33results about How to "Effective defense against attacks" patented technology

A multi-model cooperative defense method facing deep learning antagonism attack comprises the following steps of: 1) performing unified modeling based on a gradient attack to provide a [Rho]-loss model; 2) according to design of a unified model, for an countering attack of a target model fpre(x), according to a generation result of a countering sample, classifying a basic expression form of an attack into two classes; 3) analyzing the parameters of the model, performing parameter optimization of the [Rho]-loss model and search step length optimization of a disturbance solution model for the countering sample; and 4) for the mystique of a black box attack, designing an experiment based on an adaboost concept, generating a plurality of different types of substitution models, used to achievethe same task, for integration, designing a multi-model cooperative defense method with high defense capability through an attack training generator of an integration model with high defense capability, and providing multi-model cooperative detection attack with weight optimal distribution. The multi-model cooperative defense method is high in safety and can effectively defense the attack of a deep learning model for the antagonism attack.

The invention provides a netfilter-based address and port hopping communication implementation method, which comprises the steps of 1) initially deploying; 2) configuring the hopping parameters of a server, generating a hopping key, storing the hopping key, and distributing the hopping parameters to an authentication and distribution agent by means of the server; 3) acquiring the hopping parameters of the server by means of a client after the authentication process of the client by an authentication and distribution center; 4) synchronizing the clocks of the client, the server and an address hopping gateway, calculating the current hopping address and the current hopping port of the server, and modifying addresses and ports corresponding to data messages sent and received by a local computer so as to realize the communication; 5) receiving communication messages received by the address hopping gateway from the client and the server, and acquiring the hopping address of the server by an address hopping engine according to the above address hopping parameters, and modifying addresses corresponding to the above messages to complete the message forwarding process; 6) realizing the port hopping function through a port hopping engine by the server, modifying ports corresponding to the messages of an importer/exporter to complete the communication. The method is simple in principle, easy to realize and popularize, and good in safety.

The invention discloses an SDN-based SDP security group implementation method and a security system, and the method achieves SPA single-packet authorization service logic through adoption of a flow table method of an SDN network, and carries out the planning and identity authentication of access authorities of different users through combining with the IAM user management of a cloud platform. According to the invention, the security of the cloud platform security group function is enhanced; accurate control of the security group on external authorization is realized; in combination with the identity authentication technology of the cloud platform and the SDN cloud network, the additional cost of the SDP gateway and the SDP controller is reduced, the SDP technology and the cloud computing security technology are fused, meanwhile, attacks from an internal network can be effectively defended, and comprehensive defense of flow in all directions of the cloud platform can be achieved.

The invention discloses a human face living body verification method and device, a mobile terminal and a computer readable storage medium, which are applied to the field of mobile terminals, and comprise the following steps: shooting a human face image by utilizing left and right cameras of the mobile terminal; performing distortion correction and line alignment on the shot left and right face images respectively; respectively carrying out face detection on the corrected left and right face images; matching the left image and the right image subjected to face detection with face key points; and carrying out living body judgment according to the distance between the face key points. According to the embodiment of the invention, when face recognition authentication is used, attacks of images, videos and the like can be effectively resisted,. The method is simple, reliable and mature, the speed is high, potential safety hazards are reduced, and the user experience is improved.

The invention relates to a malicious code detection method, a data interaction method and related equipment. The malicious code detection method comprises the steps of obtaining a to-be-detected code; vectorizing the to-be-detected code to obtain a vector corresponding to the to-be-detected code; performing feature extraction on the vector through a text classification model, and performing classification recognition based on the extracted features to obtain a category recognition result corresponding to the to-be-detected code, wherein the category identification result comprises identified code categories and corresponding category probabilities, and the code categories comprise malicious codes and normal codes; and if the category probability corresponding to the malicious code in the category identification result is greater than a preset threshold, determining that the to-be-detected code is the malicious code. By adopting the method, the malicious code recognition rate can be improved.

The invention provides a keyword ciphertext generation method and device for cloud storage data, a cloud storage anti-quantum computing public key searchable encryption method, a cloud storage system, a storage medium and electronic equipment. The cloud storage data keyword ciphertext generation method comprises the steps of acquiring keyword information from data uploaded by a data owner; determining a random bit string; performing bit string encryption on the keyword information to determine a first component; performing bit string encryption on the random bit string to determine a second component; determining a third component according to the first component and an agent authorization public key and an agent authorization key between the agent and the data owner; and determining the keyword ciphertext based on the first component, the second component and the third component of the keyword ciphertext. By adopting the bit string encryption mode, the binary bit string encryption of the keyword information can be realized, the data security is improved, and the bit string encryption also has stronger practical application advantages and stronger practicability.

The invention discloses a virtual prop control method and device, a storage medium and electronic equipment. The method comprises the steps that in response to a first interaction operation obtained in a target game application, a first virtual operation object is controlled to be switched from a currently held virtual prop to a virtual defense prop and a virtual attack prop, and the virtual defense prop is used for blocking an attack operation on the first virtual operation object; and in response to a second interaction operation obtained in the target game application, the first virtual operation object is controlled to move together with the virtual defense prop and the virtual attack prop, and the second interaction operation is used for controlling the first virtual operation objectto move. By the adoption of the technical scheme, the technical problem that in the prior art, a defensive shield in a traditional mode is poor in protection effect on game characters is solved.

The invention provides a content lock firewall method based on a white list, and the method comprises the steps: step 200, carrying out the semantic analysis of a data package load received by a website, and obtaining an analysis text of a received data package; step 300, matching the parsed text of the data packet received by the website with a text pattern library to determine whether to forwardor intercept the received data packet, the text pattern library comprising value domains and structural features of a plurality of keywords. Based on the method disclosed in the embodiment of the invention, for websites with relatively fixed functions, known and novel network attacks can be effectively defended by deploying the firewall, the websites can run with vulnerabilities under the condition of guaranteeing normal functions, and high-cost upgrading is not needed.

The invention discloses a method, a system and equipment for defending against an attack message, and relates to the technical field of communication. The method for defending against the attack message comprises the following steps: recording mark information of a received TCP message in a corresponding entry in a network address translation (NAT) table in a process of establishing transmission control protocol (TCP) connection with a client; and according to the destination information, statistics is carried out on entries which only record the mark information of the SYN message in the NATconversion table, so that an access control list ACL entry can be generated. Attack messages are effectively defended, the network deployment is simplified, and the cost is reduced.

The invention discloses an identity authentication method based on an N-dimensional spherical surface, which comprises: an authentication server receives registration and identity authentication of users after being initialized; when a new user registers, the user calculates a vector by a safe one-way function according to passwords selected and submits the vector to the authentication server; the authentication server specifies an IDg for the user as the identification of the identity of the user; the authentication server combines a self secrete vector with the vector submitted by the user to determine the N-dimensional spherical surface; the authentication server randomly selects a plurality of different points on the N-dimensional spherical surface to form an encrypted file which is sent to the user through a safe channel; when the user requires identity authentication, the passwords and the encrypted file containing identity identification are utilized to calculate; the result of calculation is sent to the authentication server; and the authentication server checks and determines whether to accept the identity of the user after calculation. The method can effectively reduce the stored information and calculation load of the authentication server and prevent imitating the authentication server.

The invention relates to the technical field of spatial information, and discloses a low-orbit satellite security authentication method based on spatial channel characteristics. The method comprises a three-layer SDN distributed control structure consisting of a ground control center, a GEO satellite controller and an MEO satellite controller. In the whole authentication process, key agreement contains timestamp information, so that the freshness of the message is ensured. After the timestamp T is acquired, whether the timestamp T is within an allowable time range delta T is detected, if the timestamp T is valid, the acquired secret key is fresh, replay attacks can be effectively resisted, symmetric secret keys generated in the subsequent authentication process are iteratively generated based on the initial KEYab, and the shared secret key needs to be updated again every time a session is ended. The new secret key is based on the Hash operation of the channel characteristic value and the message and has randomness, so that even if an attacker obtains the current shared secret key, a subsequent new secret key cannot be generated, and the independence of the authentication process is guaranteed.

The invention discloses a biometric feature living body recognition and detection method based on a depth image, and the method comprises the steps: obtaining the depth image of a detected target which currently comprises biometric features, and carrying out living body recognition of the current depth image based on a trained machine learning model, calculating the gradient of pixel points in the depth image based on the depth image sample, and obtaining image gradient features representing the change degree of the image depth value; obtaining a sub-region gradient direction histogram of the gradient amplitude of at least one sub-region image distributed in the gradient direction according to the image gradient characteristics; connecting all the sub-region gradient direction histograms in series to obtain extracted image features; and taking the image features as a sample of the machine learning model, and training the machine learning model. The invention is simple in algorithm and short in response time, realizes presentation attack detection, and improves the security of identification equipment.

The present invention provides a system and method for facial expression detection. The system comprises a camera used for acquiring an image with an input face; a first deep neural network used for detecting the input face in the image; a quality detection module used for judging whether the detected input human face is a human face picture with qualified quality or not, and sending a trigger signal if the detected input human face is the human face picture with qualified quality; a processing module used for intercepting a face area from the image when receiving the trigger signal sent by the quality detection module, and carrying out affine transformation on the face area to obtain a front image corresponding to the input face; and a determination module used for determining the expression classification of the front image as a first expression through a second deep neural network, and when the input faces in more than a preset number of continuous multi-frame images are all the first expressions, determining the input faces as the first expressions, so that the problem of face expression detection in a monitoring camera scene can be solved.

The invention discloses an audio watermark processing method and device, electronic equipment and a storage medium, wherein the energy for embedding a watermark can be reduced, the accurate extraction of the watermark can be ensured, and better robustness and concealment can be obtained. The method comprises the following steps: acquiring frequency domain signals respectively corresponding to each audio frame in audio; embedding watermark information into the imaginary component of the frequency domain signal corresponding to each audio frame; and performing time domain reconstruction on the frequency spectrum signal embedded with the watermark information to obtain an audio containing the watermark information.

The invention discloses a face recognition method and device based on a binocular camera and a storage medium. The face recognition method based on the binocular camera comprises the steps that a first image of an infrared camera in the binocular camera and a second image of an image camera are acquired; and when it is determined that the detected face is a living body according to the first image, face key point information of the second image is acquired, and face recognition is performed according to the face key point information. Face recognition is carried out by using the binocular camera, so that attacks of photos, videos, 3D printing and the like can be effectively resisted, and the safety of face recognition is improved.