Unknown attack tracing method based on distributed knowledge graph, main node and sub-nodes

Unknown attack tracing method based on distributed knowledge graph, main node and sub-nodes

The invention discloses an unknown attack tracing method based on a distributed knowledge graph, a main node and a child node. The method comprises the steps that the child node obtains related data of network access; the child node judges the network access behavior by using a pre-acquired normal a...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: ZHANG DAOJUAN, ZHANG YINGJIE, WANG TAO, WU HONGBIN
Format: Patent
Sprache:chi ; eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention discloses an unknown attack tracing method based on a distributed knowledge graph, a main node and a child node. The method comprises the steps that the child node obtains related data of network access; the child node judges the network access behavior by using a pre-acquired normal access operation behavior model and a network security countermeasure model based on the related data, and determines whether the network access behavior is an unknown attack behavior; when the network access behavior is an unknown attack behavior, determining alarm information, and performing tracing by using a pre-acquired distributed knowledge graph to obtain tracing information; the alarm information and the traceability information are synchronized to other child nodes and the main node; according to the method, attack behavior detection is carried out based on the knowledge graph, potential unknown attacks can be effectively predicted, and the accuracy and efficiency of attack discovery are improved; according