Detecting probe interlock based network security event tracking system and method

A network security and probe technology, applied in the field of network information security, can solve problems such as unobtainable, affecting the success rate and efficiency of accurate traceability, and uncontrollable

Inactive Publication Date: 2008-07-02
上海光华如新信息科技股份有限公司
View PDF0 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Moreover, some NATs are functions provided by network devices, and basically do not keep all address conversion logs
[0011] 2. Many proxy and springboard machines are overseas nodes and are not controlled. Even if there are log information on these machines, they cannot be obtained under normal circumstances
[0012] 3. On the springboard, basically all log information about the attacker’s activities will be del

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Detecting probe interlock based network security event tracking system and method
  • Detecting probe interlock based network security event tracking system and method
  • Detecting probe interlock based network security event tracking system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0075] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0076] FIG. 1 shows the structure of the monitoring probe-based network security event tracing system of the present invention. Referring to Fig. 1, the system is made up of a traceability control center 11 and several monitoring probes 12, and the monitoring probes 12 are arranged on main network passages, such as being arranged at network exits including enterprise networks, NAT backend network passages, IDC ( Internet Data Center (Internet Data Center) network egress, provincial / city network egress and international egress, to monitor network data flow by way of bypass monitoring. When it is necessary to accurately locate a certain network security event, the traceability control center 11 formulates corresponding traceability rules based on the relevant information of the network security event and publishes them to the relevant monitoring probes 12...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a tracking system for network security event based on monitoring probe linkage and a method thereof, which can track the network security event precisely. According to the technical proposal, the method comprises the following steps: a. according to relevant information of the network security event to be traced, suitable monitoring probes are chosen and applicable tracking rules are determined; b. the tracking rules are released to the monitoring probes; the monitoring probes are collected; according to the monitoring data collected by the tracking rules, information including IP address of the initiating source of the network security event is extracted from the monitoring data; c. if the track completing condition is satisfied, transferring to a step d; otherwise, after the information of the network security event is updated, transferring to the step a; d. the current initiating source is submitted as the final initiating source of the network security event; the flow is finished. The invention is used in a the field of network security.

Description

technical field [0001] The invention relates to the field of network information security, in particular to a network security monitoring system and method. Background technique [0002] The rapid development of information technology has greatly promoted social production, causing great changes in people's work and lifestyle, but at the same time it has also brought certain negative impacts on society. Crimes targeting networks and information systems have increased significantly, and incidents such as network intrusions, online attacks, and information theft have occurred from time to time. Events such as the intrusion of information systems, malicious damage by insiders, and unauthorized operations have always interfered with the normal operation of enterprises and institutions. Contacting, planning and implementing criminal activities through the network has become one of the characteristics of criminal behavior in the new situation. Moreover, new computer network meth...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/24
Inventor 吴承荣张世永奚文吴杰
Owner 上海光华如新信息科技股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap