Network abnormal detecting method for weighting statistic model based on time section

A technology of weighted statistics and network anomalies, applied in data exchange networks, transmission systems, digital transmission systems, etc., can solve the problems of complex algorithm operations, lack of time characteristics, lack of flexibility, etc., to achieve simple algorithms, accurate judgments, and rapid discovery. and the effect of positioning

Inactive Publication Date: 2006-03-22
西安交大捷普网络科技有限公司
View PDF0 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to provide a network anomaly detection method based on a time period weighted statistical model to overcome the defects of the prior art that the algorithm operation is complex, does not have time characteristics, lacks flexibility and has a high false alarm rate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network abnormal detecting method for weighting statistic model based on time section
  • Network abnormal detecting method for weighting statistic model based on time section
  • Network abnormal detecting method for weighting statistic model based on time section

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] The following will describe in detail by implementing the present invention in an IDS device. During implementation, a network anomaly detection module based on a time-segment weighted statistical model needs to be set in the IDS device, and this module completes network anomaly detection and control functions based on a time-segment weighted statistical model.

[0022] The steps of the present invention are:

[0023] 8:00--18:00

18:00--23:00

23:00--8:00 the next day

00

0.5

0.7

0.9

[0024] (2) Capture data packets on the network in bypass listening mode:

[0025] (3) Decomposing the attributes of the data packet in a fixed format:

[0026] connect

T

Src.IP

Src.Port

Dst.IP

Dst. Port

FLAG

L1

T1

Src.IP1

Src.Port1

Dst.IP1

Dst.Port1

FLAG1

L2

T2

Src.IP2

Src.Port2

Dst.IP2

Dst.Port2

FLAG2

L3

T3

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

This invention relates to a network abnormal test method based on weight statistic model of the time segment including observing the actions of a master unit by an abnormal observer to generate an attribute for describing these actions, each one stores the registration of a behavior of the master unit and timely merges the attributes of the current and the stored then to judge the abnormal behaviors by comparing them and the time segment weight.

Description

Technical field: [0001] The invention relates to the technical field of network abnormal traffic detection and intrusion detection, in particular to a network abnormality detection method based on a time-segment weighted statistical model. Background technique: [0002] Along with the normal application traffic on the network, various abnormal traffic on the network also follows, affecting the normal operation of the network and threatening the security and use of user hosts. Network abnormalities are often caused by network attacks, worms, and network abuse. For example, various network scans, DDoS attacks, network worms, malicious downloads, and improper use of network resources will cause network performance to decline. Affect normal network use, cause network congestion, and even cause network interruption and network equipment failure. Therefore, real-time monitoring and management of network traffic and discovery of known and unknown network anomalies in the network h...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24
Inventor 白亮廖明涛向冬张永斌刘志强何清张宇
Owner 西安交大捷普网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap