Method of quantifying defense result, apparatus and system thereof

A flow and change value technology, applied in the network field, can solve problems such as incomplete data flow, inaccurate results, and imperfect use methods, and achieve the effect of improving integrity and accuracy

Active Publication Date: 2017-02-15
ALIBABA GRP HLDG LTD
View PDF4 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] At present, due to the incomplete methods used in the evaluation of defense results, incomplete

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method of quantifying defense result, apparatus and system thereof
  • Method of quantifying defense result, apparatus and system thereof
  • Method of quantifying defense result, apparatus and system thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0094] The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0095] The root cause of the incomplete evaluation angles and evaluation indicators in the process of quantifying defense results in the prior art is that the data traffic of the business end, the defense end, and the target end cannot be unified and centralized. The reason why the data traffic of the three cannot be unified is that the data traffic of the attack end comes from the outside of the network, the data traffic of the defense end is generally at the border or exit of the n...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

An embodiment of the invention provides a method of quantifying a defense result and a system thereof. The method comprises the following steps of acquiring a suspected data flow set, wherein the suspected data flow set is located at a defense terminal of a cloud platform and is formed by data flows corresponding to each suspected IP address in a suspected IP address set contained by an original data flow; acquiring a normal data flow, wherein the normal data flow is the residual data flow after the defense terminal cleans the suspected data flow set according to a preset defense strategy; acquiring a host performance parameter, wherein the host performance parameter is a parameter set extracted and acquired from a target terminal after the defense terminal sends the normal data flow to the target terminal; and based on a target parameter set, quantifying the defense result, wherein the target parameter set at least includes the suspected data flow set, the normal data flow and the host performance parameter. Evaluation angles and indexes used for calculating the defense result are comprehensive so that the defense result is accurate.

Description

technical field [0001] The present application relates to the field of network technologies, and in particular to methods, devices and systems for quantifying defense results. Background technique [0002] With the continuous advancement of network technology, there are more and more network attacks in the network field. At present, among many network attacks, Distributed Denial of Service (DDoS) has become a relatively serious attack method. For this reason, a defensive end is added to the original system architecture to block DDoS attacks. [0003] like figure 1 As shown in FIG. 2 , it is a schematic diagram of an existing network system architecture. As can be seen from the figure, the system architecture includes the business end, routing equipment, defense end and target end. Among them, the business end includes normal business end and attack end. The attack end sends various forms of attack data traffic, and the defense end blocks attack data traffic according to...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1458H04L63/1425H04L63/20H04L9/40H04L47/2425H04L69/163
Inventor 马乐乐祝建跃朱家睿
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap