Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for filtering network attack traffic

A network attack and network traffic technology, applied in the field of network security, can solve the problems of reducing and filtering abnormal traffic, difficult to reflect the real boundary between normal traffic and abnormal traffic, and easy mutation, etc., to achieve the effect of filtering attack traffic

Active Publication Date: 2012-02-15
BEIJING LEADSEC TECH
View PDF4 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For the calculation of the threshold, there are mainly three methods as follows: (1) Select the maximum value of the network traffic sampling value as the threshold. The sampling of abnormal flow cannot be effectively ruled out during sampling; (2) The average value of the flow sampling value is selected as the threshold value. Macroscopic characteristics, the statistics of abnormal flow cannot be ruled out during flow sampling; (3) The flow sampling values ​​before and after the moment are weighted to calculate the threshold, the threshold determined by this method can slow down the fluctuation of the threshold with the change of flow, and has a certain macroscopic However, it is still impossible to rule out the statistics of abnormal traffic, and the weighted value is almost impossible to determine except based on long-term accumulated experience.
It can be seen that the existing methods cannot avoid the influence of abnormal flow when sampling flow, so the calculated flow threshold is usually difficult to reflect the real boundary between normal flow and abnormal flow, thereby reducing the ability to filter out abnormal flow. Effect

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for filtering network attack traffic
  • Method and device for filtering network attack traffic
  • Method and device for filtering network attack traffic

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The main idea of ​​the present invention is: after obtaining the samples of the network traffic, first perform data screening on the obtained sample space so as to filter out those sample values ​​that obviously represent the attack traffic, and then use the normal distribution on the basis of the processed samples to Calculate the final threshold according to the law, and then filter the network attack traffic according to the final threshold, so as to realize the purpose of the present invention.

[0037] In order to enable those skilled in the art to further understand the features and technical content of the present invention, the technical solution of the present invention will be described in detail below in conjunction with the accompanying drawings and embodiments.

[0038] As mentioned earlier, network security issues are increasingly becoming a focus of attention. The so-called network security refers to the information security of the network, including the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method for filtering network attack traffic. The method comprises the following steps of: acquiring samples of network traffic as initial samples; summing the triplication of an average value of the initial samples and the triplication of a standard difference of the initial samples to obtain an intermediate threshold value; filtering samples greater than the intermediate threshold value to obtain remaining samples; obtaining a final threshold value according to an average value and a standard difference of the remaining samples, wherein the final threshold value is the sum of the triplication of the average value of the remaining samples and the triplication of the standard difference of the remaining samples; and filtering the network attack traffic according to the final threshold value. Compared with the prior art, the invention adopts a more scientific and accurate method for calculating the final threshold value and achieves better attack traffic filtering effects.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and device for filtering network attack traffic. Background technique [0002] With the development of Internet technology, network security issues have attracted widespread attention. Viruses, hackers and other network attacks emerge in an endless stream, and people try their best to deal with these security threats. Different from these conventional network threats is the increasingly developed traffic attack, which uses a large data flow that exceeds the system's processing capacity to crash the system or overwhelm the network equipment. Common such as DDos (distributed denial of service attack), the This kind of attack is developed from DOS (Denial of Service Attack) attack. Because it usually spreads data on the network with a seemingly legitimate identity, the detectors at the source or destination of the network can hardly identify these abnormal data fl...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/56H04L12/801
Inventor 李晗俞娜
Owner BEIJING LEADSEC TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com