104results about How to "Increase attack difficulty" patented technology

The invention discloses an IP address jump safety communication method based on an SDN framework. The method comprises steps that A, an IP address of a Host2 is requested by a Host1; B, a real IP address r2 of the Host2 is replaced by a virtual IP address h2 through a controller; C, a domain analysis response is forwarded by the controller to the Host1; D, an r1 is taken as a source address and the h2 is taken as a target address by the Host1 to send a data packet to the Host2; E, a flow rule is generated by the controller to replace the r1 by a virtual IP address h1, and the flow rule is issued; F, the r1 is replaced by the h1 through the source switch, and forwarding is carried out; G, the h2 is replaced by the r2 through the target switch, and forwarding is carried out; H, the r2 is taken as a source address and the h1 is taken as a target address by the Host2 to send a response data packet; I, the r2 is replaced by the h2 through the target switch, and forwarding is carried out; J, the h1 is replaced by the r1 through the source switch, and forwarding to the Host1 is carried out. Through the method, jump IPs can be dynamically distributed to a host computer in the IPH network, one-time one-change access to the host computer IP is transparently realized, attack based on scanning and DDoS attach can be effectively fought against.

The invention relates to a dynamic application address conversion method and gateway system. A novel Web application attack defense method is achieved. URL addresses are dynamically converted, attack faces of an application system are converted, vulnerability of Web applications is hidden, the attack difficulty of an attacker is increased, and the difficulty in which the attacker conducts vulnerability scanning and attack injection on Websites through URLs is greatly increased. By the adoption of a DAAT method, the security threats of the attacker to the Web applications can be dynamically and effectively reduced, and security of the Web application system is improved.

The invention provides a system and method for generating and managing a secrete key. When the system is started, identity recognition is carried out through an intelligent device. A plurality of sets of initial data are input and are mutually independent, and the initial data are stored in a safety hardware device which has the anti-fake and anti-decoding functions. A system root secrete key is generated through the safety hardware device according to a computation rule, and is encrypted to be stored in the safety hardware device. The root secrete key is dispersed through secrete key scattering factors to obtain the needed application secrete key. The application secrete key is stored in the safety hardware device, and the root secrete key is restored from the safety hardware device. In the whole system, the plaintext numerical value of the secrete key is only stored in the safety hardware device. Before having access to all safety hardware devices, the system identifies the true or fake of the safety devices. Operators are recognized by the system in the procedures of starting and operating. The generating rule of the secrete key cannot be known by laymen. The secret key data needed in the operation process exist in a cryptograph form. The system is high in safety.

The invention discloses a computer-system-based online handwriting authentication method, which comprises the following steps of: writing and submitting a plurality of groups of registered handwritings through handwriting input equipment by a user, storing the two-dimensional static character pattern position information of display handwritings corresponding to the registered handwritings into a database, and finishing handwriting registration according to the conventional online handwriting authentication method; in the test of a computer system, submitting a generated identification number by the user, randomly selecting a plurality of registered handwritings from the registered handwritings submitted by a corresponding user in a registration stage, and displaying the two-dimensional static character pattern position information of the display handwritings of the selected registered handwritings to the user; and submitting a corresponding test handwriting set at a time within a specified time by the user, finishing test handwriting authentication according to the computer-system-based online handwriting authentication method, and comprehensively making a decision to finish the authentication of the user. The method has the advantages of replay attack resistance, difficulty in the attack of an imitator and active defense; and the neglected shortcomings of dependence on handwriting confidentiality and high imitation rate neglected by the conventional online handwriting authentication method are effectively overcome.

The invention provides a mimic switch safety flow control device and method. The device comprises a security situation awareness module, a drainage module and a data transfer module, and the method for controlling the security flow by using the device comprises the following steps that step 1, the security situation awareness module selects features of a security flow message to be controlled and formulates a security strategy; step 2, the drainage module obtains safety flow message characteristics from a mimicry switch physical port or a heterogeneous executor virtual port, and formulates a dynamic drainage strategy according to the message characteristics; and step 3, the data transfer module completes analysis of the message and then forwards the message to a mimicry switch physical port or a heterogeneous executor virtual port. The mimic switch safety flow control method solves the problems that in mimic switch flow forwarding, message distribution, fingerprint conversion and distribution assignment links are large in development difficulty and too low in efficiency, and the attack difficulty of attackers is greatly increased.

The invention discloses a side-channel attack resisting processor architecture based on random instruction delay. The architecture is that an instruction memory is connected with an instruction random scheduling module, a central processing unit is connected with a multi-channel selector, a random flowing water section delay module and a data memory respectively, the multi-channel selector is connected with the instruction random scheduling module and a random waste instruction injection module respectively, and a random number generating module is connected with the random waste instruction injection module, the instruction random scheduling module and the random flowing water section delay module respectively. The side-channel attack resisting processor architecture enables a specific operation execution time point of side-channel attack not to be confirmed through an instruction random scheduling and out-of-order execution mode, a random waste instruction injection mode, a random flowing water section operation delay mode and the like, accordingly enables statistic analysis to be difficult to perform, greatly enhances the side-channel attack resisting capacity of a system and avoids cryptographic algorithm decryption caused by leakage of side-channel information.

The invention discloses a construction device of a mimicry network operating system. The construction device includes a variant management unit, an NOS unit and a mimicry unit. The variant management unit is composed of a variant template pool and a variant management sub unit. The NOS unit is composed of multi-template instantiated NOSs selected from the variation template pool. The mimicry unit receives calculation results from the NOS unit and executes a multi-mode decision. The invention also discloses a method based on the construction device of the mimicry network operating system. The method includes the steps of distributing a message from an underlying network to each heterogeneous network operating system that runs online, detecting the real-time state thereof by a monitoring agent built in each network operating system, and feeding back results to the variant management unit, each running network operating system independently executing the calculation; and subjecting the calculation result from each network operating system to multi-mode decision. The invention also discloses a mimicry network operating system, which comprises a variant template pool, a variant management layer, an NOS layer and a mimicry layer.

The invention discloses a chip of an RSA arithmetic against side-channel attack and the arithmetic, which relates to the technology field of information security. The chip comprises an interface module for finishing the interaction of data inside and outside of the chip, a random number module (RNG) for generating random number, a memory module (MEM) for storing high number, middle and final results needing to be computed by RSA, a modular exponentiation module (EXP) for completing modular exponentiation computation adopting MIST arithmetic, a module (RED) for completing common modular reduction and computing remainder and factor module reduction and a flow for controlling the whole RSA design to make modular exponentiation computation and module reduction computation operate in parallel and realize control module (CTRL) of randomized module reduction by calling RED. The invention puts forward safer module reduction arithmetic RandRed by introducing random number to render the invention the characteristics of no statistical character and higher attack difficulty.

The invention discloses a mimicry Web gateway system and a mimicry Web gateway method for carrying out dynamic scheduling by adopting random selection. The system comprises a system module distribution module, a multimode judgment module, a security Cookie generation module, a security Cookie decoding module, a heterogeneous server pool group, a background server dynamic switching module group, adatabase synchronization module, a security Cookie database group and a security configuration strategy. According to the invention, heterogeneous integration is carried out on the server, dynamic switching of the executor group is realized by utilizing a random selection technology, and a mimic Web gateway system is realized through Cookie mapping. According to the Web gateway based on dynamic heterogeneous redundancy, the background executor is dynamically switched by utilizing the dynamic scheduling and heterogeneous redundancy technology, the risk and loss of attacking a website system arereduced, the attack behavior can be more accurately judged, and countermeasures are taken in time.

The invention provides a WEB dynamic adaptive defense system and defense method based on false response. Based on the concept of moving target defense, a plurality of false WEB servers capable of being dynamically transformed is constructed around a protected WEB server, false sensitive data, false applications, false vulnerabilities and the like are constructed on the false WEB servers, and cheating hackers attack the false WEB servers. When a known attack or a suspicious behavior is identified, the known attack or the suspicious behavior is introduced into the false WEB server, and an attacker enters the false environment and then executes a subsequent attack action in the false environment until the attack is finished, so that multiple attempt attacks of the attacker are effectively defended, and meanwhile, the method has a relatively good defending capability on an unknown WEB attack. Besides, by continuously observing attack behaviors in a false environment, WEB attack features can be automatically extracted, attack detection rules are dynamically and adaptively adjusted, and the dynamic adaptive capacity of a defense system is improved.

The invention provides an unknown loophole attack detection method, device, equipment and storage medium. The method comprises the following steps: performing attack detection on traffic readying to enter a main server; acquiring attack source feature information when detection the attack; and then acquiring attacker traffic in the traffic readying to enter the main server according to the attacksource feature information, and distributing the attacker traffic to a honey pot server; monitoring the honey pot server in real time to acquire abnormal behavior information, wherein the abnormal behavior information is used for comparing with the real-time behavior information when the main server is in operation, thereby performing unknown loophole attack detection. Through the method providedby the invention, the attacker cannot or is hard to sense the existence of the safety protection system, the attack difficulty is greatly increased, the attack successful time is delayed, and the attack from unknown loop on the system can be effectively detected, the attacked system can be effectively detected without artificial participation, and the response time is fast.

The invention discloses a chain structure design method with a Turing complete intelligent contract block chain, the following technologies are introduced to enhance the underlying architecture of thechain, and the chain structure design method comprises the following steps: a consensus mechanism, phased evolution of consensus, a POW consensus part of MANNET1. X version, a POS consensus part of MANNET1. X version, an expansion mechanism, a virtual machine and anti-quantum calculation. The invention has the advantages of safety, reliability, high stability, high operation speed and the like.

The invention relates to a method for realizing block cipher multiple S-boxes for resisting differential power attack. Firstly a plurality of parallel S-boxes are converted for obtaining 4*4 S-box replacements. Furthermore the 4*4 S-box replacements are numbered. Then block cipher multiple S-box random input technology is performed on all 4*4 S-boxes so that an attacker who performs the differential power attack cannot align a curve according to a related statistics differential method after obtaining a power consumption curve, and therefore the differential power attack fails, thereby improving safety in realizing a block cipher. Furthermore according to the method, only g(n) bits of random numbers are utilized and the random numbers are greatly reduced than that in other mask solutions. Attack difficulty in data processing of the differential power attack is greatly increased. In a speed aspect, because the original parallel S-boxes are converted to a multidimensional serial reusable S-box frame according to the method, a streamline method can be used, thereby reducing speed by 30% than an original solution.

The invention relates to the field of smart home and discloses a control system and a control method for a door lock. In one embodiment, the control system includes: an electronic door lock, an automatic regulation device and a terminal. The terminal is communicatively connected to the electronic door lock which is then communicatively connected to the automatic regulation device. The terminal sends control information to the electronic door lock; the electronic door lock, when receiving the control information from the terminal, is unlocked and sends an unlock signal to the automatic regulation device; one end of the automatic regulation device is fixed on a door frame while the other end is fixed on a door, so that when receiving the unlock signal from the electronic door lock, the automatic regulation device controls the opening degree of the door within a preset angle being less than 30 degrees. By means of the system and the method, a courier can place an express parcel into home, so that a problem of second delivery is avoided; the system and the method also can prevent the courier from entering home, thus achieving high portability and security.