Method and system for quantificationally calculating network abnormity index

A network anomaly and quantitative calculation technology, applied in the field of network security, can solve problems such as inability to reflect the macro security situation of the network

Inactive Publication Date: 2010-08-18
INST OF COMPUTING TECH CHINESE ACAD OF SCI
View PDF1 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to overcome the defect that the existing network anomaly detection method can only reflect the microscopic security situation of the network, but cannot reflect the macroscopic security situation of the network, thereby providing a method for detecting the overall security of the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for quantificationally calculating network abnormity index
  • Method and system for quantificationally calculating network abnormity index
  • Method and system for quantificationally calculating network abnormity index

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0118] Before the present invention is described in detail, the relevant concepts involved in the present invention will be described below first.

[0119] Definition 1 Network Operation Security Indicator (Network Operation Security Indicator) refers to the concept and quantity of network data characteristics that can reflect the security situation of network information system operation. In this application, it may be referred to as security indicator or indicator for short. Network operation security indicators are used to reflect and measure the security status and trends of network information systems during operation. For example, the traffic index mainly reflects the network security situation from the data characteristic of network traffic, and the IP distribution index mainly reflects the network security situation from the data characteristic of the IP address distribution law.

[0120] Definition 2 Network Operation Security Index (Network Operation Security Index) ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for quantificationally calculating a network abnormity index. The method comprises the following steps of: selecting a certain number of router nodes as acquisition points of data in a network to be monitored, and setting a basic period and a report period for data acquisition; performing data acquisition on each data acquisition point to obtain relevant information comprising an active IP address, a target IP address, a source port, a target port, a protocol type, stream start time, stream end time, packet number, byte number and a TCP marker; counting and calculating the acquired data to obtain indexes of network data traffic, protocol components, IP and port distribution and behavior modes in the network to be monitored; and combining the indexes obtained by calculating at the current time with corresponding indexes obtained by calculating in the basic period, and calculating the network abnormity index which is used for expressing the abnormity degree of the network to be monitored. The method can effectively reflect the influence of a typical network security incident on the network security situation in time.

Description

technical field [0001] The invention relates to the field of network security, in particular to a quantitative calculation method and system for a network anomaly index. Background technique [0002] With the rapid development of information technology and Internet technology, malicious attacks on network information systems have become more and more diverse and complex. Therefore, technologies such as network security situation monitoring, evaluation and trend forecasting have gradually become research hotspots. As the research basis and technical means of the above-mentioned technologies, the network security index and index system have important theoretical significance and practical value, especially the index system research used to reflect the macro network security situation. [0003] From the perspective of the reflected network security characteristics, the network security index can be divided into usability index, abnormality index, effectiveness index, etc., amo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L12/24H04L29/06
Inventor 张永铮焦绪录贺彦宏云晓春郭莉
Owner INST OF COMPUTING TECH CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap