Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

IP white list building method based on intranet traffic

A whitelist and intranet technology, applied in electrical components, transmission systems, etc., can solve the problems of poor whitelist pertinence and high generation cost

Inactive Publication Date: 2017-10-24
SICHUAN UNIV
View PDF4 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

One object of the present invention is to propose a method based on simple internal and external network communication data (five-tuple, generation time, uplink / downlink data volume) for the disadvantages of high generation cost and poor whitelist pertinence of the existing whitelist generation algorithm. size) to generate an IP whitelist

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IP white list building method based on intranet traffic
  • IP white list building method based on intranet traffic
  • IP white list building method based on intranet traffic

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0015] The whitelist construction method in the present invention aims to realize more targeted IP whitelist construction through simple network communication flow records with higher efficiency and low cost. The present invention will be further described below in conjunction with the accompanying drawings. The method provided by the present invention can effectively solve the shortcoming that the intranet traffic monitoring system occupies too much system resources when processing traffic, and summarizes the characteristics of normal network traffic generation and the behavior characteristics of intranet users accessing the network, and summarizes a set of construction The rules of the IP whitelist can not only reduce the processing pressure of the intranet security monitoring system, but also prevent suspicious traffic from being filtered out.

[0016] figure 1 is an architectural diagram describing the technology of the present invention.

[0017] Such as figure 1 Shown...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention relates to the field of an intranet traffic monitoring system and an IP white list building method, and aims to provide an IP white list building method based on intranet traffic. The method comprises: first capturing the network data packets communicating between an intranet and an extranet; extracting the information in the data packet headers (including the quintet information, the generation time and data packet sizes); using the information in the data packet headers to form a network data stream with the network data packets and at the same time, saving the information of the data stream in a database as the basic data to build a white list; and finally, using the rules proposed by the method of the invention to establish the IP white list, wherein the rules include: judging whether the uplink / downlink ratio of the data stream satisfies the condition or not; judging whether the number of accessing times by the user of the IPs of the same intranet to the IPs of the external network satisfies the condition for a certain period of time or not; judging whether the number of accessing times by the how many IPs of the intranet to the IPs of the same extranet in a certain period of time satisfies the condition or not; and judging whether the accessing behavior by IPs of extranet meets condition or not in a non-working period. Unlike the traditional IP white list building method, the white list can be generated by the method with high efficiency. The calculation cost and time cost in doing so are low. The generated white list is highly targeted and credible, effectively reducing the data amount required by an internal network security monitoring system.

Description

technical field [0001] The present invention relates to the field of intranet flow monitoring and the field of IP whitelist construction method. The core is to use the captured communication flow data between the internal and external networks and adopt specific rules to construct the IP whitelist. Background technique [0002] The intranet traffic monitoring system refers to a system that detects network attacks in real time by monitoring network traffic. It usually includes a communication flow capture module, a data processing module, and a data display module. Facing the increasingly severe network security situation, and in view of the different threats faced by the intranet, the intranet traffic monitoring system needs to use different rules to analyze the data packets. However, with the increasing amount of network data, the huge overhead caused by in-depth analysis of each data packet has gradually become a major problem facing the industry. [0003] When monitorin...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/101H04L63/1408H04L63/1441H04L63/30
Inventor 刘亮田智毅郑荣锋
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com