Supercharge Your Innovation With Domain-Expert AI Agents!

IP address analysis method and device for network attack and storage medium

A network attack and IP address technology, applied in the Internet field, can solve problems such as low computing speed, high computing cost, and large amount of computing, and achieve the effect of reducing computing time, reducing computing time, and reducing the number of clustered IPs

Active Publication Date: 2020-06-16
中国移动通信集团陕西有限公司 +1
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This clustering method has a particularly large amount of calculation, high calculation cost, and low calculation speed.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IP address analysis method and device for network attack and storage medium
  • IP address analysis method and device for network attack and storage medium
  • IP address analysis method and device for network attack and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] In order to cluster IPs more effectively and prepare for preventing network attacks, the embodiments of the present application provide an IP address analysis method, device and storage medium for network attacks. In order to better understand the solutions provided by the embodiments of this application, some nouns in the embodiments of this application are explained below:

[0028] Clustering method with constraints: also known as conditional system clustering method, this method is based on the idea of ​​system clustering, in the clustering process, clustering is carried out according to the conditions of clustering between classes, and those who do not meet the conditions are not allowed to gather together, specifically, Those who do not meet the criteria will not be placed in either category.

[0029] Next, the principle of the scheme provided by the embodiment of the present application is described:

[0030] DDos attackers will use hundreds of thousands of agent...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an IP address analysis method and device for network attacks and a storage medium, relates to the technical field of the Internet, and is used for effectively clustering IP addresses. The method comprises the following steps: collecting a plurality of data packets; obtaining a source IP and a destination IP of each data packet; aiming at each IP, executing the following steps: matching the IP with an IP in a pre-stored network attack case; if the same IP is matched, determining the IP as a known IP; if the same IP is not matched, determining the IP as an unknown IP; in the known IPs, selecting k known IPs as a clustering center; according to the clustering center, carrying out the clustering analysis with constraints on the unknown IP to obtain k classes; and determining the IPs contained in the k classes as potential risk IPs. Thus, the collected IPs are divided into the known IPs and the unknown IPs, constrained clustering analysis is carried out on the unknownIPs instead of clustering all the IPs, and the number of the IPs needing to be clustered is reduced.

Description

technical field [0001] The present application relates to the technical field of the Internet, in particular to an IP address analysis method, device and storage medium for network attacks. Background technique [0002] DDos (Distributed Denial of Service) attackers first obtain as many attack agents as possible and implant attack programs through the following four steps: (1) Scan a large number of hosts to find hosts that can be invaded; (2) Intrusion has security holes (3) In the intruded host, implant specific programs or attack programs according to the purpose of the intruded host; (4) Use the intruded host to continue scanning and intrusion, and implant in the intruded host attack program. After the attacker controls enough attack agents, he establishes a figure 1 The DDos attack network shown in the figure; then, at an appropriate time, the attack command is issued through the attack console; the attack console issues the parameters required for the operation of th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06K9/62
CPCH04L63/1416H04L63/1458H04L2463/146G06F18/23213
Inventor 张瑜康慧秦惠友为王创
Owner 中国移动通信集团陕西有限公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com