Unlock instant, AI-driven research and patent intelligence for your innovation.

Big-data-analysis-based anti-malicious attack system

A technology of data analysis and data analysis module, applied in transmission systems, electrical components, etc., can solve problems such as application system intrusion, application layer pressure, blacklist lag, etc.

Active Publication Date: 2017-03-22
BEIJING HONGMA MEDIA CULTURE DEV
View PDF5 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, the above two anti-malicious attack systems have certain defects. Specifically, although direct IP defense is simple and easy to implement, it requires manual maintenance of the blacklist and requires a lot of operation and maintenance personnel to monitor in real time, and the blacklist is always in a lagging state. , can only adopt a passive defensive posture
Behavioral defense relies more on the specification of rules, and requires maintenance of a large and complex rule base, and the behavioral defense system must be used in conjunction with the application system, which has certain intrusions on the application system.
Moreover, due to the defensive characteristics of the behavioral defense system, it is necessary to take defensive measures at the application layer, which will put greater pressure on the application layer and bear the access and attacks of many malicious users.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Big-data-analysis-based anti-malicious attack system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0044] For a ticketing website, the traditional defense system is direct IP defense + behavioral defense. When grabbing tickets, a large number of access requests will flood in in a short period of time. Direct IP defense cannot adjust the defense strategy in a timely and effective manner; although behavioral defense can play a role To a certain effect, but will make the application server face most of the pressure of defense, so that the normal business will be affected.

[0045] And based on the defense system of the present invention, the ticketing website can quickly adjust the strategy of direct IP defense according to the access characteristics and the results provided by behavioral defense, which greatly improves the flexibility of the system and reduces the burden on the application server at the same time. normal business operations.

[0046] In summary, the present invention comprehensively utilizes access logs and behavior defense logs, analyzes them in real time, d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a big-data-analysis-based anti-malicious attack system comprising a Web server, an application server, a behavior defense server, an ES server, a data analysis server and a firewall server. The Web server sends an access log to the data analysis server; the behavior defense server sends a behavior defense log to the data analysis server by the ES server; the data analysis server analyzes the behavior defense log and the access log to obtain a black list and sends the black list to a rule server; and the rule server pushes the black list to the Web server and the firewall server. According to the invention, the behavior defense log and the access log are utilized comprehensively and real-time analyses are carried out on the logs; and the black list is maintained dynamically or a predictive analysis is carried out on an access user by using the machine learning function of big data, thereby realizing active defense. Besides, the protection experiences accumulated by an external behavior defense system are utilized fully, so that protection devices at different levels can realize enhanced protection.

Description

technical field [0001] The invention relates to the field of network protection, in particular to an anti-malicious attack system that uses access logs and behavior defense logs for big data analysis. Background technique [0002] As network applications penetrate into people's lives, network attacks emerge in an endless stream, especially in some important network nodes, such as large government websites, government agencies, and some systems that provide services and ticketing services, and often face threats of various network attacks. In this case, people put forward higher requirements for the attack defense effect of the equipment. [0003] Existing anti-malicious attack systems are mainly divided into direct IP defense and behavioral defense. Among them, direct IP defense is usually to directly configure malicious IP on the protection machine, which is generally used for firewalls and WAF and other devices. Behavioral defense usually pre-sets rules, and judges wheth...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/02H04L63/101H04L63/1441H04L67/02
Inventor 曹杰冯雨晖宿晓坤苏建辉李苏曹永
Owner BEIJING HONGMA MEDIA CULTURE DEV