Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A parallel network flow feature detection method and system based on pattern clustering

A technology of feature detection and clustering method, applied in transmission systems, digital transmission systems, data exchange networks, etc., can solve problems such as high cost and poor flexibility

Active Publication Date: 2011-12-28
EASYWAY
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In Network Intrusion Prevention System (NIPS) and Unified Threat Management System (UTM), due to the need to detect attack patterns in real time and give processing results, the speed of signature detection methods has become a serious bottleneck limiting the processing throughput of devices
[0005] Although the system solution based on ASIC and FPGA has certain advantages in processing speed, its high cost and poor flexibility limit the application of feature detection methods.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A parallel network flow feature detection method and system based on pattern clustering
  • A parallel network flow feature detection method and system based on pattern clustering
  • A parallel network flow feature detection method and system based on pattern clustering

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] In this embodiment, the adopted pattern set is the Snort rule set in March 2008, which contains 5831 patterns in total.

[0047] Step S1, select a set of pattern matching algorithms to be used, select the matching algorithm suitable for short patterns as AC, and select the matching algorithm suitable for long patterns as MRSI.

[0048] Step S2, according to the selected matching algorithm AC suitable for the short pattern and the matching algorithm MRSI suitable for the long pattern, select the length segmentation point of the pattern, and divide the pattern set into a short pattern set and a long pattern set, because the MRSI algorithm requires the pattern The shortest length is 6, therefore, in this embodiment, the division point of the selected long-short pattern is 6, and the number of patterns with a length less than 6 in the Snort rule set is 1421, and the remaining lengths are all greater than or equal to 6, that is, patterns with a length less than 6 It is assig...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a parallel network flow feature detection method based on pattern clustering, comprising the steps of: selecting a pattern matching algorithm set, selecting a pattern length segmentation point, and dividing the pattern set into a short pattern set and a long pattern set; Divide the long pattern set into multiple long pattern subsets, determine the number of processing units of the short pattern set and the long pattern subset; copy the number of copies of the text to be detected as the total number of copies of the long and short pattern subsets, and divide each copy to be tested The text is input into the processing unit corresponding to each pattern subset; combined with the processing results of each pattern subset, it is judged whether there is an attack pattern in the text to be detected; the above steps are repeated to continuously detect the data stream transmitted by the fast network stream to be detected. This method can be applied to various levels of performance requirements and pattern sets of various scales, and has extremely far-reaching effects on systems such as high-performance content detection, intrusion detection, virus protection, unified threat management, and network information monitoring.

Description

technical field [0001] The invention relates to the technical field of network flow content detection, and in particular to a method and system for detecting parallel network flow characteristics based on pattern clustering. Background technique [0002] As the Internet has become one of the main infrastructures of today's society, malicious attacks on the integrity, privacy, and availability of data streams on the Internet are also increasing rapidly. As the most extensive network security device, the main function of the firewall is to judge whether the network data packet is authorized access according to each field of the network data packet header, and then decide whether to allow the network data packet to pass. However, the increase of network attack modes and the diversification of forms make it impossible to meet the needs of attack prevention only by detecting the header part of network data packets. The feature detection of the network data packet load part has be...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L29/06
Inventor 徐波薛一波李军
Owner EASYWAY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com