Attack detection model training method and attack detection method and system

A technology of attack detection and model, applied in the field of communication, can solve the problem that the target system cannot provide normal services

Pending Publication Date: 2020-05-19
CHINA MOBILEHANGZHOUINFORMATION TECH CO LTD +1
View PDF5 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There are many ways of distributed denial of service attack. The most basic distributed service attack is to use the target system network service func

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack detection model training method and attack detection method and system
  • Attack detection model training method and attack detection method and system
  • Attack detection model training method and attack detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] Embodiments of the present application will be described in detail below in conjunction with the accompanying drawings.

[0036] see figure 1 , is a flow chart of a method for training a DDoS attack detection model provided in an embodiment of the present application.

[0037] As shown, the process includes:

[0038] S101: Obtain characteristic information of network traffic within a specified time period.

[0039] Specifically, if a DDoS attack occurs during a certain period of time, the time period including the occurrence of the DDoS attack is selected as the specified time period, and the characteristic information of the network traffic of the destination IP address of the DDoS attack within the specified time period is obtained, that is, the acquired network The traffic includes DDoS attack traffic and normal traffic. For example, there were multiple DDoS attacks from 10:00 am to 10:00 pm on Wednesday of the previous week. You can select the specified time perio...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an attack detection model training method and an attack detection method and system, and the method comprises the steps: obtaining feature information of network flow in a specified time period, wherein a part of the network flow in the specified time period is the flow detected as a DDoS attack and the feature information comprises a source IP address and a flow byte number, dividing the network flow in the specified time period by taking the set duration as a unit to obtain a detection sample set, wherein the detection sample set comprises a plurality of detection samples, one detection sample corresponds to the network flow in one set duration and one detection sample comprises feature information corresponding to the network flow in the set duration, and training a DDoS attack detection model by using at least part of the detection samples in the detection sample set, wherein the output information of the DDoS attack detection model is used for indicating whether the input network flow is the DDoS attack flow.

Description

technical field [0001] The present invention relates to the field of communication technology, in particular to a distributed denial of service (Distributed Denial of Service, DDoS) attack detection model training method, DDoS attack detection method and system. Background technique [0002] DDoS attack refers to the use of client or server technology to combine multiple computers as an attack platform to launch a distributed denial of service attack on one or more targets. There are many ways of distributed denial of service attack. The most basic distributed service attack is to use the target system network service function defects or use reasonable service requests to directly occupy too many service resources, so that the target system cannot provide normal services. According to Transmission Control Protocol / Internet Protocol (Transmission Control Protocol / Internet Protocol, TCP / IP) level, DDoS attacks can be divided into attacks based on Address Resolution Protocol (A...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458
Inventor 冯剑周川楷
Owner CHINA MOBILEHANGZHOUINFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap