Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Application layer dynamic intrusion detection system and detection method based on artificial intelligence

An intrusion detection system, artificial intelligence technology, applied in the direction of biological neural network model, instrument, platform integrity maintenance, etc., can solve the problem of server being attacked by network, insufficient efficiency performance, inappropriate background, etc., to achieve good detection effect, The time consumption is short and the effect of reducing the false positive rate

Active Publication Date: 2018-11-27
JINAN UNIVERSITY
View PDF8 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this method requires manual analysis of each attack method. In the context of the ever-changing network technology, the update speed of attack methods is much faster than that of manual analysis. Therefore, the efficiency of traditional intrusion detection methods is too low to apply to the current background.
[0004] At the same time, the efficiency of traditional intrusion detection systems in real-time detection of new attack methods is not good enough, and servers deployed with traditional intrusion detection systems still have a high probability of being attacked by the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Application layer dynamic intrusion detection system and detection method based on artificial intelligence
  • Application layer dynamic intrusion detection system and detection method based on artificial intelligence

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0043] as attached figure 1 As shown, this embodiment discloses an application-layer dynamic intrusion detection system architecture based on artificial intelligence. The system includes the following modules: an application-layer gateway, a detection module, a judgment and operation module, a sample database, and an update module.

[0044] The detection module in the present invention is mainly based on two kinds of deep learning models—convolutional neural network (CNN) and bidirectional long-short memory neural (BLSTM) network, and these two kinds of deep learning models are briefly introduced below:

[0045] CNNs perform well in image recognition and classification problems. Usually, a typical CNN model consists of an input layer, multiple convolutional layers, pooling layers, and a fully connected output layer. The convolution layer is the core part of CNN, which is used to deeply extract the features of the input image, where the convolution kernel and receptive field i...

Embodiment 2

[0071] This embodiment describes the detection method of the application layer dynamic intrusion detection system based on artificial intelligence. Firstly, the detection system is initialized, and the system is applied to detect and filter / release the application layer data packets. The specific process is as follows:

[0072] Step 1, the initialization phase of the sample database. Suppose, the initialization of the detection model requires a training set of 20,000 data samples. The database extracts 10,000 malicious data samples and 10,000 normal data samples from Internet traffic; or, using a public dataset, stores the above-mentioned number of data samples into the sample database.

[0073] Step 2, the initialization phase of the detection module. The update module extracts 10,000 malicious data samples and 10,000 normal data samples from the sample database, and trains the detection model for the first time. When the accuracy of the model is greater than 99% or remain...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an application layer dynamic intrusion detection system and detection method based on artificial intelligence, wherein the detection system comprises an application layer gateway, a detection module, a judgment and operation module, a sample database and an updating module, the detection module comprises a detection model mixed with a convolutional neural network and a bidirectional long and short term memory neural network. The detection module after initialization is used for making an attack judgment on an application layer data packet, filtering the data packet above the threshold value and putting the data packet into a malicious sample database, and meanwhile, the data packet under the threshold value is not processed. The updating module is used for traininga new model by using the malicious samples and normal samples with a certain proportion in the sample database and updating the detection model in the detection module in real time. According to the invention, a universal detection method is used for the attack method of the application layer, the method has the advantages of high detection rate and low misjudgment rate. Meanwhile, the intrusion detection system has the advantage of dynamic updating model, and has good filtering effect on unknown zero-day attack.

Description

technical field [0001] The present invention relates to the technical field of computer application and network space security, specifically to an application layer dynamic intrusion detection system and detection method based on artificial intelligence, and also involves the combined application of various deep learning models, which is a deep learning model-based , a dynamic intrusion detection system based on the application layer. Background technique [0002] In recent years, with the continuous improvement of network technology, the methods of network attacks have also been continuously upgraded. The Open Web Application Security Project (OWASP) pointed out in the 2017 security report that the vast majority of high-risk attacks are based on the application layer. Compared with fixing the vulnerabilities of each network application in a targeted manner, it is more efficient to deploy an intrusion detection system based on the application layer. However, a wide variety...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56G06N3/04
CPCG06F21/566G06N3/045
Inventor 翁健李文灏黄芝琪张彬城张佳婕罗伟其
Owner JINAN UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products