Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network attack monitoring method based on multi-source information analysis

A network attack and multi-source information technology, applied to electrical components, transmission systems, etc., can solve problems such as inability to do intrusion, powerlessness, loss assessment, etc., and achieve the effect of improving comprehensive analysis capabilities

Pending Publication Date: 2021-03-09
北京京航计算通讯研究所
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At present, traditional network security monitoring methods are mostly based on known rule bases, which can detect known security threats, but are powerless to unknown threats, and cannot completely trace the source of intrusions that are occurring or have caused losses Forensics and Damage Assessment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack monitoring method based on multi-source information analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0066] This embodiment provides a network attack monitoring system based on multi-source information analysis, which includes a traffic monitoring and collection module, a network attack analysis module, a malicious code analysis module, a threat assessment and early warning release module, and the like.

[0067] The workflow of the network attack monitoring system based on traffic analysis is as follows:

[0068] (1) Flow monitoring acquisition module

[0069] a) Collect and restore, collect and restore suspicious original traffic data monitored by network security monitoring probe equipment, standardize and store traffic data, and realize functions such as retrieval, traffic restoration, and file extraction.

[0070] b) Collection rules, for IP quintuples, fixed and floating location keywords, application protocols, etc., define in a visual way and deliver traffic collection rules to network security monitoring probe devices.

[0071] 1) IP quintuple refers to source IP add...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of computers, and particularly relates to a network attack monitoring method based on multi-source information analysis. The method is implemented based ona network attack monitoring system. The network attack monitoring system comprises a rule making module, a flow acquisition module, a flow processing module, a malicious code sample acquisition module, a flow scanning and analysis module and a threat evaluation and early warning release module. The method has the technical effects that the network threats are comprehensively perceived, specifically, based on flow analysis, network potential safety hazards are accurately recognized, sensitive network threat perception capacity is constructed, and the comprehensive network security situation isdisplayed. Timely loss stopping and quick response: providing a network security threat assessment report through network attack security analysis, assisting network security management personnel totake corresponding treatment measures in time, and preventing the situation from continuing to develop.

Description

technical field [0001] The invention belongs to the technical field of computers, and in particular relates to a network attack monitoring method based on multi-source information analysis. Background technique [0002] With the continuous development of computer technology, network security issues have become more and more concerned, and information networks and security systems have gradually become the basis and guarantee for the healthy development of informatization. As far as the current situation is concerned, there are generally unknown vulnerabilities in operating systems, application software, network equipment, and business systems. This makes network security face more severe challenges in the context of civilian use of network arms and organized network attacks. Higher requirements are put forward for network security monitoring. [0003] At present, traditional network security monitoring methods are mostly based on known rule bases, which can detect known sec...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425H04L63/1441H04L63/0263H04L63/126
Inventor 宋宣霈尹严研张卫胡婷郭子仪韩清瑶
Owner 北京京航计算通讯研究所
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com