Program grade invasion detecting system and method based on sequency mode evacuation

A sequence pattern mining and intrusion detection technology, applied in the field of network information security, can solve problems such as system call sequence differences

Active Publication Date: 2007-08-22
BEIJING CAPITEK
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Existing studies have shown that the system call sequence generated by a privileged program during normal operation is basically the same; ), the system call sequence it generates is significantly different from the normal runtime sequence

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Program grade invasion detecting system and method based on sequency mode evacuation
  • Program grade invasion detecting system and method based on sequency mode evacuation
  • Program grade invasion detecting system and method based on sequency mode evacuation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0071] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings.

[0072] Referring to FIG. 2 , the structure of a program-level intrusion detection system based on sequence pattern mining in the present invention is introduced. The system is a software product, that is, each module is composed of corresponding program units, configured on the server that needs to be monitored, using the system calls generated when the privileged program is running as audit data, and monitoring the operation of the privileged program in the network server , using anomaly detection technology based on data mining to detect whether intrusion occurs in the network server. The system consists of a control module, a data acquisition and preprocessing module, a training module, a storage module, a detection module, and a detection result output module....

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A program level intrusion test system and a method is composed of a control module, a data collection and pre-process module, a training module, a storage module, a test module and a result output module matched on a monitored server. Said system applies an abnormal test technology based on data excavation, which tests various kinds of attack actions in the network by monitoring the operations of the privilege program in the server, that is, taking the system calling generated from privilege program operation as the audit data, utilizing the sequence mode in data excavated technology to express the normal behavior of a privilege program, excavating normal sequence mode in training data and setting up a related normal sequence mode library to identify the attack behavior by comparing the current with the normal sequence modes.

Description

technical field [0001] The invention relates to a program-level intrusion detection method based on sequence pattern mining for computer network security, belonging to the technical field of network information security. Background technique [0002] With the rapid popularization of computer networks and the continuous rise of various new network services, network security issues have gradually penetrated into various fields of social life such as politics, military, finance, economy, industry, culture, education, etc., and have become more and more severe. . In recent years, the number of network security incidents has been increasing, especially in the past two or three years, showing a sharp growth trend. Since there are certain loopholes in the design, operation and use of each part of the computer network system, and there is no economically feasible way to completely eliminate these hidden dangers, so effective intrusion detection technology has become an essential to...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/24G06F17/30
Inventor 田新广隋进国李学春王辉柏邹涛
Owner BEIJING CAPITEK
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap