Method for detecting outlier behavior of operating personnel of application system
The invention discloses a method for detecting an outlier behavior of an application system operator, and the method comprises a detection system which comprises a data processing module, a group behavior description module, a personal behavior description module, an outlier behavior analysis module...
Gespeichert in:
Hauptverfasser: | , |
---|---|
Format: | Patent |
Sprache: | chi ; eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | The invention discloses a method for detecting an outlier behavior of an application system operator, and the method comprises a detection system which comprises a data processing module, a group behavior description module, a personal behavior description module, an outlier behavior analysis module, and an alarm module. The data processing input end receives operation data of operators in a long time period or operation data of operators in a short time period, the output end of the data processing module is connected with an outlier behavior analysis module through a group behavior description module and an individual behavior description module, and the outlier behavior analysis module is connected with an alarm module. The method solves the problem that if a security system is broken through, an attacker can try to carry out a large number of legal behaviors to detect the system and then carry out malicious operation. According to the method, the individual behavior is compared with the group behavior, so |
---|