CN108777643A - A kind of traffic visualization plateform system - Google Patents

A kind of traffic visualization plateform system Download PDF

Info

Publication number
CN108777643A
CN108777643A CN201810585467.5A CN201810585467A CN108777643A CN 108777643 A CN108777643 A CN 108777643A CN 201810585467 A CN201810585467 A CN 201810585467A CN 108777643 A CN108777643 A CN 108777643A
Authority
CN
China
Prior art keywords
network
analysis
flow
user
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810585467.5A
Other languages
Chinese (zh)
Inventor
娈靛浆
段彬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan Sipuleng Technology Co Ltd
Wuhan Sipuling Technology Co Ltd
Original Assignee
Wuhan Sipuleng Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan Sipuleng Technology Co Ltd filed Critical Wuhan Sipuleng Technology Co Ltd
Priority to CN201810585467.5A priority Critical patent/CN108777643A/en
Publication of CN108777643A publication Critical patent/CN108777643A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/04Processing captured monitoring data, e.g. for logfile generation
    • H04L43/045Processing captured monitoring data, e.g. for logfile generation for graphical visualisation of monitoring data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/06Generation of reports
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0876Network utilisation, e.g. volume of load or congestion level
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection

Abstract

The present invention relates to a kind of traffic visualization plateform system, it includes flow collection module, traffic security analysis module and comprehensive presentation module, the flow collection module acquires adapter by network flow and acquires network flow data, the traffic security analysis module carries out various dimensions, the identification of profound application protocol with Context resolution and in conjunction with big data intellectual analysis to node mirror image flow, and the comprehensive module that presents is accessed behavior and presented with patterned way to network overall operation situation, network quality and business service quality, network.Can with distributed deployment enterprise network key node, by carrying out various dimensions, the identification of profound application protocol with Context resolution and in conjunction with big data intellectual analysis to node mirror image flow, finally network overall operation situation, network quality and business service quality, network access behavior etc. are presented with abundant patterned way.

Description

A kind of traffic visualization plateform system
Technical field
The present invention relates to information security fields, and in particular to a kind of traffic visualization plateform system.
Background technology
With the arriving of Internet era, China's network security problem becomes increasingly conspicuous.Networks security situation assessment technology energy Enough dynamic reflection security status on the whole, and prediction and early warning are carried out to the development trend of safe condition, to enhance net Network safety is provided reliably with reference to property foundation.
With the continuous upgrading of network security threats, the various network offensive patterns of the understanding not only to be grown with each passing hour And means, inherent network security phylactic power defensive power is more fundamentally improved, own network infrastructure is grasped, clear security domain is drawn Point, dispose and adjust security strategy and clear Traffic Anomaly and hazardous act etc..
Invention content
The present invention provides a kind of traffic visualization plateform system, the system is a based on big data and visualization technique High performance network flow data collector and safe and intelligent analyze hardware platform, and key that can be with distributed deployment in enterprise network saves Point, by carrying out various dimensions, the identification of profound application protocol with Context resolution and in conjunction with big data intelligence to node mirror image flow It can analyze, finally with abundant patterned way to network overall operation situation, network quality and business service quality, network Access behavior etc. is presented, and assists enterprise to actively discover in combination with security threat analysis model and abnormality alarming notice Potential unknown network threatens, and to realize that enterprise network flow is visual, behavior is it is found that threaten controllable.
Concrete scheme is as follows:
A kind of traffic visualization plateform system comprising flow collection module, traffic security analysis module and comprehensive presentation Module, the flow collection module acquire adapter by network flow and acquire network flow data, the traffic security analysis Module carries out various dimensions to node mirror image flow, application protocol identification and Context resolution and the combination big data of profound level are intelligently divided Analysis, the comprehensive presentation module is with patterned way to network overall operation situation, network quality and business service quality, net Network accesses behavior and is presented.
The flow collection module acquires network flow number using bypass deployment way, by switch port mirror-image fashion According to support configures virtual link interface based on VLAN, VxLAN ID, MPLS TAG, network segment mode, realizes to cloud data center, SDN Network, shunting exchange convergence flow and are flexibly acquired, and provide the crawl of link flow real time data packet and historical data backtracking work( Can, and can customize contact conditions and parameter.
The traffic security analysis module further comprises application protocol parsing, user's behaviors analysis and security threat analysis Three submodules.
The application protocol analyzing sub-module carries out application layer protocol parsing, support pair using DPI deep packet inspection technicals HTTP, FTP, MYSQL, MAIL, OA service application are identified and parse, and auxiliary big data analysis platform establishes user and business Normal access benchmark model, be provided with force data support for user's abnormal access and abnormal user access detection.
The user's behaviors analysis submodule accesses internal resource and external resource and external user for internal user The a variety of user behaviors for accessing internal resource carry out portrait analysis and data relation analysis, accurately identify abnormal user and access and use Family abnormal access carries out fine granularity log audit for the various access resources of user and behavior, and according to log information and user The normal benchmark that accesses is compared, and realizes that user accesses compliance analysis and analyzed with Security Trend.
The security threat analysis submodule quickly finds network attack, worm, wood by being detected to flow data exception Horse, abnormal connection, sensitive data outgoing, violation operation endanger the abnormal behaviour of network security, quickly find advanced directional attack Behavior, it is accurate to obtain attack trace and evidence, further diffusion and infiltration are prevented in time.
The comprehensive module that presents further comprises that flow panorama is presented, network quality is presented, abnormality alarming notifies and intelligence It can four submodules of statement analysis.
The flow panorama is presented submodule and realizes that 7 laminar flow amount monitoring analysis of OSI, display full duplex connect to network flow The sending and receiving of mouth and whole flows, packet information;It provides and the analysing content of host, agreement, session dimension is presented, and prop up Hold association analysis, intelligent sequencing, fuzzy query, multistage drill through function;For user, service application and server object, you can Historical data statistic analysis result is presented, real-time traffic, the presentation of session information and conditional information retrieval can be also provided.
Submodule is presented in the network quality, and for network flow velocity, time delay, abnormal conditions progress, analysis and trend are pre- in real time It surveys, data supporting is carried out to fault location, link upgrading, Bandwidth plan, Developing Tactics;Support Network Abnormal monitoring be in It is existing, including the exception of network layer, application layer connects, the statistic analysis result of abnormal session is presented;Support network response delay and Using the monitoring and presentation of response delay, assistance judges that user experience time-delay deviation is since network influence leads to or apply shadow Pilot causes.
The abnormality alarming notice submodule is actively discovered by threat sensor model with flow Baseline detection mechanism potential Unknown network threatens, and establishes sensitive Cyberthreat sensing capability;Support traffic monitoring, characteristic value matching, suspicious domain name, exception The a variety of abnormality alarming types of behavior;Monitoring page prompts, mail notification, interface is supported to export a variety of alarm modes.
The intelligent report forms analysis submodule Data Analysis Platform is collected and stores the stream of traffic security visualisation platforms acquisition Data information is measured, big data analysis technology is based on, statement analysis function is provided;Data Analysis Platform can provide daily paper, weekly, the moon The network operation of report, quarterly report, annual report short, medium and long phase are reported with safe O&M, support User Defined report.
Description of the drawings
Fig. 1 is the traffic visualization plateform system Organization Chart of the present invention.
Specific implementation mode
Below in conjunction with the drawings and specific embodiments, the present invention will be described in detail, but not as a limitation of the invention.
As shown in Figure 1, being the traffic visualization plateform system Organization Chart of the present invention.
A kind of traffic visualization plateform system comprising flow collection module, traffic security analysis module and comprehensive presentation Module, the flow collection module acquire adapter by network flow and acquire network flow data, the traffic security analysis Module carries out various dimensions to node mirror image flow, application protocol identification and Context resolution and the combination big data of profound level are intelligently divided Analysis, the comprehensive presentation module is with patterned way to network overall operation situation, network quality and business service quality, net Network accesses behavior and is presented.
Network flow acquires
Platform acquires network flow data using bypass deployment way, by switch port mirror-image fashion, does not change enterprise Industry legacy network framework;
It supports to configure virtual link interface based on modes such as VLAN, VxLAN ID, MPLS TAG, the network segments, realize to cloud data Center, SDN network, shunting exchange convergence flow and are flexibly acquired;
The crawl of link flow real time data packet and historical data back track function can be provided, and can customize contact conditions and ginseng Number.
Application protocol parses
Platform carries out application layer protocol parsing using DPI (Deep Packet Inspection) deep packet inspection technical, Can the predefined application of more than 1500 kind of precise and high efficiency identification, 500 kinds of self-defined applications fully analyze network flow composition, performance, stream Speed etc.;
It supports that the specific interior business application such as HTTP, FTP, MYSQL, MAIL, OA is identified and is parsed, auxiliary is big Data Analysis Platform, which is established, to be used
The normal access benchmark model at family and business provides strong number for user's abnormal access and abnormal user access detection According to support.
Flow panorama is presented
Platform realizes 7 laminar flow amount monitoring analysis of OSI to network flow, can show sending and receiving and the whole of full duplex interface Flow, packet information;
It provides and the analysing content of the dimensions such as host, agreement, session is presented, and support association analysis, intelligent sequencing, obscure Inquiry, multistage such as drill through at the functions;
For user, service application and server object, you can historical data statistic analysis result is presented, can also provide reality Shi Liuliang, the presentation of session information and conditional information retrieval make user very clear to network flow, service condition.
Network quality is presented
Situations such as network flow velocity, time delay, exception, carries out analysis and trend prediction in real time, to fault location, link liter Grade, Bandwidth plan, Developing Tactics etc. carry out data supporting;
Support the monitoring and presentation of Network Abnormal, including the exception of network layer, application layer connects, the statistical of abnormal session Result is analysed to present;
The monitoring and presentation of network response delay and application response delay, assistance is supported to judge that user experience time-delay deviation is Caused due to network influence or is caused using influence.
User's behaviors analysis
Internal resource and external resource and a variety of users of external user access internal resource are accessed for internal user Behavior carries out portrait analysis and data relation analysis, accurately identifies abnormal user and accesses and user's abnormal access;
Fine granularity log audit is carried out for the various access resources of user and behavior, and normal with user according to log information It accesses benchmark to be compared, realizes that user accesses compliance analysis and analyzed with Security Trend.
Security threat analysis
By being detected to flow data exception, quickly find that network attack, worm, wooden horse, exception connect, outside sensitive data Hair, violation operation etc. endanger the abnormal behaviour of network security;
Quickly find advanced directional attack behavior, it is accurate to obtain attack trace and evidence, prevent in time further diffusion and Infiltration.
Abnormality alarming notifies
It is threatened by threatening sensor model and " flow baseline " testing mechanism to actively discover potential unknown network, helps user Establish sensitive Cyberthreat sensing capability;
Support a variety of abnormality alarming types such as traffic monitoring, characteristic value matching, suspicious domain name, abnormal behaviour;
Support a variety of alarm modes such as monitoring page prompts, mail notification, interface output.
Intelligent report forms are analyzed
The data on flows information of traffic security visualisation platforms acquisition is collected and stored to Data Analysis Platform, based on big data point Analysis technology provides abundant, powerful statement analysis function;
Data Analysis Platform can provide the network operation and the peace of the short, medium and long phase such as daily paper, weekly, monthly magazine, quarterly report, annual report Dimension report for the national games, supports User Defined report.
Certainly, the present invention can also have other various embodiments, without deviating from the spirit and substance of the present invention, ripe It knows those skilled in the art and makes various corresponding change and deformations, but these corresponding changes and change in accordance with the present invention Shape should all belong to the protection domain of appended claims of the invention.

Claims (11)

1. a kind of traffic visualization plateform system comprising flow collection module, traffic security analysis module and comprehensive presentation mould Block, the flow collection module acquire adapter by network flow and acquire network flow data, and the traffic security analyzes mould Block carries out various dimensions to node mirror image flow, application protocol identification and Context resolution and the combination big data of profound level are intelligently divided Analysis, the comprehensive presentation module is with patterned way to network overall operation situation, network quality and business service quality, net Network accesses behavior and is presented.
2. a kind of traffic visualization plateform system as described in claim 1, the flow collection module use bypass section management side Formula acquires network flow data by switch port mirror-image fashion, supports based on VLAN, VxLAN ID, MPLS TAG, the network segment Mode configures virtual link interface, realizes that exchanging convergence flow to cloud data center, SDN network, shunting is flexibly acquired, and is provided Link flow real time data packet captures and historical data back track function, and can customize contact conditions and parameter.
3. a kind of traffic visualization plateform system as described in claim 1, the traffic security analysis module further comprise Three application protocol parsing, user's behaviors analysis and security threat analysis submodules.
4. a kind of traffic visualization plateform system as claimed in claim 3, the application protocol analyzing sub-module are deep using DPI Spend packet inspection technical carry out application layer protocol parsing, support HTTP, FTP, MYSQL, MAIL, OA service application are identified and Parsing, auxiliary big data analysis platform establish the normal access benchmark model of user and business, are user's abnormal access and exception User's access detection is provided with force data support.
5. a kind of traffic visualization plateform system as claimed in claim 3, the user's behaviors analysis submodule is for inside User accesses internal resource and a variety of user behaviors of external resource and external user access internal resource carry out portrait analysis And data relation analysis, abnormal user access and user's abnormal access are accurately identified, for the various access resources of user and behavior Fine granularity log audit is carried out, and benchmark is normally accessed with user according to log information and is compared, realizes that user accesses and closes rule Property analysis with Security Trend analyze.
6. a kind of traffic visualization plateform system as claimed in claim 3, the security threat analysis submodule pass through convection current Data exception detection is measured, quickly finds network attack, worm, wooden horse, abnormal connection, sensitive data outgoing, violation operation harm The abnormal behaviour of network security quickly finds advanced directional attack behavior, accurate to obtain attack trace and evidence, prevent in time into One step is spread and infiltration.
7. a kind of traffic visualization plateform system as described in claim 1, the comprehensive module that presents further comprises flow Panorama is presented, network quality is presented, abnormality alarming notice and intelligent report forms analyze four submodules.
8. a kind of traffic visualization plateform system as claimed in claim 7, submodule is presented to network flow in the flow panorama Amount realizes 7 laminar flow amount monitoring analysis of OSI, shows sending and receiving and whole flows, the packet information of full duplex interface;Offer pair Host, agreement, the analysing content of session dimension present, and association analysis, intelligent sequencing, fuzzy query, multistage are supported to drill through work( Energy;For user, service application and server object, you can historical data statistic analysis result is presented, can also provide real-time streams Amount, the presentation of session information and conditional information retrieval.
9. a kind of traffic visualization plateform system as claimed in claim 7, the network quality are presented submodule and are directed to network Flow velocity, time delay, abnormal conditions carry out analysis and trend prediction in real time, are adjusted to fault location, link upgrading, Bandwidth plan, strategy Whole carry out data supporting;It supports the monitoring and presentation of Network Abnormal, includes abnormal connection, the abnormal session of network layer, application layer Statistic analysis result present;The monitoring and presentation of network response delay and application response delay, assistance is supported to judge user's body It is to be caused due to network influence or caused using influence to test time-delay deviation.
10. a kind of traffic visualization plateform system as claimed in claim 7, the abnormality alarming notice submodule passes through threat Sensor model actively discovers potential unknown network with flow Baseline detection mechanism and threatens, and establishes sensitive Cyberthreat perception energy Power;Support traffic monitoring, characteristic value matching, suspicious domain name, a variety of abnormality alarming types of abnormal behaviour;The monitoring page is supported to carry Show, mail notification, interface export a variety of alarm modes.
11. a kind of traffic visualization plateform system as claimed in claim 7, the intelligent report forms analyze submodule data analysis The data on flows information of traffic security visualisation platforms acquisition is collected and stored to platform, is based on big data analysis technology, provides report Analytic function;Data Analysis Platform can provide the network operation and the safety of daily paper, weekly, monthly magazine, quarterly report, annual report short, medium and long phase O&M is reported, supports User Defined report.
CN201810585467.5A 2018-06-08 2018-06-08 A kind of traffic visualization plateform system Pending CN108777643A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810585467.5A CN108777643A (en) 2018-06-08 2018-06-08 A kind of traffic visualization plateform system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810585467.5A CN108777643A (en) 2018-06-08 2018-06-08 A kind of traffic visualization plateform system

Publications (1)

Publication Number Publication Date
CN108777643A true CN108777643A (en) 2018-11-09

Family

ID=64024919

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810585467.5A Pending CN108777643A (en) 2018-06-08 2018-06-08 A kind of traffic visualization plateform system

Country Status (1)

Country Link
CN (1) CN108777643A (en)

Cited By (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109639587A (en) * 2018-12-11 2019-04-16 国网河南省电力公司开封供电公司 A kind of flow monitoring system based on electric automatization
CN109728947A (en) * 2018-12-26 2019-05-07 成都科来软件有限公司 A kind of network performance analysis method based on cloud computing in conjunction with network topological diagram
CN109889552A (en) * 2019-04-18 2019-06-14 南瑞集团有限公司 Power marketing terminal abnormal flux monitoring method, system and Electric Power Marketing System
CN110351117A (en) * 2019-05-24 2019-10-18 上海毅云网络科技有限公司 A kind of server operation management method
CN110535716A (en) * 2019-07-23 2019-12-03 上海文化广播影视集团有限公司 A kind of service stability monitoring method and system for melting media
CN110891047A (en) * 2019-10-08 2020-03-17 中国信息通信研究院 Intelligent sound box data stream processing method and system
CN110912943A (en) * 2019-12-30 2020-03-24 北京明朝万达科技股份有限公司 Cross-network traffic analysis system
CN111131379A (en) * 2019-11-08 2020-05-08 西安电子科技大学 Distributed flow acquisition system and edge calculation method
CN111314296A (en) * 2020-01-15 2020-06-19 福建奇点时空数字科技有限公司 Network traffic analysis security service system based on bypass technology
CN111935198A (en) * 2020-10-15 2020-11-13 南斗六星系统集成有限公司 Visual V2X network security defense method and equipment
CN111970151A (en) * 2020-08-21 2020-11-20 中国建设银行股份有限公司 Flow fault positioning method and system for virtual and container network
CN112054987A (en) * 2019-06-07 2020-12-08 罗德施瓦兹两合股份有限公司 System and method for monitoring and analyzing data flows in a network
CN112333020A (en) * 2020-11-03 2021-02-05 广东电网有限责任公司 Network security monitoring and data message analyzing system based on quintuple
CN112367218A (en) * 2020-10-23 2021-02-12 新华三信息安全技术有限公司 Visual analysis method and system for network traffic data and readable storage medium
CN112436981A (en) * 2020-11-16 2021-03-02 成都渊数科技有限责任公司 Method and system for measuring network flow by cloud control strategy and multi-protocol implementation
CN112564936A (en) * 2019-09-25 2021-03-26 瞻博网络公司 Visualization of network traffic planning based on egress peer-to-peer engineering
CN112804239A (en) * 2021-01-22 2021-05-14 山东维平信息安全测评技术有限公司 Traffic safety analysis modeling method and system
CN112968842A (en) * 2021-03-11 2021-06-15 东莞深证通信息技术有限公司 Novel network flow acquisition and analysis method and system
CN113328911A (en) * 2021-05-28 2021-08-31 中国工商银行股份有限公司 Traffic link monitoring method and device during service operation
CN113938401A (en) * 2021-08-27 2022-01-14 天津七所精密机电技术有限公司 Naval vessel network security visualization system
CN114039875A (en) * 2021-10-30 2022-02-11 北京网聚云联科技有限公司 Data acquisition method, device and system based on eBPF technology
CN114499953A (en) * 2021-12-23 2022-05-13 中国电子技术标准化研究院 Privacy information intelligent security method and device based on flow analysis
CN114928562A (en) * 2022-04-28 2022-08-19 杭州悦数科技有限公司 Flow processing method and system for graph computing platform
CN115460144A (en) * 2022-08-16 2022-12-09 北京连星科技有限公司 IPv 6-based panoramic monitoring method for enterprise network engineering
CN117596133A (en) * 2024-01-18 2024-02-23 山东中测信息技术有限公司 Service portrayal and anomaly monitoring system and monitoring method based on multidimensional data

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105141604A (en) * 2015-08-19 2015-12-09 国家电网公司 Method and system for detecting network security threat based on trusted business flow
US20160188821A1 (en) * 2014-12-24 2016-06-30 Larry Ozeran System and method for aggregation and intelligent analysis of individual health data with multimodal communication

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160188821A1 (en) * 2014-12-24 2016-06-30 Larry Ozeran System and method for aggregation and intelligent analysis of individual health data with multimodal communication
CN105141604A (en) * 2015-08-19 2015-12-09 国家电网公司 Method and system for detecting network security threat based on trusted business flow

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
安博通: ""安博通SPOS全系列 网络安全产品与应用"", 《WWW.ABTNETWORKS.COM ,安博通SPOS全系列 网络安全产品与应用》 *
智圣技术: ""流量安全可视平台"", 《HTTP://WWW.HFZS.NET/WEB/PRODUCTPAGE?CHILDRENID=34&MENUTYPE=CHILDREN&ARTICLEID=402887926044134601604887C8BB0005,流量安全可视平台》 *

Cited By (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109639587A (en) * 2018-12-11 2019-04-16 国网河南省电力公司开封供电公司 A kind of flow monitoring system based on electric automatization
CN109728947A (en) * 2018-12-26 2019-05-07 成都科来软件有限公司 A kind of network performance analysis method based on cloud computing in conjunction with network topological diagram
CN109889552A (en) * 2019-04-18 2019-06-14 南瑞集团有限公司 Power marketing terminal abnormal flux monitoring method, system and Electric Power Marketing System
CN110351117A (en) * 2019-05-24 2019-10-18 上海毅云网络科技有限公司 A kind of server operation management method
CN112054987A (en) * 2019-06-07 2020-12-08 罗德施瓦兹两合股份有限公司 System and method for monitoring and analyzing data flows in a network
CN110535716A (en) * 2019-07-23 2019-12-03 上海文化广播影视集团有限公司 A kind of service stability monitoring method and system for melting media
CN110535716B (en) * 2019-07-23 2022-09-30 上海文化广播影视集团有限公司 Service stability monitoring method and system for converged media
US11811664B2 (en) 2019-09-25 2023-11-07 Juniper Networks, Inc. Visualizing network traffic plans based on egress peer engineering
CN112564936A (en) * 2019-09-25 2021-03-26 瞻博网络公司 Visualization of network traffic planning based on egress peer-to-peer engineering
CN110891047A (en) * 2019-10-08 2020-03-17 中国信息通信研究院 Intelligent sound box data stream processing method and system
CN111131379A (en) * 2019-11-08 2020-05-08 西安电子科技大学 Distributed flow acquisition system and edge calculation method
CN111131379B (en) * 2019-11-08 2021-06-01 西安电子科技大学 Distributed flow acquisition system and edge calculation method
CN110912943A (en) * 2019-12-30 2020-03-24 北京明朝万达科技股份有限公司 Cross-network traffic analysis system
CN110912943B (en) * 2019-12-30 2021-10-01 北京明朝万达科技股份有限公司 Cross-network traffic analysis system
CN111314296A (en) * 2020-01-15 2020-06-19 福建奇点时空数字科技有限公司 Network traffic analysis security service system based on bypass technology
CN111970151A (en) * 2020-08-21 2020-11-20 中国建设银行股份有限公司 Flow fault positioning method and system for virtual and container network
CN111935198A (en) * 2020-10-15 2020-11-13 南斗六星系统集成有限公司 Visual V2X network security defense method and equipment
CN112367218B (en) * 2020-10-23 2022-05-24 新华三信息安全技术有限公司 Visual analysis method and system for network traffic data and readable storage medium
CN112367218A (en) * 2020-10-23 2021-02-12 新华三信息安全技术有限公司 Visual analysis method and system for network traffic data and readable storage medium
CN112333020A (en) * 2020-11-03 2021-02-05 广东电网有限责任公司 Network security monitoring and data message analyzing system based on quintuple
CN112333020B (en) * 2020-11-03 2023-07-21 广东电网有限责任公司 Network security monitoring and data message analysis system based on quintuple
CN112436981A (en) * 2020-11-16 2021-03-02 成都渊数科技有限责任公司 Method and system for measuring network flow by cloud control strategy and multi-protocol implementation
CN112804239A (en) * 2021-01-22 2021-05-14 山东维平信息安全测评技术有限公司 Traffic safety analysis modeling method and system
CN112968842A (en) * 2021-03-11 2021-06-15 东莞深证通信息技术有限公司 Novel network flow acquisition and analysis method and system
CN113328911A (en) * 2021-05-28 2021-08-31 中国工商银行股份有限公司 Traffic link monitoring method and device during service operation
CN113938401A (en) * 2021-08-27 2022-01-14 天津七所精密机电技术有限公司 Naval vessel network security visualization system
CN114039875B (en) * 2021-10-30 2023-09-01 北京网聚云联科技有限公司 Data acquisition method, device and system based on eBPF technology
CN114039875A (en) * 2021-10-30 2022-02-11 北京网聚云联科技有限公司 Data acquisition method, device and system based on eBPF technology
CN114499953A (en) * 2021-12-23 2022-05-13 中国电子技术标准化研究院 Privacy information intelligent security method and device based on flow analysis
CN114928562A (en) * 2022-04-28 2022-08-19 杭州悦数科技有限公司 Flow processing method and system for graph computing platform
CN115460144A (en) * 2022-08-16 2022-12-09 北京连星科技有限公司 IPv 6-based panoramic monitoring method for enterprise network engineering
CN117596133A (en) * 2024-01-18 2024-02-23 山东中测信息技术有限公司 Service portrayal and anomaly monitoring system and monitoring method based on multidimensional data
CN117596133B (en) * 2024-01-18 2024-04-05 山东中测信息技术有限公司 Service portrayal and anomaly monitoring system and monitoring method based on multidimensional data

Similar Documents

Publication Publication Date Title
CN108777643A (en) A kind of traffic visualization plateform system
Banerjee et al. Evaluation of the Capabilities of WireShark as a tool for Intrusion Detection
CN108833397A (en) A kind of big data safety analysis plateform system based on network security
KR100623552B1 (en) Method of risk analysis in automatic intrusion response system
CN103067192B (en) A kind of analytical system of network traffics and method
CN105429977B (en) Deep packet inspection device abnormal flow monitoring method based on comentropy measurement
CN109962891A (en) Monitor method, apparatus, equipment and the computer storage medium of cloud security
Mualfah et al. Network forensics for detecting flooding attack on web server
US20100031093A1 (en) Internal tracing method for network attack detection
CN106534146B (en) A kind of safety monitoring system and method
CN107295010A (en) A kind of enterprise network security management cloud service platform system and its implementation
KR20050085604A (en) Network bandwidth anomaly detector apparatus and method for detecting network attacks using correlation function
CN107770174A (en) A kind of intrusion prevention system and method towards SDN
Stiawan et al. Anomaly detection and monitoring in Internet of Things communication
Thakar et al. Honeyanalyzer–analysis and extraction of intrusion detection patterns & signatures using honeypot
CN109167764A (en) A kind of electronic government affairs system network aware analysis platform system
US11159548B2 (en) Analysis method, analysis device, and analysis program
KR20210109292A (en) Big Data Server System for Managing Industrial Field Facilities through Multifunctional Measuring Instruments
Razak et al. Network intrusion simulation using OPNET
CN107104853B (en) Test bed system and test method for terminal safety management software
Kaur et al. A Methodical Review on Network Traffic Monitoring & Analysis Tools
Gnatyuk et al. Modern SIEM Analysis and Critical Requirements Definition in the Context of Information Warfare
Kecskés et al. Monitoring 5g networks in security operation center
Kumar et al. Comparison: Wireshark on different parameters
Patel et al. OpenAppID-application identification framework next generation of firewalls

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20181109