CN104933357A - 一种基于数据挖掘的洪泛攻击检测系统 - Google Patents
一种基于数据挖掘的洪泛攻击检测系统 Download PDFInfo
- Publication number
- CN104933357A CN104933357A CN201510293449.6A CN201510293449A CN104933357A CN 104933357 A CN104933357 A CN 104933357A CN 201510293449 A CN201510293449 A CN 201510293449A CN 104933357 A CN104933357 A CN 104933357A
- Authority
- CN
- China
- Prior art keywords
- module
- attack
- mib
- data
- attack detection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
Abstract
Description
攻击检测率 | FPR | FNR |
99.06% | 0.42% | 0.89% |
TCP-SYN flooding | UDP flooding | FNR flooding |
100% | 100% | 100% |
Claims (4)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510293449.6A CN104933357A (zh) | 2015-06-01 | 2015-06-01 | 一种基于数据挖掘的洪泛攻击检测系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510293449.6A CN104933357A (zh) | 2015-06-01 | 2015-06-01 | 一种基于数据挖掘的洪泛攻击检测系统 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN104933357A true CN104933357A (zh) | 2015-09-23 |
Family
ID=54120520
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510293449.6A Pending CN104933357A (zh) | 2015-06-01 | 2015-06-01 | 一种基于数据挖掘的洪泛攻击检测系统 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104933357A (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107809344A (zh) * | 2016-09-09 | 2018-03-16 | 中华电信股份有限公司 | 实时讯务量搜集与分析系统及方法 |
CN114531335A (zh) * | 2020-11-23 | 2022-05-24 | 大唐移动通信设备有限公司 | 一种管理信息库数据检测的方法、设备及装置 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102034042A (zh) * | 2010-12-13 | 2011-04-27 | 四川大学 | 基于函数调用关系图特征的恶意代码检测新方法 |
CN103051617A (zh) * | 2012-12-18 | 2013-04-17 | 北京奇虎科技有限公司 | 识别程序的网络行为的方法、装置及系统 |
CN103177215A (zh) * | 2013-03-05 | 2013-06-26 | 四川电力科学研究院 | 基于软件控制流特征的计算机恶意软件检测新方法 |
US20130291108A1 (en) * | 2012-04-26 | 2013-10-31 | Electronics And Telecommunications Research Institute | Apparatus and method for detecting traffic flooding attack and conducting in-depth analysis using data mining |
-
2015
- 2015-06-01 CN CN201510293449.6A patent/CN104933357A/zh active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102034042A (zh) * | 2010-12-13 | 2011-04-27 | 四川大学 | 基于函数调用关系图特征的恶意代码检测新方法 |
US20130291108A1 (en) * | 2012-04-26 | 2013-10-31 | Electronics And Telecommunications Research Institute | Apparatus and method for detecting traffic flooding attack and conducting in-depth analysis using data mining |
CN103051617A (zh) * | 2012-12-18 | 2013-04-17 | 北京奇虎科技有限公司 | 识别程序的网络行为的方法、装置及系统 |
CN103177215A (zh) * | 2013-03-05 | 2013-06-26 | 四川电力科学研究院 | 基于软件控制流特征的计算机恶意软件检测新方法 |
Non-Patent Citations (1)
Title |
---|
JAEHAK YU 等: ""Traffic flooding attack detection with SNMP MIB using SVM"", 《COMPUTER COMMUNICATIONS》 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107809344A (zh) * | 2016-09-09 | 2018-03-16 | 中华电信股份有限公司 | 实时讯务量搜集与分析系统及方法 |
CN107809344B (zh) * | 2016-09-09 | 2021-01-22 | 中华电信股份有限公司 | 实时讯务量搜集与分析系统及方法 |
CN114531335A (zh) * | 2020-11-23 | 2022-05-24 | 大唐移动通信设备有限公司 | 一种管理信息库数据检测的方法、设备及装置 |
CN114531335B (zh) * | 2020-11-23 | 2023-04-11 | 大唐移动通信设备有限公司 | 一种管理信息库数据检测的方法、设备及装置 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110380896B (zh) | 基于攻击图的网络安全态势感知系统和方法 | |
CN106790256B (zh) | 用于危险主机监测的主动机器学习系统 | |
CN110336827B (zh) | 一种基于异常字段定位的Modbus TCP协议模糊测试方法 | |
CN105553998A (zh) | 一种网络攻击异常检测方法 | |
Subbulakshmi et al. | Detection of DDoS attacks using Enhanced Support Vector Machines with real time generated dataset | |
CN105637519A (zh) | 使用行为辨识系统的认知信息安全性 | |
CN103581186A (zh) | 一种网络安全态势感知方法及系统 | |
CN105868629B (zh) | 一种适用于电力信息物理系统的安全威胁态势评估方法 | |
CN111431939A (zh) | 基于cti的sdn恶意流量防御方法及系统 | |
Zhe et al. | DoS attack detection model of smart grid based on machine learning method | |
CN112114995A (zh) | 基于进程的终端异常分析方法、装置、设备及存储介质 | |
EP3623983A1 (en) | Method and device for identifying security threats, storage medium, processor and terminal | |
CN102045357A (zh) | 一种基于仿射聚类分析的入侵检测方法 | |
CN115021997A (zh) | 一种基于机器学习的网络入侵检测系统 | |
Bhati et al. | Intrusion detection technique using Coarse Gaussian SVM | |
CN107896229A (zh) | 一种计算机网络异常检测的方法、系统及移动终端 | |
CN113343228B (zh) | 事件可信度分析方法、装置、电子设备及可读存储介质 | |
Riad et al. | Visualize network anomaly detection by using k-means clustering algorithm | |
CN104933357A (zh) | 一种基于数据挖掘的洪泛攻击检测系统 | |
CN111709021B (zh) | 一种基于海量告警的攻击事件识别方法及电子装置 | |
CN112925805A (zh) | 基于网络安全的大数据智能分析应用方法 | |
CN112600828A (zh) | 基于数据报文的电力控制系统攻击检测防护方法及装置 | |
CN116074092B (zh) | 一种基于异构图注意力网络的攻击场景重构系统 | |
Tian et al. | A transductive scheme based inference techniques for network forensic analysis | |
CN114070641B (zh) | 一种网络入侵检测方法、装置、设备和存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C41 | Transfer of patent application or patent right or utility model | ||
CB03 | Change of inventor or designer information |
Inventor after: Wang Hongkai Inventor after: Zhang Xudong Inventor after: Yang Weiyong Inventor after: Huang Yibin Inventor after: Liu Yun Inventor after: Liao Peng Inventor after: Jin Qianqian Inventor before: Yang Weiyong Inventor before: Wang Hongkai Inventor before: Huang Yibin Inventor before: Liu Yun Inventor before: Liao Peng Inventor before: Jin Qianqian |
|
COR | Change of bibliographic data | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20161009 Address after: 100031 West Chang'an Avenue, Beijing, No. 86 Applicant after: State Grid Corporation of China Applicant after: Information communication branch office of Guo Wang Zhejiang Electric Power Company Applicant after: Nanjing Nari Co., Ltd. Applicant after: NANJING NARI INFORMATION COMMUNICATION SCIENCE & TECHNOLOGY CO., LTD. Address before: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant before: State Grid Corporation of China Applicant before: Nanjing Nari Co., Ltd. Applicant before: NANJING NARI INFORMATION COMMUNICATION SCIENCE & TECHNOLOGY CO., LTD. |
|
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150923 |
|
RJ01 | Rejection of invention patent application after publication |