Method for detecting outlier behavior of operating personnel of application system

The invention discloses a method for detecting an outlier behavior of an application system operator, and the method comprises a detection system which comprises a data processing module, a group behavior description module, a personal behavior description module, an outlier behavior analysis module...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: WANG JUXIN, HUANG LE
Format: Patent
Sprache:chi ; eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention discloses a method for detecting an outlier behavior of an application system operator, and the method comprises a detection system which comprises a data processing module, a group behavior description module, a personal behavior description module, an outlier behavior analysis module, and an alarm module. The data processing input end receives operation data of operators in a long time period or operation data of operators in a short time period, the output end of the data processing module is connected with an outlier behavior analysis module through a group behavior description module and an individual behavior description module, and the outlier behavior analysis module is connected with an alarm module. The method solves the problem that if a security system is broken through, an attacker can try to carry out a large number of legal behaviors to detect the system and then carry out malicious operation. According to the method, the individual behavior is compared with the group behavior, so