Method and system for quantificationally calculating network abnormity index

A network anomaly and quantitative calculation technology, applied in the field of network security, can solve problems such as inability to reflect the macro security situation of the network
CN101808017AInactive Publication Date: 2010-08-18INST OF COMPUTING TECH CHINESE ACAD OF SCI
1 Cites 28 Cited by

Patent Information

Authority / Receiving Office
CN · China
Current Assignee / Owner
INST OF COMPUTING TECH CHINESE ACAD OF SCI
Publication Date
2010-08-18
Estimated Expiration
Not applicable · inactive patent

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention provides a method for quantificationally calculating a network abnormity index. The method comprises the following steps of: selecting a certain number of router nodes as acquisition points of data in a network to be monitored, and setting a basic period and a report period for data acquisition; performing data acquisition on each data acquisition point to obtain relevant information comprising an active IP address, a target IP address, a source port, a target port, a protocol type, stream start time, stream end time, packet number, byte number and a TCP marker; counting and calculating the acquired data to obtain indexes of network data traffic, protocol components, IP and port distribution and behavior modes in the network to be monitored; and combining the indexes obtained by calculating at the current time with corresponding indexes obtained by calculating in the basic period, and calculating the network abnormity index which is used for expressing the abnormity degree of the network to be monitored. The method can effectively reflect the influence of a typical network security incident on the network security situation in time.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the field of network security, in particular to a quantitative calculation method and system for a network anomaly index. Background technique

[0002] With the rapid development of information technology and Internet technology, malicious attacks on network information systems have become more and more diverse and complex. Therefore, technologies such as network security situation monitoring, evaluation and trend forecasting have gradually become research hotspots. As the research basis and technical means of the above-mentioned technologies, the network security index and index system have important theoretical significance and practical value, especially the index system research used to reflect the macro network security situation.

[0003] From the perspective of the reflected network security characteristics, the network security index can be divided into usability index, abnormality index, effectiveness index, etc., amo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More