Unlock instant, AI-driven research and patent intelligence for your innovation.

Network asset anomaly detection method

A network asset and anomaly detection technology, which is applied in the field of network security, can solve the problems of only considering a single anomaly in the time sequence of anomalies and high false alarm rate, so as to improve the recall rate and ensure complete and efficient effects

Active Publication Date: 2022-04-01
GUANGZHOU TRUSTMO INFORMATION SYST CO LTD
View PDF12 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The invention provides a network asset anomaly detection method, which is used to solve the technical problem of high false alarm rate caused by only considering a single anomaly or not considering the anomaly in the timing of the behavior in the existing solution. The invention proposes a time-based The network asset anomaly detection method based on the sequence algorithm comprehensively utilizes various types of data characteristics and time series characteristics to solve the above problems

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network asset anomaly detection method
  • Network asset anomaly detection method
  • Network asset anomaly detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0053] The technical solutions of the present invention will be clearly and completely described below in conjunction with the embodiments. Apparently, the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0054] The terms used herein are used to describe embodiments and are not intended to limit and / or limit the present disclosure; it should be noted that unless the context clearly indicates otherwise, the singular forms "a", "an" and "the" also include plural forms; and, although the terms "first", "second", etc. may be used herein to describe various elements, the elements are not limited by these terms, which are only used to distinguish one element from another.

[0055] see figure 1 , a network asset anomaly detec...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network asset anomaly detection method, which relates to the technical field of network security, and solves the technical problem that only a single anomaly is considered or an anomaly in the time sequence of behavior is not considered in the existing scheme, resulting in a high rate of false alarms; including : Acquisition of time-series characteristic data of network assets, data preprocessing, data structure, construction of anomaly detection model, anomaly detection and further mining of "normal" data; the present invention collects and utilizes two types of characteristic data in network traffic at the same time, so that anomaly detection The model can better learn two types of features, laying the foundation for subsequent improvement of the detection accuracy of the anomaly detection model; the present invention uses a deep learning network framework based on LSTM-AE, which can perform anomaly detection on multi-dimensional time series data in the network and obtain Higher accuracy rate; the present invention performs secondary anomaly detection on the reconstructed error matrix of the data detected as "normal" by the anomaly detection model, effectively improving the abnormal recall rate.

Description

technical field [0001] The invention belongs to the technical field of network security, in particular to a method for detecting abnormality of network assets. Background technique [0002] As the scale of contemporary networks continues to expand, the number and types of devices in the network have also increased on a large scale. During daily operation, network devices will form their own network traffic behavior baseline. When the behavior of the device deviates from its own behavior baseline due to its own or external reasons, the device may be abnormal. Therefore, if anomalies in network equipment can be detected accurately and effectively, it will not only help to discover risky behaviors such as intrusion, but also help network managers troubleshoot equipment problems. [0003] The invention patent with the publication number CN111049839A discloses an anomaly detection method, device, storage medium and electronic equipment. After the corresponding data preprocessin...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F16/2458
CPCG06F16/2474G06F16/2465G06N3/049G06N3/088G06F18/2155G06F18/241
Inventor 邹凯陈凯枫
Owner GUANGZHOU TRUSTMO INFORMATION SYST CO LTD