Network security baseline generation method based on full flow
A network security, full-flow technology, applied in the field of full-flow-based network security baseline generation, can solve problems such as error-prone, difficult-to-operate, and inflexible, and achieve the effect of lowering the technical threshold and making quick and flexible modifications.
Active Publication Date: 2019-02-22
CHINA ELECTRONICS TECH CYBER SECURITY CO LTD
View PDF6 Cites 8 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
This method has many problems such as high threshold, difficult operation, inflexibility, and error-prone.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0036] In order to have a clearer understanding of the technical features, purposes and effects of the present invention, the specific implementation manners of the present invention will now be described with reference to the accompanying drawings.
[0037] The present invention proposes a method for generating a network security baseline based on full traffic, specifically, as figure 1 shown, including the following steps:
[0038] S1. In-depth analysis of network data: Bypass collection of network data packets through the mirror port of the switch, and in-depth analysis of some application layer protocols, extracting public data content and part of application layer in-depth analysis data information in network packets, and generating format data;
[0039] S2. Data cleaning and extraction: perform data cleaning on the formatted data generated after collection and / or parsing, remove duplicate or abnormal data, extract all public data content, and extract other part of the a...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a network security baseline generation method based on full flow. In the method provided by the invention, network full flow data is acquired, parsed and processed for generating formatted data and the formatted data is stored in a distributed database, then, the formatted data is subjected to operations, such as aggregation, analysis and statistics, consequently, a networksecurity baseline is generated, and the network security baseline can be used for identifying network intrusion behaviors. The network security baseline generation method based on full flow providedby the invention can generate a more comprehensive network security baseline, can quickly generate the security baseline in the local area network in large scale and can quickly and flexibly modify the network security baseline, thus, the method has universality in application and can be widely used in various network environment. In addition, a problem of dependence on collaborative involvement of service experts, network security experts and network operation and maintenance staffs in the conventional network security baseline generation method is avoided, and technical thresholds of generation of the network security baseline are reduced greatly.
Description
technical field [0001] The invention relates to a network security baseline, in particular to a method for generating a network security baseline based on full flow. Background technique [0002] Against the backdrop of the rapid development of the Internet, more and more network security issues have undoubtedly been exposed. With the frequent occurrence of security incidents in major enterprises, network security management has become a hot topic of social concern. As an important link in network security management, network security baseline generation is widely used in industries such as telecommunications, electric power, and finance that use a large number of communication networks and information systems based on IP networks and computer technology. Network security baselines play an important and fundamental role in improving the security of communication networks and information systems in these industries. [0003] The network security baseline refers to the minim...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/20
Inventor 徐砚李鹏许爱东
Owner CHINA ELECTRONICS TECH CYBER SECURITY CO LTD