Method and device for generating traffic detection rule

A traffic detection and first traffic technology, applied in the Internet field, can solve the problem that traffic detection rules take a long time

Active Publication Date: 2017-03-15
NEW H3C TECH CO LTD
View PDF4 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] When generating traffic detection rules according to the above method, the more features extracted, the more accurate the traffic detection results. In order to improv

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for generating traffic detection rule
  • Method and device for generating traffic detection rule
  • Method and device for generating traffic detection rule

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts are within the protection scope of the present invention.

[0029] The present invention will be described in detail below through specific examples.

[0030] refer to figure 1 , figure 1 A schematic flowchart of a method for generating traffic detection rules provided by an embodiment of the present invention is applied to electronic devices, and the method includes:

[0031] S101: Obtain traffic files of at least two attack traffics targeting preset vulnerabilities; the traffic files at least include payload data in the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Embodiments of the invention provide a method and a device for generating a traffic detection rule, which are applied to electronic equipment. The method comprises the following steps of obtaining traffic files of at least two attack traffics for a preset loophole, wherein the traffic files at least include load data in the attack traffics; determining a requester and an answer party of each attack traffic according to a protocol type of the attack traffic; determining loophole information of the preset loophole as an information guide item; extracting the first load data of all requesters from all traffic files; taking all first load data and the information guide item as a first input source and computing to obtain a first longest common substring of all first load data; determining the first longest common substring as a first characteristic; and generating a first traffic detection rule according to the first characteristic. Through application of the embodiments of the invention, the time consumed by generation of the traffic detection rule is reduced.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a method and device for generating traffic detection rules. Background technique [0002] With the popularization of Internet technology, various network applications emerge in an endless stream, and security threats and network abuse are also increasing day by day, which puts forward requirements for quickly and reliably identifying various traffic. [0003] At present, DPI (Deep Packet Inspection, deep data packet inspection technology) is generally used to detect traffic. The rules of deep data packet inspection technology to detect traffic are generated in the following way: manually extract features from the load of attack traffic, and extract the extracted features Input into the detection engine, the detection engine generates traffic detection rules from the extracted features according to its own rule syntax. [0004] When generating traffic detection rules accordi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1425
Inventor 任方英张惊申
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap