Network threat detection system and detection method

A threat detection and network technology, applied in the field of network security, can solve problems such as the inability to perceive the status of network threats in time, and the inability to detect network security threats at the first time, so as to facilitate timely perception and maintenance.

Active Publication Date: 2017-05-10
上海百太信息科技有限公司 +1
View PDF3 Cites 35 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, active scanning technology cannot perceive the current network threat status in ti

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network threat detection system and detection method
  • Network threat detection system and detection method
  • Network threat detection system and detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] The present invention will be described in detail below with reference to the drawings and specific embodiments. This embodiment is implemented on the premise of the technical solution of the present invention, and a detailed implementation mode and specific operation process are given, but the protection scope of the present invention is not limited to the following embodiments.

[0041] Such as figure 1 As shown, this embodiment provides a network threat detection method, including:

[0042] Step 101: Collect all network traffic data on the Internet or LAN in real time.

[0043] In this step, it supports multi-node deployment and real-time collection of aggregated traffic above 100Gb. All network traffic data on the Internet or LAN can be collected in real time. The detection system or the analysis server in the detection system can capture network equipment (such as routers, gateways or splitters). The network data on the device, but not limited to this, it can also be the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a network threat detection system and detection method. The detection system comprises a network data acquisition module, a feature extraction module, a traffic analysis module, a network threat confirmation module and a threat situation generating module, wherein the network data acquisition module is used for acquiring network traffic data in real time; the feature extraction module is used for acquiring feature information of network traffic data; the traffic analysis module is used for performing feature matching on the network traffic data according to the feature information to obtain suspected network threat events; the network threat confirmation module is used for performing depth detection on the suspected network threat events by using a test statement to obtain real network threat events really having network threats, wherein a depth analysis knowledge base stores multiple threat models with corresponding detection rules; and the threat situation generating module is used for performing big data analysis and data mining on the suspected network threat events and the real network threat events to obtain a correlation of the multiple real network threat events or the occurrence frequency of a certain real network threat event, thereby forming a threat situation. Compared with the prior art, the system and the method have the advantages of high network threat detection rate, low false alarm rate and the like.

Description

Technical field [0001] The present invention relates to the technical field of network security, in particular to a network threat detection system and detection method. Background technique [0002] With the continuous development and application of modern networks, especially the Internet, the network has become a part of people's lives and work. At the same time, cyber threats from all levels are increasing day by day and emerge in endlessly. How to find and detect network threats to ensure network security is in front of every network user, especially network operation and maintenance personnel. [0003] At present, one type of network threat detection and detection is passive monitoring, mainly IDS, IPS and firewall. IDS, IPS, and firewalls mainly passively detect traffic, generate massive amounts of information, and have many false positives. In addition, the security threats provided by the system cannot be accurately located or restored by the operation and maintenance pe...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1416H04L67/02
Inventor 汪为农陈志俊易达许丁飞汪开先
Owner 上海百太信息科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap