Intranet security risk identification method and device

A security risk, intranet technology, applied in the field of communications, can solve problems such as high misjudgment rate, dependence on feature database, etc., to achieve the effect of improving accuracy and facilitating large-scale deployment

Active Publication Date: 2020-09-15
FUJIAN JIANKANGZHILU INFORMATION TECH CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] To this end, it is necessary to provide a technical solution for intranet security risk identification to solve the problems that existing intranet security level identification methods are highly dependent on feature databases and have high misjudgment rates.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intranet security risk identification method and device
  • Intranet security risk identification method and device
  • Intranet security risk identification method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] In order to describe in detail the technical content, structural features, achieved objectives and effects of the technical solution, the following detailed descriptions are given in conjunction with specific embodiments and accompanying drawings.

[0035] Such as figure 1 As shown, this application provides a method for identifying an intranet security risk, and the method includes the following steps:

[0036] S1: Receive intranet traffic mirroring.

[0037] Traffic mirroring refers to transferring a copy of traffic data to a designated port to realize real-time monitoring and analysis of intranet traffic.

[0038] S2: Identify the current intranet traffic type. The intranet traffic type includes an IP type and an ARP type. If it is an IP type, perform step S21: first processing, and if it is an ARP type, perform step S22: second processing.

[0039] When the computer is connected to the Internet, the ISP (Internet Service Provider) will automatically assign an IP to each compu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an intranet security risk identification method and device. The method comprises the following steps that: S1, an intranet traffic mirror image is received; S2, the current intranet flow type is identified, the intranet flow type comprises an IP type and an ARP type, if the intranet flow type is the IP type, S21, namely, first processing, is carried out, and if the intranetflow type is the ARP type, S22, namely, second processing, is carried out; and S3, comprehensive analysis is performed according to a first processing result and a second processing result of the intranet flow, and a current intranet security risk level is determined. According to the scheme, the current intranet security risk level is recognized by recognizing the intranet flow type, the intranetbehavior and the network card state, implementation does not depend on a feature database, the accuracy of risk judgment is effectively improved, and large-scale deployment is facilitated.

Description

Technical field [0001] The present invention relates to the field of communications, and in particular to a method and device for identifying internal network security risks. Background technique [0002] The identification of existing intranet security risks is usually based on host-side anti-virus software, HIPS (host intrusion prevention system), and network-side IDS (intrusion detection system) or IPS (intrusion detection system). prevent system, intrusion blocking system) to monitor network transmission, and then detect and block suspicious hacker intrusion in time. The above-mentioned methods for identifying intranet risks are all based on feature identification technology, which is highly dependent on feature databases when implemented, with a high rate of misjudgment, and difficulties in identifying unknown risks, which seriously affects effective identification of real risks At the same time, the identification on the host side also requires the installation of a client...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08H04L29/12
CPCH04L63/1408H04L63/1425H04L63/20H04L61/103H04L67/02H04L61/4511
Inventor 漆金生张万能
Owner FUJIAN JIANKANGZHILU INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap