Malicious traffic detection method based on image analysis, terminal equipment and storage medium

A malicious traffic and image analysis technology, applied in image analysis, image enhancement, image data processing, etc., can solve problems such as inapplicability to complex network environments, relying on the integrity of expert knowledge bases, and low false positive rate, to improve detection performance, avoid linear growth, avoid the effect of manual maintenance

Pending Publication Date: 2021-08-06
XIAMEN FUYUN INFORMATION TECH CO LTD
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The advantage of this method is that the false positive rate is low, but it relies heavily on the integrity of the expert knowledge base and is not suitable for complex network environments.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious traffic detection method based on image analysis, terminal equipment and storage medium
  • Malicious traffic detection method based on image analysis, terminal equipment and storage medium
  • Malicious traffic detection method based on image analysis, terminal equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0034] The embodiment of the present invention provides a method of malicious flow detection based on image analysis, such as figure 1 As shown, the method includes the following steps:

[0035] S1: Collect the network traffic data to be detected and the malicious flow data of known types.

[0036] Network traffic data is generated based on unified HTTP protocols, with structured features, and relatively fixed attribute relationships between fields in the data. According to the data format of network traffic data, its data format is like figure 2 Indicated.

[0037] The structure of network traffic data is divided into four sections: request line, request header, blast, and request data (Request Data). The request line includes: request method, URL (including parameter information), protocol version, etc. The request method includes the following 8 items:

[0038] (1) GET: Requests the resource identified by the Request-URI, which is acquired from the server side.

[0039] (2) POS...

Embodiment 2

[0114] The present invention also provides a malicious flow detecting terminal device based on image analysis, including a memory, a processor, and a computer program stored in the memory and can run on the processor, the processor executes the computer program. The steps in the above method embodiment of the embodiment of the present invention are realized.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a malicious traffic detection method based on image analysis, terminal equipment and a storage medium. The method comprises the following steps: S1, collecting to-be-detected network traffic data and malicious traffic data of a known type; s2, preprocessing all the data, and generating corresponding gray feature images; s3, for the gray feature image of each piece of data, performing noise reduction processing through singular value decomposition, extracting a low-frequency part of the image through discrete wavelet transform, and obtaining a binary hash code of the image through the low-frequency part of the image; and S4, according to the Hamming distance between the to-be-detected network traffic data and the binary hash code of the malicious traffic data of the known type, obtaining the similarity between the to-be-detected network traffic data and the binary hash code of the malicious traffic data of the known type, and when the similarity is smaller than a similarity threshold value, judging that the type of the to-be-detected network traffic data belongs to the type of the malicious traffic data of the known type. According to the method, the classification purpose can be realized without independently training samples and extracting features.

Description

Technical field [0001] The present invention relates to the field of malicious flow detection, and more particularly to an image analysis-based malicious flow detecting method, a terminal device, and a storage medium. Background technique [0002] The rapid development of Internet technology has made it played an important role in daily life. It greatly facilitates social life and production, improves the efficiency of information exchange, and provides an important support for information exchanges around the world, accelerating industrial integration development. At present, the new generation of network technologies represented by network payment, network finance, and network live broadcast is rapidly. Electronic information has gradually become mainstream information carrier, and various network applications produce quantities of huge user privacy information every day. Network server is information The construction of society provides important support, so it is increasingly...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06T7/00G06T5/00G06K9/62G06F17/14G06N3/08
CPCG06T7/0002G06T5/002G06F17/148G06N3/088G06F18/22
Inventor 姚刚陈奋陈荣有孙晓波龚利军
Owner XIAMEN FUYUN INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap