Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for intrusion detection in a computer network

A computer network and equipment technology, applied in the field of identifying attacks, which can solve the problem that NIDPS cannot effectively use the car network.

Pending Publication Date: 2021-01-12
ROBERT BOSCH GMBH
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] NIDPS for enterprise networks cannot be effectively used for automotive networks due to functional differences between enterprise networks and automotive networks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for intrusion detection in a computer network
  • Method and device for intrusion detection in a computer network
  • Method and device for intrusion detection in a computer network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] figure 1 A schematic diagram of an apparatus 100 for identifying attacks in a computer network is shown. Device 100 is designed as a system on a chip.

[0043] The device 100 includes hardware switching means 102, hardware filters 104 and computing means 106 for identifying attacks. The computing device 106 is described below taking a microprocessor as an example. Instead of a microprocessor, a microcontroller can also be used.

[0044] In this example, the computer network is an automotive Ethernet network. The exemplary described Automotive Ethernet is based on the Ethernet standard IEEE 802.3-2018 and may include elements from IEEE 802.1Q, 100BASE-T1 or 1000BASE-T1. BroadR-Reach or 100BASE-T1 / X specifies the physical transmission medium in Layer 1. In the Ethernet protocol stack there are other standards partly specific to the automotive context, such as DoIP, SOME / IP and partly IPv4, TSN.

[0045] In the context of Automotive Ethernet, only parts of a standard...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a device and method for intrusion detection in a computer network. A data packet is received at an input of a hardware switch unit, an output of the hardware switch unit is selected for sending the data packet or a copy as a function of security layer information from the data packet and of a hardware address, context information for the data packet being determined, an actual value from a field being compared in a comparison by a hardware filter with a setpoint value for values from this field, the field including security layer data or mediation layer data, and an interrupt for a computing device being triggered as a function of a result of the comparison, an analysis for detecting an intrusion pattern in a network traffic in the computer network, triggered by the interrupt, being carried out as a function of the context information for the data packet.

Description

technical field [0001] The invention is based on a method and a device for identifying attacks in a computer network. Background technique [0002] The task of such Network Intrusion Detection and Prevention Systems (NIDPS) is to identify and react to anomalies in the network traffic of distributed computer systems. NIDPS is a system typically used to detect and prevent attacks on corporate networks (so-called Enterprise networks). NIDPS can also be used in automotive networks. An automotive network is a vehicle internal network with Electronic Control Units (ECUs) as network nodes. [0003] Due to functional differences between enterprise networks and automotive networks, NIDPS for enterprise networks cannot be effectively used for automotive networks. [0004] Therefore, it is desirable to provide a NIDPS for automotive networks. Contents of the invention [0005] This is achieved by the subject-matter of the independent claims. In order to provide NIDPS for automot...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1425H04L63/0227H04L67/12H04L41/028H04L43/16H04L43/106H04L12/4641H04L63/1466H04L63/1416H04L63/0236H04L41/40H04L43/20G06F9/30101G06F9/4812H04L2101/622
Inventor A·韦伯J·沃尔芬格J·格拉姆M·赫尔曼W·戈特施利希
Owner ROBERT BOSCH GMBH