Attack detection and tracing method and device, electronic equipment and storage medium

The invention discloses an attack detection and source tracing method and device, electronic equipment and a storage medium, and relates to the technical field of network security. The method comprises the following steps: acquiring entities in a target network environment and interaction event info...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	YUAN GUOQUAN, LI QIANMU, MENG SHUNMEI, MAO JIAMING, LI XIAOCHAO, ZHUANG LING, SHANG LINJIANG, MIAO WEIWEI, ZHAO XINJIAN, CHEN SHI, XU CHENWEI, ZHANG MINGMING, ZHANG SONG, GAO PENG, DING YIXIN
Format:	Patent
Sprache:	chi ; eng
Schlagworte:	ELECTRIC COMMUNICATION TECHNIQUE ELECTRICITY TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

Beschreibung
Zusammenfassung:	The invention discloses an attack detection and source tracing method and device, electronic equipment and a storage medium, and relates to the technical field of network security. The method comprises the following steps: acquiring entities in a target network environment and interaction event information between the entities, and constructing a network event graph by the entities and the interaction event information; based on a preset attack feature recognition model, determining a graph embedding vector of each piece of interaction event information in the network event graph as feature information, and determining an attack event in the network event graph according to the feature information; and determining the degree of dependence between the attack event and the residual interaction event information in the network event graph, and searching the corresponding interaction event information as the source tracing information of the attack event according to the degree of dependence. According to the emb