Network attack detection method and apparatus

A network attack and detection technology, applied in the Internet field, can solve the problems of low detection accuracy, no solution proposed, and reduced accuracy of detection results, etc., and achieve the effect of high detection accuracy

Active Publication Date: 2015-10-07
CHINANETCENT TECH
View PDF6 Cites 35 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, regardless of whether it is to count the frequency of IP requests or the frequency of access to target resources, the detection methods in the prior art are considered relatively one-sidedly, and the overall situation of access is not considered comprehensively, so that missed or false detections often occur when detecting attacks The detection accuracy is usually not high
Furthermore, the pre-set threshold will also affect the detection results. When the threshold is set unreasonably, the accuracy of the detection results will also be reduced.
[0005] For the above problems, no effective solution has been proposed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack detection method and apparatus
  • Network attack detection method and apparatus
  • Network attack detection method and apparatus

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 2

[0152] According to an embodiment of the present invention, a device for implementing the above network attack detection method is also provided, such as Figure 6 As shown, the network attack detection device includes: a first acquisition module 20, a first calculation module 30 and a first judgment module 40, wherein:

[0153] The first acquiring module 20 is configured to acquire the number of times the access source accesses the target resource within the period to be detected, wherein the target resource is at least one resource associated with the target domain name;

[0154] The first calculation module 30 is configured to calculate the condition entropy to be detected according to the number of times the access source accesses the target resource, wherein the condition entropy to be detected is the condition entropy of the access source when the target resource is accessed within the period to be detected;

[0155] The first judging module 40 is used to judge whether t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network attack detection method and an apparatus. The method comprises the following steps of acquiring target resource access times of an access source in a period to be detected, wherein the target resource is at least one resource related to a target domain name; according to the target resource access times of the access source, calculating a conditional entropy to be detected, wherein the conditional entropy to be detected is a conditional entropy of the access source when the target resource is accessed in the period to be detected; determining whether the conditional entropy to be detected is in a first detection data set, wherein under the condition that the conditional entropy to be detected is in the first detection data set, a situation that the target domain name is attacked in the period to be detected is determined. In the related technology, only according to an access frequency of the access source or only according to a frequency of being accessed of the target resource, whether the target domain name is attacked is determined so that network attack detection accuracy is low. By using the method and the apparatus of the invention, the above technical problem is solved.

Description

technical field [0001] The invention relates to the field of the Internet, in particular to a network attack detection method and device. Background technique [0002] CC attack (Challenge Collapsar) is a DDos attack method at the application layer. Its principle is based on the barrel theory. It mainly attacks applications that require more resource overhead in the application layer. For example, frequent access requires a large amount of CPU resources on the server for calculation. pages, or applications that require heavy access to the database. The main feature of CC attacks is that the attack traffic does not need to be large, and the number of access requests does not need to be large, but it can occupy a large amount of server resources and make the server paralyzed. [0003] At present, most of the detection methods for CC attacks start from the access source, such as the IP that sends the request, through real-time statistics of the request frequency of the IP, and...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416
Inventor 洪珂赵瑞陈伟财
Owner CHINANETCENT TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap