A Filtering Method for Real-time Intrusion Detection System

A technology of intrusion detection system and filtering method, applied in transmission systems, electrical components, etc., can solve problems such as difficulty in ensuring real-time detection and accuracy at the same time, inability to accurately intercept, and inability to quickly detect and access users.

What is AI technical title?
AI technical title is built by PatSnap AI team. It summarizes the technical point description of the patent document.
A technology of intrusion detection system and filtering method, applied in transmission systems, electrical components, etc., can solve problems such as difficulty in ensuring real-time detection and accuracy at the same time, inability to accurately intercept, and inability to quickly detect and access users.

CN112532598BActive Publication Date: 2021-10-26NANJING UNIV

6 Cites 0 Cited by

Image

Smart Image Click on the blue labels to locate them in the text.

Viewing Examples

Smart Image

Examples

Experimental program

Comparison scheme

Effect test

Embodiment Construction

[0048] The present invention is described in further detail now in conjunction with accompanying drawing.

[0049] It should be noted that terms such as "upper", "lower", "left", "right", "front", and "rear" quoted in the invention are only for clarity of description, not for Limiting the practicable scope of the present invention, and changes or adjustments in their relative relationships, without substantial changes in the technical content, shall also be regarded as the practicable scope of the present invention.

[0050] The present invention mentions a kind of filtering method for real-time intrusion detection system, and described filtering method comprises the following steps:

[0051] S1, construction of whitelist and blacklist: collect the user lists corresponding to the detection system that are allowed to enter the system and those that are prohibited from entering the system, and define them as whitelist users and blacklist users respectively.

[0052] S2, risk loss...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

PUM

Login to View More

Abstract

The invention discloses a filtering method for a real-time intrusion detection system, including: white list and black list construction; risk loss assessment; filter construction and deployment; white list users are assigned an initial hash for inserting a Bloom filter; Column function set; combined with blacklist users and their corresponding degree of harm, adaptively adjust the hash function set of whitelist users, so that blacklist users with high degree of harm have a higher probability of being blocked; the adjusted hash The function set is stored in the preset hash expressor; the whitelist user uses its hash function set to be inserted into the Bloom filter, combined with the hash expressor to obtain a hash adaptive Bloom filter, and then the hash Chi adaptive Bloom filters deployed to detection systems. The invention has the characteristics of high space efficiency and fast detection, can effectively reduce system losses caused by blacklisted users, provides effective theoretical performance guarantee, and can be applied to applications involving real-time intrusion detection.

Description

technical field [0001] The invention relates to the technical field of network intrusion prevention detection, in particular to a filtering method for a real-time intrusion detection system. Background technique [0002] In recent years, with the rapid development and application of the Internet, network attacks and frauds have also increased, which greatly increases the risk of intrusion into existing network service systems, especially in high-speed network environments. For some real-time processing systems, usually Because it is necessary to quickly determine whether the accessing user has malicious attack intentions, it cannot be accurately intercepted. For example, the peak traffic of distributed denial-of-service (D-Dos) network attacks is constantly surpassed every year. In such attacks, attackers disguise a large number of high-frequency malicious requests as normal requests and send them to victim machines. Excessive service load Will cause the victim's server to ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

Application Information

Patent Timeline

26 Oct 2021

Publication

CN112532598B

IPC: H04L29/06

CPC: H04L63/0227; H04L63/101; H04L63/1416

Inventors: 郑嘉琦; 戴海鹏