Method and system for automatic identification and verification of attack traffic
An attack traffic and automatic identification technology, applied in the transmission system, electrical components, etc., can solve the problems of reduced system identification efficiency, reduced vulnerability response efficiency, and increased system data processing volume, so as to facilitate retrospective operations, reduce system performance pressure, Improve real-time effects
Active Publication Date: 2019-11-29
携程旅游信息技术(上海)有限公司
View PDF4 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0003] At present, some application security technologies only use the method of capturing traffic attack characteristics for identification, which will bring at least the following defects: 1) Massive alarms will reduce the efficiency of vulnerability response; 2) Only use the method of capturing traffic attack characteristics Recognition increases the data processing capacity of the system, and the recognition efficiency of the entire system decreases
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0043] Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The same reference numerals denote the same or similar structures in the drawings, and thus their repeated descriptions will be omitted.
[0044] The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided in order to give a thorough understanding of embodiments of the invention. However, those skilled in the art will appreciate that the technical solutions of the present invention may be practiced without one or more of the specific d...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention provides an automatic identification and verification method and system for attack traffic. The automatic identification and verification method comprises the steps of obtaining a data stream and carrying out mirror mapping on the data stream, thereby obtaining a mirror data stream; identifying whether the mirror data stream is attack traffic or not according to a first feature library and a second feature library, wherein the first feature library is a local feature library, and the second feature library is an open source feature library; determining a verification action of the mirror data stream which is identified as the attack traffic according to a second type feature matching the mirror data stream which is identified as the attack traffic; identifying whether the mirror data stream which is identified as the attack traffic carries out an attack successfully or not according to the determined verification action; and outputting a verification result. According to the automatic identification and verification method and system for the attack traffic provided by the invention, the system processing efficiency is improved through utilization of the two feature libraries.
Description
technical field [0001] The invention relates to the field of computer application technology, in particular to an automatic identification and verification method and system for attack traffic. Background technique [0002] With the continuous development of the Internet, the number of malicious attacks by external attackers has increased rapidly, and the company's information security is related to the company's interests and value. The existing technology usually extracts malicious traffic, then sends an alarm, and operators or developers respond to the alarm. [0003] At present, some application security technologies only use the method of capturing traffic attack characteristics for identification, which will bring at least the following defects: 1) Massive alarms will reduce the efficiency of vulnerability response; 2) Only use the method of capturing traffic attack characteristics Recognition increases the data processing capacity of the system, and the recognition e...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/0227H04L63/1416H04L67/1095
Inventor 凌霄王润辉陈莹
Owner 携程旅游信息技术(上海)有限公司