Suspicious external connection detection method and device

A detection method and suspicious technology, applied in the direction of secure communication devices, digital transmission systems, electrical components, etc., can solve the problems of single data source of detection scheme, low accuracy rate of suspicious external connections, difficulty in finding unknown threats, etc., to achieve rich data sources , enhance suspiciousness, and get rid of dependence

Pending Publication Date: 2022-03-29
BEIJING QIANXIN TECH +1
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, the existing detection methods for malicious external traffic usually detect suspicious traffic from a single perspective, but many detection rules are based on known e

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Suspicious external connection detection method and device
  • Suspicious external connection detection method and device
  • Suspicious external connection detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

[0024] With the development of network technology, more and more hackers use remote control Trojan horses and other means to remotely manipulate the accused host to steal valuable information in the enterprise. Among them, small and medium-sized enterprises are more likely to be attacked. , whether it comes from hacker attacks, internal business information leakage or damage from natural disasters, the losses caused are quite heavy....

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a suspicious external connection detection method and device, relates to the technical field of network security detection, and mainly aims to timely discover unknown suspicious external connection and judge the suspicious degree of the unknown suspicious external connection so as to improve the accuracy of suspicious external connection detection. According to the main technical scheme, to-be-detected traffic is detected based on multi-dimensional detection, the multi-dimensional detection at least comprises one dimension for performing feature popularity detection by using historical data, and each dimension has multiple feature detection items; extracting a target detection result belonging to the same external connection flow according to the detection result of each feature in the multi-dimensional detection; and determining the suspicious degree of the external connection traffic according to the item number of feature detection in the multi-dimensional detection and the target detection result. The method and the device are used for detecting the suspicious external connection.

Description

technical field [0001] The invention relates to the technical field of network security detection, in particular to a method and device for detecting suspicious external connections. Background technique [0002] With the development of network technology, more and more hackers use remote control Trojans and other means to remotely manipulate the controlled host. In order to send commands to the remote controlled host, the controlled host must have a connection process with an external server. The traffic generated by the malicious outbound behavior is the malicious outbound traffic. [0003] However, the existing detection methods for malicious external traffic usually detect suspicious traffic from a single perspective, but many detection rules are based on known existing samples, it is difficult to discover new unknown threats, and the data source of the detection scheme is single , leading to low accuracy in detecting suspicious outbound connections. Contents of the i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/40H04L43/10
CPCH04L63/1416H04L63/1425H04L43/10
Inventor 李云龙谭学士陈祚松
Owner BEIJING QIANXIN TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap