Network behavior anomaly detection method and device

Network behavior anomaly detection method and device

The embodiment of the invention provides a network behavior anomaly detection method and device. The method comprises the following steps: collecting log data to generate a user behavior information table; preprocessing the user behavior information table to generate a user behavior sub-sequence; an...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: KONG WEIYU, YUAN KAIGUO, SHI MINGLEI, FU HAITAO, SI DAPENG, LU YIYUAN, SUN YANJIE
Format: Patent
Sprache:chi ; eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The embodiment of the invention provides a network behavior anomaly detection method and device. The method comprises the following steps: collecting log data to generate a user behavior information table; preprocessing the user behavior information table to generate a user behavior sub-sequence; and generating a training set according to the user behavior subsequences, and training a preset model. In this way, network abnormal behaviors can be detected more accurately. 本公开的实施例提供了网络行为异常检测方法及装置。所述方法包括:采集日志数据生成用户行为信息表;对所述用户行为信息表进行预处理,生成用户行为子序列;根据所述用户行为子序列生成训练集,对预设模型进行训练。以此方式,可以更加准确的检测出网络异常行为。