Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Invasion detection (protection) product and firewall product protocol identifying technology

A technology for protocol identification and intrusion detection, applied in the field of protocol identification

Active Publication Date: 2005-05-04
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF0 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] 2. There must be as high a protocol recognition accuracy as possible

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Invasion detection (protection) product and firewall product protocol identifying technology
  • Invasion detection (protection) product and firewall product protocol identifying technology
  • Invasion detection (protection) product and firewall product protocol identifying technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0007] combine figure 1 , the present invention relates to a protocol identification technology in an intrusion detection (protection) product and a firewall product, wherein the protocol identification technology includes a training process method and a classification process method, and the training process method includes training text preprocessing, Feature item extraction, training text reprocessing and subsequent steps of constructing a classifier are connected. The classification process method includes the steps of new text preprocessing, classification and output. More specifically, the present invention refers to a technical method of analyzing and capturing data packets in the network, performing various statistical operations and pattern matching to find the protocol it belongs to, and then handing it over to a protocol analysis engine for further analysis. Generally speaking, in establishing the protocol recognition technology for network communication, we must fi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a protocol identification technique in invasion detection (protection) product and firewall product, including training course method and classifying course method, where the former includes the steps of preprocessing training text, extracting characteristic item, reprocessing training text and connecting the follow-up construction classifier and the latter includes the steps of preprocessing new text, classifying and outputting. It makes protocol analysis by analyzing various data flows captured in the network, finds and obstructs the invasion behavior but need not inquire port mapping list or similar data file, and has extremely high protocol identification accuracy.

Description

technical field [0001] The invention relates to a protocol recognition technology in network communication, protocol intelligent recognition, protocol automatic recognition and text classification system, in particular to a protocol recognition technology in intrusion detection (protection) products and firewall products. Background technique [0002] Intrusion detection (protection) products and firewall products are mainly used in key network nodes for detection of intrusion behavior and security protection of the network. These products perform protocol analysis by analyzing various data streams captured in the network to discover and block intrusion behaviors. All current intrusion detection (protection) products and firewall products judge which protocol analysis should be performed on captured messages by querying port protocol mapping tables (or similar data files). For example, if it is found that the destination port in the captured message is 21, it will be handed...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F7/08G06F17/16G06F17/21
Inventor 陈学理
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products