Method and apparatus for efficient netflow data analysis

Invention Grant

US08510830B2 Method and apparatus for efficient netflow data analysis 有权

Title translation: 用于有效净流数据分析的方法和装置

Please log in to see more content

Patent Title: Method and apparatus for efficient netflow data analysis
Patent Title (中): 用于有效净流数据分析的方法和装置
Application No.: US13221182

Application Date: 2011-08-30
Publication No.: US08510830B2

Publication Date: 2013-08-13
Inventor: Peter Reilly
Applicant: Peter Reilly
Applicant Address: US WA Everett
Assignee: Fluke Corporation
Current Assignee: Fluke Corporation
Current Assignee Address: US WA Everett
Agency: Edwards Wildman Palmer LLP
Agent Scott D. Wofsy; Christopher J. Capelli
Priority: EP11168731 20110603
Main IPC: H04L29/06
IPC: H04L29/06 ; G06F11/00 ; G06F12/14 ; G06F12/16 ; G08B23/00

Method and apparatus for efficient netflow data analysis

Abstract:

A flow based detection system for detecting networks attacks on data networks. Flow records are collected in a novel data structure that facilitates efficient sorting. The sorted data structure can be subsequently analyzed in an efficient manner to find out if the network is under attack. An attack is identified if the numbers of unique corresponding addresses or conversations are too large.

Abstract(Chinese):

一种基于流的检测系统，用于检测数据网络上的网络攻击。流记录被收集在有助于有效排序的新颖数据结构中。随后可以以有效的方式分析排序的数据结构，以确定网络是否受到攻击。如果唯一对应的地址或对话的数量太大，则会发现攻击。

Public/Granted literature

US20120311704A1 Method and Apparatus for Efficient Netflow Data Analysis Public/Granted day:2012-12-06

Information query

Espacenet