A method for detecting abnormal events of network hosts based on mobile agent

An abnormal event and mobile agent technology, applied in electrical components, transmission systems, etc., can solve the problems of low efficiency and maintainability of the host data acquisition and analysis system and inability to host management, so as to reduce complexity, reduce harm, and reduce work. amount of effect

Active Publication Date: 2018-09-04
NO 709 RES INST OF CHINA SHIPBUILDING IND CORP
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to solve the problem that the existing host data acquisition and analysis system has low efficiency and maintainability and cannot realize host management according to the detection results, and provides a new mobile agent-based host abnormal event detection method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for detecting abnormal events of network hosts based on mobile agent
  • A method for detecting abnormal events of network hosts based on mobile agent
  • A method for detecting abnormal events of network hosts based on mobile agent

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] In order to make the object, technical solution and advantages of the present invention more clear, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

[0038] refer to figure 1 , first obtain the list of sensitive hosts, then select a sensitive host from it, and send data collection agents to the sensitive hosts, according to figure 2 The flow chart shown collects relevant information including CPU utilization, hard disk IO, memory utilization, network data, and processes, and samples the information every 5 seconds and writes it into the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for detecting abnormal events of a network host based on a mobile agent. According to the detection result of a monitoring system, a host data collection and analysis mobile agent is dispatched to a sensitive host to perform data collection and security analysis tasks. Firstly, the mobile agent collects host resource information including CPU utilization, hard disk IO, network traffic, system process, memory utilization and other host resource information in the target host. The black and white list method is used to judge whether there are illegal processes, the NetFlow model is used to extract traffic characteristics and compared with the normal mode to judge whether there is abnormal traffic, and the multi-source information fusion method is used to fuse and analyze host information to judge whether there is abnormality. According to the analysis results, a dynamic isolation control strategy is adopted for abnormal hosts to reduce their security threats to other network hosts. The host data collection and abnormal behavior detection method proposed in this patent is simple and efficient, the data collection and analysis tasks are small, and it can be applied online in real time.

Description

technical field [0001] The invention belongs to the technical field of Internet host system security, and more specifically relates to a mobile agent-based network host information collection and abnormal event detection method. Background technique [0002] With the development of Internet technology, network management problems are becoming more and more serious. The current local area network is facing many problems such as irrational system architecture, opaque management of intranet software and hardware resources, excessive pressure on intranet servers, and the spread of viruses and Trojan horses. These are also problems that need to be solved urgently in the process of network management. The security detection of the host system in the network is the first step to solve these problems. The current network host system security detection methods include host-based intrusion detection and behavior-based security detection. Host-based intrusion detection performs detect...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/02H04L63/101H04L63/1408H04L63/1425H04L63/1441
Inventor 张剑童言吴琪
Owner NO 709 RES INST OF CHINA SHIPBUILDING IND CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap