Intrusion detection method with matching algorithm automatically adjusted

A matching algorithm and automatic adjustment technology, applied in the field of network security, to achieve the effect of meeting real-time decoding requirements, accurate detection and defense, accurate identification and removal

Inactive Publication Date: 2014-06-04
北京科能腾达信息技术股份有限公司
View PDF4 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] A new interception mode should be considered for advanced stealth attacks, and the simple feature library matching mode can no longer fully achieve the interception purpose. Therefore, the present invention will propose a new intrusion detection method that automatically adjusts the matching algorithm, which will greatly improve safety factor of the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrusion detection method with matching algorithm automatically adjusted
  • Intrusion detection method with matching algorithm automatically adjusted
  • Intrusion detection method with matching algorithm automatically adjusted

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] The method of the present invention will be described in further detail below in conjunction with the accompanying drawings.

[0056] The intrusion detection method of automatic adjustment matching algorithm of the present invention, it comprises following concrete steps:

[0057] The first step is to capture the data packets in the network;

[0058] The second step is to perform full protocol stack analysis on the captured data packets;

[0059] The third step is to select the most suitable multi-pattern matching algorithm according to the pre-set pattern characteristics and protocol variable characteristics, and then load the pattern matching algorithm library, and dynamically adjust the matching algorithm according to the current network status during the detection process.

[0060] figure 1 is a schematic structural diagram of the flow-based protocol analysis system in this example, and the system includes routers and protocol analysis devices. Among them, the ro...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an intrusion detection method with a matching algorithm automatically adjusted. The intrusion detection method comprises the following steps that (A) data packets in the network are captured; (B) the captured data packets are subjected to full-protocol stack analysis; (C) the most suitable multi-mode matching algorithm is selected according to preset mode characteristics and protocol variable characteristics, then a mode matching algorithm library is loaded, and the matching algorithm is dynamically adjusted according to the current network state in the detection process. The full-protocol stack analysis is carried out on the data packets, decoding speed is greatly improved, the real-time decoding requirement is met, and the requirement for the internal storage of a server is reduced; in addition, through data packet regrouping, improvement of matching speed and matching efficiency and the advanced reclusion technology, effective protection against advanced escape intrusion is achieved.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to an intrusion detection method for automatically adjusting a matching algorithm. Background technique [0002] As one of the most important active network security measures at present, network intrusion detection effectively supplements and perfects the security measures such as access control, data encryption, firewall, virus prevention, etc. by identifying and responding to malicious network connections on computers and network resources. Security measures, which improve the integrity of the information security infrastructure, have become an integral part of information system security solutions. [0003] Advanced Evasion Technique (AET, Advanced Evasion Technique) and superimposed cyber-force of stealth attacks have seen many cases of computer attacks infiltrating political struggles in various countries. The recent South Korean bank computer network failure, the Unit...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/803G06F17/30
Inventor 刘庆
Owner 北京科能腾达信息技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap