Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for disposing inbreak detection system

An intrusion detection system and intrusion detection technology, applied in transmission systems, digital transmission systems, electrical components, etc., can solve the problems of high false alarm rate and false alarm rate, increased cost, and increased security risks, so as to improve the accuracy rate and Efficiency, load reduction, and flexible deployment effects

Inactive Publication Date: 2009-06-24
BEIHANG UNIV
View PDF0 Cites 60 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] (3) IDS is deployed inside and outside the firewall: it can detect all attacks from inside and outside, but it will significantly increase the cost
In a shared network, although IDS can directly monitor all network traffic, this sharing method also increases security risks, because computers connected to this network can detect network reports from other computers as long as they set their network cards to promiscuous mode. It can also intercept the IDS alarm information; in the switched network, there are problems such as the need for additional hardware support, performance degradation, and topology changes.
[0015] Thirdly, with the continuous growth of Internet business and the continuous expansion of the network scale of various companies and enterprises, a single deployment method such as inside and outside the firewall and border protection can no longer meet the needs of intrusion detection, while multi-location and all-round deployment will undoubtedly bring high costs. cost of
Due to the large network size, IDS often faces huge network traffic. On the one hand, it greatly increases the workload of IDS. On the other hand, it makes it difficult for IDS to distinguish between normal traffic and malicious attacks.
[0016] Finally, once the IDS is deployed, the location is fixed, it is difficult to dynamically adjust the scope of monitoring, and it is impossible to detect suspicious network traffic and intrusion behaviors in a targeted manner, resulting in a high rate of false alarms and false negatives. Reduce the correctness and efficiency of the intrusion detection system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for disposing inbreak detection system
  • Method for disposing inbreak detection system
  • Method for disposing inbreak detection system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] The deployment method of the intrusion detection system of the present invention is realized based on virtual machine technology, and can be realized by installing virtual machine software, such as "vmware", "xen" and so on, in the computer to be deployed IDS. Virtual machine technology can simulate a computer system with complete hardware system functions through software. Among them, the software specifically refers to the virtual machine monitor (Virtual Machine Monitor; hereinafter referred to as: VMM) software, which can encapsulate, isolate, monitor and manage multiple virtual machine instances, so that the same physical computer can be independently and without conflict. Run many types of operating systems. In addition, virtual machine technology provides a new way for software distribution and deployment. The software is encapsulated in the virtual machine image, and the deployment and migration of the virtual machine are used to flexibly realize the distributi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an intrusion detection system deployment method, including that: an abnormity monitoring module monitors and identifies an abnormal virtual machine; when abnormity is identified, a deployment actuator is indicated to locally start up and operate an intrusion detection virtual machine; the deployment actuator acquires an abnormal virtual machine mark from the abnormity monitoring module and sets up the connection between a virtual switcher and an intrusion detection virtual machine according to the abnormal virtual machine mark; and the virtual switcher sends the message sending to or coming from the abnormal virtual machine to the intrusion detection virtual machine through a special detection virtual network card so as to carry out intrusion detection analysis. The intrusion detection system deployment method, based on virtual machine technology, realizes the flexible deployment of the intrusion detection system and identifies the abnormal virtual machine by monitoring the abnormity values of the virtual machines so as to pertinently start up the intrusion detection virtual machine to conduct intrusion detection to the massage transmitted by the intrusion detection virtual machine. The intrusion detection system can be deployed more flexibly in a network system, thus reducing the intrusion detection load and improves intrusion detection accuracy and efficiency.

Description

technical field [0001] The invention relates to a virtual machine-based intrusion detection system deployment technology, in particular to an intrusion detection system deployment method. Background technique [0002] Intrusion Detection Systems (hereinafter referred to as: IDS), as an important part of network security, has been successfully applied in the network environment of governments, enterprises and major companies, and plays an extremely important role. IDS mainly includes functional modules such as sensors, intrusion analysis modules, intrusion response modules, and management consoles. When it works, it uses sensors to intercept the original data packets containing messages in the network, and transmits them to the intrusion analysis module to find intrusion traces and other sensitive information. , and provide it to the intrusion response module and the management console to complete the response to the intrusion. At present, how to deploy IDS to accurately and...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/26H04L12/56H04L29/06
Inventor 李建欣怀进鹏李博李沁陈阳胡春明
Owner BEIHANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com