CN111935172B - Network abnormal behavior detection method based on network topology, computer device and computer readable storage medium - Google Patents
Network abnormal behavior detection method based on network topology, computer device and computer readable storage medium Download PDFInfo
- Publication number
- CN111935172B CN111935172B CN202010861223.2A CN202010861223A CN111935172B CN 111935172 B CN111935172 B CN 111935172B CN 202010861223 A CN202010861223 A CN 202010861223A CN 111935172 B CN111935172 B CN 111935172B
- Authority
- CN
- China
- Prior art keywords
- network
- data
- information
- topology
- network device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 206010000117 Abnormal behaviour Diseases 0.000 title claims abstract description 56
- 238000001514 detection method Methods 0.000 title claims abstract description 31
- 230000006399 behavior Effects 0.000 claims abstract description 14
- 238000004590 computer program Methods 0.000 claims description 22
- 238000004891 communication Methods 0.000 claims description 6
- 230000000694 effects Effects 0.000 claims 1
- 238000000034 method Methods 0.000 abstract description 19
- 230000002159 abnormal effect Effects 0.000 abstract description 8
- 238000004458 analytical method Methods 0.000 description 11
- 238000005516 engineering process Methods 0.000 description 3
- 238000011156 evaluation Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000012544 monitoring process Methods 0.000 description 3
- 239000000523 sample Substances 0.000 description 3
- 238000007405 data analysis Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000010801 machine learning Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000010972 statistical evaluation Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (7)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010861223.2A CN111935172B (en) | 2020-08-25 | 2020-08-25 | Network abnormal behavior detection method based on network topology, computer device and computer readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010861223.2A CN111935172B (en) | 2020-08-25 | 2020-08-25 | Network abnormal behavior detection method based on network topology, computer device and computer readable storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111935172A CN111935172A (en) | 2020-11-13 |
CN111935172B true CN111935172B (en) | 2023-09-05 |
Family
ID=73305111
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010861223.2A Active CN111935172B (en) | 2020-08-25 | 2020-08-25 | Network abnormal behavior detection method based on network topology, computer device and computer readable storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111935172B (en) |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112583825B (en) * | 2020-12-07 | 2022-09-27 | 四川虹微技术有限公司 | Method and device for detecting abnormality of industrial system |
CN112994978B (en) * | 2021-02-25 | 2023-01-24 | 网宿科技股份有限公司 | Network traffic monitoring method and device |
CN112882905B (en) * | 2021-03-22 | 2024-07-05 | 四川英得赛克科技有限公司 | Method, system and electronic equipment for judging whether network communication behaviors are abnormal |
CN113709030B (en) * | 2021-08-27 | 2024-04-23 | 新华三大数据技术有限公司 | Control method and device for network traffic and electronic equipment |
CN115834437A (en) * | 2021-09-15 | 2023-03-21 | 中国移动通信集团山东有限公司 | Network anomaly evaluation method and device, electronic equipment and storage medium |
CN114422390B (en) * | 2022-01-11 | 2024-02-13 | 支付宝(杭州)信息技术有限公司 | Data processing method and device |
CN114726758B (en) * | 2022-06-01 | 2022-11-04 | 山东云天安全技术有限公司 | Industrial network abnormity determining method and device, computer equipment and storage medium |
CN115022078A (en) * | 2022-06-28 | 2022-09-06 | 杭州康吉森自动化科技有限公司 | Controller built-in network safety protection method and device and electronic equipment |
CN115225385B (en) * | 2022-07-20 | 2024-02-23 | 深信服科技股份有限公司 | Flow monitoring method, system, equipment and computer readable storage medium |
CN115038088B (en) * | 2022-08-10 | 2022-11-08 | 蓝深远望科技股份有限公司 | Intelligent network security detection early warning system and method |
CN115442254B (en) * | 2022-09-05 | 2024-01-30 | 南京中孚信息技术有限公司 | Network data packet flow direction judging method and device and gateway equipment |
CN117768165B (en) * | 2023-12-12 | 2024-09-06 | 暗物质(北京)智能科技有限公司 | Network anomaly detection method, device, computer equipment and storage medium |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107733921A (en) * | 2017-11-14 | 2018-02-23 | 深圳中兴网信科技有限公司 | Network flow abnormal detecting method, device, computer equipment and storage medium |
CN110380888A (en) * | 2019-05-29 | 2019-10-25 | 华为技术有限公司 | A kind of network anomaly detection method and device |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100031156A1 (en) * | 2008-07-31 | 2010-02-04 | Mazu Networks, Inc. | User Interface For Network Events and Tuning |
WO2017218636A1 (en) * | 2016-06-14 | 2017-12-21 | Sdn Systems, Llc | System and method for automated network monitoring and detection of network anomalies |
-
2020
- 2020-08-25 CN CN202010861223.2A patent/CN111935172B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107733921A (en) * | 2017-11-14 | 2018-02-23 | 深圳中兴网信科技有限公司 | Network flow abnormal detecting method, device, computer equipment and storage medium |
CN110380888A (en) * | 2019-05-29 | 2019-10-25 | 华为技术有限公司 | A kind of network anomaly detection method and device |
Also Published As
Publication number | Publication date |
---|---|
CN111935172A (en) | 2020-11-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111935172B (en) | Network abnormal behavior detection method based on network topology, computer device and computer readable storage medium | |
CN112651006B (en) | Power grid security situation sensing system | |
WO2019095719A1 (en) | Network traffic anomaly detection method, apparatus, computer device and storage medium | |
CN109347827B (en) | Method, device, equipment and storage medium for predicting network attack behavior | |
CN110868425A (en) | Industrial control information safety monitoring system adopting black and white list for analysis | |
EP3222004B1 (en) | Diagnostic testing in networks | |
CN111181978B (en) | Abnormal network traffic detection method and device, electronic equipment and storage medium | |
CN110351237B (en) | Honeypot method and device for numerical control machine tool | |
CN105959290A (en) | Detection method and device of attack message | |
CN112437034B (en) | False terminal detection method and device, storage medium and electronic device | |
CN111526109B (en) | Method and device for automatically detecting running state of web threat recognition defense system | |
CN110891071A (en) | Network traffic information acquisition method, device and related equipment | |
CN114189361A (en) | Situation awareness method, device and system for defending threats | |
CN111865951A (en) | Network data flow abnormity detection method based on data packet feature extraction | |
EP3826242B1 (en) | Cyber attack information analyzing program, cyber attack information analyzing method, and information processing device | |
KR101608221B1 (en) | System and method of sensing cyber threat using database access pattern | |
CN114006719B (en) | AI verification method, device and system based on situation awareness | |
CN114500247A (en) | Industrial control network fault diagnosis method and device, electronic equipment and readable storage medium | |
CN115509854A (en) | Inspection processing method, inspection server and inspection system | |
CN112995104B (en) | Communication equipment and network security prediction method | |
Sasu et al. | Using constant traffic to specific IP destinations for detecting spoofed MAC addresses in local area networks | |
RU2781822C1 (en) | System and method for automatic assessment of quality of network traffic signatures | |
CN117061252B (en) | Data security detection method, device, equipment and storage medium | |
EP4332804A2 (en) | System for automatically evaluating the quality of network traffic signatures | |
CN115442279B (en) | Alarm source positioning method, device, equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: Room 1901, No. 120, Huangpu Avenue West, Tianhe District, Guangzhou, Guangdong 510,000 (office only) Applicant after: Guangdong Yizhi Security Technology Co.,Ltd. Address before: Room 1211, Building A2, No. 23, Middle Spectra Road, Huangpu District, Guangzhou, Guangdong 510000 Applicant before: Guangzhou Yizhi Security Technology Co.,Ltd. Address after: Room 1211, Building A2, No. 23, Middle Spectra Road, Huangpu District, Guangzhou, Guangdong 510000 Applicant after: Guangzhou Yizhi Security Technology Co.,Ltd. Address before: 519000 room 105-44388, No. 6, Baohua Road, Hengqin new area, Zhuhai, Guangdong (centralized office area) Applicant before: ZHUHAI YIZHI SECURITY TECHNOLOGY Co.,Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Network abnormal behavior detection method, computer device, and computer-readable storage medium based on network topology Granted publication date: 20230905 Pledgee: Bank of China Limited by Share Ltd. Guangzhou Tianhe branch Pledgor: Guangdong Yizhi Security Technology Co.,Ltd. Registration number: Y2024980011672 |