Behavior gene identification method for network attack organization
The invention provides a behavior gene identification method for a network attack organization. The method comprises the following steps: collecting basic data including an attack organization behavior gene knowledge graph and system process data; extracting process behavior sequence data in the sys...
Gespeichert in:
| Hauptverfasser: | , , , , , , , , , , , , , , , , , |
|---|---|
| Format: | Patent |
| Sprache: | chi ; eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | The invention provides a behavior gene identification method for a network attack organization. The method comprises the following steps: collecting basic data including an attack organization behavior gene knowledge graph and system process data; extracting process behavior sequence data in the system process data to carry out behavior gene homologous reasoning so as to predict and obtain a target attack organization; retrieving and sorting advanced behavior gene information of a target attack organization, then converting the advanced behavior gene information into a behavior dependency mode set, analyzing a behavior log of a known attack event to obtain a corresponding behavior dependency instance, and carrying out alignment matching on the behavior dependency instance and the behavior dependency mode set so as to identify a target dependency mode; and according to the target dependency mode, constructing a threat search query cue word for interacting with the large language model to identify an attack beh |
|---|