Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

System for automatically analyzing computer network connectivity

An automatic analysis system, computer network technology, applied in transmission systems, digital transmission systems, data exchange networks, etc., can solve the problems of increased test times, large time consumption, low accuracy, etc., and achieves improved operating speed and high degree of automation. , the effect of running fast

Active Publication Date: 2012-04-11
SHANGHAI JIAO TONG UNIV
View PDF2 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This test method can only determine that two hosts can communicate through the ICMP protocol at the network layer, but high-level protocols such as TCP protocol communication status and specific communicable port numbers cannot be obtained, which is obviously not enough for vulnerability analysis. , and the number of tests of this method will be N with the increase of the number of hosts N in the network 2 The increase of the level cannot be applied to large-scale networks; the scanning method refers to using tools such as Nessus to scan the ports of each host to find the ports that are open and running
This method needs to scan all ports of all hosts in the network, which consumes a lot of time and is difficult to apply to large networks
Moreover, due to the existence of security devices such as firewalls, the accuracy of this method is not high

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System for automatically analyzing computer network connectivity
  • System for automatically analyzing computer network connectivity
  • System for automatically analyzing computer network connectivity

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The present invention will be described in further detail below in conjunction with the accompanying drawings.

[0030] 1. The composition of the network connectivity automatic analysis system

[0031] Such as figure 1 As shown, the composition of the network connectivity automatic analysis system is given, which can be divided into five parts from the structure: human-computer interaction part, information collection part, information preprocessing part, core analysis part and connectivity graph drawing part.

[0032] Human-Computer Interaction

[0033] The human-computer interaction part is responsible for the information interaction with the user, which is realized by the interactive module, and its interactive interface is divided into three steps. The screenshot of the first step interface is as follows: image 3 , the user can click the firewall hierarchy structure on the left side of the interface (the root node represents the outermost firewall, and its child...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a system for automatically analyzing computer network connectivity, wherein the system acquires the connectivity of any two hosts alive in a network by analyzing configuration files of a device (which is mainly a firewall) influencing the connectivity in the network, and comprises a human-machine interaction part, an information acquisition part, an information preprocessing part, a core analysis part and a connected graph drawing part. The human-machine interaction part is used for realizing the interaction between a user and system information; the information acquisition part is used for completing the acquisition of the configuration files of the firewall and the detection of hosts alive in the network; the information preprocessing part is used for preprocessing information acquired by the information acquisition part; the core analysis part is used for analyzing a result generated by the information preprocessing part and acquiring the connectivity information between any two hosts alive; and the connected graph drawing part is used for drawing a network connected graph. The system disclosed by the invention is high in operating speed and basically free from network scale, can be applied to large-scale networks and further has the advantages of high automation degree, wide application range and strong expandability.

Description

technical field [0001] The invention belongs to the technical field of computer network security, and more specifically relates to an automatic analysis system for computer network connectivity, which can obtain the connectivity between hosts in the entire network system by analyzing firewall configuration files in the network system. Background technique [0002] The connectivity between hosts in the network is the basis for vulnerability and penetration analysis of the entire network. For example, if one host exploits a target host's vulnerability, the prerequisite for successfully invading the host is that the two hosts are connected, that is, the successful exploit The vulnerability requires normal communication between two host-specific ports. Therefore, obtaining the connectivity of any two hosts in the entire network is of great significance for network security management and penetration testing. [0003] From domestic and foreign database retrieval and literature a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L29/06
Inventor 陈秀真刘龙李建华
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com