Abnormal network traffic detection method, device and storage medium
A technology for network traffic and detection methods, applied in the field of network security, can solve problems such as threats to network and host security, lack of security monitoring mechanisms, and increased burden on network equipment, saving storage space, reducing computational complexity, and improving effectiveness and efficiency. The effect of accuracy
Active Publication Date: 2021-03-12
SIEMENS CHINA
View PDF5 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
In particular, the industrial Internet has changed from a traditional closed system to a non-closed system, but at present there is still a lack of a complete security monitoring mechanism, and the security threats it faces are even greater
[0003] Network failures and malicious attacks will cause abnormal network traffic
On the one hand, these abnormal traffic seriously threaten the security of the network and hosts; on the other hand, these abnormal traffic increases the burden on network equipment and wastes network resources
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0077] At present, considering that in the conventional threshold-based abnormal network traffic detection method, the threshold for judging whether abnormal network traffic occurs is usually a fixed value set based on experience or statistical data. However, it is difficult to set the value of the threshold very properly, and the fixed threshold cannot quickly detect the slow linear growth of network traffic, so it cannot be well adapted to the rapidly changing network. For this reason, the embodiment of the present invention proposes an abnormal network traffic detection method, device and storage medium, introduces the concept of observation window, calculates the low-frequency value and high-frequency value of network traffic in the observation window, and compares it with the dynamically changing network Comprehensive comparison of traffic thresholds to quickly and accurately detect abnormal network traffic. The dynamically changing network traffic threshold is jointly ma...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The embodiment of the present invention discloses a method, device, and storage medium for abnormal network traffic detection, wherein the method includes: setting an observation window including n consecutive detection time points; acquiring network traffic at each detection time point within the current observation window value; respectively calculate the low-frequency value and high-frequency value of the network traffic value at every two adjacent detection time points in the current observation window; calculate the The traffic decision value of the current observation window; and judging whether the traffic decision value of the current observation window exceeds a network traffic threshold, and if so, confirming that abnormal network traffic is detected. The technical solution in the embodiment of the present invention is simple and convenient, can quickly detect abnormal network traffic, and has high detection efficiency; at the same time, the concept of low-frequency value and high-frequency value is introduced, and network traffic can be monitored from two aspects: numerical level and stable level , the monitoring is more comprehensive and accurate.
Description
technical field [0001] The invention relates to the technical field of network security, in particular to a method, device and storage medium for detecting abnormal network traffic. Background technique [0002] With the continuous development of Internet technology, the Internet has increasingly become an indispensable part of people's daily work, life and study. Whether it is the industrial Internet or the Internet that people use daily, the security issues they are facing are becoming increasingly prominent. In particular, the industrial Internet has changed from a traditional closed system to a non-closed system, but currently lacks a complete security monitoring mechanism, and faces even greater security threats. [0003] Both network failures and malicious attacks will cause abnormal network traffic. On the one hand, these abnormal flows seriously threaten the security of the network and hosts; on the other hand, these abnormal flows increase the burden on network de...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/26
Inventor 徐志浩戴鹏
Owner SIEMENS CHINA