Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Operating system recognition method based on CAVWNB _ KL algorithm

An operating system and identification method technology, applied in the field of network security, can solve problems such as reducing classification accuracy, and achieve the effect of improving classification accuracy, improving classification accuracy, and alleviating the independent conditions required.

Active Publication Date: 2020-05-01
XI AN JIAOTONG UNIV +1
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the simple Naive Bayesian algorithm may reduce the accuracy of classification for the condition of independence between attributes

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Operating system recognition method based on CAVWNB _ KL algorithm
  • Operating system recognition method based on CAVWNB _ KL algorithm
  • Operating system recognition method based on CAVWNB _ KL algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0066] At present, in the field of network security, for the identification of the operating system, most of the fingerprints collected on the spot are used, and the method similar to the binary classification is mostly used, and the manual identification is regular, resulting in low identification accuracy and easy false positives. The scales are inconsistent, and the requirements for training data are also high, which is generally difficult to meet.

[0067] The present invention provides an operating system identification method based on the CAVWNB_KL algorithm, which is combined with the CAVWNB_KL algorithm to train a large number of vectors obtained by dismantling nmap's rule set conversion, while improving efficiency and improving the recognition rate for the operating system, through the CAVWNB_KL algorithm For the obtained vector training, its prior probability and posterior probability are obtained, and then the real traffic is collected through the probe, and then the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an operating system recognition method based on a CAVWNB _ KL algorithm, which comprises the following steps: analyzing an operating system recognition rule in nmap, extractingM thousand data from a large number of split data sets as training data, and extracting m thousand data again as simulation test data by the same method; carrying out box sealing operation on the obtained M thousand data; calculating the correlation degree between the attributes and the classes by using KL divergence to serve as the weight of each attribute; calculating a prior probability and aposterior probability of the preprocessed M thousand data, and storing the prior probability and the posterior probability as fingerprints; calculating a test precision measurement index by taking themten thousand data set; calculating the test precision of the real flow; and screening the collected real flow, performing incremental training in a Bayesian incremental learning mode, correcting anoriginal fingerprint model, and completing recognition. According to the method, a CAVWNB _ KL algorithm is adopted, so that independent conditions required by naive Bayesian attributes are greatly relieved, and the classification precision is improved.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to an operating system identification method based on a CAVWNB_KL (Correlation-based Attribute Value Weighted Naive Bayes_KL) algorithm. Background technique [0002] In the field of network security, the object of security is assets, and the operating system is a major category of assets. At present, the high false positive rate of operating systems is a major pain point for security asset management customers. Therefore, how to accurately identify operating systems and improve The recognition rate of the operating system has always been a hot issue in the field of network security. [0003] At present, in the field of network security, for the identification of operating systems, most of them use on-site fingerprint collection, and most of them use a method similar to binary classification, that is, through one-by-one comparison plug-in identification, and man...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06N7/00
CPCG06N7/01
Inventor 桂小林安迪樊志甲李瀛范建存
Owner XI AN JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com