MULTI-NETWORK PORT PROTECTION METHOD AND APPARATUS, ELECTRONIC DEVICE, AND STORAGE MEDIUM

The present disclosure provides a multi-network port protection method and apparatus, an electronic device, and a storage medium. The multi-network port protection method includes: obtaining a normal range by a data mining technology based on historical network port monitoring data, obtaining monitoring data of a current network port, and if the monitoring data exceeds the normal range, determining the monitoring data as an abnormal pattern, and obtaining an abnormal feature of the abnormal pattern; sharing the abnormal feature, obtaining a threat rating for the abnormal feature by a decision tree model, and classifying a network port with the abnormal feature; and generating a defense strategy through distributed decision-making based on a local security strategy, a network port category, and the threat rating. The present disclosure shares threat information in real time, and obtains the threat rating by the decision tree model, thereby enabling a network security protection system to quickly cope with a high-threat attack and improving a coping capability of an overall network. A suitable defense strategy can be generated in a timely manner based on a current threat rating by equipping the local security strategy and a distributed decision-making mechanism.