Linkable distributed network intrusion detection method based on behavior description

A distributed network and intrusion detection technology, applied in the direction of data exchange network, digital transmission system, electrical components, etc., can solve the problems of lack of consistency, central manager analysis and storage inconvenience, etc., to improve detection efficiency and initiative and protection effects, improving global management and analysis capabilities

Inactive Publication Date: 2012-07-18
NANJING UNIV OF POSTS & TELECOMM
View PDF3 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although many architectures and schemes have emerged, more emphasis is still placed on the performance and detection methods of a single detection unit, without considering that the network environment and detection targets of these distribu

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Linkable distributed network intrusion detection method based on behavior description
  • Linkable distributed network intrusion detection method based on behavior description
  • Linkable distributed network intrusion detection method based on behavior description

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0060] System construction plan:

[0061] The present invention deploys a monitoring device at the general entrance and exit of the network. The device only does simple network status statistics and reports the total flow status of the network to the general control platform without performing other detection work. A detection unit is deployed at the entrance and exit of each sub-network, and these detection units complete normal network detection tasks. Each detection unit performs its own duties, and can focus on functions according to the characteristics of the network range to be protected. Allocating the detection tasks of the entire network to each detection unit can avoid encountering performance bottlenecks, improve detection efficiency, and the units will not interfere with each other. Each detection unit includes data collector, processor, analyzer, controller and local database. The local database stores five types of data customized according to the local network...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a linkable distributed network intrusion detection method based on behavior description, which achieves the real-time detection of abnormal flow in a network and timely makes a response by applying methods of the network behavior description and the feature extraction in a distributed detection system and linking with a fire wall, particularly comprising the steps of (a), a detection unit operation process and (b), a master control platform operation process: applying a detection strategy based on the behavior description on distributed detection units to effectively organize the distributed detection units to be an efficient organic whole, thus avoiding the low efficiency and the dispersibility of the existing system scheme, wherein the aim is to solve the low efficiency of the abnormal flow detection on a large network in the practical application and improve the whole detection ability and the protection effect of the detection system for the network.

Description

technical field [0001] The present invention proposes a distributed network intrusion detection scheme based on behavior description that can be linked. By applying the method of network behavior description and feature abstraction to the distributed detection system and linkage with the firewall, real-time monitoring of abnormal traffic in the network is realized. Detecting and responding in a timely manner belongs to the field of computer security technology. Background technique [0002] With the continuous increase of network application types and the continuous increase of network scale, network security issues have become increasingly prominent, which has attracted people's attention. The main threats facing the current network include denial of service attacks, network intrusion, malicious code, etc. In order to effectively deal with these threats, it is necessary to take real-time detection and protection measures for the network, control security issues within a cer...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L12/24H04L29/06
Inventor 王汝传李伟李鹏张伟孙力娟黄海平肖甫
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap