Exception detection method, device and equipment in network security defense

An anomaly detection and network security technology, applied in electrical components, transmission systems, etc., to achieve the effect of ensuring network security

Inactive Publication Date: 2020-02-14
SANGFOR TECH INC
View PDF11 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the lack of effective management and control of such risky applications in the existing network security defense technologies, risky applications have become a cover for hackers' intrusions, and hackers have repeatedly succeeded.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Exception detection method, device and equipment in network security defense
  • Exception detection method, device and equipment in network security defense

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The core of the present application is to provide an anomaly detection method, device, device, and computer-readable storage medium in network security defense, so as to effectively detect the abnormality of the network session established by the risk application, and then protect the host from hackers. Ensure network security.

[0036] In order to describe the technical solutions in the embodiments of the present application more clearly and completely, the technical solutions in the embodiments of the present application will be introduced below in conjunction with the drawings in the embodiments of the present application. Apparently, the described embodiments are only some of the embodiments of this application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0037] The CCP’s anomaly detection...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an exception detection method in network security defense, which comprises the following steps: after a session connection between a client and a server is established, obtaining a traffic data packet generated by the session connection; calling a preset risk application rule base, and carrying out rule matching on the flow data packet, wherein mode rules of flow data packets corresponding to the risk applications are stored in the risk application rule base; and if the matching succeeds, judging that the session connection is established through the risk application, and pushing the communication activity recorded by the traffic data packet to an administrator, so as to enable the administrator to judge whether the session connection is abnormal or not. According to the invention, based on the supervision of the flow data and the recognition of the risk application, the abnormal condition of the network session established by the risk application can be effectively detected, thereby protecting the host from being invaded by hackers, and the network security is guaranteed. The invention further discloses an exception detection device and equipment in networksecurity defense and a computer readable storage medium, which also have the above beneficial effects.

Description

technical field [0001] The present application relates to the technical field of network security defense, and in particular to an anomaly detection method, device, equipment and computer-readable storage medium in network security defense. Background technique [0002] In recent years, with the development of network communication technology, network security incidents have emerged in an endless stream. [0003] Risk applications, that is, risk software, are some applications that do not contain active dissemination behavior, but can be used by criminals to achieve illegal network intrusion purposes. For example, hackers often use some malicious software such as TeamSpy to implant files of risk software such as teamview in the controlled host they have invaded, so as to use the risk software teamview to open the remote control mode, cover up its C&C communication, and remotely any operation on the control host. Since the risky application itself already exists on the host...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1441
Inventor 吕晓滨
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap