Network session statistical characteristic based large-scale network scanning detection method
A statistical feature and network session technology, applied in the field of Internet security, to achieve the effect of automatic detection function, high efficiency, and resource saving
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Example Embodiment
[0026] The present invention will be further described in detail below with reference to the drawings and examples.
[0027] The present invention analyzes and summarizes the behavior characteristics of hackers scanning for different protocols, and locks the focus on the return value and request mode in the flow. Aiming at these two points, a large-scale scanning detection method based on the statistical characteristics of network sessions is proposed. By comparing the definition of the abnormal return value and the request pattern, it is judged whether the traffic conforms to the characteristics of the attack behavior, so as to identify the possible attack behavior. At the same time, the characteristics of network scanning reflected in the request time are added to the detection mechanism to improve the accuracy of the analysis results.
[0028] First, classify the captured original traffic according to the network protocol, and then propose the attack characteristics that confor...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap