30results about How to "Prevent spoofing attacks" patented technology

The invention discloses a method and a system for preventing an address spoofing attack by NS reverse query, belongs to the technical field of prevention of ND address spoofing, and solves the problems that the prior art is not suitable for complex networks and the number of hosts is huge. The method for preventing address spoofing attacks through NS reverse query comprises the following steps ofacquiring an NS request message sent by a PC to generate neighbor table entries; obtaining an NS request message incoming interface, packaging an NS request message, sending the packaged NS request message as an NS reverse query request message to a PC, and recording a mark of the sent NS sending request message in the neighbor table entry; and carrying out aging processing on the corresponding neighbor table entry, and determining whether to forward a service message corresponding to the IP address of the neighbor table entry according to whether an NA response message corresponding to the NSreverse query request message is received or not. Under the condition of not being limited by the network environment and the number of hosts, the ND address spoofing attack in the network environment is effectively prevented.

The invention relates to a network security method based on a wireless firewall. In the method, the wireless firewall acts on an MAC (Media Access Control) layer of OSI (Open System Interconnection) and comprises an intrusion detection and prevention module, a first frame hook and a second frame hook, wherein, the intrusion detection and prevention module is positioned in a user space of a system; the first frame hook is connected with a kernel space and the user space of the operating system, one end of the first frame hook is arranged in a wireless LAN (local area network) card driver in the kernel space of the operating system, the other end of the first frame hook is arranged in the user space and is connected with the intrusion detection and prevention module, the first frame hook transfers a frame received by the wireless LAN card driver to the intrusion detection and prevention module, and then the frame is sent back to the driver through the frame hook or is deleted after being processed by the module; and one end of the second frame hook is arranged in the wireless LAN card driver in the kernel space of the operating system, and the other end of the second frame hook is arranged in the user space and is connected with a frame encapsulation module. By adopting the network security method, the hacker attack resistance can be strengthened and the availability of the wireless network is improved.

The invention provides a method and a device for media access control forced forwarding of an address resolution protocol (ARP) message. The method specifically includes that when an ARP request message is not an ARP message of a request gateway or a server, a sending end media access control (MAC) of the ARP request message is transformed to be a gateway MAC, and the ARP request message is sent in a broadcast mode; entries of a session table are established, and information of the ARP request message is recorded in the entries of the session table; and a sending end internet protocol (IP) and a target IP of an ARP response message are matched with a target IP and a sending end IP in the entries of the session table, when the matching result is successful and the ARP response message is not an ARP message of a response gateway or a server, a sending end MAC of the ARP response message is transformed to be a gateway MAC and a target MAC of the ARP response message is transformed to be a sending end MAC in the entries of the session table which is successfully matched, and the ARP response message is sent in an unicast mode. By means of the method and the device, IP address conflict in the network can be accurately and effectively detected.

The invention discloses a method and a device for verifying the integrity of security critical data of a program in the process of running. The method comprises the following steps: 1) indicating a security critical variable in the program, generating a security critical data set in the process of compiling, dividing a virtual address space of the program into a protected area and a non-protected area in the process of loading the program, loading the security critical data set to the protected area, and constructing an integrity verification tree for a virtual page of the protected area of the program; and 2) in the process of writing program data into a memory, updating a root verification value; and in the process of reading program data from the memory, generating a new root verification value, comparing the new root verification value with the original root verification value, if the two are equal, determining that the security critical data set is not tampered, otherwise, determining that the security critical data set is tampered. The device comprises a data integrity verification circuit, a root verification value storage module and a comparator. The method and the device disclosed by the invention have the advantages of high safety performance, strong attack prevention performance, small calculated amount, and less occupied storage space.

The invention belongs to the field of information security, and is specifically a blockchain-based transparent data integrity audit and transparent encrypted data deduplication method; the scheme of the invention includes four modules: initialization parameters, acquisition of encryption keys, two-way Usability inspection, transparent integrity audit and transparent deduplication. Compared with the existing scheme, the present invention can resist biased audit and delayed audit of the cloud server, and can avoid the cloud server claiming the wrong deduplication level to charge additional fees; the present invention can prevent single point failure attacks and exhaustive attacks, It can provide a two-way ownership certificate between the user and the cloud server; the present invention implements a safe and effective protocol based on the block chain, and can realize transparent data integrity audit and transparent data deduplication at the same time.

The invention provides an early warning method and device for an address resolution protocol (ARP) table entry spoofing attack in a local area network, and belongs to the technical field of network communication. The early warning problem of the ARP table entry spoofing attack in the local area network is solved. The technical points are as follows: S1. monitoring network data; S2. confirming thecredibility of an ARP message; S2.1. when the ARP message is not credible, performing early warning judgment on ARP table entry spoofing; and S2.2. when the ARP message is credible, performing analysis on an ARP message table entry to judge the ARP table entry spoofing. The early warning method and device have the beneficial effects that the ARP table entry spoofing attack can be prevented.

The invention relates to an operational application technology combining short message transmission and computer database, in particular to a method for protecting the security of an account. The method is characterized in that: user login and server verification are required to be performed twice respectively, and passwords for the user login of each time are both dynamic passwords; in the login of the first time, the dynamic password A and the user account are input, and the dynamic password A becomes invalid instantly when the dynamic password A and the user account pass the verification; a dynamic identification code is displayed in a login interface in which the dynamic password A and the user account pass the verification; the user is required to compare the dynamic identification code in the login interface with the dynamic identification code in a received mobile phone short message, and then enters the login step of inputting the dynamic password B and a static password after confirming the two groups of dynamic identification codes are completely the same; and after the successful login of the user, the dynamic identification code and the dynamic password B become invalid instantly. By the method provided by the invention, attacks of account stealing Trojans can be effectively prevented, the phishing attacks of phishing sites to the users can be prevented, and the method is simple and intuitive for the user to operate and easy to master.