Network anomaly detection method and device

A network anomaly and anomaly detection technology, applied in the computer field, can solve problems such as limited relevant information, inability to provide information, incomplete network anomaly detection, etc., and achieve the effect of reliable data foundation

Inactive Publication Date: 2018-02-23
HANGZHOU DPTECH TECH
View PDF2 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, in practical applications, the network flow collected based on the SNMP protocol can provide limited information about the network flow, and cannot provide more comprehensive information, which may lead to incomplete subsequent network anomaly detection.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network anomaly detection method and device
  • Network anomaly detection method and device
  • Network anomaly detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0066] In the prior art, in order to realize network anomaly detection, users can usually collect network flows based on the SNMP protocol, and record the relevant information of the collected network flows. The network flow is an abnormal network flow.

[0067]However, in practical applications, the network flow collected based on the SNMP protocol can provide limited information about the network flow and cannot provide comprehensive information, which may lead to incomplete subsequent network anomaly detection.

[0068] In view of the above considerations, this application proposes a network anomaly detection method, by extracting several fields from the collected NetFlow network flow and sFlow network flow, and fusing the extracted fields to generate a preset format Network flow, then multi-dimensional anomaly detection can be performed on the network flow in the preset format; wherein, the multi-dimensional anomaly detection can include network abnormal state detection, a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network anomaly detection method and device applied to network equipment. The method comprises the steps of: acquiring network flows of a NetFlow protocol and an sFlow protocol respectively; extracting a plurality of fields from the acquired NetFlow network flow and sFlow network flow respectively, and fusing the plurality of fields extracted respectively to generate a network flow of a preset format; and performing multi-dimensional anomaly detection on the network flow of the preset format. The method and the device can improve the comprehensiveness of network anomaly detection.

Description

technical field [0001] The present application relates to the field of computers, in particular to a method and device for detecting network anomalies. Background technique [0002] In the prior art, in order to realize network anomaly detection, users can usually collect network flows based on the SNMP protocol, and record the relevant information of the collected network flows. The network flow is an abnormal network flow. [0003] However, in practical applications, the network flow collected based on the SNMP protocol can provide limited information about the network flow and cannot provide comprehensive information, which may lead to incomplete subsequent network anomaly detection. Contents of the invention [0004] This application provides a network anomaly detection method applied to network equipment, including: [0005] Collect network flows of NetFlow protocol and sFlow protocol respectively; [0006] Extracting several fields from the collected NetFlow netwo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L12/26
CPCH04L41/0213H04L41/14H04L43/08H04L43/50
Inventor 杨印州
Owner HANGZHOU DPTECH TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap