Unlock instant, AI-driven research and patent intelligence for your innovation.

Method of computer network anomaly detection

A computer network, anomaly detection technology, applied in transmission systems, electrical components, etc., can solve the problems of not being used to detect new network threats, errors, etc., and achieve the effect of improving the accuracy rate and reducing the number of false alarms

Active Publication Date: 2019-11-29
BEIJING ADVANCED DIGITAL TECH
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The method of traffic monitoring anomalies generates a large number of false alarms because the rate of change of traffic or other observables occur for many reasons unrelated to threats
In addition, traditional traffic anomaly detection systems are originally used to detect changes in preset behaviors, so traditional anomaly detection systems are not designed to detect new types of network threats

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method of computer network anomaly detection
  • Method of computer network anomaly detection
  • Method of computer network anomaly detection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0088] An embodiment of the present invention provides a computer network anomaly detection method, which includes the steps of:

[0089] S10, acquiring events from computer network transactions;

[0090] S20, simultaneously extracting and outputting multiple features from the event;

[0091] S30. Comparing the multiple output features with the learned trend to obtain anomalies; judging and reasoning about the anomalies, and issuing alarms and operations according to the judgments and reasoning.

[0092] Among them, the multiple features include continuous-valued features containing real numbers and finite-set features presented as sets; the learned trends include a series of continuous-valued features.

[0093] In the above embodiment, in step S10, the acquired event includes one event or an event bundle formed by bundling a series of events according to the logical relationship between the events.

[0094] As a preferred implementation manner, in step S10, acquiring an eve...

Embodiment 2

[0109] On the basis of the computer network anomaly detection system provided in Embodiment 1, this embodiment of the present invention provides an anomaly detection system 110 applied to a computer network. The anomaly detection system 110 stores a plurality of program instructions for computer network anomaly detection, and the program instructions are loaded and executed by computer network mobile terminals. Computer network mobile terminals include but are not limited to computers, mobile phones, and tablet computers. figure 1 An application example of the anomaly detection system 110 is given. figure 1 Among them, the computer network mobile terminal example is sensor server 200 and / or console server 100, and abnormality detection system 110 is arranged in having sensor server 200 and / or console server 100, and the program instruction stored in abnormality detection system 110 is controlled by sensor server 200 and / or console server 100 loads and performs computer networ...

Embodiment 3

[0111] On the basis of Embodiments 1 and 2, the embodiment of the present invention provides a computer network mobile terminal, which includes an abnormality detection system 110 and a device body. Among them, the anomaly detection system 110 stores a plurality of program instructions for computer network anomaly detection, and sends out alarms and operation reminders, and the device body is used to load and execute program instructions, and receive alarms and operation reminders.

[0112] figure 1 Given a form of the device body, such as the sensor server 200 and / or the console server 100 , the program instructions stored in the abnormality detection system 110 are loaded and executed by the sensor server 200 and / or the console server 100 .

[0113] Below, in conjunction with Embodiment 1, Embodiment 2 and Embodiment 3, the method, system and mobile network terminal for computer network anomaly detection are further described, and the anomaly detection system 110 and its sto...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a computer network anomaly detection method and system and a mobile terminal. The anomaly detection method comprises the steps that an event is acquired from a computer network transaction; a number of features are simultaneously extracted from the event and output; a number of output features are compared with the learnt trend to acquire an anomaly; the anomaly is judged and inferred, and alarm and operation are issued according to judgment and inference; a number of features comprise continuous value type features including reals and finite set type features presenting as a set; and the learnt trend comprises a series of continuous value type features. According to the computer network anomaly detection method and system, unpredictable network threat and other network related problems can be detected; and the accuracy of anomaly detection is improved.

Description

technical field [0001] The present invention relates to the technical field of computer network anomaly detection, and more specifically, the present invention relates to a computer network anomaly detection method, system and mobile terminal. Background technique [0002] With the rapid development of computer networks, cyber threats and other network-related issues are increasing, such as cyber attacks, data theft, viruses, worms, malicious port scanning activities, etc. Cyber ​​threats are acting faster, changing at a faster rate, and more complex. Today, despite perimeter defenses, cyber threats sneak in directly through computer networks, hence the proliferation of threat detection tools. [0003] Traditional inspections include simple or deep packet inspection and can usually be categorized as intrusion detection and prevention devices or antivirus systems. These devices house threat databases in the form of signatures, which are matched against millions of kits trans...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425H04L63/1441
Inventor 耐尔屈朝晖
Owner BEIJING ADVANCED DIGITAL TECH