graph | |
CN112688822B (en) | Edge computing fault or security threat monitoring system and method based on multi-point cooperation | |
CN111740868B (en) | Alarm data processing method and device and storage medium | |
CN112804348B (en) | Method for judging repeatability of reported data of edge computing node by cloud monitoring center | |
US20210152454A1 (en) | Network Flow Measurement Method, Network Measurement Device, and Control Plane Device | |
CN111782620A (en) | Credit link automatic tracking platform and method thereof | |
CN112671767B (en) | Security event early warning method and device based on alarm data analysis | |
CN113271303A (en) | Botnet detection method and system based on behavior similarity analysis | |
US10873467B2 (en) | Method and system for compression and optimization of in-line and in-transit information security data | |
CN111274218A (en) | Multi-source log data processing method for power information system | |
CN116257021A (en) | Intelligent network security situation monitoring and early warning platform for industrial control system | |
CN109033431A (en) | A kind of efficient electric power networks data acquisition and intelligent analysis system and processing method | |
CN113259367B (en) | Industrial control network flow multistage anomaly detection method and device | |
CN117395076A (en) | Network perception abnormality detection system and method based on big data | |
CN115776449B (en) | Train Ethernet communication state monitoring method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB03 | Change of inventor or designer information | ||
CB03 | Change of inventor or designer information |
Inventor after: Cao Yang Inventor after: Gao kuanying Inventor after: Yuan Ye Inventor after: Sha Xuesong Inventor after: Zhang Jinshan Inventor after: Liu Changchuan Inventor after: Li Zhigang Inventor after: Zhang Haogong Inventor after: Xu Haoran Inventor before: Zou Conglin Inventor before: Gao kuanying Inventor before: Yuan Ye Inventor before: Zhang Haibo Inventor before: Liao Wenhui Inventor before: Zhang Xian Inventor before: Liu Bochao Inventor before: Bai Xue |
|
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20211105 |