In-event real-time alarm method and system based on association detection

In-event real-time alarm method and system based on association detection

The invention provides an in-event real-time alarm method and system based on association detection, and the method comprises the steps: selecting a sample from an alarm information base according to a predefined rule, and the selected sample is a set of all alarm information data items of a same at...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: LU TINGHUI, WU YILIANG, LYU QIYOU, LIANG ZHIHUA, LING ZIWEN, WANG KUNMING, LUO XULIANG, LIN HAI, LIU CUIMEI, XU HAI, SONG HUIYU, CHEN ZEHONG, GUO FENGCHAN
Format: Patent
Sprache:chi ; eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention provides an in-event real-time alarm method and system based on association detection, and the method comprises the steps: selecting a sample from an alarm information base according to a predefined rule, and the selected sample is a set of all alarm information data items of a same attack source for a same attack target in a one-wave attack; mining and screening association rules of the samples, and obtaining a plurality of types of alarm information sets with specific relationships in combination with the occurrence time of the alarm information; and for each type of alarm information set with a specific relationship, scene reconstruction is carried out by taking improvement of the alarm efficiency as a target, and alarm is carried out based on the alarm information set after scene reconstruction, so that the alarm efficiency is improved. According to the method, the alarm information sets with different relations are obtained through association rule mining, scene reconstruction is further ca