A method and device for determining the success of an attack by anti-connection

A successful, attacked technique used in cybersecurity

Active Publication Date: 2022-07-08
北京微步在线科技有限公司
View PDF1 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the embodiments of the present application is to provide a method and device for judging the success of an attack through reverse connection, which can solve the problem of judging the success of a network attack, avoid generating a large number of threat alarms, and thus help improve the efficiency of security protection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for determining the success of an attack by anti-connection
  • A method and device for determining the success of an attack by anti-connection
  • A method and device for determining the success of an attack by anti-connection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0038] see figure 1 , figure 1 This embodiment of the present application provides a schematic flowchart of a method for determining the success of an attack by anti-connection. Among them, the method for determining the success of the attack by anti-connection includes:

[0039] S101. Obtain attack traffic to be detected.

[0040] In the embodiment of the present application, the method is applied in a network security scenario, and is specifically applied in a scenario in which it is determined whether the attack is successful after the host is attacked.

[0041] S102. Identify the address of the attacked host from the attack traffic according to a preset feature detection algorithm, and extract the attack load in the attack traffic.

[0042] In the embodiment of the present application, when detecting the attack traffic and identifying the address of the attacked host, firstly detect the specific attack feature in the attack traffic, then extract the attacked host addres...

Embodiment 2

[0092] see figure 2 , figure 2 This is a schematic structural diagram of an apparatus for determining successful attack by anti-connection provided by an embodiment of the present application. like figure 2 As shown, the device for determining the success of the attack by anti-connection includes:

[0093] an obtaining unit 210, configured to obtain the attack traffic to be detected;

[0094] The attacked address extraction unit 220 is used to extract the attack load in the attack traffic and the attacked host address corresponding to the attack traffic;

[0095] In the embodiment of the present application, when detecting the attack traffic to identify the address of the attacked host, firstly detect the specific attack feature in the attack traffic, then identify the address of the attacked host according to the attack feature, and cache the address of the attacked host.

[0096] In this embodiment of the present application, the attacked host address may specifically...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiments of the present application provide a method and device for determining the success of an attack through anti-connection, including: first obtaining the attack traffic to be detected, and extracting the attack payload in the attack traffic and the address of the attacked host corresponding to the attack traffic; then extracting the attack payload Then, according to the address of the attacked host and the preset judgment conditions, it is judged whether the connection request corresponding to the suspected anti-connection address is detected; if so, it is determined that the attacked host address has been successfully attacked, and the network attack can be solved successfully. Therefore, it is beneficial to improve the efficiency of security protection by avoiding the generation of a large number of threat alarms.

Description

technical field [0001] The present application relates to the technical field of network security, and in particular, to a method and apparatus for determining the success of an attack through anti-connection. Background technique [0002] With the rapid development of information technology, computers and networks have become necessary tools and approaches for daily office, communication and collaboration, and information security has become more and more important. In the prior art, rules and regular expressions are usually written to match attack signatures, and an alarm is generated when attack signatures are detected. However, in practice, it is found that the existing method can only detect whether there is a network threat event in the traffic data, but cannot determine whether the attack is successful, and will generate a large amount of alarm information, which seriously reduces the security protection efficiency. SUMMARY OF THE INVENTION [0003] The purpose of ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/1408H04L63/1416H04L63/1441
Inventor 赵林林童兆丰薛锋
Owner 北京微步在线科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap