Safety detection system and method based on log analysis

A security detection and log technology, applied in the field of information security, can solve the problems of poor timeliness, lack of timeliness, and inability to meet the real-time detection and analysis of website threats, so as to improve the protection ability.

Active Publication Date: 2020-07-10
上海豌豆信息技术有限公司
View PDF4 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, neither the pre-event detection nor the post-event detection can meet the real-time detection and analysis of website threats, and there are defects of low processing efficiency and lack of timeliness; Continuously increasing, there is still the defect that the timeliness is getting worse

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Safety detection system and method based on log analysis
  • Safety detection system and method based on log analysis
  • Safety detection system and method based on log analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] In order to make the technical problems, technical solutions and advantages to be solved by the present invention clearer, the following will be described in detail in conjunction with the accompanying drawings and specific embodiments. The following embodiments are used to illustrate the present invention, but not to limit the scope of the present invention.

[0039] refer to figure 1 , figure 2 As shown, the embodiment of the present invention provides a security detection system based on log analysis, the system includes:

[0040] The log collection module is used to collect log data of the web server.

[0041] Specifically, in this embodiment, the filebeat plug-in is used to collect log data, and when a change in the log file is detected, the changed data is incrementally collected. Among them, the change of the file refers to the change of the content of the log file. During collection, multiple log data can be collected in parallel from multiple websites at the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a security detection system and method based on log analysis, and the system comprises a log collection module which is used for collecting log data of a network server; a logsending module which is used for carrying out real-time distribution and distributed offline storage and distribution on the log data; a real-time calculation module which is used for analyzing and calculating the log data distributed in real time according to a preset threat rule and storing a calculation result into a relational database; a threat rule base which is used for storing and managingthreat rules; an offline calculation module which is used for performing calculation processing on the distributed offline storage and distribution log data by utilizing machine learning to obtain anew threat rule, and updating the new threat rule into a threat rule base; and a result display module which is used for reading the calculation result from the relational database and displaying thecalculation result. The system and method have the advantages that the website threats are processed in time, the newly obtained threat rules are updated into the threat rule base, and the protectioncapacity for the network intrusion behaviors is further improved.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a security detection system and method based on log analysis. Background technique [0002] At present, with the rapid development of the Internet, the complexity and importance of network security have become increasingly prominent. With the continuous occurrence of network attacks, the issue of network security has attracted more and more attention. [0003] In order to ensure the security of a network server, etc., it is generally necessary to perform network attack detection. For example, network attack detection for web servers can be mainly divided into pre-detection and post-event detection. Pre-detection is to identify network access behaviors with malicious behavior characteristics through preset security policies, so as to realize early warning of network intrusion behaviors. and blocking. Pre-testing mainly includes software testing and hardware testing...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06F16/23G06F16/28G06N20/00
CPCH04L63/1425H04L63/1408H04L63/1416G06F16/23G06F16/284G06N20/00
Inventor 宋国徽杨磊
Owner 上海豌豆信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap