Method and device for security status awareness of inter-domain routing system based on weighted similarity

A weighted similarity and system security technology, which is applied in the field of inter-domain routing security monitoring, can solve the problem of low reliability of monitoring results, achieve the effect of high accuracy of judgment results, strong real-time performance, and overcome the dependence of completeness

Active Publication Date: 2020-02-14
SURFILTER NETWORK TECH
View PDF17 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In order to solve the problem of low reliability of the monitoring results of the existing inter-domain routing system security monitoring scheme, the embodiment of the present invention provides a method and device for inter-domain routing system security status perception based on weighted similarity

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for security status awareness of inter-domain routing system based on weighted similarity
  • Method and device for security status awareness of inter-domain routing system based on weighted similarity
  • Method and device for security status awareness of inter-domain routing system based on weighted similarity

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0054] An embodiment of the present invention provides a security status awareness method for an inter-domain routing system based on weighted similarity, see figure 1 , the method includes:

[0055] Step S11, acquiring data on security state characteristics of the inter-domain routing system, the security state characteristics of the inter-domain routing system include: frequency of occurrence of routing events, average path length, and path edit distance.

[0056] It should be noted that the security status features that can reflect the inter-domain routing system do not include the above three, but the more security status features used, the more complex the calculation of the security status and the more time it takes , considering the strict real-time requirements of the security status evaluation of the inter-domain routing system, only the above three features are adopted.

[0057] In this embodiment, the update message is the core content of the BGP protocol, and is u...

Embodiment 2

[0087] An embodiment of the present invention provides a security status awareness device for an inter-domain routing system based on weighted similarity, see image 3 , the device includes: an acquisition module 10 , a generation module 20 , a calculation module 30 , and a processing module 40 .

[0088] The acquiring module 10 is configured to acquire data of security state characteristics of the inter-domain routing system, the security state characteristics of the inter-domain routing system include: frequency of occurrence of routing events, average path length, and path edit distance.

[0089] It should be noted that the security status features that can reflect the inter-domain routing system do not include the above three, but the more security status features used, the more complex the calculation of the security status and the more time it takes , considering the strict real-time requirements of the security status evaluation of the inter-domain routing system, only ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an inter-domain routing system security state sensing method and device based on weighted similarity. The method comprises the steps of: acquiring data of inter-domain routing system security state features; generating a standard feature set of an inter-domain routing system security state; generating a real-time feature set of the inter-domain routing system security state; according to a preset rule, calculating the similarity between the real-time feature set and the standard feature set; according to the calculated similarity, calculating the feature deviation between the real-time feature set and the standard feature set; and when the calculated feature deviation is smaller than a preset threshold, judging that the inter-domain routing system runs normally. Data of inter-domain routing system security state features can be acquired via a self deployed monitoring node or a public project such as Route Views and the like, so that the dependency on the completeness of an abnormal route set is overcome; and the method can judge the security state of the inter-domain routing system in real time, and is strong in real-time capability and high in judgment result accuracy.

Description

technical field [0001] The present invention relates to the technical field of inter-domain routing security monitoring, in particular to a method and device for sensing the security status of an inter-domain routing system based on weighted similarity. Background technique [0002] With the increasingly serious Internet security situation, the security problems faced by the inter-domain routing system, which uses the Border Gateway Protocol (BGP) as the communication mechanism and is responsible for the exchange of routing information between different autonomous domains in the entire network, are also becoming more and more prominent. , in which, the inter-domain routing system security monitoring solution does not need to modify the original routing protocol, does not need to deploy key management infrastructure covering the entire network, and can incrementally arrange monitoring nodes according to user needs, achieving low cost and scalability Strong, and in the case of...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1408H04L63/1416H04L63/1425
Inventor 景晓军沈智杰刘永强郭毅段海新魏克
Owner SURFILTER NETWORK TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap