Abstract: A network traffic anomaly detection method and apparatus, and an electronic apparatus and a storage medium are provided. The network traffic anomaly detection method includes: acquiring multiple segments of traffic data in different monitoring states; acquiring an anomaly feature vector from the multiple segments of traffic data; training an initial classification model according to the anomaly feature vector and on the basis of a KNN algorithm, so as to obtain multiple initial classifiers; training an initial Adaboost classification model according to the anomaly feature vector and the multiple initial classifiers and on the basis of an Adaboost algorithm, so as to obtain an Adaboost classifier; and classifying collected traffic data via the Adaboost classifier.

Abstract: The present disclosure discloses a method and apparatus for detecting security event, and a non-transitory computer-readable storage medium, and relates to the field of big data. The method includes: acquiring a time window, and acquiring log data, wherein the time window is a rolling window in a preset period; matching the log data with a security event model in each time window, so as to generate a matching result set in each time window, wherein the security event model is a model comprising a plurality of rule models for identifying whether the log data has an attack behavior; and generating security event data according to the matching result set, so as to restore an attack process according to the security event data.

Abstract: A weak password detection method and device based on deep learning, an electronic device, and a storage medium are provided. The method includes: acquiring a password character string to be detected; processing, by applying a fully trained weak password detection model, the password character string to be detected to obtain a strong/weak password classification label of the password character string to be detected, the fully trained weak password detection model being obtained by training a deep learning model with a password character string as an input and a strong/weak password classification label corresponding to the password character string as a supervision; and marking the password character string to be detected as a weak password under the condition that the strong/weak password classification label is a weak password label.

Abstract: Disclosed are a method and apparatus for detecting a logic vulnerability allowing arbitrary password reset for an account, and a computer readable storage medium. The method includes: invoking a preset identification program to determine whether a request for a verification code is initiated in a to-be-detected webpage; obtaining, from a front-end page, a response packet sent in response to the request for a verification code, and determining whether there is a short message service (SMS) verification code in the response packet, on determining that a request for a verification code is initiated in the to-be-detected webpage; and; and determining that the logic vulnerability allowing arbitrary password reset for an account exists in the to-be-detected webpage, on determining that there is an SMS verification code in the response packet.

Abstract: An asset scoring method and apparatus, a computer device, and a storage medium are provided. The method includes: obtaining multi-dimensional threat information data of assets to be assessed; obtaining sub-scores of dimensions according to the multi-dimensional threat information data and a preset security scoring model; according to the sub-scores of the dimensions, determining a security scoring result of the corresponding assets to be assessed; and according to the security scoring result and a preset level division rule, determining security levels of the corresponding assets to be assessed.

Abstract: A TEE-based method to establish trusted and secure channel between the user and public cloud environment, an apparatus, a computer device, and a computer-readable storage medium are provided. After a TEE is started, a trusted measurement mechanism of the TEE is called to perform security measurement on an operation environment and an operation content of a computing node operated in the TEE, and a measurement result is sent to a trusted verification module. Relevant verification information is acquired from a remote verification server of the TEE, and the trusted verification module is controlled to verify the measurement result according to the relevant verification information. When it is confirmed that the operation environment of the computing node is credible and the operation content of the computing node is secure, a communication channel is established between the user and the computing node.

Abstract: Provided are a method and apparatus for identifying a malicious mining behavior, an electronic device, and a storage medium. The method includes: obtaining operation data corresponding to a target operation, on capturing of the target operation; extracting a wallet address from the operation data to obtain a wallet address set obtaining data of a network outgoing connection for external access, and determining whether the data of the network outgoing connection comprises a wallet address belonging to the wallet address set and determining that the data of the network outgoing connection corresponds to the malicious mining behavior, on determining that the data of the network outgoing connection comprises a wallet address belonging to the wallet address set.

Abstract: Provided are a method and apparatus for identifying a malicious mining behavior, an electronic device, and a storage medium. The method includes: obtaining operation data corresponding to a target operation, on capturing of the target operation; extracting a wallet address from the operation data to obtain a wallet address set obtaining data of a network outgoing connection for external access, and determining whether the data of the network outgoing connection comprises a wallet address belonging to the wallet address set and determining that the data of the network outgoing connection corresponds to the malicious mining behavior, on determining that the data of the network outgoing connection comprises a wallet address belonging to the wallet address set.

Abstract: A test method and device for simulating a customer series deployment environment, an electronic device, and a storage medium are provided. The test method for simulating a customer series deployment environment includes: obtaining traffic data of an on-site protected host; obtaining session data between the on-site protected host and a server on the basis of the traffic data, and extracting application layer data from the session data; and transmitting and receiving the application layer data in a local test environment to carry out simulation test.

Abstract: Disclosed are a method and apparatus for detecting a logic vulnerability allowing arbitrary password reset for an account, and a computer readable storage medium. The method includes: invoking a preset identification program to determine whether a request for a verification code is initiated in a to-be-detected webpage; obtaining, from a front-end page, a response packet sent in response to the request for a verification code, and determining whether there is a short message service (SMS) verification code in the response packet, on determining that a request for a verification code is initiated in the to-be-detected webpage; and; and determining that the logic vulnerability allowing arbitrary password reset for an account exists in the to-be-detected webpage, on determining that there is an SMS verification code in the response packet.