Method for identifying network abnormal behavior based on deep neural network

A deep neural network and network anomaly technology, applied in the field of identification, abnormal network behavior recognition based on deep neural network, can solve problems such as failure to find abnormal behavior, small traffic, difficult to locate, etc.

Active Publication Date: 2019-03-08
南京聚铭网络科技有限公司
View PDF7 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] 1. Excessive reliance on regular expressions and various single-mode/multi-mode matching methods, and these modes are pre-made and initialized into the system. Once installed, they can only be updated through upgrades. Therefore, for new types of Abnormal network behavior is powerless, that is, unknown abnormal behavior cannot be discovered;
[0014] 2. Traditional network anomaly identification technologies based on statistical methods are generally more sensitive to similar DDos attacks, but are not very sensitive to some abnormal behaviors such as Trojan horse connection and Trojan horse heartbeat, which will lead to the loss of important information;
[0015] 3. The most important thing is that most of the network communication data with abnormal behaviors such as network penetration are encrypted, so it is impossible to detect possible problems only by relying on methods such as packet de

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for identifying network abnormal behavior based on deep neural network
  • Method for identifying network abnormal behavior based on deep neural network
  • Method for identifying network abnormal behavior based on deep neural network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0109] Example 1: see figure 1 , in actual implementation, a distributed deployment method is adopted (distributed deployment is conducive to accelerating data training), the operating system used is CentOS6.9 (kernel is 2.6.32-696), Intel 64-bit hardware architecture is adopted, network card Using Intel e1000e, the network packet capture adopts the Netmap high-speed network packet acquisition architecture, as follows,

[0110] A method for identifying network abnormal behavior based on a deep neural network, said method comprising the following steps:

[0111] Step 1: Standardize the information of each layer and the session information mark of the network-related data packets (only analyze the network based on the Ethernet type);

[0112] Step 2: Filter the relevant network connection session data that needs to be processed;

[0113] Step 3: Perform feature pre-extraction on various protocol data;

[0114] Step 4: Normalize the above characteristic data;

[0115] Step 5:...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for identifying a network abnormal behavior based on a deep neural network. The method comprises the following steps: step 1: standardizing layer information and session information marks of a network-related data packet; step 2: filtering related network connection session data to be processed; step 3: performing feature pre-extraction on various protocol data; step 4: performing normalization processing on the above feature data; step 5: marking an obtained vector; step 6: deforming a data set to a certain extent; step 7: training the data; and step 8: constructing a deep neural network structure, and generating a neural network description file. By adoption of the scheme, a more comprehensive means is provided for the security audit of network information, thereby providing a strong support for enterprises in the compliance inspection of network security management, information security management and control, and information security management.

Description

technical field [0001] The invention relates to an identification method, in particular to a network abnormal behavior identification method based on a deep neural network, and belongs to the technical field of deep packet detection. Background technique [0002] The neural network abstracts the human brain neuron network from the perspective of information processing, establishes a simple model, and forms different networks according to different connection methods. In engineering and academia, it is often referred to directly as a neural network or a neural network. A neural network is an operational model consisting of multiple layers and a large number of nodes (or neurons) connected to each other. Each node represents a specific output function, called the activation function (Activation Function). Each connection between two nodes represents a weighted value for the signal passing through the connection, called weight, which is equivalent to the memory of the artific...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L29/06
CPCH04L43/028H04L63/1425
Inventor 陈虎唐开达
Owner 南京聚铭网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap