Bayesian statistical model based network anomaly detection method

A network anomaly and detection method technology, applied in the field of network anomaly detection, can solve the problems of high false alarm rate, difficulty in determining the reference range of parameters, lack of flexibility, etc.

Inactive Publication Date: 2007-10-24
西安交大捷普网络科技有限公司
View PDF0 Cites 60 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The main purpose of the present invention is to provide a method for network anomaly detection based on Bayesian statistical model, to overcome the problems of difficult determination of parameter reference range, lack of flexibility and high false alarm rate existing in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Bayesian statistical model based network anomaly detection method
  • Bayesian statistical model based network anomaly detection method
  • Bayesian statistical model based network anomaly detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] Bayesian statistical analysis combines prior information with sample information for statistical inference. The prior information is integrated with the sample information using Bayesian formula to obtain the posterior information. The obtained posterior information can be used as a priori for a new round of calculations, and can be integrated with further obtained sample information to obtain the next posterior information. As this process continues, the posterior information is indeed getting closer and closer to the true value. In other words, the learning mechanism of the Bayesian method does exist and is effective. This learning process is actually an iterative process.

[0042] The steps of the present invention are:

[0043] (1) Capture data packets on the network in bypass listening mode:

[0044] (2) Decomposing the data packets in a fixed format,

[0045] The attribute decomposition of the data packet refers to decomposing and classifying the captured net...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The related network abnormal detection method based Bayes statistical model comprises: 1. grasping TCP/IP flow data package by bypass interception way; 2. decomposing attributes to form a data matrix; 3. mining data to build normal training matrix, known-abnormal training matrix, and unknown-abnormal training matrix; 4. continual grasping the TCP/IP package to detect them with Bayes evaluator; and 5. alarming the abnormal condition and filling into the known-abnormal training matrix by self-learning way; or else, back to step 4. This invention overcomes defects in prior art.

Description

Technical field: [0001] The invention relates to the technical field of network abnormal flow detection and intrusion detection, in particular to a method for detecting network abnormalities based on a Bayesian statistical model. Background technique: [0002] Along with the normal application traffic on the network, various abnormal traffic on the network also follows, affecting the normal operation of the network and threatening the security and use of user hosts. Network abnormalities are often caused by network attacks, worms, and network abuse. For example, various network scans, DDoS attacks, network worms, malicious downloads, and improper use of network resources will cause network performance to decline. Affect normal network use, cause network congestion, and even cause network interruption and network equipment failure. Therefore, real-time monitoring and management of network traffic and discovery of known and unknown network anomalies in the network have become...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L12/56H04L12/24H04L29/06
Inventor 刘涛白亮张永彬赵卫栋靳卫衡
Owner 西安交大捷普网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap