Hidden high-risk behavior operation abnormity scoring method and system
The invention provides a hidden high-risk behavior operation abnormity scoring method and system, and belongs to the technical field of network security protection. Comprising the following steps: collecting alarm log data and formatting and unifying the alarm log data to obtain standard structured...
Gespeichert in:
| Hauptverfasser: | , , , , , , , , , , , , |
|---|---|
| Format: | Patent |
| Sprache: | chi ; eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | The invention provides a hidden high-risk behavior operation abnormity scoring method and system, and belongs to the technical field of network security protection. Comprising the following steps: collecting alarm log data and formatting and unifying the alarm log data to obtain standard structured attack data; performing association analysis on the standard structured attack data to connect discrete alarm information in series to generate an attack graph; based on the attack graph, vulnerability assessment is carried out by adopting a method combining a network analysis method and a convolutional neural network to obtain an assessment result of network vulnerabilities, and the network analysis method is used for scoring vulnerability threats obtained by single-step attacks; the convolutional neural network is used for scoring vulnerability threats obtained by multi-step attacks on the basis of a network analysis method. According to the method, multi-step attacks are analyzed from the vulnerabilities of the |
|---|