Network traffic anomaly detection method and detection device

A technology for network traffic and anomaly detection, applied in data exchange networks, digital transmission systems, electrical components, etc., can solve problems such as poor flexibility, and achieve the effect of improving accuracy and reducing burden

Inactive Publication Date: 2010-08-04
哈尔滨英赛克信息技术有限公司
View PDF0 Cites 65 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

These methods can detect some abnormal traffic, but the entropy value of normal hosts will change dynamically with the change of network traffic, so these methods are less flexible in practical applications

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network traffic anomaly detection method and detection device
  • Network traffic anomaly detection method and detection device
  • Network traffic anomaly detection method and detection device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] In order to make the advantages of the technical solutions of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention are clearly and completely described below in conjunction with the accompanying drawings. Obviously, the described embodiments are only part of the embodiments of the present invention, rather than All the embodiments are based on the embodiments of the present invention, and all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0028] The invention starts from the change of information entropy representing the characteristic distribution of network traffic caused by various abnormal events and intrusion behaviors, and performs real-time detection and prevention.

[0029] Before describing the method and device of the present invention in detail, the information entropy used in the presen...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network traffic anomaly detection method and a detection device. The detection device comprises a data selection unit, a distribution analysis unit, an observation information entropy acquisition unit, a prediction unit, a confidence interval acquisition unit and an anomaly judging unit, wherein the data selection unit is used for selecting network index data to be detected and establishing an attribute record; the distribution analysis unit anomaly inspects the distribution situation of each attribute of the attribute record in connection initiated by and to each host computer in a network; the observation information entropy acquisition unit is used for acquiring observation information entropy according to the distribution situation of the attributes when a time interval reaches a set time threshold; the prediction unit predicts the information entropy of the network index data of the next time interval according to the observation information entropy; the confidence interval acquisition unit acquires a confidence interval needed by anomaly judgment according to the observation information entropy and the prediction information; and the anomaly judging unit analyzes the distribution of the observation information entropy in the confidence interval and determines whether network traffic is anomalous or not according to an analysis result. Through the method and the device, problems of not strong operability and relatively poorer flexibility in network traffic anomaly detection in the prior art are solved.

Description

(1) Technical field [0001] The invention relates to the technical field of network management and security, in particular to a method and device for detecting abnormal network traffic. (2) Background technology [0002] Abnormal network traffic refers to abnormalities caused by network attacks, network viruses, sudden network access, network failures, and new network users. Abnormal traffic is characterized by sudden onset and unknown aura characteristics, which can cause major losses or even fatal damage to the network and computers on the network in a short period of time (such as sudden access behavior caused by specific attack programs or worm outbreaks) . Therefore, it is of great significance to accurately and timely detect the abnormal behavior of network traffic and make a reasonable response to maintain the availability of the network, improve the reliability of the network and ensure the quality of network service. [0003] According to different detection method...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L12/56
Inventor 杨武王巍苘大鹏何晓冰玄世昌王晴
Owner 哈尔滨英赛克信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap