Network traffic data analysis method and system

A technology of network traffic and network flow, applied in digital transmission systems, transmission systems, data exchange networks, etc., can solve the problems of poor generalization performance, low detection rate, and reduced false alarm rate of network security anomaly detection technology

What is AI technical title?
AI technical title is built by PatSnap AI team. It summarizes the technical point description of the patent document.
A technology of network traffic and network flow, applied in digital transmission systems, transmission systems, data exchange networks, etc., can solve the problems of poor generalization performance, low detection rate, and reduced false alarm rate of network security anomaly detection technology

CN112398779AActive Publication Date: 2021-02-23NAT SPACE SCI CENT CAS

6 Cites 40 Cited by

Image

Smart Image Click on the blue labels to locate them in the text.

Viewing Examples

Smart Image

Examples

Experimental program

Comparison scheme

Effect test

Embodiment Construction

[0088] The present invention will be further described now in conjunction with accompanying drawing.

[0089] The present invention proposes a method for abnormality detection of network traffic data, the method comprising:

[0090] Step 1) Grab raw network traffic data in real time;

[0091] Specifically, an open source tool is used to capture the original network traffic data from the network environment in real time, and save it as a file in PCAP format; in this embodiment, the TCPDUMP tool is mainly used to capture the original network traffic data from the network environment in real time ;

[0092] Step 2) extracting available data features from the obtained original network traffic data, and obtaining network traffic feature data;

[0093] Specifically, such as figure 2 As shown, the Argus tool is used to extract the first feature from the obtained original network traffic data, and the first feature includes: source IP address, source port number, target IP address...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

PUM

Login to View More

Abstract

The invention belongs to the technical field of network flow data analysis and particularly relates to a network flow data exception detection method. The method comprises the following steps of processing original network flow data captured in real time to obtain network flow data; if the network flow data is abnormal data, outputting an exception, inputting the exception data into a pre-trainedfirst exception classifier, judging that the attack type of the exception data is a known attack type, and outputting the attack type of the exception data; if the network flow data is not abnormal data, further detecting whether the network flow data is abnormal or not by adopting an unsupervised anomaly detection method; if the network flow data is abnormal data, inputting the abnormal data intoa pre-trained second abnormal classifier, judging that the type of the abnormal data is an unknown attack type, and marking the abnormal data as the unknown attack type; and if the network flow datais not abnormal data, the output being normal.

Description

technical field [0001] The present invention belongs to the field of abnormality detection technology and network traffic data analysis technology based on machine learning and big data, and in particular relates to a network traffic data analysis method and system, in particular, a network traffic analysis method based on sparse autoencoder and extreme random tree Data analysis method and system. Background technique [0002] In recent decades, with the rapid development of the Internet, people's communication methods, consumption patterns, and even the economic form of the entire country have been reshaped time and time again from the Internet of Consumers, the Internet of Industry, and the Internet of Everything. As a result, network security issues have become more and more difficult, and the endless network attacks have made traditional defense methods powerless in the face of new attack methods. From the basic data link layer to the network layer and transport layer, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

Application Information

Patent Timeline

23 Feb 2021

Publication

CN112398779A

IPC: H04L29/06; H04L12/24

CPC: H04L63/1425; H04L63/1408; H04L41/145

Inventors: 方少峰; 孙鹏科