Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network security marking system based on behavioral data fusion and method

A technology of network security and data fusion, applied in the field of network security, can solve problems such as increased security detection work and high false alarm rate, and achieve the effect of reducing impact and improving detection accuracy

Active Publication Date: 2013-05-08
重庆市万州区新亿水轮机有限公司
View PDF3 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] Malware includes viruses, worms, Trojan horses, etc. Their spread on the Internet poses a huge threat to network users. According to the characteristics of malware propagation, the detection of behavioral characteristics is currently a popular and effective detection method. Its advantage is that it can Timely detection of propagation behavior, and early detection of some unknown malware propagation based on the behavioral characteristics of malware. The problem with this method is that there is a high false positive rate, such as by detecting IPs connected within a period of time. However, in the current situation where P2P networks are prevalent, connecting to multiple IP addresses in a short period of time can also be a normal network behavior, and many malware designers will try to spread malware as much as possible. The behavior is disguised to be consistent with normal data traffic, which increases the difficulty of security detection. How to distinguish the characteristics of malicious behavior hidden in the normal network is currently a difficult problem to solve

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security marking system based on behavioral data fusion and method
  • Network security marking system based on behavioral data fusion and method
  • Network security marking system based on behavioral data fusion and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] see figure 1 with figure 2 , a network security evaluation system based on behavioral data fusion, including an evaluation module, a learning module, and a standard behavior feature library module set in each single node, and an information processing module set in a gateway, and each single node is connected to the gateway through the network. Each single node processes the information of its own node, and the gateway performs information fusion and network operation status analysis on the feedback data processed by each node. in,

[0043] Learning modules include: self-directed learning and adaptive learning. The method of self-learning is similar to the way of using a firewall. When using it for the first time, the user’s opinion will be solicited for each output connection request, and the user’s choice will be remembered. As a future working method, this kind of self-learning has requirements for users. Higher, the user needs to be able to independently judge w...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a network security marking system based on behavioral data fusion and a method. The system comprises evaluation modules, a study module, and a standard behavior characteristic library, wherein the evaluation modules, the study module and the standard behavior characteristic library are arranged on each single node. An information processing module is arranged in a gateway, each single node is connected with the gateway through an internet, each single node of the system processes information of the node, and the gateway carries out information fusion and network condition analysis to feedback data which is processed and finished by each node. The evaluation modules are used for evaluating causal relationship between nodes which have a connecting relationship with users and nodes. The study module is used for classifying the users and comparing change of each time section. The standard behavior characteristic library is used for detecting typical abnormal behavior characteristics and suspicious behavior characteristics. The information processing module carries out calculation to safety level conditions of all the nodes in the network. Through the adoption of the method, malicious behavior characteristics hiding in a normal network can be distinguished, and reliability of network security detection is improved.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a network security scoring system and method based on behavioral data fusion. Background technique [0002] Malware includes viruses, worms, Trojan horses, etc. Their spread on the Internet poses a huge threat to network users. According to the characteristics of malware propagation, the detection of behavioral characteristics is currently a popular and effective detection method. Its advantage is that it can Timely detection of propagation behavior, and early detection of some unknown malware propagation based on the behavioral characteristics of malware. The problem with this method is that there is a high false positive rate, such as by detecting IPs connected within a period of time. However, in the current situation where P2P networks are prevalent, connecting to multiple IP addresses in a short period of time can also be a normal network behavior, and m...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 黄智勇曾孝平陈新龙周喜川曾浩张欣
Owner 重庆市万州区新亿水轮机有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com