Virus detection and invasion detection combined method and system

A virus detection and intrusion detection technology, which is applied in transmission systems, digital transmission systems, electrical components, etc., can solve the hidden dangers of the protected network security, difficulty in meeting security requirements, lack of application protocol data channel virus detection capabilities, etc., to improve The effect of virus detection ability

Inactive Publication Date: 2009-01-07
BEIJING VENUS INFORMATION TECH +1
View PDF2 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, a large part of aggressive viruses (such as bots) are transmitted through application protocol data channels; obviously, ignoring virus detection on such application protocol data channels will bring security risks to the protected network
Moreover, with the increasing number of aggressive virus programs, the problem that traditional NIDS lacks virus detection capabilities for application protocol data channels will become increasingly prominent, and it will become increasingly difficult to meet security requirements

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Virus detection and invasion detection combined method and system
  • Virus detection and invasion detection combined method and system
  • Virus detection and invasion detection combined method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The specific implementation steps of the intrusion detection and virus detection method involved in the present invention are further described below in conjunction with the accompanying drawings:

[0027] like figure 1 Shown, the VIDS system that the present invention relates to comprises following module and realizes;

[0028] 1. The real-time packet capture module of the original message supports two ways of packet capture, raw-sock and network card driver;

[0029] 2. MAC layer, IP layer protocol analysis and fragment reassembly module of the original message;

[0030] 3. Transport layer protocol analysis and flow reassembly module, that is, based on (source IP, destination IP, source port, destination port, transport layer protocol) five-tuple to perform flow reassembly on the original message;

[0031] 4. Application protocol analysis module, that is, to analyze the application protocol of typical network protocols (FTP, HTTP, SMTP, POP3, IMAP, etc.), and separa...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for combining virus check and network invade check, and a relative system, wherein said method leads in virus check function in the network invade check system, to check and alarm the network impact and invade, and check the virus on the data stream carried by FTP, HTTP, SMTP, POP3, and IMAP protocols, via IDS data stream rearrangement and application protocol analysis. The invention can improve the virus check ability of NIDS system; and the system comprises five working modules and system modules: 1, stream rearranging and application protocol analyzing unit; 2, traditional IDS application protocol checking unit; 3, network virus checking unit; 4, alarm display unit, 5, system manage unit.

Description

technical field [0001] The invention relates to the field of computer network security, and relates to a method and system combining virus detection and intrusion monitoring. The method of the invention realizes the organic combination of the IDS attack detection technology and the network virus detection technology, and greatly improves the virus detection ability of the IDS system without significantly affecting the performance of the IDS detection engine. Background technique [0002] Network-based Intrusion Detection System (NIDS for short) is an important part of the network security defense system. Its basic function is to access the detection network in a bypass mode to capture data packets in the network. Through feature matching or anomaly analysis, it is possible to detect whether there are behaviors that violate security policies or attacks in the network. Since feature matching has the characteristics of high accuracy, it is currently the most practical detectio...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L9/00H04L29/06
Inventor 骆拥政肖小剑王洋
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap