Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Detecting probe interlock based network security event tracking system and method

A network security and probe technology, applied in the field of network information security, can solve the problems of inability to achieve real-time traceability, inability to obtain, affecting the success rate and efficiency of accurate traceability

Inactive Publication Date: 2012-03-14
上海光华如新信息科技股份有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Moreover, some NATs are functions provided by network devices, and basically do not keep all address conversion logs
[0011] 2. Many proxy and springboard machines are overseas nodes and are not controlled. Even if there are log information on these machines, they cannot be obtained under normal circumstances
[0012] 3. On the springboard, basically all log information about the attacker’s activities will be deleted by the attacker
[0013] 4. Most of the analysis of various logs can only be done after the event, and real-time source tracing cannot be realized
[0014] Therefore, it is difficult to accurately trace the source of a large number of online attack events. In many cases, a large number of manual side investigations are required, which greatly affects the success rate and efficiency of accurate source tracing.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Detecting probe interlock based network security event tracking system and method
  • Detecting probe interlock based network security event tracking system and method
  • Detecting probe interlock based network security event tracking system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0075] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0076] figure 1 It shows the structure of the monitoring probe-based network security event tracing system of the present invention. See figure 1 , the system is made up of a traceability control center 11 and several monitoring probes 12, and the monitoring probes 12 are arranged on the main network channels, such as being arranged at network exits including enterprise networks, NAT back-end network channels, IDC (Internet Data Center, Internet Data Center) network egress, province / city network egress, and international egress, to monitor network data flow by way of bypass monitoring. When it is necessary to accurately locate a certain network security event, the traceability control center 11 formulates corresponding traceability rules based on the relevant information of the network security event and publishes them to the relevant monitoring probe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a tracking system for network security event based on monitoring probe linkage and a method thereof, which can track the network security event precisely. According to the technical proposal, the method comprises the following steps: a. according to relevant information of the network security event to be traced, suitable monitoring probes are chosen and applicable tracking rules are determined; b. the tracking rules are released to the monitoring probes; the monitoring probes are collected; according to the monitoring data collected by the tracking rules, information including IP address of the initiating source of the network security event is extracted from the monitoring data; c. if the track completing condition is satisfied, transferring to a step d; otherwise, after the information of the network security event is updated, transferring to the step a; d. the current initiating source is submitted as the final initiating source of the network security event; the flow is finished. The invention is used in a the field of network security.

Description

technical field [0001] The invention relates to the field of network information security, in particular to a network security monitoring system and method. Background technique [0002] The rapid development of information technology has greatly promoted social production, causing great changes in people's work and lifestyle, but at the same time it has also brought certain negative impacts on society. Crimes targeting networks and information systems have increased significantly, and incidents such as network intrusions, online attacks, and information theft have occurred from time to time. Events such as the intrusion of information systems, malicious damage by insiders, and unauthorized operations have always interfered with the normal operation of enterprises and institutions. Contacting, planning and implementing criminal activities through the network has become one of the characteristics of criminal behavior in the new situation. Moreover, new computer network meth...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/24
Inventor 吴承荣张世永奚文吴杰
Owner 上海光华如新信息科技股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com