17956591. Network Attack Detection Method and Apparatus simplified abstract (Huawei Technologies Co., Ltd.)

From WikiPatents
Jump to navigation Jump to search

Network Attack Detection Method and Apparatus

Organization Name

Huawei Technologies Co., Ltd.

Inventor(s)

Shiguang Li of Beijing (CN)

Mengwen Xu of Beijing (CN)

Lijuan Jiao of Beijing (CN)

Network Attack Detection Method and Apparatus - A simplified explanation of the abstract

This abstract first appeared for US patent application 17956591 titled 'Network Attack Detection Method and Apparatus

Simplified Explanation

The patent application describes a method and apparatus for detecting network attacks. Here are the key points:

  • The network protection device analyzes incoming network traffic and extracts key data from it.
  • The extracted key data is compared with known attack signatures stored in a signature database.
  • If a match is found, the network protection device determines that the network traffic is aggressive.
  • In such cases, the device obtains a target attack detection model based on the specific network traffic.
  • The target attack detection model is used to identify attack signatures that are different from the ones in the signature database.
  • When the device receives subsequent network traffic, it uses the target attack detection model to determine if it is aggressive.

Potential applications of this technology:

  • Network security systems and devices can utilize this method to detect and prevent network attacks.
  • It can be used in firewalls, intrusion detection systems, and other network protection mechanisms.

Problems solved by this technology:

  • Traditional network attack detection methods rely solely on known attack signatures, which may not be effective against new or evolving attacks.
  • This technology addresses this limitation by dynamically creating a target attack detection model based on the specific network traffic, allowing for the identification of new attack signatures.

Benefits of this technology:

  • Improved accuracy in detecting network attacks by using a target attack detection model specific to the network traffic.
  • Enhanced security by identifying attack signatures that may not be present in the signature database.
  • Flexibility to adapt to new and evolving attack techniques.


Original Abstract Submitted

A network attack detection method and apparatus is provided. The network protection device obtains first key data from received first network traffic, and matches the first key data with an attack signature in a signature database to obtain a first matching result; if the network protection device determines, based on the first matching result, that the first network traffic is aggressive, the network protection device obtains a target attack detection model based on the first network traffic, where the target attack detection model is used to identify one or more attack signatures that are different from the attack signature in the signature database; and when the network protection device receives second network traffic, the network protection device determines, based on the target attack detection model, whether the second network traffic is aggressive.

Retrieved from "http://wikipatents.org/index.php?title=17956591._Network_Attack_Detection_Method_and_Apparatus_simplified_abstract_(Huawei_Technologies_Co.,_Ltd.)&oldid=19357"