Title:
NETWORK ANOMALY DETECTION METHOD, APPARATUS AND DEVICE BASED ON PORTRAIT TECHNOLOGY, AND MEDIUM
Document Type and Number:
WIPO Patent Application WO/2019/136955
Kind Code:
A1
Abstract:
Provided are a network anomaly detection method, apparatus and device based on portrait technology, and a medium. The method comprises: acquiring relevant data information of a device in a network; constructing a device vector according to the relevant data information; calculating a device deviation between the device vector and a device portrait corresponding to the device; calculating a type deviation between the device vector and a device type portrait corresponding to the device type of the device; and when the device deviation and/or type deviation exceeds a set threshold, raising an alarm to implement network anomaly detection. According to the network anomaly detection method, apparatus and device based on the portrait technology and the medium provided by the present invention, the historical network traffic features are portrayed in a machine learning manner, so that the devices in a network are clustered, and each device and each type of devices are portrayed according to the historical traffic features to find a device with a traffic anomaly, thus finding a network security attack behavior in a timely and accurate manner.
Inventors:
TU DAZHI (CN)
WANG ZHI (CN)
WANG XINCHENG (CN)
WANG ZHI (CN)
WANG XINCHENG (CN)
Application Number:
PCT/CN2018/096109
Publication Date:
July 18, 2019
Filing Date:
July 18, 2018
Export Citation:
Assignee:
SHENZHEN LEAGSOFT TECH CO LTD (CN)
International Classes:
H04L12/24; H04L29/06
Foreign References:
| CN108270620A | 2018-07-10 | |||
| CN106789935A | 2017-05-31 | |||
| CN107196930A | 2017-09-22 | |||
| US20160149776A1 | 2016-05-26 |
Attorney, Agent or Firm:
BEIJING KUAIZHIHUI IP AGENCY CO., LTD (CN)
Download PDF: