Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network intrusion detection method

A network intrusion detection and network technology, applied in the field of network security, can solve the problem that the matching mode of the signature database can no longer fully achieve the purpose of interception, and achieve the effect of improving the speed, reducing the false alarm rate and ensuring fast response.

Inactive Publication Date: 2014-09-03
田玥
View PDF5 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] A new interception mode should be considered for advanced stealth attacks. The simple feature library matching mode can no longer fully achieve the interception purpose. Therefore, the present invention will propose a new network intrusion detection method, which will greatly improve the security factor of the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network intrusion detection method
  • Network intrusion detection method
  • Network intrusion detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The method of the present invention will be described in further detail below in conjunction with the accompanying drawings.

[0039] The method for network intrusion detection of the present invention comprises the following specific steps:

[0040] The first step is to capture the data packets in the network;

[0041] In the second step, the captured data packets are analyzed by the whole protocol stack to obtain the protocol variables, that is, the data of each protocol layer of the original message data packets;

[0042] In the third step, the regular expression rule set is compiled into a DFA state transition table through a deterministic finite state machine, and the DFA state transition table is compressed;

[0043] The fourth step is to write the data analyzed in the second step into the compressed DFA state transition table for matching;

[0044] The fifth step is to output the matching result.

[0045] The specific implementation process of the second step ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a network intrusion detection method which comprises the following steps: A) capturing data packages in a network; B) carrying out full protocol stack analysis on the captured data packages to obtain protocol variables, that is, each protocol layer data of an original message data package; C) compiling a regular expression rule set into a DFA state transition table through a deterministic finite-state machine, and compressing the DFA state transition table; D) writing the analyzed data in the step B) to the compressed DFA state transition table to carry out matching; and E) outputting the matching result. According to the network intrusion detection method, the data packages are subjected to the full protocol stack analysis, thereby greatly improving the decoding speed, meeting the requirement for real-time decoding, and reducing the demand for the internal storage of a server; and the high-speed message matching is realized through the DFA state transition table, so that accurate detection and defense can be carried out on the existing threat, and advanced evasion technique can be accurately identified and removed.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a network intrusion detection method. Background technique [0002] As one of the most important active network security measures at present, network intrusion detection effectively supplements and perfects the security measures such as access control, data encryption, firewall, virus prevention, etc. by identifying and responding to malicious network connections on computers and network resources. Security measures, which improve the integrity of the information security infrastructure, have become an integral part of information system security solutions. [0003] Advanced Evasion Technique (AET, Advanced Evasion Technique) and superimposed cyber-force of stealth attacks have seen many cases of computer attacks infiltrating political struggles in various countries. The recent computer network failure of the Bank of Korea, the US The attacks on the New York Times and W...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/08
Inventor 田玥
Owner 田玥
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com