A Flow-Based Tracing Attack Path Method in Network Shooting Range

A technology of attack path and flow, applied in the field of network shooting range, can solve the problem of lack of research on the overall model of directional network attack tracking and traceability, and achieve the effect of ensuring accuracy

Active Publication Date: 2020-12-15
信联科技(南京)有限公司
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

From a systematic point of view, all kinds of traceability technologies are used independently and independently, and there is a lack of research on the overall model of targeted network attack traceability.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Flow-Based Tracing Attack Path Method in Network Shooting Range
  • A Flow-Based Tracing Attack Path Method in Network Shooting Range
  • A Flow-Based Tracing Attack Path Method in Network Shooting Range

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] The specific implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings.

[0056] The present invention designs a traffic-based traceability attack path method in the network shooting range, which is used to describe the attack path of malicious traffic in the network shooting range. In practical applications, such as figure 1 As shown, the following steps A to I are performed in real time.

[0057] Step A. Monitor and collect all data traffic in the network shooting range, obtain each data traffic, form a traffic cluster, and mark the status of each data traffic as unprocessed, and then enter step B.

[0058] Step B. Perform malicious traffic detection for all data traffic in the traffic cluster, obtain each malicious traffic therein, and then enter step C.

[0059] Step C. Randomly select a piece of malicious flow from the unprocessed malicious flow as the current malicious flow, and create ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a flow-based traceability attack path method in a network shooting range, which is designed based on a directional network network attack traceability technology, and through accurate and effective flow monitoring in the network shooting range, from the perspective of reverse traceability, the description of the traceability attack path is realized , which can assist security analysts to better disassemble network attack behaviors. Among them, the reverse source tracing method generates attacker fingerprints through the extraction of attacker behavior characteristics, and directional traces of attacker traffic in historical logs, which is more targeted It can reproduce the attack path in a more comprehensive manner. Aiming at the description of the attack path, the network kill chain model is introduced, and the network traffic of different protocols and time nodes can be reasonably divided by finding the attack time node, which is more conducive to security analysts. Analyze how the attack occurred.

Description

technical field [0001] The invention relates to a traffic-based source tracing attack path method in a network shooting range, belonging to the technical field of network shooting ranges. Background technique [0002] The construction of a national network shooting range is an urgent need of the national cyberspace security strategy, an important strategic measure to enhance my country's cyberspace security capabilities, and a security guarantee for building a country with a powerful information system. Through the construction of the national network shooting range, it can provide analysis, design, research and development, integration, testing, evaluation, operation and maintenance and other full-life cycle guarantee services for the construction of national key information infrastructure security systems such as finance, telecommunications, energy, transportation, and electric power, and solve problems that cannot be solved. Conduct realistic simulation and testing of com...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G06N20/00
CPCG06N20/00H04L63/1416H04L63/1425
Inventor 崔栋王华伟李超
Owner 信联科技(南京)有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap