Network worm virus real-time monitoring method and system based on medical system

Network worm virus real-time monitoring method and system based on medical system

The invention provides a network worm virus real-time monitoring method based on a medical system, and belongs to the field of medical safety. The method comprises the following steps: firstly, mirroring a data stream accessed to a medical system, then judging whether a destination port of the curre...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: HAI WANXUE, LI JINGJING, LIAO SHUIPING, FENG GUANGWEI
Format: Patent
Sprache:chi ; eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention provides a network worm virus real-time monitoring method based on a medical system, and belongs to the field of medical safety. The method comprises the following steps: firstly, mirroring a data stream accessed to a medical system, then judging whether a destination port of the current data stream is 445 used by an SMB protocol, and if so, judging whether a failure request exists; if not, storing the current data flow as a non-service data flow; if the failed requests exist, carrying out classification and counting statistics on the failed requests, and counting the number of the failed requests under each host address according to time nodes in a preset time range; if not, storing the current data stream as a normal service data stream; judging whether the number of failed requests under the current host address reaches a threshold value or not; and if the threshold value is reached, giving an alarm, and storing related information. According to the invention, a set of analysis system can be