2022.11.18
Overview
An information security early warning device is provided, which includes a data capturing circuit, a memory and a processor. The processor is used for running a virtual user device, a virtual base station and a virtual core network, and performing the following operations: when the first data flow is detected as non-malicious and abnormal, simulating and transmitting the first data flow from the virtual base station to the virtual core network, and determining whether a connection can be established; when a connection can be established, updating the setting of the abnormal detection by using the first data flow; when the connection cannot be established, selecting an error log including a first malicious procedure code from multiple detection logs generated by the virtual core network; and updating the malicious feature database by using the first malicious procedure code and the first data flow.Category
發明
Applying
18/056,723
Filing Date
2022.11.18Notification
2023.04.27