Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Invasion detection (protection) product and firewall product protocol identifying technology

A protocol identification and protocol technology, applied in the field of protocol identification

Inactive Publication Date: 2012-07-04
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] 2. There must be as high a protocol recognition accuracy as possible

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Invasion detection (protection) product and firewall product protocol identifying technology
  • Invasion detection (protection) product and firewall product protocol identifying technology
  • Invasion detection (protection) product and firewall product protocol identifying technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0007] combine figure 1 , the present invention relates to a protocol identification technology in an intrusion detection (protection) product and a firewall product, wherein the protocol identification technology includes a training process method and a classification process method, and the training process method includes training text preprocessing, Feature item extraction, training text reprocessing and subsequent steps of constructing a classifier are connected. The classification process method includes the steps of new text preprocessing, classification and output. More specifically, the present invention refers to a technical method of analyzing and capturing data packets in the network, performing various statistical operations and pattern matching to find the protocol it belongs to, and then handing it over to a protocol analysis engine for further analysis. Generally speaking, in establishing the protocol recognition technology for network communication, we must fi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a protocol identification technique in invasion detection and / or a protection product and a firewall product for identifying the protocol type of a data text obtained in a network. The method includes: classifying the obtained data text by using a vector space model, obtaining a data text vector representing the data text; comparing the data text vector with a train text vector in a train text set, determining a predetermined number of train text vectors most similar to the data text vector; and determining the protocol type of the data text vector according to the protocol type of the determined predetermined number of train text vectors. The method performs protocol analysis by analyzing captured data streams in the network, finds out and blocks the invasion behavior therein without inquiring a port mapping table or similar data text, and has extremely high protocol identification accuracy rate.

Description

technical field [0001] The invention relates to a protocol recognition technology in network communication, protocol intelligent recognition, protocol automatic recognition and text classification system, in particular to a protocol recognition technology in intrusion detection (protection) products and firewall products. Background technique [0002] Intrusion detection (protection) products and firewall products are mainly used in key network nodes for detection of intrusion behavior and security protection of the network. These products perform protocol analysis by analyzing various data streams captured in the network to discover and block intrusion behaviors. All current intrusion detection (protection) products and firewall products judge which protocol analysis should be performed on captured messages by querying port protocol mapping tables (or similar data files). For example, if it is found that the destination port in the captured message is 21, it will be handed...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F17/21G06F17/16G06F7/08
Inventor 陈学理
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products