Method and system for detecting and locating network anomaly

A technology of network anomaly and positioning method, applied in the field of network anomaly detection and positioning method and system, can solve the problems of false negative attack, increased false negative rate, inability to locate malicious code area, etc. The effect of preventing overfitting

Active Publication Date: 2018-10-16
CHONGQING UNIV OF POSTS & TELECOMM
View PDF7 Cites 38 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

It can be seen that if people are using defense measures against versions prior to 5.0, using these defense measures in versions later than 5.0 may result in missed reports of various types of attacks, which also results in a lower rate of false negatives. raised
Secondly, malicious code is usually hidden in seemingly normal requests sent by attackers, but most of the existing research methods based on machine learning can only identify and judge whether these network requests are abnormal, but cannot detect abnormal requests. Locate the malicious code area in

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting and locating network anomaly
  • Method and system for detecting and locating network anomaly
  • Method and system for detecting and locating network anomaly

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] The technical solutions in the embodiments of the present invention will be described clearly and in detail below with reference to the drawings in the embodiments of the present invention. The described embodiments are only some of the embodiments of the invention.

[0046] The technical scheme that the present invention solves the problems of the technologies described above is:

[0047] The main design concept of the technical solution of the present invention is to detect abnormal URLs in the network, using normal URLs and local file inclusion (LFI), SQL injection, cross-site scripting (XSS) and command injection attacks (COM) The data set composed of common types trains the convolutional neural network anomaly detection method based on the sequence attention mechanism proposed by the invention. The invention can better detect abnormal URLs with a high detection rate, and can also mark and visualize malicious code parts in abnormal URLs, effectively avoiding the di...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and system for detecting and locating network anomaly, which relates to the fields of Internet security, deep learning and neural network. The method comprises the following steps: firstly, dividing the URL according to special characters; secondly, performing word vector encoding on the divided URL with word2vec; putting word vectors into a convolution layer for automatic feature processing; combining a convolution layer result with an attention layer which possesses a sequential attention mechanism; and finally, performing maximum pooling and full-connectionon an attention layer result to obtain a final anomaly detection result, and at the same time, using the output of the attention layer to locate the malicious code in the URL. The invention has an excellent detection effect, not only is the detection rate high, but also the malicious code fragment in the URL can be located and visualized, thus effectively avoiding the drawbacks of the artificial feature engineering and the expert knowledge method.

Description

technical field [0001] The invention belongs to the field of network intrusion detection and deep learning, and relates to a method and system for detecting and locating network abnormalities based on a sequence attention convolutional neural network. Background technique [0002] With the rapid development of technology, the Internet has brought a variety of convenient services to people, such as WordPress, GitHub, Yahoo, etc. They create a better working and living environment for people, but at the same time they also bring certain hidden dangers to people. WordPress is currently the most popular blogging platform in the world, with a market share of 70% and more than 45,000 plug-ins. Among them, the WordPress SEO by Yoast plug-in has a very high usage rate. In 2015, this plug-in was exposed to a high-risk SQL injection vulnerability. The vulnerability resulted in the disclosure of a large amount of sensitive information. In 2016, 270 million Gmail, YAHOO and Hotmail ac...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06N3/08G06N3/04G06F21/56
CPCH04L63/1425H04L63/1441G06F21/562G06N3/08G06N3/044G06N3/045
Inventor 李智星李苑王国胤梁馨元王化明
Owner CHONGQING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap