38results about How to "Improve attack defense capability" patented technology

A method for raising network safety by utilizing message treatment includes placing message in buffer queue with relevant priority level and at channel between central processing unit and hardware retransmission plane separately according to priority level of message, carrying out treatment on message in buffer queue by central processing unit according to dispatch rule, carrying out treatment on message not required to be processed by control processing unit according to property of message and identifying those message according to specific rule for raising antiattack ability of network device.

The invention relates to the technical field of system security, and especially relates to a hierarchical bus encryption system. The system is used for solving the problems that data transmission of a security module and an ordinary module is not physically isolated and buses are not utilized reasonably and fully according to the security of each module. The system comprises at least two buses of a first bus and a second bus, an encryption and decryption system corresponding to each bus, at least one signal processing module corresponding to each bus, and a bus converter coupled between the first bus and the second bus. Through adoption of the system provided by the embodiment of the invention, the data transmitted on the buses is encrypted data, even through an attacker obtains the bus data through a probe attack, a secret key is difficult to break, and the anti-attack capability of the system can be improved.

The invention discloses a method for recognizing attack source information, and the method comprises the following steps: receiving blacklist information uploaded by a target server, wherein the blacklist information is attack source information recognized by the target server; issuing the blacklist information to all the servers under a sensing cloud platform, and thereby enabling all the serversto recognize the attack source information through the blacklist information. Obviously, in the scheme, after the target server recognizes the attack source information and generates the blacklist information, the blacklist information is uploaded to the sensing cloud platform, the sensing cloud platform issues the blacklist information to all the servers under the platform, thus, the other servers are enabled to improve capability of defensing attacks, and a complete ecological chain is formed; and the invention also discloses an apparatus, a device and a system for recognizing attack sourceinformation and a computer readable storage medium, which also can realize the effects above.

The invention discloses a satellite mobile communication terminal user identification and authentication method. The mobile communication terminal is based on a Beidou satellite system. The test method comprises the authentication mechanism and the encryption mechanism, wherein the authentication mechanism comprises the following steps: a public key is sent by a sender to a receiver, and a private key is saved by the sender; encryption is performed on data by the sender with the private key, and signed data is added; and verification and authentication are performed on the data by the receiver with the public key of the sender, and decryption is performed after the authentication is successful to obtain the data; and the encryption mechanism comprises the following steps: the public key is sent by the sender to the receiver, and the private key is saved by the sender; encryption is performed on data by the sender with the private key, and complete content is added; and decryption is performed on the data by the receiver with the public key, and after the authentication is successful, the data integrity is verified. The method of the invention can be used to effectively prevent various phenomenons, such as stealing calling, embezzlement, secret divulging, etc., in which mobile communication resources and services are used illegally in satellite mobile communication, and ensure satellite mobile communication network safety and ensure the legitimate rights and interests of satellite mobile communication operators and users.

The invention is applicable to the field of smart home, and provides a communication method, device and system, a readable storage medium and a computer device. The method comprises the following steps: receiving an authentication request sent by a main control end; after the authentication is passed, sending a response command to the main control end, wheein the response command carries a first serial number; receiving command data sent by the main control end, judging whether a second serial number carried in the command data is different from the first serial number by a first preset valueor not, and obtaining the second serial number through the first serial number and the first preset value; and if the judgment result is yes, responding to the command data. By dynamically changing the unique sequence value, the anti-attack capability of the intelligent equipment is provided, illegal data packets can be filtered out, and the security and the user experience are improved.

The invention relates to an image processing method and device, an image classification method and device, a medium and electronic equipment. The image processing method comprises the steps of receiving a to-be-processed image; according to the to-be-processed image and an image processing model, a noise image corresponding to the to-be-processed image is determined, the image processing model comprises an image feature extraction sub-model and a noise information sub-model, and the image feature extraction sub-model is used for obtaining feature vectors of the to-be-processed image; the noise information sub-model is used for determining a noise image of the to-be-processed image according to a feature vector of the to-be-processed image, the image processing model in the training process further comprises a classification sub-model, and the loss of the image processing model is determined based on the noise vector added by the noise information sub-model and classification probability distribution output by the classification sub-model; according to the to-be-processed image and the noise image, a target image corresponding to the to-be-processed image is generated, and the to-be-processed image and the target image are the same in corresponding classification.

The invention relates to a method for realizing decentralized distributed process guarding based on an ad hoc network technology, which comprises the following steps of: generating a super-tube identity, authority and guarding strategy file through a creation module, and safely storing the file in each guarding node and system process: 1, perpetual motion guarding without external force intervention, and 2, iteratively updating/newly adding nodes in the process; the super administrator performs external force intervention and redeployment, and perpetual motion guards are started after deployment is completed and the super administrator intervention mode exits; and basic services of mutual monitoring, failover and takeover, message broadcasting and communication are started. The credible decentralized distributed process guarding system is constructed by utilizing an original ad hoc network technology and is used for avoiding the problem of failure of system process guarding capabilitycaused by a single-point fault of a guarder; meanwhile, the protection range can be expanded from a single machine to all hosts in the whole domain, the anti-attack capability of the whole protectionsystem is improved, and the credibility of the protection system is ensured.

The invention discloses an address conflict processing method and device and a storage medium, and belongs to the technical field of communication. The method is applied to an EVPN and comprises: a first PE device receiving a second MAC/IP Advertent route sent by a second PE device, and the second MAC/IP Advertent route comprising second table item information; when the first PE equipment determines that the second IP address is the same as the first IP address, determining that the second table entry information conflicts with first table entry information stored in the first PE equipment; and when the first PE device determines that the number of conflicts between the second table entry information and the first table entry information is greater than or equal to a conflict number threshold in the first period, not sending the first MAC/IP Advertisement route to the second PE device. According to the method and the device, occupation of network resources can be reduced in a table entry information conflict scene, and the network anti-attack capability can be improved.

The invention relates to a vehicle data message safety communication method which is used for communication of ECUs of a vehicle, the ECUs of the vehicle are communicated through a communication bus, the method comprises the following steps that encryption and decryption data are obtained and written into each ECU, and the encryption and decryption data comprise encryption and decryption information of each ECU; when the ECU sends a message, encrypting the message according to the encryption and decryption information of the ECU sending the message to form a ciphertext, and sending the ciphertext to the ECU receiving the message through a bus; and when the ECU receives the message, decrypting the received ciphertext according to the encryption and decryption information to obtain a plaintext message. Compared with the prior art, the method has the advantage of effectively preventing vehicle message eavesdropping, playback attacks and camouflage attacks.

The invention discloses a watchdog feeding method for embedded Linux equipment with an anti-attack capability and a driving module. A watchdog comprises an initialization module, a dog feeding sub-module, a sub-module for inquiring whether a dog is fed or not, a dog feeding confirmation command receiving sub-module, a dog feeding confirmation command detection sub-module and an execution sub-module. The method comprises the steps: initializing watchdog hardware circuit, obtaining watchdog overflow time, shielding a function interface in the drive code; obtaining a counting variable and a firsttime interval, carrying out periodic dog feeding operation according to the first time interval, and sending a dog feeding command to an application program or not; and judging whether a dog feedingconfirmation command replied by the application program is received within a set second time interval, judging whether the value of the counting variable exceeds a set overtime number, and resetting and restarting the system by the watchdog when the watchdog overflow time is exceeded, so the anti-attack capability of the embedded Linux equipment in the Internet of Things is improved.