Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for carrying out safety analysis on network behaviors

A security analysis and network technology, applied in the field of network security, can solve the problems of high false alarm rate, inability to fully detect abnormal traffic attacks, low performance of feature detection, etc., and achieve the effect of ensuring security and reliability, and a reliable network application environment

Active Publication Date: 2015-09-09
BEIJING EASTERN PRISM TECH CORP LTD
View PDF5 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantages of the above-mentioned existing network behavior security analysis technology are: there is a large false alarm rate, the abnormal traffic attack cannot be fully detected, and the feature detection performance is not high

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for carrying out safety analysis on network behaviors
  • Method and device for carrying out safety analysis on network behaviors
  • Method and device for carrying out safety analysis on network behaviors

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0045] In the embodiment of the present invention, the network order construction technology based on the clustering algorithm, the network order chain construction technology based on the association analysis algorithm, and the black, white and gray list technology perform security analysis on network behavior, which overcomes the shortcomings of the methods in the above three directions, and can Defense against various network attacks.

[0046] A schematic diagram of the implementation principle of a method for security analysis of network behavior provided by an embodiment of the present invention is as follows figure 1 As shown, the specific processing flow is as follows figure 2 As shown, the following processing steps are included:

[0047] Step S210: Setting initial whitelist, graylist and blacklist of network hosts.

[0048] In the initial stage of network structure order, the IP address and port number of each host in the secure trusted domain and the IP address an...

Embodiment 2

[0070] This embodiment provides a schematic diagram of an application scenario of a device for security analysis of network behavior, as shown in image 3 As shown, the Internet includes routers and core switches. Routers can transmit and route network traffic. LANs are connected to the Internet through core switches. LANs include aggregation layer and access layer switches, PCs, and mobile terminals. Terminals can be connected to Network, communicate and share information. The network behavior security analysis device based on the network order in the embodiment of the present invention is connected to the mirror port of the core switch, and is used to obtain network data packets, analyze network traffic behavior, and detect network attacks.

[0071] The specific implementation structure of the above-mentioned device for security analysis of network behavior is as follows: Figure 4 As shown, it can specifically include the following modules:

[0072] The network behavior o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a method and a device for carrying out safety analysis on network behaviors. The method mainly comprises the steps of: carrying out self-learning on various kinds of network behaviors in a network by utilizing a clustering algorithm to obtain a network behavior order chain, wherein network behavior order chain comprises all safe network behaviors, and each network behavior comprises a conversation five-element set; judging whether a network behavior to be identified exists in the network behavior order chain, and if yes, determining that the network behavior to be identified is safe; and otherwise, judging whether the network behavior to be identified is safe by mean of set safety strategies. The embodiment of the invention provides the network behavior safety analysis method and device based on the network order, so that whether the network behavior is safe or not can be effectively identified, network attack behaviors can be effectively detected, the safety and the reliability of network application is ensured, and a safe and reliable network application environment is provided to a network user.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and device for security analysis of network behavior. Background technique [0002] At present, we are already in the information age. Computers and networks have become indispensable tools for various organizations. Information has become an important asset for the survival of organizations, and its value is increasing day by day. many security threats. Virus damage, hacker attack, network fraud, loss of important information, paralysis of information systems, and various crimes committed by using computer networks emerge in endlessly and are hard to guard against. According to CSI / FBI's Computer Crime and Security Survey 2010, 50% of organizations have had at least one information security incident. Once the information assets are destroyed, it will bring direct economic loss to the organization, damage the reputation and public image of the organization, ma...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416
Inventor 张洁
Owner BEIJING EASTERN PRISM TECH CORP LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products