Method for detecting and monitoring gusty abnormal network flow

A technology for network traffic and abnormal traffic, applied in the field of detection and monitoring of sudden abnormal network traffic, can solve problems such as insufficient analysis and statistics effect, short-slot sudden abnormal traffic detection cannot be effectively solved, etc. Data processing speed, low cost, and the effect of solving overload problems

Inactive Publication Date: 2006-04-26
SHANGHAI JIAO TONG UNIV
View PDF1 Cites 43 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] After searching the literature of the prior art, it is found that the Chinese patent application number 200310101710.5, the patent name is "A Device and Method for Realizing Abnormal Flow Control", which uses real-time sampling and analysis method to analyze short p

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for detecting and monitoring gusty abnormal network flow
  • Method for detecting and monitoring gusty abnormal network flow
  • Method for detecting and monitoring gusty abnormal network flow

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017] The implementation of the present invention will be further described below in conjunction with the accompanying drawings. The system based on the method of the present invention is made up of six blocks of acquisition module, class analysis module, detection processing module, flow prediction module, drawing module and reverse tracking module, and the specific implementation and application of each module are as follows:

[0018] (1) Acquisition module——traffic mapping collection, which collects traffic information in the entire network environment through NetFlow in the NS-2 simulation environment;

[0019] (2) Class analysis module - statistics, classification and totalization, classify the traffic according to the different sites visited by users, and make statistics on the classified traffic, and then store it in the corresponding RRD cycle database to establish different areas of the network, different The flow record information of the time period;

[0020] (3) ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The detection and monitor method for burst abnormal network flow comprises: simulating and realizing the worm attack on NS-2 network simulator platform and DDoS distributed denial service attack, gathering the network flow information by Net Flow protocol, determining the behavior character of abnormal source, and taking control measures to interrupt attack. This invention originates to integrates character comparison and flow self-learning, overcomes the problem that SNMP protocol is lack for analysis and hard to determine flow abnormal threshold, and improves efficiency and practicality of monitor flow greatly. The experiment shows: this method is very well in real-time, and lays the foundation of inverse track well.

Description

technical field [0001] The invention relates to a method in the field of network technology, in particular to a method for detecting and monitoring sudden abnormal network traffic. Background technique [0002] Network-based attacks have become a serious obstacle to the current network information system, especially worm attacks and distributed denial-of-service attacks, exploiting loopholes in network services and system services or exploiting network resources and system resources. Due to the imperfection of the protocol and the authentication mechanism itself, a large-scale network attack is launched in a short period of time to consume specific resources and achieve the attack goal of the denial of service attack. Existing network security mechanisms such as intrusion detection systems (IDS), firewalls, virtual private networks (VPNs), and attack-tolerant technologies have not considered the detection and tracking of network attack sources, and even if attacks are detect...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/24H04L29/06
Inventor 杨树堂陆松年李建华马进周明春
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap