General information acquisition system for internal network security monitoring

A security monitoring and internal network technology, applied in transmission systems, digital transmission systems, data exchange networks, etc., can solve the problems of lack of standardization work, poor seamless connection ability, and high system complexity, so as to improve audit ability and increase adaptability capacity, the effect of enhancing scalability

Active Publication Date: 2012-02-08
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF1 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] 1. The packet loss rate of the information acquisition system is high, the efficiency of event discovery and reporting is low, and the reliability of information acquisition is poor, which affects the decision-making of the entire security monitoring system;
[0005] 2. The hierarchy of each module in the system is vague, and there is no general standard for the distribution principles of the system configuration module, fault diagnosis module, management module and event monitoring module, etc., resulting in high complexity and poor scalability of the system;
[0006] 3. The lack of a backup mechanism for the event monitoring module, the module restart or repair takes a long time, resulting in poor seamless connection ability for monitoring event reporting
[0023] 1. The packet loss rate of the information acquisition system is high, the efficiency of event discovery and reporting is low, and the reliability of information acquisition is poor, which affects the decision-making of the entire security monitoring system;
[0024] 2. The business management module in the logical management layer lacks a dynamic conflict handling (or synchronous processing) mechanism for reported events;
[0025] 3. The business agent layer lacks a backup mechanism for the event monitoring module. When the event monitoring module is attacked, although the entire monitoring information acquisition system will not be greatly affected due to the independence of each module, the process of restarting or repairing the module In the process, there will be monitoring gaps, and many network attacks are launched during this period;
[0026] 4. The output of the system is simply to output the monitored network events to the attack event analysis subsystem of the internal network security monitoring system. Due to the existence of complex attack pattern recognition algorithms in this subsystem, such an output form will cause the entire Reduced efficiency for large systems
The main bottleneck encountered in the development of the information acquisition structure to the present is the lack of standardization work.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0065] The technical solution of the present invention will be explained below in conjunction with the accompanying drawings and embodiments.

[0066] The job of the information acquisition general system for internal network security monitoring is to obtain monitoring events. At the same time, as an important structure in a security system, it not only interacts with other subsystems in the security system, but also ensures that all internal systems are Reasonable cooperation of modules, so it is essential to have basic management and auxiliary functions such as communication, user interface, self-repair base, policy management configuration, etc. The present invention refers to this part of functions as logical functions, and their structural levels are defined as logical management. From a business point of view, the information acquisition system needs to be responsible for acquiring various monitoring events in the internal network. In the present invention, they are coll...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a general information acquisition system for internal network security monitoring, including a logic management layer, a business agent layer, and a monitoring module recorder, which are connected through a business module communication bus, a peripheral equipment event analysis module, and a logic management layer The input and output modules in the network are connected; the business agent layer includes a corresponding number of event monitoring modules and monitoring backup modules; the online monitoring module not only reports the monitoring events, but also stores the monitoring events in the backup monitoring module group at a certain time interval. In the cache area of ​​the corresponding monitoring backup module. If the online monitoring module is attacked and paralyzed, the business management module in the logical management layer immediately activates the monitoring backup module corresponding to it in the backup monitoring module group and enters the activation state to replace the paralyzed online monitoring module to continue working. At the same time, the monitoring backup module The module reports the monitoring events stored in its buffer. It has scalability, anti-attack and reliability of information acquisition.

Description

technical field [0001] The invention relates to a general information acquisition system for safety monitoring, in particular to a general information acquisition system for internal network safety monitoring, which belongs to the field of computer network safety. Background technique [0002] Network security is essentially information security on the network. All related technologies and theories related to the confidentiality, integrity, usability, authenticity and controllability of information on the network are the research fields of network security. From a system point of view, to ensure information security on the network, the first thing to do is to obtain the information status of key points, and to obtain complete and reliable monitoring information in a timely, comprehensive and true manner to further protect the information of the entire network Safety. Therefore, how to design the optimal structural framework for the information acquisition system is very im...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L29/06
Inventor 胡昌振李宁闫怀志
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap