Unlock instant, AI-driven research and patent intelligence for your innovation.

Computer firewall for automatically adjusting security policies according to network security alarm

An automatic adjustment and security policy technology, applied in data exchange networks, digital transmission systems, electrical components, etc., can solve the problem that the alarm content cannot be directly used to formulate and modify firewall rules, it is difficult to effectively stop it, and it is difficult to maintain network security. Substantial help and other issues to ensure normal access and reduce adverse effects

Inactive Publication Date: 2010-12-29
原少甫
View PDF0 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Once the computer inside the network is used maliciously, it will be difficult to effectively stop it until the harm develops to be clearly detected
Therefore, once the computers in the internal network are used maliciously, it often leads to serious consequences such as leakage of secrets
[0009] Although the intrusion detection system brings some convenience for network administrators to formulate and modify firewall rules, because its false alarm rate is too high, its alarm content cannot be directly used to formulate and modify firewall rules, but must first be manually screened. It is difficult to provide substantial help in maintaining network security

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0013] The specific implementation of the present invention needs to use parameter and function as follows:

[0014] 1 Time-related parameters

[0015] a) Rule update cycle (P_Update, the default value is 5 seconds): how often the firewall rules should be calculated and updated;

[0016] b) Review period (P_LookBack, the default value is 30 seconds): how long the unblocked alarm information in the past should be included in the scope of investigation each time the firewall rules are updated;

[0017] 2. Parameters and functions related to the calculation of "advantages" and "disadvantages" of firewall rules

[0018] a) The value corresponding to each alarm type (V_Alert, the default value of all types is 1). For the alarm type with high false positive rate and low threat, its value should be set to a small value or even 0, For the alarm types with low false alarm rate and high threat, they should be given a higher value;

[0019] b) The value of a port of each external netw...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a computer firewall for automatically adjusting security policies according to a network security alarm. The computer firewall calculates a series of relevant alternative firewall shielding rules according to the latest alarm information sent by an intrusion detection system (IDS), and quantitatively calculates advantages and disadvantages of each alternative shielding rule according to preset parameters so as to decide whether the rule is adopted. In the invention, each adopted firewall rule is given a period of validity; and when one firewall rule successfully stops the alarm, the firewall appropriately prolongs the period of validity of the rule according to importance of the stopped alarm, and the invalid firewall rules are deleted.

Description

Technical field [0001] The patent of the present invention relates to a computer firewall system that automatically adds and deletes network data filtering rules by analyzing network security alarms. Background technique [0002] A firewall (Firewall) is a device configured between two computer networks (a single computer can also be regarded as a micro-network). Its core is a computer program, but it can also be solidified on hardware such as a router to become a part of the hardware. All communication between the two networks must pass through the firewall, and the firewall selectively allows or prohibits the passage of certain data according to preset rules. [0003] The core of the firewall is the preset rules, which programmatically describe which data conforms to which characteristics should be allowed or forbidden to pass through. The rules of the firewall are usually manually set by the network administrator, and the quality of the rules directly affects the effect...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/24H04L12/26
Inventor 原少甫
Owner 原少甫