Second dialing attack event identification method

The invention discloses a second dial attack event identification method. The method comprises the following steps: acquiring security alarm data about asset access conditions of network security equipment in real time; establishing a sliding time window; for each asset, counting the total number of...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	WEI JIAHUI, LIU AN, LIU JUNWEN, ZHANG ZHENYE, XIA ANG, WANG ZIMENG, LI CHENGWEI, CAO YAOFU, ZHAO JINGCHENG, LU TENG, PAN XIN, LIN BINGJIE, YAN JUNLU, LI HUIMIN, HU WEI, LI QINGBO, SHI JIN, LI XIAOMENG, CUI ZHAOWEI, ZHAI QU, ZHANG ZHENING, LIU MENGQI, DAI DAWEI, CHENG JIE
Format:	Patent
Sprache:	chi ; eng
Schlagworte:	ELECTRIC COMMUNICATION TECHNIQUE ELECTRICITY TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

Beschreibung
Zusammenfassung:	The invention discloses a second dial attack event identification method. The method comprises the following steps: acquiring security alarm data about asset access conditions of network security equipment in real time; establishing a sliding time window; for each asset, counting the total number of attack IP addresses of the asset in the current time window and the average number of attacks of each attack IP address; for each asset, judging whether the asset has a second dial attack event in the current time window; and analyzing second dial attack event conditions in a time period based on the sliding window to obtain second dial attack event durations, and distinguishing different second dial attack events. According to the method provided by the invention, the second dial attack event can be automatically identified from a plurality of time window segments, and the second dial attack event with unknown duration is divided and embodied in a plurality of time segments; according to the method, whether the e