Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Linkage method for firewall and intrusion-detection system

An intrusion detection system and firewall technology, applied in the field of network security, can solve problems such as firewall and IDS not responding well, blocking normal communication, lack of correlation and merging of alarm information, etc., to meet the requirements of intelligent network security and improve effective Effects on Sex and Accuracy

Inactive Publication Date: 2011-08-24
NORTHEAST DIANLI UNIVERSITY
View PDF3 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This simple linkage method does not meet the requirements of network effectiveness and accuracy, but only establishes a preliminary network security linkage mechanism, which mainly has the following two problems: (1) The linkage between the existing firewall and IDS is harmful to some Network security intrusion events cannot be responded well, mainly because of the high false alarm rate of IDS, lack of correlation and merging of alarm information, resulting in wrong firewall linkage, blocking normal communication
The rapid growth of security threats has become the background of the entire security world. The traditional security response system that relies on manual analysis of malware features can no longer meet the current security protection needs.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Linkage method for firewall and intrusion-detection system
  • Linkage method for firewall and intrusion-detection system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0015] With reference to Fig. 1: the linkage method of firewall and intrusion detection system of the present invention comprises:

[0016] [1] The alarm information generated by the intrusion detection system is encrypted and transmitted to the front-level information transceiver, where it is decrypted and authenticated;

[0017] [2] Send the alarm information decrypted by the front-level information transceiver to the preprocessor for preprocessing, extract and clean the information records, and standardize the relevant data;

[0018] [3] Send the data preprocessed by the preprocessor to the analyzer for analysis. If the obtained security event level exceeds the predetermined threshold, the analyzer will send a command to the decision maker, otherwise the analysis result of the analyzer will be sent to the association Analyzer;

[0019] [4] Send the correlation analysis results of the correlation analyzer to the risk evaluator, carry out risk assessment on the current netwo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a linkage method for a firewall and intrusion-detection system, and the method is used for network protection and is characterized by comprising the following steps: encrypting and transmitting the alarm information generated by the intrusion-detection system to a forestage information receiver and then sending the alarm information to a preprocessor after decrypting and authenticating the alarm information by the forestage information receiver; performing the preprocessing of extracting and cleaning the information record by the preprocessor and then sending to an analyzer; sending an order to a decider by the analyzer if the acquired safety event level exceeds a preset threshold value, otherwise, sending an analyzed result to a relevance analyzer; performing the relevance analysis by the relevance analyzer and then sending a result to a risk evaluator; performing the risk evaluation on the current network state by the risk evaluator and then sending the acquired risk level of the current network and the network running state parameters to the decider; sending the linked specific information to a backstage information receiver by the decider, performing the related treatment and then sending the result to the firewall for implementing linkage; and centrally auditing an intrusion-detection log of the forestage information receiver and a firewall log of the backstage information receiver and then sending to the relevance analyzer.

Description

technical field [0001] The invention relates to the technical field of network security, and relates to a linkage method of a firewall and an intrusion detection system. Background technique [0002] With the development of computer technology and the wide application of the Internet, the hidden dangers of network security are becoming more and more serious. In daily work, ensuring network security and system security has been promoted to an important position. Using a single intrusion detection (IDS) and firewall cannot respond quickly and accurately to network security events in a timely and effective manner. Once an abnormal situation occurs, it can only be handled manually, and the work efficiency is very low. At present, the linkage technology is a simple linkage between IDS and firewall. This simple linkage method does not meet the requirements of network effectiveness and accuracy, but only establishes a preliminary network security linkage mechanism, which mainly h...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 郭晓利曲朝阳娄建楼阚运奇王蕾董如意崔宏杰
Owner NORTHEAST DIANLI UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com