Unlock instant, AI-driven research and patent intelligence for your innovation.

Detection method and device of attack message

A technology for attacking packets and detection methods, applied in the field of network communication, can solve the problems of easily reducing the processing efficiency of IPS equipment and poor user experience, and achieve the effects of reducing occupation, improving processing efficiency, and ensuring accuracy

Inactive Publication Date: 2016-09-21
HANGZHOU DPTECH TECH
View PDF6 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In view of this, the present application provides a method and device for detecting attack packets, so as to solve the problem that existing detection methods tend to reduce the processing efficiency of IPS equipment and lead to poor user experience

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Detection method and device of attack message
  • Detection method and device of attack message
  • Detection method and device of attack message

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with aspects of the present application as recited in the appended claims.

[0021] The terminology used in this application is for the purpose of describing particular embodiments only, and is not intended to limit the application. As used in this application and the appended claims, the singular forms "a", "the", and "the" are intended to include the plural forms as well, unless the context clearly dictates otherwise. It should also be understood that the term...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a detection method and device of an attack message. The method is applied to IPS equipment. The method comprises a step of receiving a message and determining the protocol characteristic of the message, a step of judging whether an application characteristic database has the protocol characteristic or not, a step of obtaining all attack characteristics corresponding to the protocol characteristic if so and judging whether the message has the attack characteristic in the all attack characteristics, and a step of determining the message as the attack message if so and using the execution mode corresponding to the attack characteristic to process the message. By applying thee embodiment of the present invention, whether the message needs to be detected is determined through the application characteristic database, the message only needs to be matched with all attack characteristic corresponding to the protocol characteristic, the matching with all attack characteristics in the attack characteristic database is not needed, thus the accuracy of the attack detection can be improved, and the occupation of an IPS equipment memory can be reduced.

Description

technical field [0001] The present application relates to the technical field of network communication, in particular to a method and device for detecting an attack message. Background technique [0002] The IPS (Intrusion Prevention System, intrusion prevention system) device is used to detect and defend against network attacks, that is, when the IPS device receives a packet, it matches the packet with the attack signature recorded in the attack signature database. If the attack feature is not found, the packet is determined to be an attack packet, and the packet is blocked or alerted. However, since there are many types of network attacks, the attack signature database corresponds to a huge number of attack signatures. When an IPS device receives a large number of packets, it needs to match each packet with all the attack signatures in the attack signature database. In this way, a large amount of memory of the IPS device will inevitably be occupied, which will affect the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416
Inventor 傅纯张宁
Owner HANGZHOU DPTECH TECH