Network attack alarming method and system

A network attack and alarm information technology, applied in the field of network security, can solve the problem of high operation and maintenance processing costs

Active Publication Date: 2018-08-31
北京鸿享技术服务有限公司
View PDF6 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] What the present invention aims to solve is the problem of high operation and maintenance processing costs of the traditional network attack detection method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack alarming method and system
  • Network attack alarming method and system
  • Network attack alarming method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0143] This embodiment provides a network attack warning method, figure 1 It is a schematic flow chart of the network attack warning method, and the network attack warning method includes:

[0144] Step S11, detecting whether the target host is under a network attack and determining the attack type of the network attack;

[0145] Step S12, if the target host is under the network attack, then detect whether the network attack is successful and determine the attack action of the successful network attack;

[0146] Step S13, if the network attack is successful, generate first alarm information including the attack type of the network attack and the attack action of the network attack, otherwise generate second alarm information including the attack type of the network attack.

[0147] The target host may be a server providing various services, a personal computer capable of realizing specific functions, or other network devices capable of providing network services. The target ...

Embodiment 2

[0192] Embodiment 1 adopts an alarm mode in which one network attack corresponds to one alarm message, that is, a corresponding alarm message is generated when a network attack is detected. However, isolated alarm information cannot accurately reflect the security status of the target host, and this kind of attack display cannot grasp the attack process as a whole. Therefore, this embodiment provides another network attack warning method. Compared with the network attack warning method provided in Embodiment 1, after generating the first warning information or the second warning information, this embodiment further includes:

[0193] Adding a corresponding attack chain label to the first alarm information or the second alarm information according to the alarm content, wherein the attack chain label is used to represent the attack stage of the network attack in the attack chain;

[0194] Count each attack chain label of the same attack event, and obtain the total number of net...

Embodiment 3

[0206] This embodiment provides a network attack warning system, the network attack warning system includes: a first detection module, used to detect whether the target host is under a network attack and determine the attack type of the network attack; a second detection module, used to When the target host is subjected to the network attack, detect whether the network attack is successful and determine the attack action of the successful network attack; the alarm information generation module is used to generate information including the network attack when the network attack is successful The attack type of the network attack and the first warning information of the attack action of the network attack, otherwise, the second warning information including the attack type of the network attack is generated.

[0207]Further, the first detection module includes: a collection module, used to collect the network data of the target host; a first extraction module, used to extract fea...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network attack alarming method and system. The network attack alarming method comprises the following steps: detecting whether a target host is subject to a network attack ornot, and determining an attack type of the network attack; if the target host is subject to the network attack, detecting whether the network attack is successful or not, and determining an attack action of a successful network attack; if the network attack is successful, generating first alarm information comprising the attack type of the network attack and the attack action of the network attack; and if the network attack is not successful, generating second alarm information comprising the attack type of the network attack. The network attack alarming method and system provided by the invention has the advantages that the successful network attack can be screened out, so that the operation and maintenance efficiency can be improved, and real vulnerabilities can be discovered.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a network attack warning method and system. Background technique [0002] With the continuous development of computer technology and the continuous popularization of the Internet, there are endless forms of network attacks, network security issues are becoming more and more prominent, causing social impact and economic losses are increasing, and new requirements and challenges are put forward for network threat detection and defense. Abnormal network traffic is one of the major network security threats at present, and it is also a key object of network security monitoring. Quickly and accurately discovering abnormal network traffic, timely and accurately capturing, analyzing, tracking and monitoring malicious code can provide knowledge support for network security situation index assessment and immunization decision-making, thereby improving the overall response capabili...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/0631H04L63/1416
Inventor 蒋劭捷张鑫
Owner 北京鸿享技术服务有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap