CN107332731A - A kind of test system and test envelope for network security monitoring device - Google Patents
A kind of test system and test envelope for network security monitoring device Download PDFInfo
- Publication number
- CN107332731A CN107332731A CN201710487659.8A CN201710487659A CN107332731A CN 107332731 A CN107332731 A CN 107332731A CN 201710487659 A CN201710487659 A CN 201710487659A CN 107332731 A CN107332731 A CN 107332731A
- Authority
- CN
- China
- Prior art keywords
- test
- network
- monitoring device
- security incident
- envelope
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/12—Network monitoring probes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/04—Processing captured monitoring data, e.g. for logfile generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Abstract
The invention discloses a kind of test system for network security monitoring device, it is made up of management control module, security incident module and background traffic module.The management control module includes test and management unit, Data Collection and analytic unit, test case library and test report unit, management configuration and the control scheduling of test process for test system;The security incident module includes security incident storehouse and security incident generation unit, for producing network safety event;The background traffic module is divided into transmitting element and receiving unit, for producing the network context flow needed for testing.Also disclose a kind of test envelope for network security monitoring device, including by the tree-like cascade of at least three-level, the group of switches that is provided with mirror port into network.By the present invention, standardization, ability and the efficiency of test is greatly improved in specification method, content, environment and the instrument of test network safety monitoring device.
Description
Technical field
The invention belongs to network safety filed, it is related to the test envelope construction method for Network Security Device, more particularly to
To the test envelope of network security monitoring device.
Background technology
The network security monitoring device such as Network Intrusion Detection System, Network Security Audit System is in network information system
Popularization application, generates the current demand that these equipment are carried out with security test.Earliest, to network security monitoring device
Test is typically to carry out by hand, and security incident is produced using some hack tool softwares, but this test takes consumption very much
Power, test environment is built and restores all cumbersome so that testing efficiency is very low;Then, occur in that skill is reset in recorded broadcast
Art, by extracting the feature of the security incidents such as network attack, or Direct Acquisition network attack packet, then by feature bag or
The playback of network attack packet is tested;Because the network traffics of playback are not real network attack data, often
Network security monitoring device false alarm or false dismissal can be caused, so as to cannot get correct test result, in order to improve the true of network data
Solidity, occurs in that customizable recorded broadcast reproducing process again, you can according to on-the-spot test environment, to the parameter in network packet
(IP address, timestamp etc.)Flow playback is carried out after modifying again.
Certainly, above-mentioned is only single measuring technology, even customizable flow replays technology, also only
It is that Network Attack is transported in interchanger, and does not make Network Attack proper flow in network information system
(Across port data exchange in i.e. one interchanger, or the data exchange between multi-exchange), essentially these network flows
Amount is still false.Moreover, the current test to network security monitoring device, the test envelope of systematization is not utilized also, survey
Building for test ring border is all very arbitrarily and simple, it is difficult to which the monitoring capability of network security monitoring device is sufficiently tested.
Therefore, the network safety event flow of test is truly produced, and it is customizable automatically generate,
It is the key for improving testing efficiency.Moreover, solve automatic test efficiency after, how normative testing content, test wrapper
Border and test process, have also turned into technical problem urgently to be resolved hurrily during current network security monitoring device is tested.Therefore, of the invention
A kind of test system and test envelope for network security monitoring device is proposed, in testing tool, test environment, test
The many aspects such as appearance and method of testing carry out clear and definite specification, so as to effectively solve above mentioned problem present in test.
The content of the invention
The purpose of the present invention, is monitored for the network security such as Network Intrusion Detection System and network flow monitoring auditing system
The test of equipment makes testing tool, method of testing, test there is provided a kind of test system of automation and the test envelope of standardization
The testing factors such as environment, test content and test result judge are clearly described, so as to solve present in test at present
The variety of problems such as accuracy, efficiency are low, content is imperfect, process is lack of standardization, significantly promotes testing standard level, power of test
With the raising of efficiency.
A kind of test system for network security monitoring device that the present invention is provided, by management control module, safe thing
Part module and background traffic module composition, it is characterised in that management control module is used for the management configuration of test system, creates and surveys
Examination project, scheduling is controlled to test process, and analyzing test data obtains test result, provides test report;Security incident
Module is used to produce network safety event data, and is sent in test envelope;Background traffic module is used for needed for generation test
Network context data on flows, and be sent in test envelope;Management control module, security incident module and background traffic module pass through
Network is attached.
The management control module of the test system includes test and management unit, Data Collection and analytic unit, test and used
Example storehouse and test report unit;Wherein, the test and management unit is used to manage test event and configuration testing use-case, and control is surveyed
Examination process;Monitoring Data of the Data Collection with analytic unit for collecting and analyzing tested network security monitoring device, gives
Go out test result;The test case library is used for all test cases of test system described in management service, uses each test
Example is corresponded with each network safety event data;The test report unit is used for according to test result generation test report
Accuse.
The Data Collection also has the interactive interface with tested network security monitoring device with analytic unit, can pass through
The interface automatically obtains Monitoring Data of the tested network security monitoring device to network safety event.
The security incident module of the test system includes security incident storehouse and security incident generation unit;Wherein, it is described
Security incident storehouse is used for management service network safety event data, makes each network safety event data and each test case one
One correspondence;The security incident generation unit is used to produce network security thing in test envelope according to network safety event data
Part.The security incident generation unit is divided into client and service end, as the two ends of network service, can be according to test case
It is required that, interchanger connections different from test envelope are disposed, network safety event is produced in test envelope.
The network safety event at least include network hole utilizations, extension horse website visiting, wooden horse remote control with attack,
Worm attack, SQL injection attack, cross-site scripting attack and DDOS attack.
The background traffic module of the test system is divided into transmitting element and receiving unit, as the two ends of network service,
It can dispose interchangers different from test envelope according to the requirement of test case and connect, according to protocol type, bag size and flow
Size parameter, customization produces the network context flow needed for test in test envelope.
A kind of test envelope for network security monitoring device that the present invention is provided, including network system, it is characterised in that
Network system have group of switches by the tree-like cascade of at least three-level into network, every interchanger is respectively provided with least one port
For mirror port;Network system is attached with the test system and tested network security monitoring device by network, branch
Support the operation of the test system and tested network security monitoring device.
The mirror port of interchanger is connected with the network engine of tested network security monitoring device in the test envelope, makes it
Network safety event data and background traffic data can be obtained.When all interchangers of the test envelope be respectively provided with it is N number of(N>1)
During mirror port, it becomes possible to support the test simultaneously to N number of tested network security monitoring device.
The beneficial effects of the invention are as follows by providing a kind of brand-new test system and test envelope, specify specification test
Testing tool, test environment, test content and the method for testing of network security monitoring device, are solved present in current test
The problems such as efficiency is low, accuracy is inadequate and tests uncomplete content, is greatly improved power of test and efficiency.
Brief description of the drawings
Fig. 1 is the structured flowchart of test system of the present invention.
Fig. 2 is the structured flowchart of test envelope of the present invention.
Fig. 3 is a kind of application deployment schematic diagram of test envelope of the present invention.
Fig. 4 is a kind of flow chart for the method tested using test system and test envelope.
Embodiment
The present invention is further detailed explanation with reference to the accompanying drawings and detailed description.
Fig. 1 is the structured flowchart of test system of the present invention.The test system is by management control module, security incident module
With background traffic module composition;Wherein management control module is used for the management configuration of test system, creates test event, to test
Process is controlled scheduling, and analyzing test data obtains test result, provides test report;Security incident module is used to produce net
Network security event data, and be sent in test envelope;Background traffic module is used to produce the network context flow number needed for test
According to, and be sent in test envelope;Management control module, security incident module and background traffic module are attached by network.
The management control module of the test system includes test and management unit, Data Collection and analytic unit, test and used
Example storehouse and test report unit;Wherein, the test and management unit is used to manage test event and configuration testing use-case, and control is surveyed
Examination process;Monitoring Data of the Data Collection with analytic unit for collecting and analyzing tested network security monitoring device, gives
Go out test result;The test case library is used for all test cases of test system described in management service, uses each test
Example is corresponded with each network safety event data;The test report unit is used for according to test result generation test report
Accuse.
The management control module of the test system is realized in a software form, is operated on single server, it will usually
It is connected on the one-level interchanger of test envelope.Management control module can create for the test of each tested network security monitoring system
One test event, then selects corresponding test case to constitute the test use cases of the test event from test case library.
The Data Collection also has the interactive interface with tested network security monitoring device with analytic unit, can pass through
The interface automatically obtains Monitoring Data of the tested network security monitoring device to network safety event.It this interface define standardization
Data-interface specification, tested network security monitoring device can according to the standard interface specifications, customize Monitoring Data submit connects
Mouthful, so that the Data Collection can obtain the Monitoring Data of tested network security monitoring device automatically with analytic unit.Should
Interface also supports customization, can submit interface specification according to the Monitoring Data of tested network security monitoring system, enter determining for line interface
System.The key content of the interface includes:
Interactive interface::= <Tested network security monitoring device mark><Network safety event is identified><Network safety event is retouched
State><Time of origin>.
The security incident module of the test system includes security incident storehouse and security incident generation unit;Wherein, it is described
Security incident storehouse is used for management service network safety event data, makes each network safety event data and each test case one
One correspondence;The security incident generation unit is used to produce network security thing in test envelope according to network safety event data
Part.The security incident generation unit is divided into client and service end, as the two ends of network service, can be according to test case
It is required that, interchanger connections different from test envelope are disposed, network safety event is produced in test envelope.
The network safety event at least include network hole utilizations, extension horse website visiting, wooden horse remote control with attack,
Worm attack, SQL injection attack, cross-site scripting attack and DDOS attack.
Each network safety event is the network data of complete network attack, generally includes communicating pair multiple
Transaction data.Here by the client and service end of security incident generation unit, true analog network attacker and attacked
The attack of side and reply data, completely show attack in a network.Importantly, network attack data are in network
Middle Real Flow Field, it can be flowed across subnet, switch-spanning, this is only filled with past recorded broadcast reproducing process toward some port in interchanger
Flow is entirely different.
The background traffic module of the test system is divided into transmitting element and receiving unit, as the two ends of network service,
It can dispose interchangers different from test envelope according to the requirement of test case and connect, according to protocol type, bag size and flow
Size parameter, customization produces the network context flow needed for test in test envelope.It is consistent with security incident generation unit principle,
Here by transmitting element and receiving unit, the requesting party of true analog network session and answer party are true in a network to produce
Network traffics, and can be flowed across subnet, switch-spanning, this is with past recorded broadcast reproducing process only toward some port perfusion in interchanger
Amount is entirely different.
Network context flow is used for the performance of test network safety monitoring device, and generally, network security monitoring system can
It is accurate in the clean, network environment without flow to find assault, and once there is a certain amount of network context flow
Data, network security monitoring device may and situation that packet loss or analysis error occur not enough due to performance, cause rate of false alarm or
The generation of rate of failing to report.The network context data on flows of different agreement type, bag size and uninterrupted, can be surveyed from many aspects
Try the performance of network security monitoring device.
Fig. 2 is the structured flowchart of test envelope of the present invention.The test envelope includes a network system with particular/special requirement and configuration
System.The network system have group of switches by the tree-like cascade of at least three-level into network, every interchanger is respectively provided with least one
Individual port is mirror port;Network system is connected with the test system and tested network security monitoring device by network
Connect, support the operation of the test system and tested network security monitoring device.
The mirror port of interchanger is connected with the network engine of tested network security monitoring device in the network system, is made
It can obtain network safety event data and background traffic data.When all interchangers of the test envelope be respectively provided with it is N number of(N>
1)During mirror port, it becomes possible to support the test simultaneously to N number of tested network security monitoring device.
Generally, network security monitoring device is divided into network engine and MonitorConsole two parts, and network engine has many
Distributed deployment is in the different sub-network of network.The mirror port connection of network engine and interchanger, can so have ready conditions and obtain
Take all data for flowing through interchanger;MonitorConsole is then deployed in the core layer of network, generally and one-level(Core)Exchange
Machine is connected.Network engine is responsible for collection network data, is monitored analysis, discovery network safety event, and to MonitorConsole
Alarm.MonitorConsole is except display alarm data, additionally it is possible to which the alarm data of multiple distributed network engines is integrated
Analysis, is obtained deeper into comprehensive security event information.If all interchangers in a network are respectively provided with 2 mirror ports,
Just 2 network security monitoring devices can be tested simultaneously.Similarly, if all interchangers in a network are respectively provided with 3
Individual mirror port, it becomes possible to while testing 3 network security monitoring devices.The maximum quantity supported is tested simultaneously, is taken
Certainly in the performance of interchanger, if its Port Mirroring ability is difficult to the traffic mirroring for supporting linear speed, obvious packet loss is caused, then
The accuracy of test will be influenceed.
Fig. 3 is a kind of application deployment schematic diagram of test envelope of the present invention.For ease of the clear explanation present invention, it is employed herein
One succinct test bed structure most directly perceived.The test envelope by three group of switches into, respectively one-level, two grades, three-level exchange
Machine;The cascade port of three-level interchanger is connected with two grades of common ports of interchanger, and cascade port and the one-level of two grades of interchangers are handed over
Change planes the connection of common port;So dispose to simulate core layer, convergence-level and the Access Layer of a typical three-layer network.Three friendships
Change planes and a mirror port is only set.Tested network security monitoring device has three network engines, is exchanged respectively with three
The mirror port connection of machine;Its MonitorConsole is connected with one-level interchanger.The management control module of test system of the present invention, with
One-level interchanger is connected;The security incident generation unit of security incident module, its client is connected with three-level interchanger, and it is serviced
End is connected with one-level interchanger, can so produce the network safety event data for flowing through whole three-layer network;Background traffic mould
The transmitting element of block is connected with three-level interchanger, and receiving unit is connected with one-level interchanger, so can also be produced and be flowed through entirely
The network context data on flows of three-layer network.
Fig. 4 is a kind of flow chart for the method tested using test system and test envelope.This method includes following several
Individual key step:
S1:The management control module of test system creates test event, selects corresponding test case formation test use cases, so
Test case starts test successively one by one afterwards;
S2:According to specific test case, the security incident module of test system(With background traffic module)Produced in test envelope
Raw network safety event data(With background traffic data);
S3:Tested network security monitoring system monitoring network security incident;
S4:The management control module of test system obtains the Monitoring Data of tested network security monitoring system, and analysis obtains the survey
The test result of example on probation;
S5:S2 ~ S5 is repeated until test case concentrates all testing cases to complete;
S6:The test result of all test cases, provides survey in the management control module statistical analysis test event of test system
Examination report.
In step s 2, functional test and do not need background traffic module, only performance test need.
Embodiment described above only expresses the embodiment of the present invention, and it describes more specific and detailed, but simultaneously
Therefore the limitation to the scope of the claims of the present invention can not be interpreted as.It should be pointed out that for one of ordinary skill in the art
For, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to the guarantor of the present invention
Protect scope.Therefore, the protection domain of patent of the present invention should be determined by the appended claims.
Claims (10)
1. a kind of test system for network security monitoring device, by management control module, security incident module and background stream
Measure module composition, it is characterised in that
Management control module is used for the management configuration of test system, creates test event, scheduling is controlled to test process, point
Analysis test data obtains test result, provides test report;
Security incident module is used to produce network safety event data, and is sent in test envelope;
Background traffic module is used to produce the network context data on flows needed for test, and is sent in test envelope;
Management control module, security incident module and background traffic module are attached by network.
2. test system according to claim 1, it is characterised in that the management control module includes test and management list
Member, Data Collection and analytic unit, test case library and test report unit;Wherein,
The test and management unit is used to manage test event and configuration testing use-case, controls test process;
Monitoring Data of the Data Collection with analytic unit for collecting and analyzing tested network security monitoring device, provides survey
Test result;
The test case library is used for all test cases of test system described in management service, makes each test case and each
Network safety event data are corresponded;
The test report unit is used to generate test report according to test result.
3. management control module according to claim 2, it is characterised in that the Data Collection and analytic unit have with
The interactive interface of tested network security monitoring device, can automatically obtain tested network security monitoring device to net by the interface
The Monitoring Data of network security incident.
4. test system according to claim 1, it is characterised in that the security incident module include security incident storehouse and
Security incident generation unit;Wherein,
The security incident storehouse is used for management service network safety event data, makes each network safety event data and each survey
Example on probation is corresponded;
The security incident generation unit is used to produce network safety event in test envelope according to network safety event data.
5. security incident module according to claim 4, it is characterised in that the security incident generation unit is divided into client
End and service end, as the two ends of network service, can dispose interchangers different from test envelope according to the requirement of test case
Connection, produces network safety event in test envelope.
6. the security incident module according to claim 4 or 5, it is characterised in that the network safety event at least includes
Network hole utilization, extension horse website visiting, wooden horse remote control and attack, worm attack, SQL injection attack, cross site scripting are attacked
Hit and DDOS attack.
7. test system according to claim 1, it is characterised in that the background traffic module is divided into transmitting element and connect
Unit is received, as the two ends of network service, interchangers companies different from test envelope can be disposed according to the requirement of test case
Connect, according to protocol type, bag size and uninterrupted parameter, customization produces the network context stream needed for test in test envelope
Amount.
8. a kind of test envelope for network security monitoring device, including network system, it is characterised in that
Network system have group of switches by the tree-like cascade of at least three-level into network, every interchanger is respectively provided with least one
Port is mirror port;
Network system is attached with the test system and tested network security monitoring device by network, supports described survey
The operation of test system and tested network security monitoring device.
9. test envelope according to claim 8, it is characterised in that the mirror port of the interchanger and tested network security
The network engine connection of monitoring device, can obtain network safety event data and background traffic data.
10. test envelope according to claim 8, it is characterised in that when all interchangers of the test envelope be respectively provided with it is N number of
(N>1)During mirror port, it becomes possible to support the test simultaneously to N number of tested network security monitoring device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710487659.8A CN107332731A (en) | 2017-06-23 | 2017-06-23 | A kind of test system and test envelope for network security monitoring device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710487659.8A CN107332731A (en) | 2017-06-23 | 2017-06-23 | A kind of test system and test envelope for network security monitoring device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107332731A true CN107332731A (en) | 2017-11-07 |
Family
ID=60195361
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710487659.8A Pending CN107332731A (en) | 2017-06-23 | 2017-06-23 | A kind of test system and test envelope for network security monitoring device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107332731A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109302423A (en) * | 2018-11-23 | 2019-02-01 | 杭州迪普科技股份有限公司 | A kind of vulnerability scanning aptitude tests method and apparatus |
| CN110867967A (en) * | 2019-11-27 | 2020-03-06 | 云南电网有限责任公司电力科学研究院 | Background flow playback method for power monitoring system communication |
| CN111131073A (en) * | 2020-01-02 | 2020-05-08 | 深圳市高德信通信股份有限公司 | Network traffic classification processing system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101447991A (en) * | 2008-11-19 | 2009-06-03 | 中国人民解放军信息安全测评认证中心 | Test device used for testing intrusion detection system and test method thereof |
| CN101447898A (en) * | 2008-11-19 | 2009-06-03 | 中国人民解放军信息安全测评认证中心 | Test system used for network safety product and test method thereof |
| CN101931570A (en) * | 2010-02-08 | 2010-12-29 | 中国航天科技集团公司第七一○研究所 | Method for reconstructing network attack path based on frequent pattern-growth algorithm |
| CN101958816A (en) * | 2010-10-28 | 2011-01-26 | 中国航空无线电电子研究所 | High speed core switching equipment testing system and testing method thereof |
| US20140181968A1 (en) * | 2012-12-20 | 2014-06-26 | At&T Intellectual Property I, L.P. | Monitoring Operational Activities In Networks And Detecting Potential Network Intrusions And Misuses |
-
2017
- 2017-06-23 CN CN201710487659.8A patent/CN107332731A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101447991A (en) * | 2008-11-19 | 2009-06-03 | 中国人民解放军信息安全测评认证中心 | Test device used for testing intrusion detection system and test method thereof |
| CN101447898A (en) * | 2008-11-19 | 2009-06-03 | 中国人民解放军信息安全测评认证中心 | Test system used for network safety product and test method thereof |
| CN101931570A (en) * | 2010-02-08 | 2010-12-29 | 中国航天科技集团公司第七一○研究所 | Method for reconstructing network attack path based on frequent pattern-growth algorithm |
| CN101958816A (en) * | 2010-10-28 | 2011-01-26 | 中国航空无线电电子研究所 | High speed core switching equipment testing system and testing method thereof |
| US20140181968A1 (en) * | 2012-12-20 | 2014-06-26 | At&T Intellectual Property I, L.P. | Monitoring Operational Activities In Networks And Detecting Potential Network Intrusions And Misuses |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109302423A (en) * | 2018-11-23 | 2019-02-01 | 杭州迪普科技股份有限公司 | A kind of vulnerability scanning aptitude tests method and apparatus |
| CN109302423B (en) * | 2018-11-23 | 2021-07-23 | 杭州迪普科技股份有限公司 | Vulnerability scanning capability testing method and device |
| CN110867967A (en) * | 2019-11-27 | 2020-03-06 | 云南电网有限责任公司电力科学研究院 | Background flow playback method for power monitoring system communication |
| CN110867967B (en) * | 2019-11-27 | 2023-11-10 | 云南电网有限责任公司电力科学研究院 | Background flow playback method for communication of power monitoring system |
| CN111131073A (en) * | 2020-01-02 | 2020-05-08 | 深圳市高德信通信股份有限公司 | Network traffic classification processing system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101709795B1 (en) | Intelligent monitoring of an electrical utility grid | |
| Heberlein et al. | A network security monitor | |
| US9210050B2 (en) | System and method for a testing vector and associated performance map | |
| CN105429977B (en) | Deep packet inspection device abnormal flow monitoring method based on comentropy measurement | |
| CN101192951B (en) | Measuring method and device for utilization rate of IPv6 network link and IPv6 network router | |
| CN102761449B (en) | Method and device for web service performance analysis | |
| CN101567884B (en) | Method for detecting network theft Trojan | |
| CN108896868A (en) | One kind is monitored on-line with formula and realizes system and method | |
| US20080101251A1 (en) | System, apparatus and method for mixed mode communication on a single network | |
| CN106452955B (en) | A kind of detection method and system of abnormal network connection | |
| CN103580905B (en) | A kind of method for predicting, system and flow monitoring method, system | |
| CN102158360A (en) | Network fault self-diagnosis method based on causal relationship positioning of time factors | |
| GB2427490A (en) | Network usage monitoring with standard message format | |
| CN107332731A (en) | A kind of test system and test envelope for network security monitoring device | |
| CN105160864A (en) | Operating data monitoring system and method for intelligent ammeters | |
| CN100525217C (en) | End-to-end test and diagnostic management system | |
| CN107547127A (en) | A kind of failure information obtaining method and device | |
| JP2016511966A (en) | Method and system for visualizing and analyzing field regional networks | |
| CN109034400A (en) | A kind of substation's exception metric data predicting platform system | |
| CN102506991A (en) | Distributed urban environment noise real-time automatic monitoring system | |
| CN110113325A (en) | Network Data Control method, apparatus and storage medium based on third party SDK | |
| CN107341605A (en) | One kind prospecting field operation informationization monitoring and managing method and system | |
| CN109522166A (en) | A kind of automatic assessment method and system of equal guarantors' assessment | |
| CN108830391A (en) | Wind power generating set operation management system, method and computer equipment | |
| CN106569950A (en) | Network management software testing system and network management software testing method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20171107 |