Network asset defense method, device and system based on alarm keywords
The invention provides a network asset defense method, device and system based on alarm keywords, and relates to the technical field of network security. The processing method comprises the following steps: collecting alarm information; extracting alarm keywords from the alarm information, and arran...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Patent |
| Sprache: | chi ; eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | The invention provides a network asset defense method, device and system based on alarm keywords, and relates to the technical field of network security. The processing method comprises the following steps: collecting alarm information; extracting alarm keywords from the alarm information, and arranging the alarm keywords based on an alarm time sequence; defense keywords corresponding to the alarm keywords are obtained; judging whether the number of the alarm keywords is the same as the number of the defense keywords or not; if not, comparing the alarm keyword with the defense keyword so as to exclude the matched alarm keyword and defense keyword, and obtaining the remaining alarm keyword and defense keyword which cannot be matched; obtaining alarm information corresponding to the remaining alarm keywords and defense schemes corresponding to the remaining defense keywords; and analyzing the alarm information and the defense scheme to obtain a corresponding relationship between the alarm information and the de |
|---|