Method and device for carrying out safety analysis on network behaviors

A security analysis and network technology, applied in the field of network security, can solve the problems of high false alarm rate, inability to fully detect abnormal traffic attacks, low performance of feature detection, etc., and achieve the effect of ensuring security and reliability, and a reliable network application environment

Active Publication Date: 2015-09-09
BEIJING EASTERN PRISM TECH CORP LTD
View PDF5 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantages of the above-mentioned existing network behavior security analysis technology are: there is a large f

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for carrying out safety analysis on network behaviors
  • Method and device for carrying out safety analysis on network behaviors
  • Method and device for carrying out safety analysis on network behaviors

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0044] Example 1

[0045] The embodiments of the present invention perform security analysis on network behavior based on the network order construction technology based on the clustering algorithm, the network order chain construction technology based on the association analysis algorithm, and the black, white and gray list technology, overcome the shortcomings of the methods in the above three directions, and can Defend against various network attacks.

[0046] A schematic diagram of the implementation principle of a method for security analysis of network behavior provided by an embodiment of the present invention is as follows: figure 1 As shown, the specific processing flow is as follows figure 2 It includes the following processing steps:

[0047] Step S210: Set the initial whitelist, greylist and blacklist of the network host.

[0048] In the initial stage of network structure order, according to a large number of prior knowledge, the IP address and port number of e...

Example Embodiment

[0069] Embodiment 2

[0070] This embodiment provides a schematic diagram of an application scenario of an apparatus for performing security analysis on network behavior. image 3 As shown, the Internet includes routers and core switches. The routers can transmit and route network traffic. The local area network is connected to the Internet through the core switches. The local area network includes switches at the aggregation layer and access layer, PCs, and mobile terminals. Terminals can be connected to Network, communicate and share information. The network behavior security analysis device based on network order in the embodiment of the present invention is connected to the mirror port of the core switch, and is used to obtain network data packets, analyze network traffic behavior, and detect network attacks.

[0071] The specific implementation structure of the above-mentioned device for performing security analysis on network behavior is as follows: Figure 4 As shown,...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a method and a device for carrying out safety analysis on network behaviors. The method mainly comprises the steps of: carrying out self-learning on various kinds of network behaviors in a network by utilizing a clustering algorithm to obtain a network behavior order chain, wherein network behavior order chain comprises all safe network behaviors, and each network behavior comprises a conversation five-element set; judging whether a network behavior to be identified exists in the network behavior order chain, and if yes, determining that the network behavior to be identified is safe; and otherwise, judging whether the network behavior to be identified is safe by mean of set safety strategies. The embodiment of the invention provides the network behavior safety analysis method and device based on the network order, so that whether the network behavior is safe or not can be effectively identified, network attack behaviors can be effectively detected, the safety and the reliability of network application is ensured, and a safe and reliable network application environment is provided to a network user.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and device for security analysis of network behavior. Background technique [0002] At present, we are already in the information age. Computers and networks have become indispensable tools for various organizations. Information has become an important asset for the survival of organizations, and its value is increasing day by day. many security threats. Virus damage, hacker attack, network fraud, loss of important information, paralysis of information systems, and various crimes committed by using computer networks emerge in endlessly and are hard to guard against. According to CSI / FBI's Computer Crime and Security Survey 2010, 50% of organizations have had at least one information security incident. Once the information assets are destroyed, it will bring direct economic loss to the organization, damage the reputation and public image of the organization, ma...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1416
Inventor 张洁
Owner BEIJING EASTERN PRISM TECH CORP LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap