Network threat evaluation method based on multi-granularity anomaly detection
An anomaly detection, multi-granularity technology, applied in the field of network security, can solve the problem of not being able to adapt well to quickly and accurately identify attack events, perceive threat situation, etc., to ensure safe use and use effects, huge economic and social benefits, and stable methods. reliable results
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Example Embodiment
[0012] The specific embodiments of the present invention will be described in detail below with reference to the drawings and specific conditions.
[0013] In the specific implementation of the present invention, firstly, the packet-based coarse-grained abnormality detection is used to analyze the time slices containing abnormal network traffic; and then the flow-based fine-grained abnormality detection is performed to reorganize and extract the network traffic of the abnormal time slices. Flow feature attributes, use the flow feature anomaly detection algorithm to determine the attack type; finally, for the detected threat events, quantitatively evaluate the severity of the current network threat, which is implemented by the following steps:
[0014] 1. Package-based coarse-grained anomaly detection:
[0015] 1. Online monitoring of the data traffic in the real-time network environment, storage according to a time window of 1 minute, and use WinPcap to extract the serial number, tim...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap