A serial dispersed hidden threat intrusion attack detection method and a serial dispersed hidden threat intrusion attack detection system

An intrusion attack and detection method technology, applied in transmission systems, digital transmission systems, electrical components, etc., can solve the problem of defenders being unable to obtain attack samples, and achieve monitoring of advanced sustainable threats, efficient detection and protection, and short interruption response. effect of time

Active Publication Date: 2019-06-21
STATE GRID SHANXI ELECTRIC POWER COMPANY CHANGZHIELECTRIC POWER SUPPLY
View PDF6 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Most of the new threats emerging in the network are based on 0day vulnerabilities without vulnerability characteristics. Attack tools are changing with each passing day, and customized tools have appeared. For defenders, it is impossible to obtain attack samples through detection methods based on known threats.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A serial dispersed hidden threat intrusion attack detection method and a serial dispersed hidden threat intrusion attack detection system
  • A serial dispersed hidden threat intrusion attack detection method and a serial dispersed hidden threat intrusion attack detection system
  • A serial dispersed hidden threat intrusion attack detection method and a serial dispersed hidden threat intrusion attack detection system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] The present invention will be further described in detail below in conjunction with specific embodiments and accompanying drawings, but the protection scope of the present invention is not limited to these embodiments, and all changes or equivalent substitutions that do not depart from the concept of the present invention are included within the protection scope of the present invention .

[0056] The invention discloses a method for detecting serial decentralized and hidden threat intrusion attacks. The detection method detects unknown abnormal traffic in network traffic through the research of scalable application identification technology and hidden threat analysis and detection technology.

[0057] The scalable application identification technology is based on the deep packet inspection technology, which expands the scope of application layer identification, evaluates different applications from various dimensions, mines more information in network traffic, and provi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a serial dispersed hidden threat intrusion attack detection method and system, and the method comprises the steps: detecting the unknown abnormal flow in the network flow through the research on an extensible application recognition technology and a hidden threat analysis detection technology. According to the extensible application identification technology, on the basis of a deep packet detection technology, the category of application layer identification is extended, different applications are evaluated from various dimensions, more information in network traffic ismined, and the deep application layer identification capability is provided. The distributed hidden intrusion threat analysis system is deployed in a network in a gateway mode, a series mode or a bypass mode, collects and analyzes the current network flow, timely finds an activity trace of a malicious file at the boundary of the network, and provides real-time security alarm, threat positioning and execution actions.

Description

technical field [0001] The invention discloses a method and system for detecting serial decentralized and concealed threat intrusion attacks, which belong to the technical field of network security defense. Background technique [0002] With the widespread popularity of various attack methods against industrialized information systems and the occurrence of more unknown attack events, traditional security technologies are mainly faced with the following difficulties: [0003] Most of the new threats emerging in the network are based on 0day vulnerabilities without vulnerability characteristics. Attack tools are changing with each passing day, and customized tools have appeared. For defenders, it is impossible to obtain attack samples through detection methods based on known threats. [0004] Among the most common threats are: [0005] APT (Advanced Persistent Threat), advanced persistent threat. It refers to the attack form in which organizations or small groups use advance...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
Inventor 何潇锐翟永庆常明刘艳玲王婵琼刘艳霞
Owner STATE GRID SHANXI ELECTRIC POWER COMPANY CHANGZHIELECTRIC POWER SUPPLY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap