Host real-time identification method based on distributed analysis of application traffic

A technology of application programs and identification methods, applied in the direction of digital transmission systems, electrical components, transmission systems, etc., can solve problems such as inability to guarantee system reliability, failure to obtain better recognition rates, weak host identification technology capabilities, etc., to achieve good reliability Scalability, improved processing capability, good concealment effect

Active Publication Date: 2017-07-07
SOUTHEAST UNIV
View PDF4 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the host identification technology based on physical signals is weak and cannot achieve a good recognition rate in large-scale networks, while the host identification technology based on protocol stack parameters has insufficient recog

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Host real-time identification method based on distributed analysis of application traffic
  • Host real-time identification method based on distributed analysis of application traffic
  • Host real-time identification method based on distributed analysis of application traffic

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The present invention will be further illustrated below in conjunction with specific embodiments, and it should be understood that the following specific embodiments are only used to illustrate the present invention and are not intended to limit the scope of the present invention.

[0031] see figure 1 As shown, an embodiment of the present invention provides a method for real-time identification of a host based on a distributed computing platform design. Firstly, based on the distributed computing platform Storm, the traffic packets are read from the distributed message queue, the analysis and processing of the traffic packets are completed, and the characteristic data are extracted and stored in the distributed database, and then the device is generated by combining the characteristic data of the devices Fingerprint, and based on Spark Streaming technology to complete the classification of device fingerprints, to achieve real-time identification of the host. The spec...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a host real-time identification method based on distributed analysis of application traffic. The method of the invention comprises the following steps: step S1, analyzing and processing a distributed traffic message; step S2, generating an equipment fingerprint; and step S3, performing real-time identification of a host. The host real-time identification method based on the distributed analysis of the application traffic provided by the invention uses a distributed computing platform to identify and extract a host operating system and software information for high-speed network environment by analyzing the host traffic, generates the equipment fingerprint, and ultimately realizes the real-time identification of the host by using a machine learning algorithm.

Description

[0001] Technical field: [0002] The invention relates to a real-time identification method of a host based on distributed analysis of application flow, and belongs to the technical field of host identification. [0003] Background technique: [0004] With the rapid development of network technology, the Internet is rapidly integrated into every aspect of people's lives. However, while the Internet facilitates people's lives, it has also become a hotbed of cybercrime, and various cybercrime incidents occur frequently. As a line of defense for maintaining network security, network supervision undertakes the task of monitoring and controlling various cybercrime incidents, and maintains network security by punishing cybercriminal subjects. As a key link in network supervision, host identification plays a vital role in it. This patent defines the continuous network access of the host for a period of time as a network session of the host. The change of the IP address of the host o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26
CPCH04L43/026H04L43/028H04L43/065H04L43/18
Inventor 杨明潘培龙罗军舟凌振
Owner SOUTHEAST UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap