Network security verifying device based on improved K-means algorithm

A technology of k-means algorithm and verification device, which is applied in the Internet field, can solve the problems of large amount of attack data, high false positive rate, and cannot handle massive attack data well, and achieves high detection accuracy and false positives. low rate effect

Active Publication Date: 2013-10-23
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF14 Cites 40 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the characteristics of large data volume and high dimensionality of attack data, it is impossible to efficiently analyze massive attack data and extract unknown attack characteristics from massive tool data only by relying on daily security audit technology.
Therefore, this patent cannot handle massive attack data well, in other words, the false negative rate of this patent is relatively high

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security verifying device based on improved K-means algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0116] 1. Implementation of the controllable module

[0117] A firewall separates the Internet, the range, and the management network. Any connection entering the shooting range and management network will pass through the firewall. By adding filter conditions in the firewall rule base, it is possible to check and control the messages entering and leaving the shooting range and management network.

[0118] Second, the implementation of the data capture module

[0119] The key to the success of the data capture module lies in layer-by-layer checks: the more layers of data capture, the better the effect. This module captures suspicious traffic and abnormal behaviors entering and leaving the system as follows:

[0120] Step 1: As an access control layer device, the firewall can not only be used for data control, but also record the activities in and out of the honeypot. Since any activity in and out of the honeypot is considered suspicious, a firewall is used to capture suspic...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a network security verifying device based on an improved K-means algorithm. A data mining method is used for the extraction of network attack characteristics. Firstly, traffics entering and exiting a system are monitored through creating a height-controllable target range verifying environment, then abnormal traffics and abnormal behaviors which enter and exit the system are captured by layers by using a layering mechanism, and finally, collected information data are subjected to characteristic analysis by using an improved K-means algorithm, and therefore, the attack behaviors can be efficiently detected and a potential unknown attack in a network is accurately found.

Description

technical field [0001] The invention relates to the technical field of the Internet, and provides a network security verification device based on an improved K-means algorithm. Background technique [0002] In the past ten years, although various defense technologies and products have emerged, network attacks and worms are still active on the Internet, causing hundreds of millions of losses every year. In order to accurately and quickly detect network attacks and respond to worm outbreaks in a timely manner, network security researchers have made unremitting efforts and achieved remarkable results. However, most of the current security detection systems use passive defense technologies, such as firewall technology and intrusion detection technology and so on. Because firewall technology only provides static data packet filtering and cannot prevent attacks from inside the network; at the same time, intrusion detection technology not only cannot effectively detect unknown typ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 张小松牛伟纳陈瑞东王东陈讲民张建松吴濛
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap