Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for detecting attacks in events

A technology that detects results and responds to data packets, applied in transmission systems, electrical components, etc., can solve problems such as inability to achieve effective attack detection, and achieve the effect of effective detection, increased accuracy, and improved success rate and accuracy rate

Active Publication Date: 2018-02-02
SANGFOR TECH INC
View PDF6 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For example, for command injection attacks, it is often necessary to check whether the return packet contains the execution result before judging whether the attack has affected the target object; secondly, the method of judging whether the reply status code is 200 OK is too general, and many servers currently can It is set to return 200 OK regardless of whether the request is valid, including the software firewall on the server can return 200 OK, so the detection method of static rule base matching and reply status code for the attack cannot realize the effective detection of the attack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting attacks in events
  • Method and system for detecting attacks in events
  • Method and system for detecting attacks in events

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0073] The embodiment of the present invention provides a method and system for detecting an attack in the event, which is used to realize the effective detection of the attack and improve the success rate and accuracy of the attack detection.

[0074] In order to enable those skilled in the art to better understand the solutions of the present invention, the technical solutions in the embodiments of the present invention are clearly and completely described below. Obviously, the described embodiments are only a part of the embodiments of the present invention, not all the embodiment. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts shall fall within the protection scope of the present invention.

[0075] The terms "first", "second", "third", "fourth", etc. (if any) in the description and claims of the present invention and the above drawings are used to distinguish similar...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a method and system for detecting attacks in events for effectively detecting the attacks and improving the success rate and accuracy of attack detection. Themethod in the embodiment of the invention comprises the following steps: collecting a request data packet and a response data packet of attack; separately matching the request data packet and the response data packet by a preset packet return feature library; in the case of matching failure, detecting whether the attack has available vulnerability; if the detection result is yes, performing vulnerability correlation analysis on the attack and the target object to determine whether the target object has vulnerability; if the target object has the vulnerability, determining attack success; andif the detection result is undetermined, performing context correlation analysis on the request data packet and the response data packet to determine whether the attack is successful and the influencegenerated by the attack. The embodiment of the invention further discloses a system for detecting attacks in events for improving the success rate and accuracy of attack detection.

Description

technical field [0001] The invention relates to the technical field of computer network defense, in particular to a method and system for detecting incidental attacks. Background technique [0002] Computer network attack means that the network attacker obtains illegal permissions through illegal means (such as deciphering passwords, electronic spoofing, etc.) and uses these illegal permissions to enable the network attacker to perform unauthorized operations on the attacked host. The main ways of network attacks are: deciphering passwords, IP spoofing and DNS spoofing. [0003] At present, the main detection methods for computer network attacks are: performing static rule base matching on attack request data packets, and detecting reply status codes of request data packets. Wherein the static rule base stores the request data packet characteristic of the pre-statistical attack, when the request data packet of the visit matches the request data packet characteristic of the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1433
Inventor 吕晓滨
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products