Network attack detection method and device
The invention provides a network attack detection method and device. The method comprises the following steps: according to a preset keyword set, a feature module carries out keyword matching on a network session sample, so that features of the network session sample are obtained; a tagging module c...
Saved in:
| Main Author | |
|---|---|
| Format | Patent |
| Language | Chinese English |
| Published |
18.08.2017
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Summary: | The invention provides a network attack detection method and device. The method comprises the following steps: according to a preset keyword set, a feature module carries out keyword matching on a network session sample, so that features of the network session sample are obtained; a tagging module carries out part-of-speech tagging on the features of the network session sample in a hidden state through a pre-trained hidden Markov model, so that an analysis function is achieved; and a processing module inputs the network session sample, which has undergone the part-of-speech tagging, into a pre-trained classification model for classified processing, so that whether a network attack exists in the network session sample or not is determined. The method and device provided by the invention has the advantages that manual protocol analysis is not needed, so that the technical problems in the prior art that feature extraction from sample data needs to rely on artificial experience and the analysis efficiency is low |
|---|---|
| Bibliography: | Application Number: CN201611118311 |