Method for detecting network data package

A network data packet and detection method technology, which is applied in the field of network data packet detection, to achieve the effect of reducing false alarm rate, improving speed, and ensuring rapid response

Inactive Publication Date: 2013-12-25
北京科能腾达信息技术股份有限公司
View PDF2 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] A new interception mode should be considered for advanced stealth attacks, and the simple feature library matching mode can no longer fully achieve the interception purpose. Therefore, the present invention will propose a new intrusion detection method that automatically adjusts the matching algorithm, which will greatly improve safety factor of the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for detecting network data package
  • Method for detecting network data package
  • Method for detecting network data package

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The method of the present invention will be described in further detail below in conjunction with the accompanying drawings.

[0033] The network packet detection method of the present invention comprises the following specific steps:

[0034] The first step is to capture the data packets in the network;

[0035] In the second step, the captured data packets are analyzed by the whole protocol stack to obtain the protocol variables, that is, the data of each protocol layer of the original message data packets;

[0036] The third step is to select the most suitable multi-pattern matching algorithm according to the preset pattern characteristics and protocol variable characteristics, then load the pattern matching algorithm library, and dynamically adjust the matching algorithm according to the current network status during the detection process.

[0037] The specific implementation method of the second step is as follows:

[0038] Full protocol stack analysis refers to ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method for detecting a network data package comprises the following steps of A) capturing the data package in a network, B) carrying out full protocol stack analysis on the captured data package to obtain protocol variable characteristics, namely, the data of all protocol layers of the original message data package; C) firstly selecting the most suitable multi-mode matching algorithm according to preset mode characteristics and the protocol variable characteristics, and then loading a mode matching algorithm library, and D) dynamically regulating the matching algorithm in the detection process according to a current network state. The full protocol stack analysis is carried out on the data package, decoding speed is greatly improved, real-time decoding requirements are met, and needs for server memory are reduced. In addition, the proper mode matching algorithm is flexibly selected for detected loopholes, matching speed and storage space are optimal, and effective protection on high-level escape invasion is achieved through a high-level reclusion technology.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method for detecting network data packets. Background technique [0002] As one of the most important active network security measures at present, network intrusion detection effectively supplements and perfects the security measures such as access control, data encryption, firewall, virus prevention, etc. by identifying and responding to malicious network connections on computers and network resources. Security measures, which improve the integrity of the information security infrastructure, have become an integral part of information system security solutions. [0003] Advanced Evasion Technique (AET, Advanced Evasion Technique) and superimposed cyber-force of stealth attacks have seen many cases of computer attacks infiltrating political struggles in various countries. The recent computer network failure of the Bank of Korea, the US The attacks on the New York Time...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/26
Inventor 刘庆
Owner 北京科能腾达信息技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap