A method and system for detecting intrusion attacks of serial decentralized concealment threats

A technology of intrusion attack and detection method, which is applied in the direction of transmission system, digital transmission system, security communication device, etc., and can solve the problem that defenders cannot obtain attack samples, etc.

Active Publication Date: 2022-04-19
STATE GRID SHANXI ELECTRIC POWER COMPANY CHANGZHIELECTRIC POWER SUPPLY
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Most of the new threats emerging in the network are based on 0day vulnerabilities without vulnerability characteristics. Attack tools are changing with each passing day, and customized tools have appeared. For defenders, it is impossible to obtain attack samples through detection methods based on known threats.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for detecting intrusion attacks of serial decentralized concealment threats
  • A method and system for detecting intrusion attacks of serial decentralized concealment threats
  • A method and system for detecting intrusion attacks of serial decentralized concealment threats

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] The present invention will be further described in detail below in conjunction with specific embodiments and accompanying drawings, but the protection scope of the present invention is not limited to these embodiments, and all changes or equivalent substitutions that do not depart from the concept of the present invention are included within the protection scope of the present invention .

[0056] The invention discloses a method for detecting serial decentralized and hidden threat intrusion attacks. The detection method detects unknown abnormal traffic in network traffic through the research of scalable application identification technology and hidden threat analysis and detection technology.

[0057] The scalable application identification technology is based on the deep packet inspection technology, which expands the scope of application layer identification, evaluates different applications from various dimensions, mines more information in network traffic, and provi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and system for detecting serial decentralized and concealed threat intrusion attacks. The detection method detects unknown abnormalities existing in network traffic through research on scalable application identification technology and hidden threat analysis and detection technology. flow. The scalable application identification technology is based on the deep packet inspection technology, which expands the scope of application layer identification, evaluates different applications from various dimensions, mines more information in network traffic, and provides Deep application layer identification capability. Decentralized hidden intrusion threat analysis system is deployed in the network in gateway mode, in-line mode or bypass mode, collects and analyzes current network traffic, discovers traces of malicious files at the network border in a timely manner, and provides real-time security alerts, threat location and execution action.

Description

technical field [0001] The invention discloses a method and system for detecting serial decentralized and concealed threat intrusion attacks, which belong to the technical field of network security defense. Background technique [0002] With the widespread popularity of various attack methods against industrialized information systems and the occurrence of more unknown attack events, traditional security technologies are mainly faced with the following difficulties: [0003] Most of the new threats emerging in the network are based on 0day vulnerabilities without vulnerability characteristics. Attack tools are changing with each passing day, and customized tools have appeared. For defenders, it is impossible to obtain attack samples through detection methods based on known threats. [0004] Among the most common threats are: [0005] APT (Advanced Persistent Threat), advanced persistent threat. It refers to the attack form in which organizations or small groups use advance...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40H04L41/14
Inventor 何潇锐翟永庆常明刘艳玲王婵琼刘艳霞
Owner STATE GRID SHANXI ELECTRIC POWER COMPANY CHANGZHIELECTRIC POWER SUPPLY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap