Alibaba Group Holding Limited
Method, apparatus and system for quantifying defense result

Abstract:

A method including acquiring a suspect data traffic set, the suspect data traffic set including data traffic corresponding to each suspect IP address in a suspect IP address set included in original data traffic drawn by a defense terminal located in a cloud platform; acquiring normal data traffic, the normal data traffic being data traffic that remains after the defense terminal cleans the suspect data traffic set according to a preset defense strategy; acquiring host performance parameters, the host performance parameters being a set of parameters extracted from the target terminal after the defense terminal sends the normal data traffic to the target terminal; and quantifying a defense result based on a target parameter set, wherein the target parameter set at least includes: the suspect data traffic set, the normal data traffic and the host performance parameters. The defense result is accurate by comprehensively considering evaluation aspects and indexes.