Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Illegal Outreach Monitoring Method Based on Similarity Analysis of Wireless and Wired Data Streams

A similarity analysis and data flow technology, applied in character and pattern recognition, instruments, calculations, etc., can solve the problems of short detection time, response speed, function failure, and inability to judge, so as to reduce deployment costs, reduce construction difficulties, and monitor Effects of Illegal Outreach

Active Publication Date: 2020-12-15
四川英得赛克科技有限公司
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Supervise the use of the wireless network by installing a client agent on the terminal desktop system, mainly for the supervision of the terminal's own wireless network card, privately connected wireless WIFI, and the use of free wireless WIFI; its advantages are short detection time and fast response, but its existence The following disadvantages: cannot manage and control the terminal desktop system without client agent installed; cannot supervise the private connection of wireless routing devices, because such devices cannot install client agent; cannot use technical means to prohibit installed terminals from uninstalling the software system , thereby disabling its function
[0006] Mainly through ICMP, TCP and UDP scanning technology, learn from the operating system fingerprint identification technology to form a local protocol feature library, so as to judge whether the target machine is a NAT access device, smart phone device, portable WIFI access device and free WIFI access equipment, etc.; its advantage is that it can more accurately discover some smart phones and portable WIFI access, and can more accurately identify routing devices and wireless AP access through NAT, but it has the following disadvantages: it needs to deploy a Scanning the host brings a new risk point to the intranet; if the external host is only used as a network springboard, without routing forwarding and NAT functions, it will not be possible to determine whether it is external; this solution needs to send data packets to the internal network, and the It will cause communication interference to the original internal network
[0008] The existing outreach monitoring solution based on data monitoring is detected by bypass monitoring and analyzing data packets inside the network, which is suitable for networks with public network egress (such as the Internet). Special fields are used to judge and distinguish portable WIFI access, smart phone access and NAT device access; its advantage is that it can more accurately discover some smart phones and portable WIFI access, and can more accurately identify NAT access devices, but its existence The following disadvantages: the coverage of monitoring data determines its detection range, there are false negatives, it is suitable for networks with public egress links, and it is not suitable for use as an inspection tool; due to limited detection technology, there is a possibility of false negatives

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0037] An illegal outreach monitoring method based on similarity analysis of wireless and wired data streams, using an illegal outreach monitoring device installed with a wireless communication module to monitor, comprising the following steps:

[0038] Step 1. Set a mirror port on the intranet switch to be monitored, and mirror all intranet data to the illegal outreach monitoring device;

[0039] Step 2. The illegal outreach monitoring device receives all internal network traffic data;

[0040] Step 3. When it is preliminarily determined to be a suspicious external host, record all its network communication data;

[0041] Step 4. Analyze the characteristics of the network communication data of the suspicious external host, and use the following method to construct its network communication model:

[0042] Step (1), data preprocessing: filter all recorded network communication data, and convert the data stream into a feature vector including a time feature vector and a space ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an illegal outreach monitoring method based on the similarity analysis of wireless and wired data streams. Monitoring is realized by using an illegal outreach monitoring device equipped with a wireless communication module, which includes the following steps: mirroring all internal network data to illegal outreach Illegal outreach monitoring equipment receives all internal network traffic data; records all its network communication data; conducts characteristic analysis of the network communication data to build its network communication model; illegal outreach monitoring equipment receives all wireless network traffic data; Record all encrypted wireless network communication data between them; analyze the characteristics of the encrypted wireless network communication data, and build its network communication model; compare the two network communication models, and judge whether it is an illegal external host based on their similarity . The invention compares two network communication models, wired and wireless, so as to accurately and real-time monitor illegal outreach behaviors.

Description

technical field [0001] The invention relates to an illegal outreach monitoring method, in particular to an illegal outreach monitoring method based on similarity analysis of wireless and wired data streams. Background technique [0002] For the isolated intranet of the industrial control system, illegal outreach has always been the top priority of the integrity protection of the network boundary because of its huge harm. With the popularization of smart phones and 4G / 5G technology, the main manifestation of illegal outreach is the outreach through smart phones (4G / 5G), which is more convenient, faster and cheaper than the early telephone dialing. Low, the most common way is to connect the terminal computer connected to the intranet to the personal hotspot opened by the smartphone through wireless WIFI, which will bring unpredictable security risks to the original internal network. At present, there are mainly the following technical solutions for monitoring illegal outreach...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G06K9/62
CPCH04L63/1408G06F18/23G06F18/22
Inventor 欧晓聪龚海澎王庭宇
Owner 四川英得赛克科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com