Port network intrusion detection method based on Bayesian network

A network intrusion detection, Bayesian network technology, applied in data exchange networks, instruments, character and pattern recognition, etc., can solve problems such as unconvincing, difficult to visualize, and difficult to explain black box models

Inactive Publication Date: 2020-10-20
TONGJI UNIV
View PDF4 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, there are some anomaly detection models based on machine learning or even deep learning. Most of the learning models are discriminant models based on expectation maximization. For online network intrusion detection models, deep learning and other models are used as network ...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Port network intrusion detection method based on Bayesian network
  • Port network intrusion detection method based on Bayesian network
  • Port network intrusion detection method based on Bayesian network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0060] According to the attached Figure 1 ~ Figure 2 , give the preferred embodiment of this study, and give a detailed description, so that the functions and characteristics of the present invention can be better understood. In this embodiment, the algorithm environment is based on: Python, Pgmpy Bayesian network model, Pandas analysis library and Numpy library.

[0061] Multiple data sources in this embodiment specifically refer to data sets obtained by multiple port data receiving interfaces; network flow data specifically refer to network data packets captured from port data interfaces through tcpdump and wireshark packet capture.

[0062] see Figure 1 ~ Figure 2 , a Bayesian network-based port network intrusion detection method in the embodiment of this study, comprising steps:

[0063] S1: First, collect and preprocess the network data packets in the port data interface through packet capture software (such as wireshark) to obtain a network traffic feature set S.

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the field of industrial Internet, and provides a port network intrusion detection method based on a Bayesian network, which comprises the following steps: S1, collecting, acquiring and preprocessing an abnormal port network flow data set to obtain a network flow characteristic set; S2, constructing and obtaining a Bayesian network model by utilizing the network data packetfeature set; S3, inputting a training set and training parameters of the Bayesian network model, and obtaining conditional probability parameters of the Bayesian network model by using a Bayesian theorem; and S4, detecting an input prediction set by using a conditional probability parameter and the Bayesian theorem to obtain a detection result. The invention discloses a network intrusion detection method based on a Bayesian network model. On the basis of a Bayesian network model, network intrusion detection is realized by modeling network traffic behaviors and characteristic attributes, and online dynamic adjustment can be performed on a detection model to cope with the change of a network environment, so that the accuracy of detecting and protecting network intrusion and the robustness of the model are improved, and finally, a remarkable effect is achieved.

Description

technical field [0001] The invention relates to the field of intrusion detection of industrial Internet network security. Background technique [0002] In recent years, intrusion detection has gradually become a research hotspot in the industry and academia, and many new technologies, algorithms and systems related to intrusion detection have emerged and will continue to emerge. According to the analysis of the 2016 ICS-CERT Industrial Internet Security Situation Report, more than 80% of the country's critical infrastructure relies on the Industrial Internet to automate the production process. However, there are many problems in the existing Industrial Internet intrusion detection. With the rise of intelligent electronic terminal devices, network traffic is growing explosively. Huge network traffic has promoted the integration of the Internet economy and the real economy. While enjoying the dividends of the Internet, we are also facing a series of challenges in network secu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24G06K9/62
CPCH04L63/1408H04L41/145H04L63/1425G06F18/24155
Inventor 王成汤文韬
Owner TONGJI UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap