Method and system for network attack surface detection
A network attack and surface detection technology, applied in the field of network security, can solve the problems of detection model imbalance, model failure to detect attack data, failure to correctly detect attack data or behavior, etc., and achieve the effect of improving the detection ability
Active Publication Date: 2021-07-23
武汉思普崚技术有限公司
View PDF7 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0002] Many attacks now come from hidden and fragmented forms. The vulnerability points and attack links of a single network node will constitute multiple attack surfaces, and the existing methods of preventing network attacks may fail
[0003] At the same time, there are still two deficiencies in the existing statistical analysis and machine learning: First, the attack data is insufficient during the training process, which is far less than the normal data. Insufficient and unbalanced data will cause the detection model to be unbalanced, and the attack data cannot be detected correctly Or behavior; second, with the development of technology, the attacker's attack methods are constantly changing. However, these attack data will not be disclosed in advance, and they cannot be used for model training, resulting in the model being unable to detect unknown attack data.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0037] The preferred embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings, so that the advantages and features of the present invention can be more easily understood by those skilled in the art, so as to define the protection scope of the present invention more clearly.
[0038] figure 1 A flow chart of the network attack surface detection method provided by this application, the method includes:
[0039] Collect copies of data fragments of each network node, and extract exploitable attack vectors from them;
[0040] Merging the received data fragments with local historical data fragments; the merging includes merging according to at least one of the criteria of the network node to which it belongs, the sending terminal to which it belongs, data type, and corresponding access behavior;
[0041] Use the static analysis model to analyze the merged data fragments, look for abnormal data fragments that may exist ther...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The present invention provides a network attack surface detection method and system, which can first perform static analysis based on historical network data to find abnormal data segments, and then construct a noise simulation network attack model based on the vectorized abnormal data segments, using real network attack traffic The noise simulation network attack model is trained, and the model itself has the ability to continuously compound and mutate network attacks. After the noise simulation network attack model is trained, it is connected to the machine learning module as the simulated attack source of the machine learning module. The network traffic is detected on the network attack surface to help improve the detection capability of the machine learning module.
Description
technical field [0001] The present application relates to the technical field of network security, in particular to a network attack surface detection method and system. Background technique [0002] Nowadays, many attacks come from hidden and fragmented forms. The vulnerability points and attack links of a single network node will constitute multiple attack surfaces, and the existing methods of preventing network attacks may fail. [0003] At the same time, there are still two deficiencies in the existing statistical analysis and machine learning: First, the attack data is insufficient during the training process, which is far less than the normal data. Insufficient and unbalanced data will cause the detection model to be unbalanced, and the attack data cannot be detected correctly Or behavior; second, with the development of technology, the attack methods of attackers are constantly changing. However, these attack data will not be disclosed in advance, and they cannot be u...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/24G06N20/00
CPCG06N20/00H04L41/145H04L63/1416
Inventor 段彬
Owner 武汉思普崚技术有限公司