Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Pattern clustering-based parallel network flow characteristic detection method

A technology of feature detection and network flow, applied in data exchange networks, digital transmission systems, electrical components, etc., can solve the problems of poor flexibility and high cost

Active Publication Date: 2010-06-02
EASYWAY
View PDF0 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In Network Intrusion Prevention System (NIPS) and Unified Threat Management System (UTM), due to the need to detect attack patterns in real time and give processing results, the speed of signature detection methods has become a serious bottleneck limiting the processing throughput of devices
[0005] Although the system solution based on ASIC and FPGA has certain advantages in processing speed, its high cost and poor flexibility limit the application of feature detection methods.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Pattern clustering-based parallel network flow characteristic detection method
  • Pattern clustering-based parallel network flow characteristic detection method
  • Pattern clustering-based parallel network flow characteristic detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0051] In this embodiment, the adopted pattern set is the Snort rule set in March 2008, which contains 5831 patterns in total.

[0052] Step S1, select a set of pattern matching algorithms to be used, select the matching algorithm suitable for short patterns as AC, and select the matching algorithm suitable for long patterns as MRSI.

[0053]Step S2, according to the selected matching algorithm AC applicable to the short pattern and the matching algorithm MRSI applicable to the long pattern, and the length segmentation point of the selected pattern, the pattern set is divided into a short pattern subset and a long pattern subset, due to the MRSI algorithm The minimum length of the required pattern is 6, therefore, in this embodiment, the split point of the selected long and short patterns is 6, and the number of patterns with a length less than 6 in the Snort rule set is 1421, and the remaining lengths are all greater than or equal to 6, that is, the length is less than 6 The ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a pattern clustering-based parallel network flow characteristic detection method, which comprises the following steps: selecting a matching algorithm set of patterns, selecting length dividing points of the patterns and dividing a pattern set into short pattern subsets and long pattern subsets; determining the number of processing units for processing the short pattern subsets and the long pattern subsets; copying a number of texts to be detected and inputting each text to be detected into the corresponding processing unit of each pattern subset respectively, wherein the number of the copied texts is equal to the total number of the long and short pattern subsets; in combination with the processing results of each pattern subset, judging whether an attack pattern exists in the texts to be detected or not; and repeating the steps to continuously detect data traffic transmitted by a quick network flow to be detected. The method is an extensible total solution for network flow characteristic detection, can be applied to various levels of performance requirements and the pattern sets of various scales, and is of profound value for systems for high-performance content detection, intrusion detection, virus protection and unified threat management, network information monitoring and the like.

Description

technical field [0001] The invention relates to the technical field of network flow content detection, in particular to a parallel network flow feature detection method based on pattern clustering. Background technique [0002] As the Internet has become one of the main infrastructures of today's society, malicious attacks on the integrity, privacy, and availability of data streams on the Internet are also increasing rapidly. As the most extensive network security device, the main function of the firewall is to judge whether the network data packet is authorized access according to each field of the network data packet header, and then decide whether to allow the network data packet to pass. However, the increase of network attack modes and the diversification of forms make it impossible to meet the needs of attack prevention only by detecting the header part of network data packets. The feature detection of the network data packet load part has become an important part of n...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/26H04L29/06
Inventor 徐波薛一波李军
Owner EASYWAY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com