Research On Intelligent Analysis Technology Of Abnormal Behavior Based On Operation And Maintenance Log

Nowadays,with the rapid development of information technology,the operation and maintenance security audit system has begun to play a crucial role in the security of information system,which has a significant effect on the prevention of security incidents.However,at this stage,the use of operation and maintenance records is limited to accident accountability,and the operation and maintenance records are not fully used for deep mining to support management,improve the management level and implementation efficiency of operation and maintenance work.The operation and maintenance audit log is the process record generated in the operation and maintenance of information system.It reproduces the operation and maintenance scene in text,video and other ways,and is an important basis for the operation and maintenance audit.The operation and maintenance audit log has the characteristics of fast production,large amount of data and low information density.It has the following shortcomings simply relying on manual visual inspection:low efficiency,poor review effect;easy to miss and violate the operation;not conducive to correct the operation and maintenance personnel's irregular operation habits,and not able to find the security risks in time.In order to make full use of operation and maintenance operation records,play the role of data assets,and ensure the safe and stable operation of operation and maintenance,it is necessary to conduct in-depth analysis of these data.Through in-depth mining of operation and maintenance data,we can extract and establish a model that can be generalized for use,and then use this model as a standard to judge whether the operation and maintenance personnel are in line with historical habits,whether the operation and maintenance equipment is deliberately damaged,and whether the operation and maintenance work in a specific period of time is in line with the regulations.This paper studies artificial intelligence technology,analyzes and preprocessesoperation and maintenance log files,and completes log file formatting.It constructs user behavior expression models from three dimensions:instructions,instruction sets,and instruction flows.Based on abstracted instructions,instruction sets,Instruction stream characteristics,build data-driven models,and complete analysis of abnormal behaviors of users;arrange data sets and build models for log analysis experiments,compare detection results,and propose a data-driven abnormal behavior intelligent analysis method based on bidirectional LSTM networks,which has 86%detection accuracy;based on a bidirectional LSTM network design and implementation of an abnormal behavior analysis system for operation and maintenance users,effectively reducing the difficulty of manual inspection and management,improving auditing efficiency,and significantly improving the level of information operation and maintenance work.