Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for monitoring abnormal connection and scanning behaviors of server

A server anomaly and behavior technology, applied in instruments, special data processing applications, electrical digital data processing, etc., can solve the problem of inability to handle a large amount of network traffic, inefficient monitoring of abnormal network behavior, inability to update network session data analysis results in real time, etc. problem, to achieve the effect of improving efficiency

Active Publication Date: 2020-05-01
BEIJING VRV SOFTWARE CO LTD
View PDF10 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Embodiments of the present invention provide a monitoring method and device for server abnormal connection and scanning behavior, which are used to solve the problem that the prior art cannot handle a large amount of network traffic, cannot update the analysis results of a large amount of network session data in real time, and has low efficiency in network abnormal behavior monitoring. The problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for monitoring abnormal connection and scanning behaviors of server
  • Method and device for monitoring abnormal connection and scanning behaviors of server
  • Method and device for monitoring abnormal connection and scanning behaviors of server

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0070] In order to make the objectives, technical solutions and advantages of the embodiments of the present invention clearer, the following will clearly and completely describe the technical solutions in the embodiments of the present invention in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0071] The existing network monitoring methods generally have the problem that it is difficult to process a large amount of real-time network session data, and the network monitoring efficiency is low. For this, the embodiment of the present invention provides a method for monitoring abnormal connection and scanning behavi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a method and a device for monitoring abnormal connection and scanning behaviors of a server. The method comprises: capturing network session data of a centralswitch; storing the network session data in a distributed database in the form of data records, wherein one data record corresponding to one request or confirmation; extracting behavior data of each IP from data records in the distributed database, wherein the behavior data comprises each connection behavior frequency, IP scanning frequency and port scanning frequency; judging abnormal behaviors of each IP based on the behavior data, wherein the abnormal behaviors comprise abnormal semi-connection, abnormal active connection, abnormal passive connection, abnormal IP scanning and abnormal portscanning; and displaying the abnormal behavior of each IP. According to the method and the device provided by the embodiment of the invention, a large amount of network session data can be processed,the network abnormal behavior is updated in real time, and the network abnormal behavior monitoring efficiency is improved.

Description

technical field [0001] The invention relates to the technical field of network monitoring, in particular to a monitoring method and device for server abnormal connection and scanning behavior. Background technique [0002] Network failures occur all the time, and the port throughput of the switching machine fluctuates. Operation and maintenance personnel may often encounter such problems: users often complain about slow access to the intranet business system or slow file copying, or guess that the intranet may There are port data attacks, but it is impossible to find out which machines initiated them in time. [0003] Malicious port traffic attacks cause a large amount of server resources to be occupied. As a result, normal processes are not effectively processed and bandwidth is occupied. In order to find the source of abnormal attacks, it is time-consuming and labor-intensive to filter through layers of tools. Abnormal port connection behavior monitoring is not only for t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F16/2455G06F16/27
CPCH04L63/1416H04L63/1425G06F16/27G06F16/2455
Inventor 林皓朱志明余方和
Owner BEIJING VRV SOFTWARE CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com