Show metadata Hide metadata

(19)

(11)

2 690 758

(13)

(51)

IPC

G06N5/02(2006-01-01)

(21) (22)

Application

2018132592, 2018-09-12

(24)

Start date

2018-09-12

(22)

Actual filing date

2018-09-12

(45)

Published

2019-06-05

(72)

Inventor

Zegzhda Petr DmitrievichLavrova Darya Sergeevna

(73)

Holder

Federalnoe Gosudarstvennoe Avtonomnoe Obrazovatelnoe Uchrezhdenie Vysshego Obrazovaniya Politekhnicheskij Universitet Petra Velikogo" Vo

METHOD FOR AUTOMATIC CLASSIFICATION OF NETWORK TRAFFIC BASED ON HEURISTIC ANALYSIS Russian patent published in 2019 - IPC G06N5/02

Abstract RU 2690758 C1

FIELD: computer equipment.

SUBSTANCE: invention relates to the computer equipment. Method comprises: classifying network traffic, wherein for classification heuristic rules are used, which describe key characteristics of web traffic and P2P traffic, used to incoming from routers network packets, from which are selected such parameters as IP addresses of sender and recipient, sender and receiver port numbers, size of network packet, time mark, type of network protocol of transport level, life time of network packet, type of service, flags, parameters are stored in database located on a database server, then, using the stored in the database of the listed parameters, calculating the statistical characteristics of the network traffic, such as the number of SYN and ACK flags, the size of the network stream, the number of network packets in the network stream, the number of network protocol packets of each type, the number of outbound connections for the host, the number of incoming connections to a host; at that traffic assignment to P2P traffic class or to web traffic class is performed at traffic parameters correlation.

EFFECT: high efficiency and speed of detecting network attacks in backbone networks.

1 cl, 1 dwg

Similar patents RU2690758C1

Title	Year	Author	Number
BALANCING METHOD WHILE MAINTAINING INTEGRITY OF DATA FLOWS	2023	Popenko Pavel Ivanovich	RU2807656C1
METHOD FOR SECURITY GATEWAY CLUSTER OPERATION	2021	Guzev Oleg Yurevich Tychina Leonid Anatolevich	RU2757297C1
A WAY TO TRACK FRAGMENTS OF PACKETS IN NETWORK TRAFFIC	2022	Badin Mikhail Viktorovich Mikhailov Aleksei Mikhailovich Plotko Sergei Alekseevich	RU2778462C1
METHOD FOR ENSURING BALANCING IDENTITY FOR BIDIRECTIONAL NETWORK SESSION DATA FLOW	2022	Badin Mikhail Viktorovich Mikhajlov Aleksej Mikhajlovich Plotko Sergej Alekseevich	RU2786629C1
METHOD FOR DYNAMIC FILTERING OF NETWORK PACKETS BY SESSIONS	2022	Badin Mikhail Viktorovich Mikhajlov Aleksej Mikhajlovich Plotko Sergej Alekseevich	RU2779135C1
SYSTEM FOR AGGREGATION OF NETWORK DATA IN COMPUTER NETWORKS	2019	Marchenkov Aleksej Aleksandrovich Esin Anton Anatolevich	RU2694025C1
METHOD FOR TRACKING SESSIONS IN NETWORK TRAFFIC	2022	Badin Mikhail Viktorovich Mikhailov Aleksei Mikhailovich Plotko Sergei Alekseevich	RU2786178C1
METHOD FOR DETECTING ANOMALOUS WORK OF NETWORK SERVER (OPTIONS)	2016	Eliseev Vladimir Leonidovich Shabalin Yurij Dmitrievich	RU2630415C2
METHOD OF DETECTING ANOMALIES IN TRAFFIC OF MAIN INTERNET NETWORKS BASED ON MULTIFRACTAL HEURISTIC ANALYSIS	2018	Zegzhda Petr Dmitrievich Lavrova Darya Sergeevna	RU2696296C1
METHOD FOR FILTERING A PART OF PACKETS IN A NETWORK SESSION	2022	Shabalov Aleksandr Aleksandrovich Badin Mikhail Viktorovich Mikhailov Aleksei Mikhailovich Plotko Sergei Alekseevich	RU2790635C1

RU 2 690 758 C1

Authors

Zegzhda Petr Dmitrievich

Lavrova Darya Sergeevna

Dates

2019-06-05—Published

2018-09-12—Filed