Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network anomaly detection method, system and electronic device

A network anomaly and detection method technology, applied in the field of network security systems, can solve the problems of difficulty in determining the parameter range, increasing the difficulty of discrimination, and poor flexibility, so as to reduce false alarm rate and false negative rate, good flexibility and expansion performance and improve the detection accuracy

Inactive Publication Date: 2019-01-15
SHENZHEN INST OF ADVANCED TECH
View PDF6 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the above method only analyzes the data collected from the network at the data level, and the parameter range of the benchmark is difficult to determine, which leads to a series of defects such as poor flexibility and high false positive rate.
The key is that the traditional detection model only analyzes the abnormal information for a single host, and is not combined with the existing network distributed multi-node host environment. However, in the actual network environment operation, it is difficult for the traditional discriminant model to determine the various models The required parameter benchmark range makes the traditional method more difficult to distinguish, and there is a certain false positive rate and false negative rate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network anomaly detection method, system and electronic device
  • Network anomaly detection method, system and electronic device
  • Network anomaly detection method, system and electronic device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] In order to make the purpose, technical solution and advantages of the present application clearer, the present application will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present application, not to limit the present application.

[0040] see figure 1 , is a flow chart of the network anomaly detection method according to the embodiment of the present application. The network anomaly detection method of the embodiment of the present application includes the following steps:

[0041] Step 100: analyzing the network structure composed of network nodes and communication links under the distributed network, and drawing a topology diagram of the network structure;

[0042] In step 100, a real distributed architecture network has multiple network units and data nodes, there may be actual communication links or network com...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present application relates to a network anomaly detection method, a system and an electronic device. The method comprises the following steps of: a) drawing a network structure topology diagram according to the network structure of the network node and the communication link under the distributed network; B, establishing a corresponding Bayesian network model according to the network structure topology diagram; C, inputting the pre-classified event into the Bayesian network model, the Bayesian network model adopts a probability calculation formula combining a Bayesian conditional probability formula and a time function T (t) to calculate the conditional probabilities of the pre-classified events belonging to different types of anomalies, and obtains an anomaly type classification result of the pre-classified events according to the maximum conditional probability. The application establishes a Bayesian network model aiming at the topological structure of a real network environment, which can have better flexibility and expansibility, improve the detection accuracy rate, and carry out network anomaly detection combined with a time function, thereby improving the sensitivity ofthe model to the anomaly detection in a certain period of time, and effectively reducing the false alarm rate and the false alarm rate.

Description

technical field [0001] The present application belongs to the technical field of network security systems, and in particular relates to a network anomaly detection method, system and electronic equipment. Background technique [0002] With the popularity of the Internet and the rapid development of the network, the Internet has penetrated into thousands of households, bringing a lot of convenience to people's life and work. But network technology is also a double-edged sword, and its rapid development and wide application have brought unprecedented challenges. With the rapid development of the Internet information age, the distributed and borderless open nature of the network, people enjoy the convenience brought by the open structure in the Internet environment. However, the security issues that the TCP / IP protocol itself does not consider and seldom consider. Network security issues seriously affect the stable operation of the network and the normal trial of users, and ev...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06K9/62
CPCG06F18/29G06F18/214
Inventor 叶可江纪书鉴须成忠
Owner SHENZHEN INST OF ADVANCED TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com