CN110535888A - 端口扫描攻击检测方法及相关装置 - Google Patents
端口扫描攻击检测方法及相关装置 Download PDFInfo
- Publication number
- CN110535888A CN110535888A CN201910969569.1A CN201910969569A CN110535888A CN 110535888 A CN110535888 A CN 110535888A CN 201910969569 A CN201910969569 A CN 201910969569A CN 110535888 A CN110535888 A CN 110535888A
- Authority
- CN
- China
- Prior art keywords
- message
- entropy
- communication
- address
- sampling
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/146—Tracing the source of attacks
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910969569.1A CN110535888B (zh) | 2019-10-12 | 2019-10-12 | 端口扫描攻击检测方法及相关装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910969569.1A CN110535888B (zh) | 2019-10-12 | 2019-10-12 | 端口扫描攻击检测方法及相关装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110535888A true CN110535888A (zh) | 2019-12-03 |
CN110535888B CN110535888B (zh) | 2022-03-29 |
Family
ID=68671792
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910969569.1A Active CN110535888B (zh) | 2019-10-12 | 2019-10-12 | 端口扫描攻击检测方法及相关装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110535888B (zh) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111885092A (zh) * | 2020-09-10 | 2020-11-03 | 中国联合网络通信集团有限公司 | 一种边缘节点的DDoS攻击检测方法、处理方法及SDN |
CN113225342A (zh) * | 2021-05-08 | 2021-08-06 | 四川英得赛克科技有限公司 | 一种通信异常检测方法、装置、电子设备及存储介质 |
CN113595995A (zh) * | 2021-07-12 | 2021-11-02 | 中国联合网络通信集团有限公司 | 一种容器零信任安全防护方法及系统 |
CN113691432A (zh) * | 2021-08-10 | 2021-11-23 | 一汽解放汽车有限公司 | 汽车can网络报文监测方法、装置、计算机设备和存储介质 |
CN114244632A (zh) * | 2022-02-24 | 2022-03-25 | 上海观安信息技术股份有限公司 | 检测icmp网络扫描网络攻击行为的方法、装置、电子设备及介质 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104580173A (zh) * | 2014-12-25 | 2015-04-29 | 广东顺德中山大学卡内基梅隆大学国际联合研究院 | 一种sdn异常检测与阻截方法及系统 |
US20180309786A1 (en) * | 2017-04-24 | 2018-10-25 | Caligo Systems Ltd. | MOVING TARGET DEFENSE FOR SECURING INTERNET OF THINGS (IoT) |
CN109005157A (zh) * | 2018-07-09 | 2018-12-14 | 华中科技大学 | 一种软件定义网络中DDoS攻击检测与防御方法与系统 |
CN109495428A (zh) * | 2017-09-12 | 2019-03-19 | 蓝盾信息安全技术股份有限公司 | 一种基于流量特征和随机森林的端口扫描检测方法 |
-
2019
- 2019-10-12 CN CN201910969569.1A patent/CN110535888B/zh active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104580173A (zh) * | 2014-12-25 | 2015-04-29 | 广东顺德中山大学卡内基梅隆大学国际联合研究院 | 一种sdn异常检测与阻截方法及系统 |
US20180309786A1 (en) * | 2017-04-24 | 2018-10-25 | Caligo Systems Ltd. | MOVING TARGET DEFENSE FOR SECURING INTERNET OF THINGS (IoT) |
CN109495428A (zh) * | 2017-09-12 | 2019-03-19 | 蓝盾信息安全技术股份有限公司 | 一种基于流量特征和随机森林的端口扫描检测方法 |
CN109005157A (zh) * | 2018-07-09 | 2018-12-14 | 华中科技大学 | 一种软件定义网络中DDoS攻击检测与防御方法与系统 |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111885092A (zh) * | 2020-09-10 | 2020-11-03 | 中国联合网络通信集团有限公司 | 一种边缘节点的DDoS攻击检测方法、处理方法及SDN |
CN113225342A (zh) * | 2021-05-08 | 2021-08-06 | 四川英得赛克科技有限公司 | 一种通信异常检测方法、装置、电子设备及存储介质 |
CN113225342B (zh) * | 2021-05-08 | 2023-06-30 | 四川英得赛克科技有限公司 | 一种通信异常检测方法、装置、电子设备及存储介质 |
CN113595995A (zh) * | 2021-07-12 | 2021-11-02 | 中国联合网络通信集团有限公司 | 一种容器零信任安全防护方法及系统 |
CN113691432A (zh) * | 2021-08-10 | 2021-11-23 | 一汽解放汽车有限公司 | 汽车can网络报文监测方法、装置、计算机设备和存储介质 |
CN114244632A (zh) * | 2022-02-24 | 2022-03-25 | 上海观安信息技术股份有限公司 | 检测icmp网络扫描网络攻击行为的方法、装置、电子设备及介质 |
CN114244632B (zh) * | 2022-02-24 | 2022-05-03 | 上海观安信息技术股份有限公司 | 检测icmp网络扫描网络攻击行为的方法、装置、电子设备及介质 |
Also Published As
Publication number | Publication date |
---|---|
CN110535888B (zh) | 2022-03-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11700275B2 (en) | Detection of malware and malicious applications | |
CN110535888A (zh) | 端口扫描攻击检测方法及相关装置 | |
CN104506482B (zh) | 网络攻击检测方法及装置 | |
US7609625B2 (en) | Systems and methods for detecting and preventing flooding attacks in a network environment | |
Kühlewind et al. | On the State of ECN and TCP Options on the Internet | |
CN104936170B (zh) | 检测中间人攻击的方法与装置 | |
JP5673805B2 (ja) | ネットワーク装置、通信システム、異常トラヒックの検出方法およびプログラム | |
CN108667853A (zh) | 恶意攻击的检测方法和装置 | |
EP2833574A1 (en) | Method and apparatus for ethernet performance measurement | |
JP6691268B2 (ja) | 監視装置、監視方法および監視プログラム | |
CN107547430A (zh) | 一种报文发送方法及装置 | |
CN106656665A (zh) | 一种测试局域网网速的方法和装置 | |
CN108512816B (zh) | 一种流量劫持的检测方法及装置 | |
US20110141899A1 (en) | Network access apparatus and method for monitoring and controlling traffic using operation, administration, and maintenance (oam) packet in internet protocol (ip) network | |
US11895146B2 (en) | Infection-spreading attack detection system and method, and program | |
CN112367311B (zh) | DDoS攻击检测方法、装置、设备及存储介质 | |
CN108521413A (zh) | 一种未来信息战争的网络抵抗和防御方法及系统 | |
US20220393987A1 (en) | Method, system, and conversion apparatus | |
JP6459645B2 (ja) | スループット計測プログラム、スループット計測方法及びスループット計測装置 | |
CN114567455A (zh) | 一种确定数据流信息的方法、装置及系统 | |
Zhanikeev et al. | Modelling network performance of end hosts | |
Bai et al. | Research on influence of sampling methodologies on the metrics of identifying elephant flows by using sample and hold algorithm | |
Lipovac et al. | Testing TCP traffic congestion by distributed protocol analysis and statistical modelling |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB03 | Change of inventor or designer information |
Inventor after: Lu Yiqin Inventor after: Zhan Shuhang Inventor after: Cheng Zhe Inventor after: Tan Jiancheng Inventor after: Wen Zhenhuan Inventor after: Zeng Hao Inventor after: Zhang Yang Inventor after: Chen Mingyong Inventor before: Wen Zhenhuan Inventor before: Zeng Hao Inventor before: Zhang Yang Inventor before: Chen Mingyong Inventor before: Yao Jingbai Inventor before: Zheng Bo |
|
CB03 | Change of inventor or designer information | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Port Scan Attack Detection Method and Related Devices Effective date of registration: 20230609 Granted publication date: 20220329 Pledgee: China Construction Bank Corporation Guangzhou Development Zone Branch Pledgor: GUANGZHOU VCMY TECHNOLOGY Co.,Ltd. Registration number: Y2023980043386 |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right |