Method for dynamically detecting network anomaly in real time based on immunization

A real-time network, anomaly detection technology, applied in data exchange networks, digital transmission systems, electrical components, etc., can solve the problems of difficult real-time detection, poor coordination, and low detection rate

Inactive Publication Date: 2012-08-15
GUANGZHOU UNIVERSITY
View PDF3 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method has the excellent characteristics of biological immune system such as self-learning, self-adaptation, clone selection, immune network and immune memory, so as to solve the problem of low detection rate and difficulty in real-time detection ca

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for dynamically detecting network anomaly in real time based on immunization
  • Method for dynamically detecting network anomaly in real time based on immunization
  • Method for dynamically detecting network anomaly in real time based on immunization

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] The specific method of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0021] like figure 1 As shown, the present invention can be summarized into four parts: presentation and collection of antigen data to be tested, dynamic evolution of memory cells, dynamic cloning and elimination of antibody cells, and network anomaly detection.

[0022] The antigen data to be tested is submitted and summarized, that is, the characteristic data of the network traffic in a unit time is collected in the way of bypass listening. The proportion of ARP protocol input data packets in the total flow, the proportion of output flow in the total flow, network transmission rate, the number of real-time connection sessions, the number of TCP-SYN packets per unit time, These characteristic data describing network transactions form the characteristic value of the characteristic vector of the antigen to be detected after standard normalizati...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for dynamically detecting a network anomaly in real time based on an artificial immunity principle, belonging to the field of information security. The invention provides a new method for dynamically detecting the network anomaly in real time based on immunization according to a good self-learning adaptive mechanism of a human immune system. According to the method provided by the invention, a detection mode is subjected to dynamic description (namely, dynamic generation and extinction, dynamic learning and dynamic self-organization) and is combined with an antibody cell dynamic cloning principle, so that the detection mode is synchronously evolved with an actual network condition. Furthermore, cooperative treatment is carried out by immune vaccination and vaccine distribution, so as to improve the accuracy and the timeliness of network anomaly detection. With the adoption of the method provided by the invention, the key problems such as low detection rate, difficulty in real-time detection and poor cooperativity, which are caused by static detection mode description in the existing large-scale network anomaly detection research can be solved. Therefore, the method can be used for rapid and effective monitoring when large-scale security events, thereby wining time for network protection and play an important role.

Description

technical field [0001] The invention relates to a digital information transmission system, in particular to an Internet security system. Background technique [0002] With the rapid development of the Internet, the situation of network security is becoming more and more serious, and the rapid change of network attack technology puts forward higher requirements for network monitoring. The network intrusion detection system (Intrusion Detection System, IDS) plays an important role in the network information security system, and has become a research and application hotspot in the field of network information security in recent years. Technically, IDS is mainly divided into two categories: feature detection and anomaly detection. Feature detection uses known attack features to detect, and the detection rate is high, but the disadvantage is that attack features need to be manually extracted, which consumes a lot of manpower, and the attack may have caused losses during the peri...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/26
Inventor 彭凌西谢冬青刘浩怀熊伟
Owner GUANGZHOU UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap