Network invading event risk evaluating method and system

A technology of risk assessment and network intrusion, applied in the direction of transmission system, digital transmission system, data exchange network, etc., can solve the problem of no provision, achieve the effect of reducing false alarm rate, increasing use value, and improving accuracy rate

Inactive Publication Date: 2006-03-01
BEIJING VENUS INFORMATION TECH
View PDF0 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Assuming that a hacker on the extranet of the enterprise conducts an exhaustive guessing of user passwords based on the FTP service of the server, in fact, because the server does not provide FTP services and port 21 is closed, the intrusion does not really pose a threat , but since the traditional IDS has no records about the server system configuration, this event will also be reported

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network invading event risk evaluating method and system
  • Network invading event risk evaluating method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] For the software implementation structure of the behavior-related event description language, see the attached figure 2 . This system works on IDS and SCANNER. It mainly uses the results reported by IDS and SCANNER to analyze, eliminate false positive events, and carry out risk assessment on effective events.

[0029] After the engine is started, it will regularly obtain the latest vulnerability scan results of all IPs based on the specified IP range, and its data structure is as follows:

[0030] typedef struct

[0031] {

[0032] / / Specify the ID of the IP range scanning task

[0033] DWORD dwTID;

[0034] / / Scan task dwTID scan completion time, used to calibrate whether it is the latest result

[0035] time_t tCurrentTime;

[0036] / / Scan result of scan task dwTID

[0037] map map_ScanLog;

[0038] / / Calibrate whether the scan result is in use

[0039] LONG nSLCounter;

[0040]}MapScanLog;

[0041] Among them, map_ScanLog associates and sorts the scanning ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A risk estimating system of network intrusion event comprises engine module for carrying out effectiveness analyzing filter and risk estimating calculation to intrusion event according to set condition , controlling and managing unit of engine module , display and report module of risk estimation result on intrusion event .

Description

technical field [0001] The present invention relates to the field of computer network security, and is a method and system in which a network intrusion detection system (NIDS: Network Intrusion Detection System) and a vulnerability scanning system (Scanner) work together to reduce the data volume of IDS alarm events and improve IDS alarm The precision of the event. Background technique [0002] NIDS is installed in the protected network segment, and its monitoring network card works in promiscuous mode. It performs pattern matching analysis on all data packets in the network segment based on network behavior characteristics and feature database (knowledge base), and performs real-time detection and monitoring of network security events. response. In terms of the amount of data reported by events and the accuracy of detection, this single matching detection method has a certain degree of defects. A simple example can illustrate this point. Imagine the following environment:...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24
Inventor 李剑彪骆拥政韩冰姚志武
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap