Nested coding attack load detection method, system and device and storage medium

A detection method and payload technology, applied in transmission systems, digital transmission systems, secure communication devices, etc., can solve problems such as incomplete enumeration, attack bypass, and increased number of rules, and achieve the effect of reducing the number of rules and improving accuracy

Active Publication Date: 2022-07-12
北京长亭未来科技有限公司
View PDF6 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] For this reason, the embodiment of the present invention provides a nested encoding attack load detection method, system, device and storage medium to solve the problem of the sharp increase in the number of existing rules when the traditional security detection is performed multiple times and multi-layer nested encoding attack loads. The technical problem of the attack bypass situation caused by incomplete enumeration

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Nested coding attack load detection method, system and device and storage medium
  • Nested coding attack load detection method, system and device and storage medium
  • Nested coding attack load detection method, system and device and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0084] The following specific embodiments are used to illustrate the embodiments of the present invention. Those who are familiar with the technology can easily understand other advantages and effects of the present invention from the contents disclosed in this specification. Obviously, the described embodiments are part of the present invention. , not all examples. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

[0085] For the attack payload after multiple and multi-layer nested encoding, traditional security detection methods have the following shortcomings:

[0086] (1) The number of detection rules increases exponentially, reducing the efficiency of security detection;

[0087] (2) It is difficult to enumerate all encoding paths, and even if a large number of rules are added, there are cases of bypassing.

[0...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a nested coding attack load detection method, system and device, and a storage medium, and the method comprises the steps: scanning a decoder feature set through traversing a code of a to-be-detected load; and by utilizing the decoder feature set, a corresponding decoder can be called to automatically and intelligently decode the attack load of the multi-layer coding. By intelligently speculating nested codes, the attack load is restored, the number of attack detection rules is reduced, and the attack detection accuracy is improved. By adopting the embodiment of the invention, the rule number is equivalent to the original attack load number, about thousands of levels, the method can be effectively applied to the field of attack detection, and the potential possible attack variants can be effectively detected.

Description

technical field [0001] Embodiments of the present invention relate to the technical field of network security detection, and in particular, to a method, system, device and storage medium for detecting a nested coding attack load. Background technique [0002] The current industry network attack detection products, such as WAF, IPS, IDS, etc., mainly work by matching the network transmission data with the security detection rule set, and hitting the security detection rule is regarded as an attack / security event. [0003] When writing security detection rules, security researchers analyze attack detection use cases, extract attack feature payloads, and use a specific rule language to describe attack features (most of the industry use regular expressions to describe attack rules). [0004] With the continuous game of attack detection, the original attack payload is intercepted in most security detection devices. Therefore, hackers are constantly exploring various bypass method...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40
CPCH04L63/1416
Inventor 王永振陈宇鹏张豪越赵昶刘金钊韩飞姚锡龙石伟良殷杰张嘉欢
Owner 北京长亭未来科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap