Unlock instant, AI-driven research and patent intelligence for your innovation.

Network intrusion detection and protection method and device

A network intrusion detection and read-in technology, applied in the field of network security, can solve problems such as incomplete caching, complex calculations, and inability to match all domain caches, and achieves improved parsing speed, reduced storage space, high speed and accuracy sexual effect

Inactive Publication Date: 2013-07-31
TSINGHUA UNIV
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] (2) In the vulnerability characteristic rules, the domain operations are more diverse and complex
[0014] (3) Different operations generally act on different domains, so operations cannot be combined like the previous regular expression matching method;
Therefore, it is not possible to cache all domains and then perform matching, and for larger domains, it cannot even be completely cached

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network intrusion detection and protection method and device
  • Network intrusion detection and protection method and device
  • Network intrusion detection and protection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary only for explaining the present invention and should not be construed as limiting the present invention.

[0035] Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary only for explaining the present invention and should not be construed as limiting the present invention.

[0036] In order to achieve the purpose of the present invention, the embodiment of the present ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a network intrusion detection and protection method, which comprises the following steps of: reading in a bug characteristic rule set, forming a characteristic rule list, rearranging matchers, and rearranging and grouping the characteristic rule list; analyzing application layer data by adopting an increment analysis mode; performing matching depending on the current domain matcher on the analysis result of the application layer data according to the rearranged matchers and the rearranged and grouped characteristic rule list, and executing a candidate item selection algorithm to calculate a survived candidate item in the round until all matchers are finished, wherein the finally survived candidate item is a final matching rule; and reporting the final matching rule, rearranging the states of the matchers, emptying the storage space for storing intermediate results and returning to the first step. The embodiment of the invention also provides a network intrusion detection and protection device. The network intrusion detection and protection method and the network intrusion detection and protection device realize high-speed rule matching, reduce the storage space needed by storing the intermediate results, and can achieve high speed and high accuracy simultaneously.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a high-speed network intrusion detection and protection method and device based on vulnerability characteristic rules. Background technique [0002] Today, the Internet has entered the era of high-speed broadband networks, and the speed and traffic are still increasing. At the same time, the diversity and complexity of applications on the Internet are also increasing. Various vulnerabilities inevitably exist in network equipment and various applications, and the increase in speed and the increasing complexity of applications make it more and more difficult to defend against intrusions from the network. Among them, the network vulnerability is the defect in the specific implementation of hardware, software, protocol or system security policy, which can enable attackers to access or destroy the system without authorization. These vulnerabilities can be exploited by hacke...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 夏高刘斌李志春陈焰
Owner TSINGHUA UNIV