Network space surveying and mapping method based on service verification

A technology of cyberspace and space, applied in the field of network security, can solve the problems of low success rate of active detection, unreachable target IP, affecting network usage, etc., and achieve the effect of enriching space surveying and mapping information, improving use value, and improving efficiency.

Active Publication Date: 2020-05-08
科来网络技术股份有限公司
View PDF6 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] When the detection server conducts active detection, it often needs to retry a port multiple times before it can return the fingerprint (banner) data expected by the detection server. Therefore, we can calculate the number of detections initiated by a network-wide active detection: total detection Number of times = IP*port*number of detections on a single port. It can be seen that the cost of performing an active detection is very high, but high-frequency network detections often cause network congestion and affect normal network use. In actual use A target may only have a small number of ports open, and even the target IP is unreachable
Therefore, the success rate of active detection is low

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network space surveying and mapping method based on service verification
  • Network space surveying and mapping method based on service verification

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0038] A network space mapping method based on service verification, characterized in that: the method includes the following steps:

[0039] A. Analyze traffic logs, mirrored traffic, and offline data in sequence to obtain analysis results;

[0040] The traffic log is analyzed: the metadata decoding server MDP parses the offline data packets put into the designated folder;

[0041] The image traffic is analyzed: access traffic from the mirror traffic port of the core switch to the INTER network card, and use the metadata decoding server MDP to parse the traffic data into quintuple+PAYLOAD data;

[0042] The offline data is analyzed: IP, destination port, and protocol obtained from the quintuple information. If there is PAYLOAD, then use the fingerprint analysis engine to identify the equipment corresponding to the port, operating system, application, and primary key information from PAYLOAD, and at the same time Save the communication attributes of the original IP and the de...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to a network space surveying and mapping method based on service verification, and belongs to the technical field of network security. The method comprises the following steps of: A, analyzing a flow log, mirror flow and offline data in sequence to obtain an analysis result; b, verifying the analysis result through a script to obtain a verification result; and C, perfecting the space surveying and mapping information through a verification result. The space surveying and mapping efficiency is improved by utilizing server IP, port and protocol information acquired by dataacquisition, dimensions of space surveying and mapping asset description are enriched, and validity of verification numbers is actively detected, so that reliability of whole space surveying and mapping data is improved, and huge burden on a network caused by an active scanning mode is avoided.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a network space surveying and mapping method based on service verification. Background technique [0002] Cyberspace mapping refers to the use of specific technologies to detect cyberspace, identify assets in the network (such as servers, routing equipment, industrial control equipment, firewalls, gateways, etc.), service applications (webserver, ftp, ssh, mysql, etc.) Combining with other basic data to realize the portrait of assets in cyberspace. The existing surveying and mapping methods are mainly realized by active scanning. Active scanning is to use the detection server to initiate a connection request to the specified port of the target device to judge the characteristic information of the target device according to the returned situation. [0003] For the detection server, the target device is an unknown situation, it does not know the server IP add...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L29/06
CPCH04L43/04H04L43/08H04L63/0876H04L63/1425H04L63/1433H04L63/16H04L63/205
Inventor 林康罗鹰蒲勇军
Owner 科来网络技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap