首页> 外国专利> A DEVICE FOR ANALYSING AND DIAGNOSING NETWORK TRAFFIC, A SYSTEM FOR ANALYSING AND DIAGNOSING NETWORK TRAFFIC, AND A SYSTEM FOR TRACING NETWORK TRAFFIC

A DEVICE FOR ANALYSING AND DIAGNOSING NETWORK TRAFFIC, A SYSTEM FOR ANALYSING AND DIAGNOSING NETWORK TRAFFIC, AND A SYSTEM FOR TRACING NETWORK TRAFFIC

机译：网络流量分析诊断装置，网络流量分析诊断系统，网络流量跟踪系统

页面导航

摘要
著录项
相似文献

摘要

Provided are a traffic analysis diagnosis device, a traffic analysis diagnosis system, and a traffic trace system capable of easily and accurately detecting an unauthorized access such as (D)DoS attack. The traffic analysis diagnosis device (105) includes: means for classifying packets into k packet types (k is a natural number not smaller than 1) according to the protocol type, the port number, and the like and monitoring the number of values of the field having the header of a packet passing through an observation point set on a network for each of the packet types; means for monitoring the number of values of a specific field of the payload section of the packets for each of the packet types; and means for performing network traffic diagnosis by analyzing the fluctuation of the number of values of the field for each of the packet types. Thus, it is possible to detect a small-scale (D)DoS attack in which the number of addresses only slightly changes, thereby improving the detection accuracy of an unauthorized access.

机译：提供一种交通分析诊断装置，交通分析诊断系统和交通跟踪系统，其能够容易且准确地检测诸如（D）DoS攻击的未授权访问。流量分析诊断设备（105）包括：用于根据协议类型，端口号等将分组分类为k种分组类型（k是不小于1的自然数）并且监视分组的值的数量的装置。对于每个分组类型，具有通过网络上设置的观察点的分组的报头的字段;用于监视每种分组类型的分组的有效载荷部分的特定字段的值的数量的装置;通过分析每个分组类型的字段的值数量的波动来执行网络流量诊断的装置。因此，可以检测地址数量仅稍有变化的小规模（D）DoS攻击，从而提高未授权访问的检测精度。

著录项

公开/公告号IN283708B

专利类型
公开/公告日2017-06-02

原文格式PDF
申请/专利权人
展开▼

申请/专利号IN1540/MUMNP/2008
发明设计人 KEENI GLENN MANSFIELD;
展开▼

申请日2008-07-21
分类号H04L12/56;
国家 IN
入库时间 2022-08-21 13:38:02

相似文献

专利
外文文献
中文文献