Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Flow characteristic analysis-based distributed intrusion detection method

An intrusion detection, distributed technology, applied in the direction of electrical components, transmission systems, etc., can solve the problems of low detection accuracy and detection efficiency, and achieve high-efficiency detection capabilities, timely and accurate detection effects

Inactive Publication Date: 2013-08-14
BEIHANG UNIV
View PDF1 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] In order to overcome the problems of low detection accuracy and detection efficiency of traditional intrusion detection methods, the patent of the present invention proposes a distributed intrusion detection method based on a specific traffic detection algorithm, which mainly includes two parts; one is to propose an efficient traffic-based feature analysis The intrusion detection algorithm; the second is to propose a distributed multi-agent architecture, using the distributed framework and architecture to improve the efficiency of intrusion detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Flow characteristic analysis-based distributed intrusion detection method
  • Flow characteristic analysis-based distributed intrusion detection method
  • Flow characteristic analysis-based distributed intrusion detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The implementation of methods such as the intrusion detection architecture and traffic characteristic algorithm proposed by the present invention is implemented through an actual intrusion detection system, and the deployment structure of the intrusion detection system is as follows Figure 4 shown.

[0039] Figure 4 In , the intrusion detection system includes two types of nodes:

[0040] (1) Nodes deploying intelligent analysis and decision-making Agent: This type of node is set up with routing port mirroring for connecting the LAN to the external network, that is, from this type of node, the uplink or downlink network traffic of the entire network can be analyzed or captured. Deploy an intelligent analysis and decision-making agent on this node, so that the agent's network traffic analysis module can collect the traffic characteristic statistics of the entire network, and the intelligent analysis module applies the CUSUM algorithm for analysis. The interfaces at t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a flow characteristic analysis-based distributed intrusion detection method. The method comprises the following steps of: performing intrusion detection based on a JADE platform by using an intelligent decision analysis agent and a data acquisition and independent intrusion condition monitoring agent; detecting a definite network intrusion action for an intrusion characteristic by using the data acquisition and independent intrusion condition monitoring agent; and comprehensively monitoring different statistical characteristic quantities comprising a flow bandwidth, a new source IP (Internet protocol) address and the like in network flow by using the intelligent decision analysis agent through an improved non-parameter cumulative sum (CUSUM) algorithm, namely, a threshold regression algorithm and realizing network abnormity detection in combination with related information transmitted by the data acquisition and independent intrusion condition monitoring agent so as to effectively enhance intrusion detection efficiency and accuracy. In the method, different network flow models can be differentiated effectively by monitoring the new source IP address, so that the misstatement rate of the intrusion detection system is further lowered.

Description

【Technical field】 [0001] The invention proposes a high-performance abnormal-based distributed intrusion detection method for detecting various attacks suffered by computer network systems. 【Background technique】 [0002] Intrusion detection refers to a security technology that collects information from several key points in a computer network or computer system and analyzes it to find out whether there are behaviors that violate security policies and are attacked in the network or system. Technically, intrusion detection methods are divided into anomaly-based detection and misuse-based detection. Detection methods based on misuse can only effectively detect known intrusions, but cannot detect new intrusions. However, the traditional anomaly-based detection methods also have the defect of high false alarm rate caused by the difficulty in defining and judging abnormal behaviors. [0003] In terms of intrusion detection technology, in recent years, people have carried out a l...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/08H04L29/06
Inventor 姚淑珍黄河谭火彬王颖轩
Owner BEIHANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com