Security-detection-based data flow obtaining method and apparatus

A security detection and data flow technology, applied in the field of network security, can solve the problems of inaccurate analysis results, limited and incomplete attack information, etc., and achieve the effect of accurate analysis results

Active Publication Date: 2016-08-31
NEW H3C TECH CO LTD
View PDF4 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Existing network security equipment can only capture the data packet that hits the rule, and the attack information that this data

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security-detection-based data flow obtaining method and apparatus
  • Security-detection-based data flow obtaining method and apparatus
  • Security-detection-based data flow obtaining method and apparatus

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with aspects of the present application as recited in the appended claims.

[0028] The terminology used in this application is for the purpose of describing particular embodiments only, and is not intended to limit the application. As used in this application and the appended claims, the singular forms "a", "the", and "the" are intended to include the plural forms as well, unless the context clearly dictates otherwise. It should also be understood that the term...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The application provides a security-detection-based data flow obtaining method and apparatus. The method comprises: after a to-be-detected data packet is received, mirror image processing is carried out on the to-be-detected data packet, a mirror image packet is stored into a buffer module, and matching of the to-be-detected data packet and a security detection rule in a rule base is carried out, wherein the security detection rule is used for detecting whether the data packet is a malicious packet; when to-be-detected data packet matches the security detection rule, relevant information of the to-be-detected data packet is obtained, wherein the relevant information includes five-element information; according to the relevant information, a first data flow where the mirror image data packet is located and a context data flow of the first data flow are read from the buffer module. According to the application, a malicious data packet matching the rule, a data flow of location of the malicious data packet, and a context data flow can be obtained; and on the basis of complete attack information provided by the data flows, an accurate analysis result can be obtained.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a method and device for acquiring data streams based on security detection. Background technique [0002] In order to maintain network security, network security devices are usually deployed between the internal network and the external network, or between networks in different trust domains, to perform security detection on the data flow entering the protected network, and detect malicious The message is processed accordingly. Existing network security equipment mainly includes: IPS (Intrusion Prevention System, intrusion prevention system) equipment, firewall equipment, and the like. [0003] At present, the method for security detection of data packets by network security equipment is as follows: a rule base is configured in the network security equipment, and the rule base contains a large number of security detection rules. After the data packet enters t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/26
CPCH04L43/12H04L63/1408
Inventor 张惊申
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap