Bypass detection and blocking method and system for data security risk behavior

Bypass detection and blocking method and system for data security risk behavior

The invention discloses a bypass detection and blocking method and system for data security risk behaviors. The invention aims to solve the problems of high false alarm rate, high missing report rate and single blocking effect in the blocking of data security risk behaviors in the prior art. The met...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: DONG ENZE, TAN ZHIQIANG, YUAN LICHENG, CHEN YING, LIU XIAOBO, CHENG XIANJIE, LI JIN, XIE XIAOGANG
Format: Patent
Sprache:chi ; eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator DONG ENZE
TAN ZHIQIANG
YUAN LICHENG
CHEN YING
LIU XIAOBO
CHENG XIANJIE
LI JIN
XIE XIAOGANG
description The invention discloses a bypass detection and blocking method and system for data security risk behaviors. The invention aims to solve the problems of high false alarm rate, high missing report rate and single blocking effect in the blocking of data security risk behaviors in the prior art. The method comprises the following steps: S1, collecting a mirror image traffic message based on a DPDK technology; s2, sequentially carrying out network layer protocol analysis and transport layer protocol analysis on the collected mirror image flow message, and sending the message size and information obtained by analysis to a rule control module; s3, matching the obtained information with a static IP rule and a flow characteristic dynamic rule in sequence; when the matching is successful, triggering a corresponding blocking event; s4, adopting a three-level blocking mode for a transmission layer which is a TCP protocol; and a two-stage blocking mode is adopted for other protocols. A dynamic blocking rule is adopted to
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_CN117294538A</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>CN117294538A</sourcerecordid><originalsourceid>FETCH-epo_espacenet_CN117294538A3</originalsourceid><addsrcrecordid>eNqNyrEKwjAQgOEsDqK-w_kADrWKOmpRnHRxL9fkakPbXMidQt5eEB_A6YePf2rupxxRBBwpWfUcAIODZmDb-_CEkbRj9zXJojRCywkcKoKQfSWvGZKXHhrq8O05zc2kxUFo8evMLC_nR3VdUeSaJKKlQFpXt6LYrQ-bbbk_lv88H10UNw4</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Bypass detection and blocking method and system for data security risk behavior</title><source>esp@cenet</source><creator>DONG ENZE ; TAN ZHIQIANG ; YUAN LICHENG ; CHEN YING ; LIU XIAOBO ; CHENG XIANJIE ; LI JIN ; XIE XIAOGANG</creator><creatorcontrib>DONG ENZE ; TAN ZHIQIANG ; YUAN LICHENG ; CHEN YING ; LIU XIAOBO ; CHENG XIANJIE ; LI JIN ; XIE XIAOGANG</creatorcontrib><description>The invention discloses a bypass detection and blocking method and system for data security risk behaviors. The invention aims to solve the problems of high false alarm rate, high missing report rate and single blocking effect in the blocking of data security risk behaviors in the prior art. The method comprises the following steps: S1, collecting a mirror image traffic message based on a DPDK technology; s2, sequentially carrying out network layer protocol analysis and transport layer protocol analysis on the collected mirror image flow message, and sending the message size and information obtained by analysis to a rule control module; s3, matching the obtained information with a static IP rule and a flow characteristic dynamic rule in sequence; when the matching is successful, triggering a corresponding blocking event; s4, adopting a three-level blocking mode for a transmission layer which is a TCP protocol; and a two-stage blocking mode is adopted for other protocols. A dynamic blocking rule is adopted to</description><language>chi ; eng</language><subject>ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRICITY ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2023</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20231226&amp;DB=EPODOC&amp;CC=CN&amp;NR=117294538A$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,776,881,25543,76293</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20231226&amp;DB=EPODOC&amp;CC=CN&amp;NR=117294538A$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>DONG ENZE</creatorcontrib><creatorcontrib>TAN ZHIQIANG</creatorcontrib><creatorcontrib>YUAN LICHENG</creatorcontrib><creatorcontrib>CHEN YING</creatorcontrib><creatorcontrib>LIU XIAOBO</creatorcontrib><creatorcontrib>CHENG XIANJIE</creatorcontrib><creatorcontrib>LI JIN</creatorcontrib><creatorcontrib>XIE XIAOGANG</creatorcontrib><title>Bypass detection and blocking method and system for data security risk behavior</title><description>The invention discloses a bypass detection and blocking method and system for data security risk behaviors. The invention aims to solve the problems of high false alarm rate, high missing report rate and single blocking effect in the blocking of data security risk behaviors in the prior art. The method comprises the following steps: S1, collecting a mirror image traffic message based on a DPDK technology; s2, sequentially carrying out network layer protocol analysis and transport layer protocol analysis on the collected mirror image flow message, and sending the message size and information obtained by analysis to a rule control module; s3, matching the obtained information with a static IP rule and a flow characteristic dynamic rule in sequence; when the matching is successful, triggering a corresponding blocking event; s4, adopting a three-level blocking mode for a transmission layer which is a TCP protocol; and a two-stage blocking mode is adopted for other protocols. A dynamic blocking rule is adopted to</description><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRICITY</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2023</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNqNyrEKwjAQgOEsDqK-w_kADrWKOmpRnHRxL9fkakPbXMidQt5eEB_A6YePf2rupxxRBBwpWfUcAIODZmDb-_CEkbRj9zXJojRCywkcKoKQfSWvGZKXHhrq8O05zc2kxUFo8evMLC_nR3VdUeSaJKKlQFpXt6LYrQ-bbbk_lv88H10UNw4</recordid><startdate>20231226</startdate><enddate>20231226</enddate><creator>DONG ENZE</creator><creator>TAN ZHIQIANG</creator><creator>YUAN LICHENG</creator><creator>CHEN YING</creator><creator>LIU XIAOBO</creator><creator>CHENG XIANJIE</creator><creator>LI JIN</creator><creator>XIE XIAOGANG</creator><scope>EVB</scope></search><sort><creationdate>20231226</creationdate><title>Bypass detection and blocking method and system for data security risk behavior</title><author>DONG ENZE ; TAN ZHIQIANG ; YUAN LICHENG ; CHEN YING ; LIU XIAOBO ; CHENG XIANJIE ; LI JIN ; XIE XIAOGANG</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_CN117294538A3</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>chi ; eng</language><creationdate>2023</creationdate><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRICITY</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>DONG ENZE</creatorcontrib><creatorcontrib>TAN ZHIQIANG</creatorcontrib><creatorcontrib>YUAN LICHENG</creatorcontrib><creatorcontrib>CHEN YING</creatorcontrib><creatorcontrib>LIU XIAOBO</creatorcontrib><creatorcontrib>CHENG XIANJIE</creatorcontrib><creatorcontrib>LI JIN</creatorcontrib><creatorcontrib>XIE XIAOGANG</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>DONG ENZE</au><au>TAN ZHIQIANG</au><au>YUAN LICHENG</au><au>CHEN YING</au><au>LIU XIAOBO</au><au>CHENG XIANJIE</au><au>LI JIN</au><au>XIE XIAOGANG</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Bypass detection and blocking method and system for data security risk behavior</title><date>2023-12-26</date><risdate>2023</risdate><abstract>The invention discloses a bypass detection and blocking method and system for data security risk behaviors. The invention aims to solve the problems of high false alarm rate, high missing report rate and single blocking effect in the blocking of data security risk behaviors in the prior art. The method comprises the following steps: S1, collecting a mirror image traffic message based on a DPDK technology; s2, sequentially carrying out network layer protocol analysis and transport layer protocol analysis on the collected mirror image flow message, and sending the message size and information obtained by analysis to a rule control module; s3, matching the obtained information with a static IP rule and a flow characteristic dynamic rule in sequence; when the matching is successful, triggering a corresponding blocking event; s4, adopting a three-level blocking mode for a transmission layer which is a TCP protocol; and a two-stage blocking mode is adopted for other protocols. A dynamic blocking rule is adopted to</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language chi ; eng
recordid cdi_epo_espacenet_CN117294538A
source esp@cenet
subjects ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
title Bypass detection and blocking method and system for data security risk behavior
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-24T19%3A04%3A43IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=DONG%20ENZE&rft.date=2023-12-26&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3ECN117294538A%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true