A method and system for detecting intrusion attacks of serial decentralized concealment threats

A technology of intrusion attack and detection method, which is applied in the direction of transmission system, digital transmission system, security communication device, etc., and can solve the problem that defenders cannot obtain attack samples, etc.
CN109922048BActive Publication Date: 2022-04-19STATE GRID SHANXI ELECTRIC POWER COMPANY CHANGZHIELECTRIC POWER SUPPLY
6 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
STATE GRID SHANXI ELECTRIC POWER COMPANY CHANGZHIELECTRIC POWER SUPPLY
Publication Date
2022-04-19

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a method and system for detecting serial decentralized and concealed threat intrusion attacks. The detection method detects unknown abnormalities existing in network traffic through research on scalable application identification technology and hidden threat analysis and detection technology. flow. The scalable application identification technology is based on the deep packet inspection technology, which expands the scope of application layer identification, evaluates different applications from various dimensions, mines more information in network traffic, and provides Deep application layer identification capability. Decentralized hidden intrusion threat analysis system is deployed in the network in gateway mode, in-line mode or bypass mode, collects and analyzes current network traffic, discovers traces of malicious files at the network border in a timely manner, and provides real-time security alerts, threat location and execution action.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention discloses a method and system for detecting serial decentralized and concealed threat intrusion attacks, which belong to the technical field of network security defense. Background technique

[0002] With the widespread popularity of various attack methods against industrialized information systems and the occurrence of more unknown attack events, traditional security technologies are mainly faced with the following difficulties:

[0003] Most of the new threats emerging in the network are based on 0day vulnerabilities without vulnerability characteristics. Attack tools are changing with each passing day, and customized tools have appeared. For defenders, it is impossible to obtain attack samples through detection methods based on known threats.

[0004] Among the most common threats are:

[0005] APT (Advanced Persistent Threat), advanced persistent threat. It refers to the attack form in which organizations or small groups use advance...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More