Server intrusion early warning method and system

Server intrusion early warning method and system

The invention discloses a server intrusion early warning method. The method specifically comprises the following steps: step 1, capturing and storing all server intrusion and network attack data on the internet in real time; 2, the grabbed data are processed; step 3, training an LSTM-CNN real-time e...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: TAN TINGFANG, TANG HAO, GAO JINXIONG, YOU JIA, ZHANG YONGHUI
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention discloses a server intrusion early warning method. The method specifically comprises the following steps: step 1, capturing and storing all server intrusion and network attack data on the internet in real time; 2, the grabbed data are processed; step 3, training an LSTM-CNN real-time early warning model; step 4, acquiring request data of the server; step 5, inputting the acquired request data into the latest real-time early warning model for identification, performing mode, sequence and feature contour comparison with the decomposed data, when an intrusion request occurs, entering step 7, otherwise, entering step 6; 6, detecting that the server has user deletion operation, file deletion, user new file creation, continuous request frequency operation and diary deletion operation without the super administrator identifier; and step 7, sending alarm concurrent information to notify a server administrator. According to the method, the technical problem that the traditional IDS warning is inaccurate