Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Netflow sampling processing method based on abnormal feedback

A processing method and abnormal technology, applied in the direction of digital transmission system, data exchange network, electrical components, etc., can solve the problems of inability to real-time feedback and utilization of network traffic status, inability to intervene, increase the receiving pressure of routing traffic collection points, etc., to achieve real-time Feedback and utilization, avoid receiving, reduce the effect of receiving pressure

Active Publication Date: 2020-06-05
NANJING UNIV OF SCI & TECH
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, after analyzing the results of NetFlow data, the network administrator will carry out the next step, and cannot intervene in time for abnormalities in the network. Therefore, there is collection of invalid traffic, which increases the receiving pressure from routing traffic collection points, and cannot Real-time feedback and utilization of network traffic status

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Netflow sampling processing method based on abnormal feedback
  • Netflow sampling processing method based on abnormal feedback
  • Netflow sampling processing method based on abnormal feedback

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0065] combine figure 1 , the present invention is based on the NetFlow sampling processing method of abnormal feedback, comprises the following steps:

[0066] Step 1: The anomaly analyzer analyzes the NetFlow data and extracts the characteristic values ​​of the NetFlow records corresponding to the abnormal traffic. First check whether the source address of a single flow record is abnormal. If the source address of the flow is 127.0.0.1 or the broadcast address in this domain, it can be directly determined that the flow is abnormal. Then check whether the source and destination addresses of the flow are equal. If they are equal, abnormal traffic occurs on the network; filter out the NetFlow record corresponding to the abnormal traffic, and extract the characteristic value of the NetFlow record corresponding to the abnormal traffic, that is, the six-tuple {source address, Destination address, protocol type, source port, destination port, packet length}. The detection process...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a NetFlow sampling processing method based on abnormal feedback. This method is based on the principle of NetFlow, uses the analysis results output by the abnormal analysis server to extract the characteristic values ​​of the NetFlow records corresponding to the abnormal traffic, the feedback device performs abnormal detection based on the statistical results, outputs the behavior characteristic parameters of the prevention strategy, and sends them to the routing traffic The collection point and the collection server, the routing traffic collection point adjusts the sampling rate of abnormal traffic packets, and the collection server adjusts the traffic receiving weight of the routing traffic collection point. The present invention makes full use of the analysis results of abnormal analysis, automatically adjusts the sampling rate of routing traffic collection points in real time, adjusts the collection strategy of the collection server, avoids the collection of invalid traffic, reduces the receiving pressure from routing traffic collection points, and realizes real-time monitoring of network traffic status. Feedback and utilization.

Description

technical field [0001] The invention belongs to the technical field of network flow sampling processing, in particular to a NetFlow sampling processing method based on abnormal feedback. Background technique [0002] With the development of the Internet, the number of network users and access devices is increasing, which puts pressure on the safe operation of the computer network, and due to the upgrade of the operating system and the patching of vulnerabilities, virus attacks that invade hosts and then destroy them account for a large proportion of the attacks. The proportion is gradually decreasing, and these attacks turn into malicious consumption of limited resources of the network or occupation of the system, thereby destroying the ability of the system to provide external services, but traditional system upgrades cannot detect and prevent such attacks. Therefore, the real-time monitoring work of the computer network status is very necessary. The real-time monitoring o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L29/06
CPCH04L43/022H04L43/04H04L63/1425
Inventor 李千目张文强戚湧王印海
Owner NANJING UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com