Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Real-time malicious behavior detection method and device

A real-time detection and behavior technology, applied in the field of cloud computing, can solve problems such as network traffic growth, difficult protection, inflexible network rule configuration, etc., and achieve the effect of improving the processing bottleneck

Inactive Publication Date: 2018-06-05
HUAZHONG NORMAL UNIV
View PDF4 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Although the traditional intrusion detection system represented by Snort guarantees the security of the cloud platform to a certain extent, this model has a series of problems such as inflexible configuration of network rules. In addition, the rapid expansion of the scale of the cloud platform makes the network topology complex. and the rapid growth of network traffic, but in the traditional intrusion detection system, the filtering device and the routing device are completely separated, so it is difficult to achieve unified and rapid protection
The rapid growth of network traffic under the cloud platform has brought great challenges to the existing intrusion detection system. Therefore, it is urgent to build an intrusion detection system that can effectively deal with large-scale network traffic.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Real-time malicious behavior detection method and device
  • Real-time malicious behavior detection method and device
  • Real-time malicious behavior detection method and device

Examples

Experimental program
Comparison scheme
Effect test

no. 1 example

[0032] Please refer to figure 2 , this embodiment provides a method for real-time detection of malicious behavior, which is applied in an SDN network system, and the method includes:

[0033] Step S200: Based on the malicious behavior attack model including possible attack schemes on the cloud platform, establish a malicious behavior attack signature database under the cloud computing environment;

[0034] In this embodiment, by analyzing the malicious behavior supply model including possible attack schemes on the cloud platform and the remaining problems of the current attack detection model, an SDN-based malicious behavior implementation detection model, that is, the malicious behavior attack feature library, can be established. It can be understood that the content in the malicious behavior attack model may not only be limited to possible attack schemes on the cloud platform, but may also be possible attack schemes in the local system or other environments.

[0035] After...

no. 2 example

[0080] Please refer to Figure 9 , this embodiment provides a malicious behavior real-time detection device 900, which is applied to an SDN network system, and includes:

[0081] The signature database module 910 is used to establish a malicious behavior attack signature database under the cloud computing environment based on a malicious behavior attack model including possible attack schemes on the cloud platform;

[0082] A detection module 920, configured to detect in real time whether there is any malicious behavior in the current data flow in the network based on the malicious behavior attack feature library;

[0083] The interception module 930 is configured to indicate that there is a current network attack when there is malicious behavior in the current data flow, and intercept the current data flow.

[0084] Please refer to Figure 10 , in this embodiment, further, the detection module 920 may also include the following units:

[0085] An acquisition unit 921, conf...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a real-time malicious behavior detection method and device which are applied to an SDN system, and relates to the technical field of cloud computing. The real-time malicious behavior detection method comprises the steps that a malicious behavior attack feature library in a cloud computing environment is built on the basis of a malicious behavior attack model containing possible attack schemes on a cloud platform; whether or not a malicious behavior exists in a current data flow in a network is detected in real time on the basis of the malicious behavior attack feature library; and if yes, it represents that a network attack exists at present, and the current data flow is intercepted. According to the real-time malicious behavior detection method and device, for solving the problem that an existing malicious behavior detection model cannot effectively deal with the processing efficiency bottleneck brought by the large-scale network traffic and the traffic controldifficulty brought by the network topology complexity, an SDN-based real-time malicious behavior detection model is designed by combining a flexible SDN architecture with a big data processing framework to solve the low detection efficiency problem which exists in research at present and is caused by handling the bottleneck and network traffic control problems.

Description

technical field [0001] The invention relates to the technical field of cloud computing, in particular to a method and device for real-time detection of malicious behavior. Background technique [0002] With the development and maturity of various network technologies, the new service model of cloud computing based on the Internet has achieved unprecedented development. "Computing" has been rated as a cutting-edge technology for several consecutive years, and it is also an important foundation for new technologies such as artificial intelligence in the 2017 technology report. [0003] Under the cloud computing model, advantages such as super computing power and extremely low cost attract a large amount of data to gather in the cloud platform. On the one hand, it brings convenient application, and on the other hand, it also greatly increases the risk of the cloud platform being attacked. Therefore, how to effectively detect malicious behaviors on the cloud platform and carry ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1466
Inventor 张浩黄涛刘三女牙杨华利戴淑敏
Owner HUAZHONG NORMAL UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com