Abnormal flow decision-making system and method

A technology of abnormal traffic and decision-making system, applied in the field of abnormal traffic alarm decision-making system, it can solve the problems of normal traffic increase, traffic increase, false positives and false negatives, so as to reduce false positives and false negatives and improve the accuracy.

Pending Publication Date: 2020-07-28
HANGZHOU DPTECH TECH
View PDF3 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, it is too simple to judge the attack by the threshold, which leads to false positives and false positives in many scenarios. For example, the SYN packet threshold set by the user is 100pps, and the normal traffic is 50pps. At this time, the flow of SYN packets exceeds 100pps, but it does not mean an attack, it is just a simple normal flow increase, and the threshold method will be mistaken for a SYN attack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Abnormal flow decision-making system and method
  • Abnormal flow decision-making system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The specific implementations of the present disclosure will be described below, and it should be noted that in the process of specific descriptions of these implementations, for the sake of concise description, it is impossible for this specification to describe all the features of the actual implementations in detail. It should be understood that, in the actual implementation process of any embodiment, just like in the process of any engineering project or design project, in order to achieve the developer's specific goals and to meet system-related or business-related constraints, Often a variety of specific decisions are made, and this can vary from one implementation to another. In addition, it will also be appreciated that while such development efforts may be complex and lengthy, the technology disclosed in this disclosure will Some design, manufacturing or production changes based on the content are just conventional technical means, and should not be interpreted ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an abnormal flow alarm decision-making system. The system comprises: a traffic classification component, which performs classification statistics on received data messages in astatistical period according to each of multiple dimensions at least including the traffic of the data messages, the protocol proportion and the number of source IPs, and respectively stores classification statistics results in a memory; a scoring component which is used for attributing the classified and counted result of each dimension to different threshold ranges of the corresponding dimension, and endowing the received data message with scores under the corresponding dimension based on the attributed different threshold ranges; and an exception judgment component which accumulates the scores corresponding to all dimensions, and judges the traffic state of the data message received in the statistical period corresponding to the accumulated score exceeding the normal threshold score asan exceptional traffic state of different levels.

Description

technical field [0001] The present disclosure relates to a system and method for making abnormal traffic alarm decision-making, and in particular to a system and method for making multi-dimensional abnormal traffic alarm decision. Background technique [0002] With the advancement and development of network communication technology, the number of network users and access devices is increasing rapidly, and various network attacks such as DDOS, data theft, data tampering, brute force cracking and other network attacks occur frequently, resulting in more and more threats to network security. more threats. [0003] Abnormal traffic is abnormal traffic for the Internet, including network attack traffic, network virus traffic, abnormal service traffic, etc. Abnormal network traffic usually affects the entire Internet system, and even leads to service interruption, resulting in irreparable losses. Deploying a suitable abnormal traffic detection system not only ensures the normal ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/06
CPCH04L41/06H04L41/0609H04L63/1425
Inventor 邢涛
Owner HANGZHOU DPTECH TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap