Unlock instant, AI-driven research and patent intelligence for your innovation.

Network traffic anomaly detection method and system

A network traffic and anomaly detection technology, which is applied in the field of network information security, can solve problems such as poor traffic anomaly detection effect, poor flexibility and scalability, and achieve good detection effect, convenient expansion, and clear meaning of alarm

Active Publication Date: 2015-08-26
XINYANG BRANCH HENAN CO LTD OF CHINA MOBILE COMM CORP
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] The embodiment of the present invention provides a network traffic anomaly detection method and system to solve the problems of poor traffic anomaly detection effect, poor flexibility and scalability in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network traffic anomaly detection method and system
  • Network traffic anomaly detection method and system
  • Network traffic anomaly detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] Aiming at several problems in the prior art, such as poor network traffic anomaly detection effect, poor flexibility and scalability, the embodiment of the present invention provides a network traffic anomaly detection method, which implements traffic anomaly detection based on the characteristic data of network traffic extracted in real time , due to considering the combination of various characteristic data for different abnormal attack behaviors, the real-time performance, accuracy and comprehensiveness of detection are improved, and the detection flexibility and scalability are also relatively good.

[0031] The network traffic anomaly detection method provided by the embodiment of the present invention, through such as figure 1 The network traffic anomaly detection system shown is realized. The system includes: flow statistics filtering subsystem 1 and network management analysis subsystem 2.

[0032] The traffic statistics filtering subsystem 1 is used for the tr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a system for network flow anomaly detection. The method includes: monitoring network flow, and extracting basic characteristic data of the network flow; determining combination characteristic data of selected aggressive behaviors according to the extracted basic characteristic data, wherein the combination characteristic data are subsets of the basic characteristic data; inputting the determined combination characteristic data into corresponding flow models of the selected aggressive behaviors to obtain output results, wherein the flow models are preset according to sample data of the selected aggressive behaviors in a sample characteristic library; and determining whether the selected aggressive behaviors exist in the network flow or not according to the obtained output results. Using the method and the system for network flow anomaly detection can realize diversification in flow detection, more accuracy in identification and high extensibility.

Description

technical field [0001] The invention relates to the technical field of network information security, in particular to a method and a system for detecting network traffic anomalies suitable for high-speed IP metropolitan area networks. Background technique [0002] With the development of the Internet and the rapid growth of network traffic, the Internet has become an indispensable information carrier. At the same time, abnormal traffic that deviates from the normal range often occurs in network traffic, which is mainly caused by malicious network attacks such as worm propagation, DOS attacks, DDOS attacks, botnets, network configuration errors, and occasional line interruptions. These abnormal traffic often lead to a sharp decline in the service quality of the entire network, directly paralyzing the victim host and the network. Therefore, how to detect network anomalies and provide early warning information in a large-scale network environment is of great significance to en...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L12/24
Inventor 杨柳青
Owner XINYANG BRANCH HENAN CO LTD OF CHINA MOBILE COMM CORP