Abnormal flow alarm log detection method and device, equipment and medium

A technology of abnormal flow and detection method, applied in the computer field, can solve problems such as low detection accuracy, insufficient sample size, and overfitting

Active Publication Date: 2020-11-10
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF8 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the process of machine learning, a large amount of sample data of traffic alarm logs is required for training. In the sample preparation stage, the sample size may be insufficient. If the sample size is too small, overfitting may easily occur, resulting in low detection accuracy. There are many false positives

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Abnormal flow alarm log detection method and device, equipment and medium
  • Abnormal flow alarm log detection method and device, equipment and medium
  • Abnormal flow alarm log detection method and device, equipment and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0044] see figure 1 As shown, the embodiment of the present application discloses a method for detecting an abnormal traffic alarm log, which includes:

[0045] Step S11: Generate a first traffic warning log and a second traffic warning log corresponding to the original traffic packet according to the first preset warning rule and the second preset warning rule respectively, wherein the accuracy of the first preset warning rule is higher than The second preset alarm rule.

[0046]...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an abnormal flow alarm log detection method and device, equipment and a medium, and the method comprises the steps: respectively generating a first flow alarm log and a secondflow alarm log corresponding to an original flow package according to a first preset alarm rule and a second preset alarm rule, wherein the precision of the first preset alarm rule is higher than thatof the second preset alarm rule; labeling the first flow alarm log, and labeling the second flow alarm log according to the label in the first flow alarm log; taking the second flow alarm log with the label as sample data, and training a preset flow alarm log classification model by utilizing the sample data; and utilizing the trained flow alarm log classification model to classify the obtained to-be-detected flow alarm logs so as to determine whether the to-be-detected flow alarm logs are abnormal flow alarm logs or not. Therefore, the detection accuracy can be improved, the false alarm rateis reduced, and the traffic threat detection capability is enhanced.

Description

technical field [0001] The present application relates to the field of computer technology, and in particular to a method, device, equipment, and medium for detecting abnormal flow alarm logs. Background technique [0002] Traffic alarm data refers to the data extracted by the network traffic analysis system with certain rules after capturing and detecting network access traffic data. In the cloud Internet era, hackers and other attackers usually use vulnerability attacks and other threats to attack corporate websites and business systems at the traffic level. Therefore, the traffic alarm log corresponding to the traffic can be detected accordingly, so as to determine whether there is an abnormal alarm, so as to manage the enterprise website or business system. In the process of detecting traffic alarm logs, a machine learning method can be used to train a model to detect traffic alarm logs, so as to manage the network or system according to the detection results. In the p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F11/34
CPCH04L63/1425G06F11/3476
Inventor 赵贤哲范渊
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap