Network attack gang fusion method based on core attack resources

Network attack gang fusion method based on core attack resources

The invention relates to a network attack gang fusion method based on core attack resources. According to the method, association is carried out based on the similarity degree of the core attack resources, association groups are defined based on security knowledge, and the similarity between gangs b...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: ZHANG ZHE, WU TIEJUN, ZHAO CHENFEI, YAO LI, ZHU TIAN, WEN SENHAO
Format: Patent
Sprache:chi ; eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention relates to a network attack gang fusion method based on core attack resources. According to the method, association is carried out based on the similarity degree of the core attack resources, association groups are defined based on security knowledge, and the similarity between gangs based on the association groups is calculated. For fusion of N types of gangs with different behaviors, a progressive fusion mode is adopted, two types of network attack gangs are fused firstly, after fusion work of the two types of network attack gangs is completed, a fusion result serves as a type of new gangs and continues to be fused with other types which are not fused yet, and therefore the fusion operation of the two types of network attack gangs is completed. And all types of gangs are fused. According to the method, the problem of incomplete gang discovery of a conventional data mining method is effectively solved, so that more attack resources and attack behaviors owned by the gang can be mined, and the in