On-demand-service virtualization network intrusion detection method and device

A virtualized network and intrusion detection technology, applied in the field of virtualized network intrusion detection, can solve problems such as inability to allocate and use hardware resources on demand, data congestion on packet capture ports, etc., achieve good platform adaptability, reduce consumption and impact, Guaranteed detection performance

Inactive Publication Date: 2015-04-29
BEIJING VENUS INFORMATION TECH +1
View PDF6 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this network intrusion detection virtual engine technology cannot allocate and use hardware resources on demand, especially when the number of monitored servers is large and the traffic changes are unstable, it is easy to cause data congestion at the packet capture port

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • On-demand-service virtualization network intrusion detection method and device
  • On-demand-service virtualization network intrusion detection method and device
  • On-demand-service virtualization network intrusion detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0030] The invention discloses a network intrusion detection device capable of on-demand service in a virtualized network, which at least includes a network data packet capture module, a flow classification shaping module, an elastic service scheduling module, a local detection resource pool management module, and a network intrusion detection engine module and the security policy module, where:

[0031]The network data packet capture module runs in the kernel state of the network intrusion detection front-end virtual machine, monitors the network data flow on the virtual switch, and captures the data packets of the network interface specified by the security policy. Among them, the network interface specified by the security policy refers to the network interface on the virtual switch corresponding to the virtual machine or virtual network that needs to be monitored given by the security policy (such as the network flow specified by the IP address of the virtual machine or by ...

Embodiment 2

[0057] The invention also discloses a virtualized network intrusion detection method that can provide flexible services on demand, the detailed flow of the method is as follows Figure 4 shown, including the following operations:

[0058] When a data packet of a network service flow is captured, first judge whether the data packet needs to be monitored according to the virtual network security domain boundary policy in the security policy, and discard it if not; otherwise, find the detection source corresponding to the network flow If the upper limit of the traffic bandwidth is -1, it will be directly exported to the hardware network intrusion detection product through the elastic service scheduling module; otherwise, it will be classified according to the security policy, and the corresponding detection source corresponding to the local detection source to which the data packet belongs will be found. Queue, and calculate whether the data packet is allowed to enter the queue t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an on-demand-service virtualization network intrusion detection method and device, and relates to the technical field of information security. The virtualization network intrusion detection device comprises an elastic service scheduling module, and a local detection resource pool management module, wherein the elastic service scheduling module is used for evaluating whether the residual resource in a local detection resource pool can provide a local detection service or not, sending a local detection resource regulation command to the local detection resource pool management module if the residual resource can provide the local detection service, and exporting flow to be detected to an external hardware network intrusion detection product if the residual resource cannot provide the local detection service; the local detection resource pool management module allocates corresponding resources to the local detection resource from the residual resource of the local detection resource pool when receiving the local detection resource regulation command. The invention further discloses an on-demand-service virtualization network intrusion detection method. According to the technical scheme provided by the invention, the safety protection problem of a server virtualization application scene under a virtualization network environment is effectively solved.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a virtualized network intrusion detection method and device capable of on-demand services. Background technique [0002] Cloud computing is another new revolution in computers and the Internet. It transfers computing and storage to the cloud, and users can use lightweight portable terminals to perform complex calculations and large-capacity storage. From a technical point of view, cloud computing is not just a new concept, parallel computing and virtualization are the main technical means to realize cloud computing applications. Due to the rapid development of hardware technology, the performance of an ordinary physical server far exceeds the hardware performance requirements of an ordinary single user. Therefore, virtualizing a physical server into multiple virtual machines and providing virtualization services through virtualization has become the technical basis ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1416H04L67/10
Inventor 李陟刘新刚叶润国汪宏
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap