Unlock instant, AI-driven research and patent intelligence for your innovation.

Network traffic monitoring device and abnormal traffic detection method

A technology for network traffic and monitoring equipment, applied in the field of network security, can solve the problems of inability to identify abnormal data, identify and resolve network attack behavior, and high false negative rate

Active Publication Date: 2021-05-28
HISENSE
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the limited features saved in the rule base, it is impossible to identify abnormal data that has never appeared before that is not saved in the rule base, so this method has a high rate of false positives
Moreover, the existing methods can only determine whether the network traffic data is normal data or abnormal data, and cannot identify the attack type of abnormal data, so it is not conducive to effectively identify and resolve network attack behaviors
[0004] In summary, there is still a lack of an effective abnormal traffic detection scheme in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network traffic monitoring device and abnormal traffic detection method
  • Network traffic monitoring device and abnormal traffic detection method
  • Network traffic monitoring device and abnormal traffic detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0083] In order to make the purpose, technical solutions and advantages of the application clearer, the application will be further described in detail below in conjunction with the accompanying drawings. Obviously, the described embodiments are only some of the embodiments of the application, not all of them. . Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0084] Hereinafter, the terms "first" and "second" are used for descriptive purposes only, and cannot be understood as implying or implying relative importance or implicitly specifying the quantity of indicated technical features. Therefore, the features defined as "first" and "second" may explicitly or implicitly include one or more of these features. In the description of the embodiments of the present application, unless otherwise specified, the "multiple" The me...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides network traffic monitoring equipment and an abnormal traffic detection method, and belongs to the technical field of network security. The network flow monitoring device comprises a network interface, a memory and a processor. The network interface is configured to obtain network flow data; the memory is configured to store programs or data used by the network flow monitoring equipment; the processor is configured to input abnormal data into the attack detection network set if the network traffic data contains the abnormal data, and determine the attack type of the abnormal data according to a detection result output by the attack detection network set. According to the network flow monitoring equipment provided by the embodiment of the invention, after the abnormal data is determined to be contained in the network flow data, the abnormal data is input into the attack detection network set, and the attack type of the abnormal data is determined according to the detection result output by the attack detection network set, so that the abnormal data can be identified; and the attack type of the abnormal data can be determined, so that the network attack behavior can be identified and resolved.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a network flow monitoring device and an abnormal flow detection method. Background technique [0002] Network traffic refers to the data transmitted on the network. Usually, in a network environment, most of the network traffic data is normal data. Abnormal data refers to network traffic data that differs greatly from normal data patterns, and abnormal data is likely to be traffic data generated by aggressive behavior. Identifying abnormal data from network traffic data is an important basis for network security management. In recent years, there have been various types of network attacks, sharply enhanced attack capabilities, unpredictable attack methods and attack methods, and frequent data leakage, malware, and security incidents, especially in the form of new technologies such as cloud computing and big data. Security detection and defense pose huge chall...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/145H04L63/1416H04L63/1425
Inventor 孙宗臣方丽华孙国臣
Owner HISENSE