CN110574348A - 数据处理装置和方法 - Google Patents
数据处理装置和方法 Download PDFInfo
- Publication number
- CN110574348A CN110574348A CN201780087242.0A CN201780087242A CN110574348A CN 110574348 A CN110574348 A CN 110574348A CN 201780087242 A CN201780087242 A CN 201780087242A CN 110574348 A CN110574348 A CN 110574348A
- Authority
- CN
- China
- Prior art keywords
- data
- content
- mapping database
- unknown attack
- processing apparatus
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012545 processing Methods 0.000 title claims abstract description 33
- 238000000034 method Methods 0.000 title claims abstract description 27
- 238000013507 mapping Methods 0.000 claims abstract description 73
- 238000006243 chemical reaction Methods 0.000 claims abstract description 16
- 238000013480 data collection Methods 0.000 claims abstract description 11
- 238000004891 communication Methods 0.000 claims description 5
- 238000003672 processing method Methods 0.000 claims description 5
- 238000004458 analytical method Methods 0.000 description 6
- 238000004364 calculation method Methods 0.000 description 5
- 238000010219 correlation analysis Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000012544 monitoring process Methods 0.000 description 3
- 238000007781 pre-processing Methods 0.000 description 3
- 238000001514 detection method Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000000126 substance Substances 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/16—Threshold monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
提供了一种数据处理装置和方法。所述数据处理装置包括:一数据收集单元(100),被构造为收集在网络中传输的数据,并根据预定的特征将收集数据分为已知攻击数据和未知攻击数据;一数据转换单元(300),被构造为根据映射数据库将未知攻击数据中包括的至少一部分内容替换为对应的识别码。因此,可以减小网络中传输的数据的大小。
Description
PCT国内申请,说明书已公开。
Claims (18)
- PCT国内申请,权利要求书已公开。
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/CN2017/075349 WO2018157336A1 (zh) | 2017-03-01 | 2017-03-01 | 数据处理装置和方法 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110574348A true CN110574348A (zh) | 2019-12-13 |
| CN110574348B CN110574348B (zh) | 2022-09-27 |
Family
ID=63369865
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201780087242.0A Active CN110574348B (zh) | 2017-03-01 | 2017-03-01 | 数据处理装置和方法 |
Country Status (5)
| Country | Link |
|---|---|
| US (1) | US11405358B2 (zh) |
| EP (1) | EP3576365B1 (zh) |
| CN (1) | CN110574348B (zh) |
| ES (1) | ES2931991T3 (zh) |
| WO (1) | WO2018157336A1 (zh) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114978782A (zh) * | 2022-08-02 | 2022-08-30 | 北京六方云信息技术有限公司 | 工控威胁检测方法、装置、工控设备以及存储介质 |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111639073A (zh) * | 2020-04-30 | 2020-09-08 | 深圳精匠云创科技有限公司 | 边缘计算接入方法及边缘计算节点装置 |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100050084A1 (en) * | 2008-08-20 | 2010-02-25 | Stephen Knapp | Methods and systems for collection, tracking, and display of near real time multicast data |
| US8621634B2 (en) * | 2011-01-13 | 2013-12-31 | F-Secure Oyj | Malware detection based on a predetermined criterion |
| CN103731393A (zh) * | 2012-10-10 | 2014-04-16 | 盐城睿泰数字科技有限公司 | 一种Web资源数据的压缩方法 |
| CN104125273A (zh) * | 2014-07-16 | 2014-10-29 | 百度在线网络技术(北京)有限公司 | 网页中图片传输方法、图片服务器、网络服务器和客户端 |
| US8935784B1 (en) * | 2013-03-15 | 2015-01-13 | Symantec Corporation | Protecting subscribers of web feeds from malware attacks |
| US9152706B1 (en) * | 2006-12-30 | 2015-10-06 | Emc Corporation | Anonymous identification tokens |
| CN105491078A (zh) * | 2014-09-15 | 2016-04-13 | 阿里巴巴集团控股有限公司 | Soa系统中的数据处理方法及装置、soa系统 |
| CN105577685A (zh) * | 2016-01-25 | 2016-05-11 | 浙江海洋学院 | 云计算环境中的自主分析入侵检测方法及系统 |
Family Cites Families (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6449695B1 (en) * | 1999-05-27 | 2002-09-10 | Microsoft Corporation | Data cache using plural lists to indicate sequence of data storage |
| US7146644B2 (en) * | 2000-11-13 | 2006-12-05 | Digital Doors, Inc. | Data security system and method responsive to electronic attacks |
| US7966658B2 (en) | 2004-04-08 | 2011-06-21 | The Regents Of The University Of California | Detecting public network attacks using signatures and fast content analysis |
| US8402529B1 (en) * | 2007-05-30 | 2013-03-19 | M86 Security, Inc. | Preventing propagation of malicious software during execution in a virtual machine |
| US8504504B2 (en) * | 2008-09-26 | 2013-08-06 | Oracle America, Inc. | System and method for distributed denial of service identification and prevention |
| JP6277137B2 (ja) * | 2012-02-17 | 2018-02-07 | ヴェンコア ラブズ、インク.Vencore Labs, Inc. | フィールド・エリア・ネットワークにおけるパケット取得、解析及び侵入検出の方法及びシステム |
| CN103825888A (zh) * | 2014-02-17 | 2014-05-28 | 北京奇虎科技有限公司 | 网络威胁处理方法及设备 |
| US10230747B2 (en) * | 2014-07-15 | 2019-03-12 | Cisco Technology, Inc. | Explaining network anomalies using decision trees |
| US9973520B2 (en) * | 2014-07-15 | 2018-05-15 | Cisco Technology, Inc. | Explaining causes of network anomalies |
| CN104159249B (zh) | 2014-07-30 | 2018-05-18 | 华为技术有限公司 | 一种业务数据管理的方法、装置及系统 |
| PL3314534T3 (pl) * | 2015-06-23 | 2022-01-17 | Politecnico Di Torino | Sposób i urządzenie do wyszukiwania obrazów |
| CN105429963B (zh) * | 2015-11-04 | 2019-01-22 | 北京工业大学 | 基于Modbus/Tcp的入侵检测分析方法 |
-
2017
- 2017-03-01 EP EP17898759.0A patent/EP3576365B1/en active Active
- 2017-03-01 US US16/490,150 patent/US11405358B2/en active Active
- 2017-03-01 ES ES17898759T patent/ES2931991T3/es active Active
- 2017-03-01 CN CN201780087242.0A patent/CN110574348B/zh active Active
- 2017-03-01 WO PCT/CN2017/075349 patent/WO2018157336A1/zh unknown
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9152706B1 (en) * | 2006-12-30 | 2015-10-06 | Emc Corporation | Anonymous identification tokens |
| US20100050084A1 (en) * | 2008-08-20 | 2010-02-25 | Stephen Knapp | Methods and systems for collection, tracking, and display of near real time multicast data |
| US8621634B2 (en) * | 2011-01-13 | 2013-12-31 | F-Secure Oyj | Malware detection based on a predetermined criterion |
| CN103731393A (zh) * | 2012-10-10 | 2014-04-16 | 盐城睿泰数字科技有限公司 | 一种Web资源数据的压缩方法 |
| US8935784B1 (en) * | 2013-03-15 | 2015-01-13 | Symantec Corporation | Protecting subscribers of web feeds from malware attacks |
| CN104125273A (zh) * | 2014-07-16 | 2014-10-29 | 百度在线网络技术(北京)有限公司 | 网页中图片传输方法、图片服务器、网络服务器和客户端 |
| CN105491078A (zh) * | 2014-09-15 | 2016-04-13 | 阿里巴巴集团控股有限公司 | Soa系统中的数据处理方法及装置、soa系统 |
| CN105577685A (zh) * | 2016-01-25 | 2016-05-11 | 浙江海洋学院 | 云计算环境中的自主分析入侵检测方法及系统 |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114978782A (zh) * | 2022-08-02 | 2022-08-30 | 北京六方云信息技术有限公司 | 工控威胁检测方法、装置、工控设备以及存储介质 |
| CN114978782B (zh) * | 2022-08-02 | 2022-11-01 | 北京六方云信息技术有限公司 | 工控威胁检测方法、装置、工控设备以及存储介质 |
Also Published As
| Publication number | Publication date |
|---|---|
| EP3576365A1 (en) | 2019-12-04 |
| ES2931991T3 (es) | 2023-01-05 |
| CN110574348B (zh) | 2022-09-27 |
| US11405358B2 (en) | 2022-08-02 |
| WO2018157336A1 (zh) | 2018-09-07 |
| EP3576365A4 (en) | 2020-09-16 |
| EP3576365B1 (en) | 2022-10-26 |
| US20200007505A1 (en) | 2020-01-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109063745B (zh) | 一种基于决策树的网络设备类型识别方法及系统 | |
| CN109951477B (zh) | 一种基于威胁情报检测网络攻击的方法和装置 | |
| US10104108B2 (en) | Log analysis system | |
| US20130212681A1 (en) | Security Monitoring System and Security Monitoring Method | |
| US20160197790A1 (en) | Log analysis system | |
| US7596810B2 (en) | Apparatus and method of detecting network attack situation | |
| CN113612763B (zh) | 基于网络安全恶意行为知识库的网络攻击检测装置和方法 | |
| US7903657B2 (en) | Method for classifying applications and detecting network abnormality by statistical information of packets and apparatus therefor | |
| KR20190046018A (ko) | 네트워크에 대한 이상행위 탐지 방법 및 이를 이용한 장치 | |
| CN112953971A (zh) | 一种网络安全流量入侵检测方法和系统 | |
| US20160277547A1 (en) | Packet monitoring device and packet monitoring method for communication packet | |
| Janabi et al. | Convolutional neural network based algorithm for early warning proactive system security in software defined networks | |
| CN114079579B (zh) | 一种恶意加密流量检测方法及装置 | |
| CN113206860A (zh) | 一种基于机器学习和特征选择的DRDoS攻击检测方法 | |
| CN109462580B (zh) | 训练流量检测模型、检测业务流量异常的方法及装置 | |
| CN103281336A (zh) | 网络入侵检测方法 | |
| CN110574348B (zh) | 数据处理装置和方法 | |
| CN115396204A (zh) | 一种基于序列预测的工控网络流量异常检测方法及装置 | |
| CN112291213A (zh) | 一种基于智能终端的异常流量分析方法及装置 | |
| CN112633353B (zh) | 基于包长概率分布与k近邻算法的物联网设备识别方法 | |
| KR101488271B1 (ko) | Ids 오탐 검출 장치 및 방법 | |
| CN117040824A (zh) | 一种网络威胁检测方法及系统 | |
| CN114006719B (zh) | 基于态势感知的ai验证方法、装置及系统 | |
| CN114189361B (zh) | 防御威胁的态势感知方法、装置及系统 | |
| JP2019216305A (ja) | 通信装置、パケット処理方法及びプログラム |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |