Unlock instant, AI-driven research and patent intelligence for your innovation.

A network security threat detection method and system based on trusted service flow

A network security and threat detection technology, applied in the field of network information security, can solve the problems of low false alarm rate, high false alarm rate, and many loopholes in the defense system, so as to improve the degree of intervention and perception, and high anti-kill efficiency , the effect of low false alarm rate

Active Publication Date: 2019-03-08
STATE GRID CORP OF CHINA +1
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The purpose of the present invention is to provide a network security threat detection method and system based on trusted service flow, so that it can comprehensively and effectively detect network security threats, with low false alarm rate, high anti-killing efficiency, and adapts to more fine-grained Network attack and defense confrontation environment, so as to overcome the deficiencies of the existing defense system, such as high false alarm rate, low efficiency, and many loopholes

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A network security threat detection method and system based on trusted service flow
  • A network security threat detection method and system based on trusted service flow
  • A network security threat detection method and system based on trusted service flow

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The present invention provides a network security threat detection method and system based on trusted service flow, through the real-time monitoring and characteristic analysis of the actual flow in the service system and the "trusted service flow", timely discover and find out the threats existing in the network system Abnormal network behavior and host behavior, so as to achieve the purpose of discovering security threats in time.

[0033] Among them, abnormal network behavior and host behavior include: performing incorrect operations on unauthorized resources with incorrect identity, at incorrect time, at incorrect location (through incorrect channels), and in incorrect ways .

[0034] Trusted business flow is to monitor the business flow in daily work, sample the behavior of the system or users, calculate the collected samples, and obtain a series of parameter variables to describe these behaviors, so as to sort out The minimum network access relationship that meets ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a system for detecting a network security threat based on trusted business flow. The method comprises the following steps of establishing a blacklist and a white list of network flow and constructing a baseline model, wherein the white list is the trusted business flow and is a feature contour library of normal network behavior and host behavior; comparing real-time monitoring flow data and the baseline model; when the real-time data is matched with the blacklist, outputting an abnormal flow alarm; when the real-time data is matched with the white list and a deviation exceeds a preset threshold, outputting a threat flow alarm; and when the real-time data is mismatched with the blacklist and the white list, treating as a gray list and outputting an unknown flow alarm. According to the method and the system, the network security threat can be comprehensively and effectively detected at a low false alarm rate and high anti-virus efficiency, and the method and the system can adapt to a more granular network attack and defense confrontation environment.

Description

technical field [0001] The invention relates to the technical field of network information security, in particular to a network security threat detection method and system based on trusted service flow. Background technique [0002] The software and hardware design of the currently deployed firewalls were only considered based on their working conditions at L2-L4, and they did not have the ability to comprehensively and in-depth monitor data flows. Naturally, they could not effectively identify illegal traffic masquerading as normal services. , Attacks, spyware, point-to-point applications and other illegal traffic can easily enter and exit the network through the ports opened by the firewall. This is why users still suffer from intrusions, worms, viruses, and denial-of-service attacks after deploying a firewall. In fact, the worm can penetrate the firewall and spread rapidly, causing the host to be paralyzed, devouring valuable network bandwidth, P2P and other applications...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425
Inventor 郑生军范维王莉南淑君宿雅婷
Owner STATE GRID CORP OF CHINA
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com