首页>
外国专利>
ATTACK PATH DETECTION METHOD, ATTACK PATH DETECTION SYSTEM AND NON-TRANSITORY COMPUTER-READABLE MEDIUM
ATTACK PATH DETECTION METHOD, ATTACK PATH DETECTION SYSTEM AND NON-TRANSITORY COMPUTER-READABLE MEDIUM
展开▼
机译:攻击路径检测方法,攻击路径检测系统和非暂时性计算机可读介质
展开▼
页面导航
摘要
著录项
相似文献
摘要
An attack path detection method, attack path detection system and non-transitory computer-readable medium are provided in this disclosure. The attack path detection method includes the following operations: establishing a connecting relationship among a plurality of hosts according to a host log set to generate a host association graph; labeling at least one host with an abnormal condition on the host association graph; calculating a risk value corresponding to each of the plurality of hosts; in a host without the abnormal condition, determining whether the risk value corresponding to the host without the abnormal condition is greater than a first threshold, and utilizing a host with the risk value greater than the first threshold as a high-risk host; and searching at least one host attach path from the high-risk host and the at least one host with the abnormal condition according to the connecting relationship of the host association graph.
展开▼