Network attack result detection method and system

A network attack and detection method technology, applied in the field of network security, can solve the problem of high operation and maintenance processing costs

Active Publication Date: 2018-11-23
北京鸿享技术服务有限公司
View PDF7 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] What the present invention aims to solve is the problem of high operation and maintenance processing costs of the traditional network attack detection method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack result detection method and system
  • Network attack result detection method and system
  • Network attack result detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0139] This embodiment provides a network attack result detection method, figure 1 is a schematic flow chart of the network attack result detection method, and the network attack result detection method includes:

[0140] Step S11, extracting features to be compared from the network data of the target host;

[0141] Step S12, comparing the feature to be compared with more than one attack response rule, wherein the attack response rule is formed according to the first response data, and the first response data is used for the attacked host to successfully attack the request answer;

[0142] Step S13, if the feature to be compared matches the attack response rule, it is determined that the target host is successfully attacked by the network.

[0143] Specifically, the target host may be a server providing various services, a personal computer capable of realizing specific functions, or other network devices capable of providing network services. The target host may receive re...

Embodiment 2

[0166] This embodiment provides another network attack result detection method. Compared with the network attack result detection method provided in Embodiment 1, before extracting the features to be compared from the network data, it also includes: according to the network The data detects whether the target host is attacked by the network; if the target host is attacked by the network, the step of extracting the features to be compared from the network data is performed.

[0167] To detect whether the target host is under network attack, a traditional network attack detection method may be used. Considering that the traditional network attack detection method has the defects of high false negative rate and poor flexibility, this embodiment provides a specific method for detecting whether the target host is under network attack. Figure 4 It is a schematic flow diagram of detecting whether the target host is under network attack, and the detecting whether the target host is u...

Embodiment 3

[0184] This embodiment provides another network attack result detection method. Compared with the network attack result detection method provided in Embodiment 2, after comparing the features to be compared with more than one attack response rule, an alarm can also be generated. Information, wherein the alarm information includes the attack type of the network attack, whether the network attack is successful, and the attack action of the successful network attack. For example, when the target host is attacked by SQL injection but the attack is unsuccessful, the alarm information can be "under SQL injection attack, the attack is invalid"; when the target host is attacked by SQL injection and the attack is successful, the specific attack action It uses the floor() function to report an error injection, and the alarm information can be "under SQL injection attack, the attack is successful, and the floor() function reports an error injection".

[0185] Further, after the alarm inf...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network attack result detection method and system. The network attack result detection method comprises the following steps: extracting to-be-contrasted features from networkdata of a target host; contrasting the to-be-contrasted features with more than one attack response rules, wherein the attack response rules are formed according to the first response data, and the first response data is used for responding to a successful attack request by the attacked host; and if the to-be-contrasted features are matched with the attack response rules, judging that the targethost suffers from successful network attack. Through the network attack result detection method and system disclosed by the invention, the successful network attack can be precisely identified, thereby providing effective network attack information for the network administrator.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and system for detecting network attack results. Background technique [0002] With the continuous development of computer technology and the continuous popularization of the Internet, there are endless forms of network attacks, network security issues are becoming more and more prominent, causing social impact and economic losses are increasing, and new requirements and challenges are put forward for network threat detection and defense. Abnormal network traffic is one of the major network security threats at present, and it is also a key object of network security monitoring. Quickly and accurately discovering abnormal network traffic, timely and accurately capturing, analyzing, tracking and monitoring malicious code can provide knowledge support for network security situation index assessment and immunization decision-making, thereby improving the overall res...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1433
Inventor 蒋劭捷张鑫
Owner 北京鸿享技术服务有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap