Unlock instant, AI-driven research and patent intelligence for your innovation.

ICMP detection method, system and equipment based on machine learning and medium

A machine learning and detection method technology, applied in the information field, can solve the problems of reducing the false alarm rate and the extraction of the characteristics of the ICMP protocol data stream is not comprehensive enough, so as to reduce the false alarm rate and prevent the impact of the detection effect

Pending Publication Date: 2022-04-15
北京六方云信息技术有限公司 +1
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The main purpose of the embodiment of the present invention is to provide a machine learning-based ICMP detection method, system, device and medium, aiming to solve the problem that the existing detection method is not comprehensive enough to extract the characteristics of the ICMP protocol data stream, and reduce the false alarm rate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • ICMP detection method, system and equipment based on machine learning and medium
  • ICMP detection method, system and equipment based on machine learning and medium
  • ICMP detection method, system and equipment based on machine learning and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0047] The main solution of the embodiment of the present invention is: collect the real-time network control message protocol ICMP protocol data stream; select the data of the real-time network ICMP protocol data stream by sliding the quantity window to obtain the first protocol data stream; extract the The characteristics of the first protocol data stream are calculated to obtain a calculation result; the calculation result is processed through a preset detection model to obtain a prediction probability. Thus, the data of the ICMP protocol data packet is selected by sliding the quantity window, which solves the problem that the detection method is not comprehensive enough for the extraction of the characteristics of the ICMP protocol data flow, can prevent individual abnormal data packets from affecting the detection...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an ICMP detection method, system and device based on machine learning and a medium. The method comprises the following steps: acquiring a real-time network control message protocol ICMP data flow; selecting data of the real-time network ICMP protocol data flow through quantity window sliding to obtain a first protocol data flow; extracting features of the first protocol data stream and calculating to obtain a calculation result; and processing the calculation result through a preset detection model to obtain a prediction probability. According to the invention, the problem that the detection method is not comprehensive enough to extract the characteristics of the ICMP protocol data stream is solved, and the false alarm rate is reduced.

Description

technical field [0001] The present invention relates to the field of information technology, in particular to a machine learning-based ICMP detection method, system, device and medium. Background technique [0002] ICMP (Internet Control Message Protocol, Internet Control Message Protocol) is one of the essential network communication protocols, and is used to detect network connectivity status. However, most ICMP traffic can evade the detection of network devices such as firewalls. Attackers use ICMP to hide data in the payload of ICMP, forming ICMP covert channels in the enterprise intranet environment, which seriously threatens information security. [0003] Therefore, effective detection of ICMP tunneling behavior is crucial to network security. However, because the existing detection methods are not comprehensive enough for the feature extraction of the ICMP protocol data flow, the detection method has relatively large limitations. Once the attacker modifies the ICMP t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/40G06N20/00
Inventor 兰亭洋王智民王高杰
Owner 北京六方云信息技术有限公司