Distributed intrusion detection method, device and system

An intrusion detection and distributed technology, applied in the field of network communication, can solve problems such as large data traffic affecting network performance, and achieve the effect of reducing data traffic, ensuring reliability, and reducing impact

Inactive Publication Date: 2011-03-30
HUAWEI TECH CO LTD +1
View PDF2 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] The purpose of the embodiments of the present invention is to provide a distributed intrusion detection method, device and...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Distributed intrusion detection method, device and system
  • Distributed intrusion detection method, device and system
  • Distributed intrusion detection method, device and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] figure 1 It is a flowchart of a distributed intrusion detection method in an embodiment of the present invention. The method includes:

[0039] 102. Collect its own flow information and generate a flow table.

[0040]The network node collects its own flow information, and the flow information includes at least one of input packet rate; SYN request packet input rate and SYN confirmation packet input rate; ICMP packet rate; UDP packet input rate. These traffic information can be raw values ​​or processed appropriately. For example, discretize the flow information. For example, all traffic information is quantified into 8 levels, that is, the finally obtained traffic information belongs to the set {0, 1, 2, 3, 4, 5, 6, 7}. The method of discretizing the original value of flow information can be to establish a fixed mapping relationship, such as fixedly mapping the original value within a certain range to a specific discretized flow information value; it is also possibl...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the field of network communication, in particular to a distributed intrusion detection method, a distributed intrusion detection device and a distributed intrusion detection system. The method comprises the following steps of: acquiring own flow information and generating a flow table; calculating early warning information according to the flow table; when the flow table only comprises own flow information or when the early warning information meets neighbor communication conditions, acquiring the flow information of a neighbor node and flow information acquisition time, and updating the flow table and the early warning information; when the early warning information meets global communication conditions, acquiring the flow information of a global node and the flow information acquisition time, and updating the flow table and the early warning information; and when the early warning information meets early warning conditions, performing intrusion early-warning. In the technical scheme provided by the embodiment of the invention, only the flow information of the neighbor node needs acquiring when the early warning information meets the neighbor communication conditions, so the data traffic in distributed intrusion detection is reduced and the influence of the distributed intrusion detection on network performance is reduced.

Description

technical field [0001] The invention relates to the field of network communication, in particular to a distributed intrusion detection method, device and system. Background technique [0002] Denial of Service (Denial of Service, DoS) is a very simple but very effective way of network attack. The purpose of DoS is to deny service access, disrupt the normal operation of the organization, and eventually it will disable part of the network connection or network system. There are many types of DoS attacks. The most basic DoS attack is to use reasonable service requests to occupy too many service resources, so that legitimate users cannot get services. For example, the attacker sends many requests with false addresses to the server, and the server waits for the return information after sending the reply information. Since the address is forged, the server has not been able to wait for the return message, and the resources allocated to this request will be never been released. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L9/36
Inventor 白媛覃健诚渠海峡赵玉超张波张作富谷勇浩辛阳杨亚涛谢垂益
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap