DIDS theoretical modeling method for detecting different engine processing capacities

A detection engine and processing capability technology, applied in the field of information security, can solve problems such as no DIDS modeling method

Active Publication Date: 2021-01-29
陕西边云协同网络科技有限责任公司
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The prior art only discloses a modeling method for DIDS with the same processing capability of each detection engine

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DIDS theoretical modeling method for detecting different engine processing capacities
  • DIDS theoretical modeling method for detecting different engine processing capacities
  • DIDS theoretical modeling method for detecting different engine processing capacities

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] The present invention will be described in detail below in combination with specific embodiments.

[0041] The present invention is a DIDS theoretical modeling method with different detection engine processing capabilities, specifically implemented according to the following steps:

[0042] Step 1, model analysis and parameter setting of the distributed intrusion detection system. Assuming that there are n detection engines with different detection capabilities in the distributed intrusion detection system, each detection engine detects independently, and their detection capabilities (that is, the number of data packets detected in a unit time) are respectively μ 1 ,μ 2 ,…,μ n ; The detection capability of the DIDS system in unit time is The average number of data packets that DIDS needs to detect in unit time is λ.

[0043] Step 2, analyze the state space of the distributed intrusion detection system. Take n=2 (that is, DIDS has 2 detection engines) as an example...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a DIDS theoretical modeling method for detecting different engine processing capacities. The DIDS theoretical modeling method specifically comprises the following steps: step 1, performing model analysis and parameter setting on a distributed intrusion detection system; 2, performing state space analysis on the distributed intrusion detection system; and 3, calculating theaverage busy detection engine number in the distributed intrusion detection system, the average queue length of the data packets in the waiting queue, the average stay time of the data packets in thesystem and the average queuing waiting time of the data packets in the system. By adopting a method for establishing a model, necessary parameters such as the average busy detection engine number andthe average queue length in the waiting queue in the operation process of DIDS with different detection engine processing capacities can be mastered, and decision making and optimization on the basisare facilitated.

Description

technical field [0001] The invention belongs to the technical field of information security and relates to a DIDS theoretical modeling method with different detection engine processing capabilities. Background technique [0002] Distributed Intrusion Detection System (Distributed Intrusion Detection System, DIDS) consists of a scheduler and a plurality of detection engines, and the scheduler distributes the captured network traffic to the detection engines for detection. The prior art only discloses the processing of each detection engine There is no modeling method for DIDS with the same capability, but there is no DIDS modeling method for different detection engines with different processing capabilities. Contents of the invention [0003] The purpose of the present invention is to provide a kind of DIDS theoretical modeling method with different detection engine processing capacity, adopting this method to build a model is conducive to mastering the parameters of the av...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24G06F21/55
CPCH04L63/1416H04L41/145G06F21/55
Inventor 赵旭江晋赵子江
Owner 陕西边云协同网络科技有限责任公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap