Network attack detection method and device

A network attack and detection method technology, applied in the field of network security, can solve the problems of high probability of missed detection or false detection, affecting the efficiency of alarms, etc.

Active Publication Date: 2015-12-30
NSFOCUS INFORMATION TECHNOLOGY CO LTD +2
View PDF5 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present invention provides a method and device for network attack detection, which are used to solve the problem that existing network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack detection method and device
  • Network attack detection method and device
  • Network attack detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0100] The network attack detection method and device provided by the present invention will be described in more detail below with reference to the accompanying drawings and embodiments.

[0101] An embodiment of the present invention provides a network attack detection method, such as figure 1 shown, including:

[0102] Step 101, acquire the behavior characteristic parameters of the preset user and the number of intrusion prevention alarms of the preset user within a preset time period.

[0103] Specifically, a preset user performs network operations within a preset time period, and behavior characteristic parameters of the preset user are acquired. Preferably, the behavior characteristic parameters include the total value of network traffic within a preset time period, the average session duration within a preset time period, the total number of applications opened within a preset time period, and The total number of new sessions within the period, the frequency of new se...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a network attack detection method and device. The method includes the steps that behavior characteristic parameters of a preset user and the number of intrusion prevention alarming times of the preset user are obtained in a preset period of time; the deviation degree of the preset user and each standard user is calculated according to behavior characteristic parameters of each standard user in a pre-built standard user model and the behavior characteristic parameters of the preset user, the pre-built standard user model corresponds to the preset user, and the deviation degree is used for representing the similarity of the behavior characteristic parameters of two users; the minimum deviation degree in the deviation degrees of the preset user and the standard users is determined; according to a weighted summation result of the number of intrusion prevention alarming times and the minimum deviation degree, network attack warning is generated for the preset user. The method and device can reduce the number of warning times and improve the effective rate of warning.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a network attack detection method and device. Background technique [0002] With the rapid expansion of network scale, network security issues become more and more severe, and various attacks on the network emerge in an endless stream, so network attack detection technology is becoming more and more important. [0003] A commonly used network attack detection method is: when it is determined that a network attack occurs, the attack message, attack character string and other characteristics during the attack process are determined as attack signatures and stored. When any attack signature is detected, an alarm is generated to prompt the operation and maintenance personnel that the network is in danger. [0004] This network attack detection method will generate an alarm every time an attack signature is detected, and a large number of attack signatures may be detected du...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/0604H04L63/1416
Inventor 李岩
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap