Method, system and device for intrusion detection

An intrusion detection and subsystem technology, applied in the field of computer networks, can solve the problems of low intrusion detection rate, long detection response time, undetectable intrusion behavior, etc., to enhance adaptability, shorten detection response time, and improve intrusion detection rate. Effect

Inactive Publication Date: 2009-11-04
HUAWEI TECH CO LTD
View PDF0 Cites 41 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In the existing technology, the intrusion behaviors show the characteristics of uncertainty, complexity and diversity, and the intrusion detection system can only detect the new intrusion behaviors after obtaining the corresponding new intrusion rules sent by the system.
T

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, system and device for intrusion detection
  • Method, system and device for intrusion detection
  • Method, system and device for intrusion detection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The implementation of the embodiment of the present invention will be described in detail below in conjunction with the accompanying drawings:

[0031] Such as figure 1 As shown, it is a schematic structural diagram of an intrusion detection system according to Embodiment 1 of the present invention, including: at least one intrusion detection subsystem 1, an intrusion analysis server 2, and a preliminary intrusion rule sending device 3, wherein:

[0032] The intrusion detection subsystem 1 is used to obtain abnormal behavior characteristics, extract preliminary abnormal intrusion rules, and perform matching search on subsequent received messages according to the preliminary abnormal intrusion rules. If they match, it is deemed that there is an intrusion behavior.

[0033] The intrusion analysis server 2 is used to extract the essential intrusion rules according to the preliminary abnormal intrusion rules and abnormal behavior characteristics sent by the intrusion detect...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method, a system and a device for intrusion detection. The method comprises the following steps: acquiring (201) abnormal behavior characteristics of a message; extracting (202) primary abnormal intrusion regulations according to the abnormal behavior characteristics; searching (203) a subsequently received message in a matching way according to the primary abnormal intrusion regulations; considering (205) that intrusion behaviors exist if the subsequently received message is matched to be searched. The embodiment of the invention shortens the detection response time of abnormal intrusion and enhances the intrusion discovery rate and the adaptive capacity of the abnormal intrusion behaviors.

Description

technical field [0001] The invention relates to the technical field of computer networks, in particular to an intrusion detection method, system and device. Background technique [0002] As more and more important information is stored in the computer and network system, the security problem of the system is becoming more and more prominent, and it is necessary to find better measures to protect the system from the intruder's attack. IDS (Intrusion Detection System, Intrusion Detection System) is another very important security technology after traditional security protection measures such as "firewall" and "data encryption". [0003] IDS can be divided into misuse detection system and anomaly detection system. The misuse detection system pre-establishes the intrusion feature pattern library for known system and application software vulnerabilities, and performs pattern matching between the received information and the intrusion features to determine whether an intrusion ha...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24
CPCH04L63/1416
Inventor 金美娟张波王小琼
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap