CN1612135B - 一种基于训练分类的协议识别方法 - Google Patents
一种基于训练分类的协议识别方法 Download PDFInfo
- Publication number
- CN1612135B CN1612135B CN 200310102293 CN200310102293A CN1612135B CN 1612135 B CN1612135 B CN 1612135B CN 200310102293 CN200310102293 CN 200310102293 CN 200310102293 A CN200310102293 A CN 200310102293A CN 1612135 B CN1612135 B CN 1612135B
- Authority
- CN
- China
- Prior art keywords
- mrow
- msub
- text
- protocol
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
- 238000001514 detection method Methods 0.000 title abstract description 15
- 230000009545 invasion Effects 0.000 title abstract 3
- 238000005516 engineering process Methods 0.000 title description 12
- 239000013598 vector Substances 0.000 claims abstract description 72
- 238000000034 method Methods 0.000 claims abstract description 42
- 238000012549 training Methods 0.000 claims description 59
- 238000012360 testing method Methods 0.000 claims description 15
- 238000004364 calculation method Methods 0.000 claims description 9
- 230000006835 compression Effects 0.000 claims description 2
- 238000007906 compression Methods 0.000 claims description 2
- 238000010606 normalization Methods 0.000 claims description 2
- 238000013507 mapping Methods 0.000 abstract description 17
- 238000004458 analytical method Methods 0.000 abstract description 7
- 238000004422 calculation algorithm Methods 0.000 description 8
- 238000011156 evaluation Methods 0.000 description 4
- 238000012935 Averaging Methods 0.000 description 3
- 230000006399 behavior Effects 0.000 description 3
- 230000011218 segmentation Effects 0.000 description 3
- 238000007635 classification algorithm Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000018109 developmental process Effects 0.000 description 2
- 238000007781 pre-processing Methods 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000013528 artificial neural network Methods 0.000 description 1
- 238000013398 bayesian method Methods 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000005484 gravity Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012958 reprocessing Methods 0.000 description 1
- 238000000638 solvent extraction Methods 0.000 description 1
- 238000012706 support-vector machine Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
算法 | 封闭测试查全率 | 封闭测试准确率 | 封闭测试F1值 | 开放测试查全率 | 开放测试准确率 | 开放测试F1值 |
KNN | 99.11% | 91.42% | 90.25% | 93.29% | 95.12% | 94.20% |
Claims (5)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 200310102293 CN1612135B (zh) | 2003-10-30 | 2003-10-30 | 一种基于训练分类的协议识别方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 200310102293 CN1612135B (zh) | 2003-10-30 | 2003-10-30 | 一种基于训练分类的协议识别方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1612135A CN1612135A (zh) | 2005-05-04 |
CN1612135B true CN1612135B (zh) | 2012-07-04 |
Family
ID=34756357
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 200310102293 Expired - Lifetime CN1612135B (zh) | 2003-10-30 | 2003-10-30 | 一种基于训练分类的协议识别方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN1612135B (zh) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100536411C (zh) * | 2006-04-17 | 2009-09-02 | 中国科学院自动化研究所 | 基于改进的自适应提升算法的互联网入侵检测方法 |
CN100429617C (zh) * | 2006-05-16 | 2008-10-29 | 北京启明星辰信息技术有限公司 | 一种自动协议识别方法及系统 |
CN100461765C (zh) * | 2006-11-24 | 2009-02-11 | 南京大学 | 一种基于np和bs的千兆nids并行处理的方法 |
CN101000627B (zh) * | 2007-01-15 | 2010-05-19 | 北京搜狗科技发展有限公司 | 一种相关信息的发布方法和装置 |
CN101282251B (zh) * | 2008-05-08 | 2011-04-13 | 中国科学院计算技术研究所 | 一种应用层协议识别特征挖掘方法 |
CN104111931A (zh) * | 2013-04-17 | 2014-10-22 | 中国科学院声学研究所 | 一种协议自动识别方法及其所用分类器的构造方法 |
CN105306475B (zh) * | 2015-11-05 | 2018-06-29 | 天津理工大学 | 一种基于关联规则分类的网络入侵检测方法 |
CN106789895B (zh) * | 2016-11-18 | 2020-03-27 | 东软集团股份有限公司 | 压缩文本检测方法和装置 |
CN106850338B (zh) * | 2016-12-30 | 2020-12-04 | 西可通信技术设备(河源)有限公司 | 一种基于语义分析的r+1类应用层协议识别方法与装置 |
CN112637017B (zh) * | 2020-12-25 | 2022-02-08 | 深圳市高德信通信股份有限公司 | 一种基于应用层数据的网络数据分析方法 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1421771A (zh) * | 2001-11-27 | 2003-06-04 | 四川安盟科技有限责任公司 | 一种有效防御未知攻击手法的网络入侵安全防御系统 |
CN1435977A (zh) * | 2002-02-01 | 2003-08-13 | 联想(北京)有限公司 | 防火墙入侵检测与响应的方法 |
-
2003
- 2003-10-30 CN CN 200310102293 patent/CN1612135B/zh not_active Expired - Lifetime
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1421771A (zh) * | 2001-11-27 | 2003-06-04 | 四川安盟科技有限责任公司 | 一种有效防御未知攻击手法的网络入侵安全防御系统 |
CN1435977A (zh) * | 2002-02-01 | 2003-08-13 | 联想(北京)有限公司 | 防火墙入侵检测与响应的方法 |
Also Published As
Publication number | Publication date |
---|---|
CN1612135A (zh) | 2005-05-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110391958B (zh) | 一种对网络加密流量自动进行特征提取和识别的方法 | |
US20120210426A1 (en) | Analysis system for unknown application layer protocols | |
CN104468262B (zh) | 一种基于语义敏感的网络协议识别方法及系统 | |
CN102420723A (zh) | 一种面向多类入侵的异常检测方法 | |
CN111798312A (zh) | 一种基于孤立森林算法的金融交易系统异常识别方法 | |
CN109446804B (zh) | 一种基于多尺度特征连接卷积神经网络的入侵检测方法 | |
CN106485146B (zh) | 一种信息处理方法及服务器 | |
CN112422531A (zh) | 基于CNN和XGBoost的网络流量异常行为检测方法 | |
CN114553983B (zh) | 一种基于深度学习高效工业控制协议解析方法 | |
CN109951462B (zh) | 一种基于全息建模的应用软件流量异常检测系统及方法 | |
CN1612135B (zh) | 一种基于训练分类的协议识别方法 | |
CN110851422A (zh) | 一种基于机器学习的数据异常监测模型构建方法 | |
CN113067798B (zh) | Ics入侵检测方法、装置、电子设备和存储介质 | |
CN114553591B (zh) | 随机森林模型的训练方法、异常流量检测方法及装置 | |
CN102045357A (zh) | 一种基于仿射聚类分析的入侵检测方法 | |
CN115622806B (zh) | 一种基于bert-cgan的网络入侵检测方法 | |
CN113556319A (zh) | 物联网下基于长短期记忆自编码分类器的入侵检测方法 | |
CN111523588A (zh) | 基于改进的lstm对apt攻击恶意软件流量进行分类的方法 | |
CN113821793A (zh) | 一种基于图卷积神经网络的多阶段攻击场景构建方法及系统 | |
CN117411703A (zh) | 一种面向Modbus协议的工业控制网络异常流量检测方法 | |
CN109660656A (zh) | 一种智能终端应用程序识别方法 | |
CN115766227A (zh) | 基于单类支持向量机ocsvm的流量异常检测方法 | |
CN116684877A (zh) | 一种基于gyac-lstm的5g网络流量异常检测方法及系统 | |
CN116232696A (zh) | 基于深度神经网络的加密流量分类方法 | |
CN109376531B (zh) | 基于语义重编码与特征空间分离的Web入侵检测方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
ASS | Succession or assignment of patent right |
Owner name: NSFOCUS TECHNOLOGY CO., LTD. Effective date: 20131023 |
|
C41 | Transfer of patent application or patent right or utility model | ||
TR01 | Transfer of patent right |
Effective date of registration: 20131023 Address after: 100089 Beijing city Haidian District Road No. 4 North wa Yitai five storey building Patentee after: NSFOCUS INFORMATION TECHNOLOGY Co.,Ltd. Patentee after: NSFOCUS TECHNOLOGIES Inc. Address before: 100089 Beijing city Haidian District Road No. 4 North wa Yitai 5 storey building Patentee before: NSFOCUS INFORMATION TECHNOLOGY Co.,Ltd. |
|
CP01 | Change in the name or title of a patent holder |
Address after: 100089 Beijing city Haidian District Road No. 4 North wa Yitai five storey building Patentee after: NSFOCUS Technologies Group Co.,Ltd. Patentee after: NSFOCUS TECHNOLOGIES Inc. Address before: 100089 Beijing city Haidian District Road No. 4 North wa Yitai five storey building Patentee before: NSFOCUS INFORMATION TECHNOLOGY Co.,Ltd. Patentee before: NSFOCUS TECHNOLOGIES Inc. |
|
CP01 | Change in the name or title of a patent holder | ||
CX01 | Expiry of patent term |
Granted publication date: 20120704 |
|
CX01 | Expiry of patent term |