Network equipment behavior analysis method and system

A network device and behavior analysis technology, applied in the field of information network security, can solve problems such as undetectable abnormalities, and achieve the effect of overcoming prevention and monitoring

Inactive Publication Date: 2015-09-02
BEIJING KUANGEN NETWORK TECH
View PDF3 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Traditional security solutions cannot detect such anomalies of “inaction”

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network equipment behavior analysis method and system
  • Network equipment behavior analysis method and system
  • Network equipment behavior analysis method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] Such as figure 1 As shown, the data storage device 2 can exchange data with the behavior analysis engine 1, and the data collection device 4 is connected to the data storage device 2 and provides the data storage device 2 with network data of the user device A. The user equipment B directly provides its own network data to the data storage device 2, and the switch 3 ensures the communication of all user equipment. The network device behavior analysis method of the present invention is divided into the following two stages:

[0021] 1. Build a behavioral model

[0022] Such as figure 2 In the illustrated process of establishing a behavior model for network devices, the data collection device 4 and the user device B collect data packets received and / or sent during a period of time when the user devices A and B are in a normal working state. The analysis engine 1 quantifies the collected data packets into characteristic values ​​that contain multiple attributes. The character...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a network equipment behavior analysis method and a network equipment behavior analysis method system. The network equipment behavior analysis method comprises the steps of establishing a behavior model for network equipment and applying the behavior model to monitor abnormal behaviors of the equipment. In the step of establishing the behavior model for the network equipment, data acquisition equipment is used for collecting and recording data packets received and / or sent by user equipment in normal state within one or more time periods; and a behavior analysis engine is used for converting information content of the data packets into a feature value containing one or more attributes, and the feature value is used for establishing a user equipment behavior model. In the step of applying the behavior model to monitor abnormal behaviors of the equipment, the data acquisition equipment collects data packets related to the equipment within one or more time periods; the data packets are quantified into a feature value containing one or more attributes through the behavior analysis engine, and the feature value of the equipment is compared with the behavior model to verify whether behaviors of the equipment are abnormal; and if the verification result is abnormal, an alarm is sent to the user.

Description

Technical field [0001] The invention relates to the field of information network security, in particular to a method and system for analyzing network equipment behavior. Background technique [0002] With the development of network and information technology, the network is gradually changing the way of human life and work, and has a huge and profound impact on all walks of life in society. Ensuring network information security and more effectively detecting and defending against network security issues have become the focus of attention of all parties. Especially in areas such as industrial control, network security issues are more prominent. Traditional solutions focus on the analysis of a single data packet, and can only provide prevention and monitoring of the attack method itself, but lack solutions for exploiting zero-day vulnerabilities and other unknown attack methods. [0003] From the user's perspective, the harm caused by all attack methods is not the attack itself, bu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
Inventor 孙一桉李凯斌
Owner BEIJING KUANGEN NETWORK TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap