Supercharge Your Innovation With Domain-Expert AI Agents!

Distributed abnormal detection method for network data stream

An anomaly detection and data flow technology, applied in the network field, can solve problems such as large amount of calculation, large amount of data, and consumption

Active Publication Date: 2015-12-23
福建省海峡信息技术有限公司
View PDF7 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the amount of data processed is large, the amount of calculation is large, and it will consume more system resources.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Distributed abnormal detection method for network data stream
  • Distributed abnormal detection method for network data stream
  • Distributed abnormal detection method for network data stream

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0069] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0070] This embodiment provides a method for distributed anomaly detection network data flow, such as figure 1 , figure 2 and image 3 As shown, it specifically includes the following steps:

[0071] Step S1: Deploy N detection points: set a node of the connection interface between the terminal equipment and the network as a normal node, and the detection point is independent of the normal node; the detection point is connected to the normal node Each detection point monitors an ordinary node to detect abnormal data packets sent by terminal equipment at ordinary nodes and prevent the terminal from receiving abnormal data packets in the network;

[0072] Step S2: Detection points monitor abnormal network data streams: three detection methods are used for hierarchical anomaly detection, the first layer detection adopts the anomaly detection method ba...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a distributed abnormal detection method for network data stream. The method comprises a first step of setting one node of connecting interfaces of terminal equipment and a network as a common node, and each detection point monitoring a common node so as to detect whether the common node has an abnormal data package; a second step of adopting three detection methods for hierarchical abnormal detection, wherein the first hierarchical detection adopts a feature matching based abnormal detection method, the second hierarchical detection adopts a statistical analysis based abnormal detection method, and the third hierarchical detection adopts a machine learning and data mining based abnormal detection method; and a third step of sharing information among detection points through common nodes, so as to effectively update feature libraries of all detection points. Through adoption of the method, the amount of the detection points can be reduced, all detection points load equally, the terminal equipment also can be effectively protected, the quantity of abnormal packages in the network can be reduced, and the precision of the data can be guaranteed.

Description

technical field [0001] The invention relates to the field of network technology, in particular to a method for distributed anomaly detection network data flow. Background technique [0002] An abnormal network data flow refers to a phenomenon that affects network transmission and causes terminal users to fail to use it normally. Abnormal data flow will affect the performance of the network to a certain extent, consume device resources, and may even lead to network paralysis in severe cases. For example: distributed denial of service attack, the attacker attacks a server by controlling multiple computers with different IP addresses, and sends a large number of data packets, which not only makes the resource usage of the server too high, but also occupies the network bandwidth, causing The network is congested, and even the server is paralyzed. So that the normal request of normal users cannot get the response of the server. Therefore, it is particularly important to detect...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1425
Inventor 蓝友枢陈健张章学叶松
Owner 福建省海峡信息技术有限公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com