FR3106914B1 - Method for monitoring data exchanged on a network and intrusion detection device - Google Patents
Method for monitoring data exchanged on a network and intrusion detection device Download PDFInfo
- Publication number
- FR3106914B1 FR3106914B1 FR2000991A FR2000991A FR3106914B1 FR 3106914 B1 FR3106914 B1 FR 3106914B1 FR 2000991 A FR2000991 A FR 2000991A FR 2000991 A FR2000991 A FR 2000991A FR 3106914 B1 FR3106914 B1 FR 3106914B1
- Authority
- FR
- France
- Prior art keywords
- technique
- network
- detection device
- monitoring data
- intrusion detection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title abstract 9
- 238000001514 detection method Methods 0.000 title abstract 2
- 238000012544 monitoring process Methods 0.000 title abstract 2
- 239000004233 Indanthrene blue RS Substances 0.000 abstract 1
- 239000004148 curcumin Substances 0.000 abstract 1
- 239000004173 sunset yellow FCF Substances 0.000 abstract 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/045—Combinations of networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
- G06N3/088—Non-supervised learning, e.g. competitive learning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- General Health & Medical Sciences (AREA)
- Life Sciences & Earth Sciences (AREA)
- Health & Medical Sciences (AREA)
- Biophysics (AREA)
- Biomedical Technology (AREA)
- Data Mining & Analysis (AREA)
- Computational Linguistics (AREA)
- Artificial Intelligence (AREA)
- Evolutionary Computation (AREA)
- Molecular Biology (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
- Telephonic Communication Services (AREA)
- Testing And Monitoring For Control Systems (AREA)
Abstract
Procédé de surveillance de données échangées sur un réseau et dispositif de détection d’intrusions Le procédé comprend, pour au moins un sous-ensemble de données : une première étape d’application (E20) audit sous-ensemble d’une première technique (G) de détection d’intrusions ;si une anomalie est détectée (E30) : une deuxième étape d’application (E60) d’une deuxième technique (D) de détection d’intrusions audit sous-ensemble ;une troisième étape d’application (E80) d’une troisième technique (LF) de détection d’intrusions audit sous-ensemble, utilisant des résultats des première et deuxième étapes d’application ;une étape d’utilisation (E100) d’un résultat de la troisième étape d’application pour un apprentissage de la deuxième technique ; une étape d’utilisation (E130) d’un résultat d’une application (E110) audit sous-ensemble de la deuxième technique après apprentissage pour un apprentissage de la première technique. Figure 3Method for monitoring data exchanged on a network and intrusion detection device The method comprises, for at least one subset of data: a first step of applying (E20) to said subset a first technique (G ) for detecting intrusions; if an anomaly is detected (E30): a second step for applying (E60) a second technique (D) for detecting intrusions to said sub-assembly; a third step for applying ( E80) of a third technique (LF) for detecting intrusions to said subset, using results from the first and second application steps;a step of using (E100) a result from the third application step application for learning the second technique; a step of using (E130) a result of an application (E110) to said subset of the second technique after learning for learning the first technique. Figure 3
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| FR2000991A FR3106914B1 (en) | 2020-01-31 | 2020-01-31 | Method for monitoring data exchanged on a network and intrusion detection device |
| PCT/FR2021/050157 WO2021152262A1 (en) | 2020-01-31 | 2021-01-28 | Method for monitoring data exchanged on a network and device for detecting intrusions |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| FR2000991 | 2020-01-31 | ||
| FR2000991A FR3106914B1 (en) | 2020-01-31 | 2020-01-31 | Method for monitoring data exchanged on a network and intrusion detection device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| FR3106914A1 FR3106914A1 (en) | 2021-08-06 |
| FR3106914B1 true FR3106914B1 (en) | 2022-10-28 |
Family
ID=71111512
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| FR2000991A Active FR3106914B1 (en) | 2020-01-31 | 2020-01-31 | Method for monitoring data exchanged on a network and intrusion detection device |
Country Status (2)
| Country | Link |
|---|---|
| FR (1) | FR3106914B1 (en) |
| WO (1) | WO2021152262A1 (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11770713B2 (en) * | 2020-07-06 | 2023-09-26 | T-Mobile Usa, Inc. | Distributed security system for vulnerability-risk-threat (VRT) detection |
| US11800361B2 (en) | 2020-07-06 | 2023-10-24 | T-Mobile Usa, Inc. | Security system with 5G network traffic incubation |
| US11516670B2 (en) | 2020-07-06 | 2022-11-29 | T-Mobile Usa, Inc. | Security system for vulnerability-risk-threat (VRT) detection |
| US11622273B2 (en) | 2020-07-06 | 2023-04-04 | T-Mobile Usa, Inc. | Security system for directing 5G network traffic |
| US11743729B2 (en) | 2020-07-06 | 2023-08-29 | T-Mobile Usa, Inc. | Security system for managing 5G network traffic |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3732844A1 (en) * | 2017-12-29 | 2020-11-04 | Nokia Solutions and Networks Oy | Intelligent defense and filtration platform for network traffic |
-
2020
- 2020-01-31 FR FR2000991A patent/FR3106914B1/en active Active
-
2021
- 2021-01-28 WO PCT/FR2021/050157 patent/WO2021152262A1/en active Application Filing
Also Published As
| Publication number | Publication date |
|---|---|
| FR3106914A1 (en) | 2021-08-06 |
| WO2021152262A1 (en) | 2021-08-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| FR3106914B1 (en) | Method for monitoring data exchanged on a network and intrusion detection device | |
| CN106961419B (en) | WebShell detection method, device and system | |
| CN107251037B (en) | Blacklist generation device, blacklist generation system, blacklist generation method, and recording medium | |
| US20140337974A1 (en) | System and method for semantic integration of heterogeneous data sources for context aware intrusion detection | |
| US20190253441A1 (en) | Detecting cyber-attacks with sonification | |
| US20110261710A1 (en) | Analysis apparatus and method for abnormal network traffic | |
| CN106534146A (en) | Safety monitoring system and method | |
| Goli et al. | Network traffic classification techniques-a review | |
| EP3343421A1 (en) | System to detect machine-initiated events in time series data | |
| Fallah et al. | Android malware detection using network traffic based on sequential deep learning models | |
| JP2015222471A (en) | Malicious communication pattern detecting device, malicious communication pattern detecting method, and malicious communication pattern detecting program | |
| CN111988305A (en) | Data node abnormal behavior detection method and server applied to Internet of things | |
| Pichan et al. | A logging model for enabling digital forensics in iot, in an inter-connected iot, cloud eco-systems | |
| CN105656730A (en) | Network application quick discovery method and system based on TCP data packet | |
| CN111400707A (en) | File macro virus detection method, device, equipment and storage medium | |
| Kolpe et al. | Botnet detection using Bayes classifier | |
| CN113225331A (en) | Method, system and device for detecting host intrusion safety based on graph neural network | |
| Shirani et al. | A method for intrusion detection in web services based on time series | |
| CN101296224B (en) | P2P flux recognition system and method | |
| JP2019185223A (en) | Information processor and information processing method | |
| KR20210059991A (en) | METHOD FOR IoT ANALYZING MALICIOUS BEHAVIOR AND COMPUTING DEVICE FOR EXECUTING THE METHOD | |
| Daihes et al. | MORTON: detection of malicious routines in large-scale DNS traffic | |
| CN111627462B (en) | Semantic analysis-based emotion recognition method and device | |
| TWI667587B (en) | Information security protection method | |
| CN113779564A (en) | Security event prediction method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PLFP | Fee payment |
Year of fee payment: 2 |
|
| PLSC | Publication of the preliminary search report |
Effective date: 20210806 |
|
| PLFP | Fee payment |
Year of fee payment: 3 |
|
| PLFP | Fee payment |
Year of fee payment: 4 |
|
| PLFP | Fee payment |
Year of fee payment: 5 |