Abnormal flow monitoring method, device and equipment based on statistics and storage medium

A technology of abnormal traffic and statistical characteristics, applied in the field of network security, can solve the problems of cumbersome deployment and high implementation cost of abnormal traffic monitoring

Inactive Publication Date: 2020-02-21
PING AN TECH (SHENZHEN) CO LTD
View PDF12 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The main purpose of the present invention is to provide a statistically-based abnormal traffic monitoring method, device, equipment, and storag

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Abnormal flow monitoring method, device and equipment based on statistics and storage medium
  • Abnormal flow monitoring method, device and equipment based on statistics and storage medium
  • Abnormal flow monitoring method, device and equipment based on statistics and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0077] It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0078] The invention provides a statistics-based abnormal flow monitoring device.

[0079] refer to figure 1 , figure 1 It is a structural schematic diagram of the operating environment of the abnormal flow monitoring equipment involved in the solution of the embodiment of the present invention.

[0080] Such as figure 1 As shown, the abnormal traffic monitoring device includes: a processor 1001 , such as a CPU, a communication bus 1002 , a user interface 1003 , a network interface 1004 , and a memory 1005 . Wherein, the communication bus 1002 is used to realize connection and communication between these components. The user interface 1003 may include a display screen (Display) and an input unit such as a keyboard (Keyboard), and the network interface 1004 may optionally include a standard wired interface or a wir...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an abnormal traffic monitoring method based on statistics, which comprises the following steps: collecting user access log records in a preset time period, and carrying out cleaning and transformation processing to generate standard user access data; counting the distribution of statistical characteristics corresponding to the standard user access data in different time dimensions; mapping the distribution of the statistical characteristics on different time dimensions into corresponding multivariate Gaussian distribution and respectively performing parameter estimation; calculating Gaussian distribution probability values respectively corresponding to the statistical characteristics corresponding to the current network flow in each time dimension; judging whether the Gaussian distribution probability value is smaller than a preset alarm threshold value of the current network flow in the time dimension or not; If so, judging that the current network traffic is abnormal traffic. The invention further discloses an abnormal flow monitoring device and equipment based on statistics and a storage medium. The method is easy to deploy and low in implementation cost,and can flexibly respond to abnormal flow real-time alarms of different service scenes in different time periods.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method, device, equipment and storage medium for abnormal flow monitoring based on statistics. Background technique [0002] With the advent of the information age, abnormal network traffic monitoring has always been an important part of the information security field. Abnormal network traffic refers to irregular and significant changes in traffic in the network. Aiming at sudden abnormalities that may occur in network traffic in a short period of time, there may be problems such as high-frequency operations, access during abnormal periods, abnormal files, or abnormal access objects. No matter what kind of problem it is, it may face service quality degradation affecting normal user access and network security issues. [0003] At present, abnormal traffic monitoring is usually implemented based on machine learning, which not only requires building corresponding techni...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1425
Inventor 刘玉洁杨冬艳
Owner PING AN TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap