Method for dynamically updating inbreak detection rule through network link data

An intrusion detection and link data technology, applied in digital transmission systems, security communication devices, electrical components, etc., can solve problems such as time-consuming and laborious, and achieve the effect of simplifying updates and reducing the probability of intrusion

Inactive Publication Date: 2009-07-01
INVENTEC CORP
View PDF0 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method of updating intrusion rules is more time-consuming and labor-intensive

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for dynamically updating inbreak detection rule through network link data
  • Method for dynamically updating inbreak detection rule through network link data
  • Method for dynamically updating inbreak detection rule through network link data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] The purpose of the present invention and the proposed method for updating intrusion detection rules through link data packets are described in detail in the following preferred embodiments. However, the concept of the invention can also be used in other areas. The following examples are only used to illustrate the purpose and implementation method of the present invention, and are not intended to limit the scope thereof.

[0035] figure 1 It is a flowchart of a method for updating intrusion detection rules through link data packets in the present invention. Please refer to figure 1 , the proposed method for updating intrusion detection rules is used to dynamically update the rule storage of at least one Snort system host in the local area network. In order to quickly write the intrusion detection rules to be updated into the rule storage corresponding to each Snort system host. The so-called link data packet is the link data of the original network packet, that is, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for updating an intrusion detection rule through a link data packet, which is used for dynamically updating a rule storage adopted by at least a Snort system host machine in a local area network. The method comprises the following steps: an updated initiating terminal transmits the link data packet containing at least one intrusion detection rule to the Snort system host machine; the Snort system host machine takes the intrusion detection rule out of the link data packet and resolves the operating class of the intrusion detection rule; the Snort system host machine validates the intrusion detection rule carried by the link data packet as a legal intrusion detection rule; and the rule storage is updated according to the class of the intrusion detection rule after being validated and a rule tree. The invention carries the intrusion detection rule required to be added newly into another packet through the link data packet, and synchronously transfers and updates the intrusion detection rule required to be updated to the Snort system host machine in the network.

Description

technical field [0001] The invention relates to a method for updating intrusion detection rules, in particular to a method for dynamically updating intrusion detection rules through network link data. Background technique [0002] Intrusion Detection System (IDS) is an important technology to protect computer systems from data theft or malicious damage to computers. Intrusion detection systems combined with firewalls can effectively prevent malicious intrusions from external or internal networks. Snort is a well-known open source (Open Source) software in the field of IDS technology. It is based on detection signature (SignatureBased) and detection communication protocol (Protocol), and uses built-in intrusion detection rules (Intrusion Detection Rules) to filter network intrusion. As the intrusion behavior changes continuously, the intrusion detection rule can also be changed and updated, or an appropriate intrusion detection rule can be designed according to the demand or...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L9/00
Inventor 孙萌陈玄同刘文涵
Owner INVENTEC CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap