32results about How to "Reduce the probability of being attacked" patented technology

The embodiment of the invention discloses a smart community management system for an edge computing server on the Internet of things, The smart community management system comprises: a perceptual layer, an operations layer, a platform layer, and an application layer; the sensing layer is comprised of a plurality of intelligent hardware, the sensing layer uploads the data of the intelligent hardware to the operation layer through the network layer, The edge computing server in the operation layer processes the data, the platform layer is a smart community cloud platform, the operation layer isconnected with the platform layer through the multicast technology, the application layer is an interactive entrance of the smart community cloud platform, and the application layer comprises a plurality of application modules to realize different interactive control. The invention solves the problems of low intelligence degree and low safety coefficient of the existing community management system.

An Android malicious application detection method based on a dual-channel convolutional neural network is provided. The method includes obtaining an installation package file; decompiling the installation package files; constructing an opcode sequence; construct an instruction function sequence; carrying out vectorization processing on the features of the operation code sequence and the instruction function sequence; training a convolutional neural network; testing the convolutional neural network; evaluating the malicious application detection model; detecting an application to be detected, etc. Compared with the traditional detection model, the malicious application detection model generated by the method provided by the invention has higher classification accuracy and recall rate, and reduces the probability of the Android system being attacked due to missing detection.

The invention discloses a double-layer grouping Byzantine fault-tolerant consensus method and system. The method comprises the following steps: S1, determining node groups; S2, for each group of nodes, selecting a part of nodes from the nodes as committee nodes, forming committee of the group, taking the remaining nodes except the committee nodes as common nodes, and selecting a main node of each group from the committee nodes; S3, building a block chain network; S4, if a certain group of committee receives a proposal request, the main node of the group generating a block according to the proposal request and sending the block to other committee nodes of the group for a first round of consensus, and if the first round of consensus passes, generating an initial block and sending the initial block to the common node of each group; and S5, performing a second round of consensus on the initial block by the common node of each group, and if the second round of consensus is passed, chaining the initial block and storing the initial block in a local account book. According to the method, a double-layer grouping consensus structure is adopted, and the system robustness is improved on the premise that low communication complexity is guaranteed.

The invention discloses a mobile CA node electing method based on an MD5 hash information abstract. The method includes the steps that MD5 hash information abstract calculation is performed on certificate demand files generated by applied nodes, and demand data are obtained; each node of all the nodes is elected as a CA node according to integer data and the received demand data, wherein the integer data are obtained after data composed of the generated random number, the IP address and the MAC address are calculated through the MD5 hash information abstract; due to the fact that the key factor for determining the CA node lies in the certificate demand files generated by the applied nodes and the random number generated by the node in the Ad-hoc network, for the same applied node, a CA node electing result obtained each time differs from other results, and for the different applied nodes, the CA node electing results are different. Thus, the CA nodes are effectively prevented from providing a certificate service for a long time and the energy consumption of the CA nodes is reduced. Meanwhile, the probability of attacking the CA nodes is greatly reduced.

The invention relates to a data verification method and device based on a DAG block chain, computer equipment and a storage medium. The method comprises the following steps of: obtaining a resource transfer parameter of each node in the DAG block chain; according to resource transfer parameters, selecting a target node, sending a transaction selection message to the target node, enabling the target node to select two unverified transactions and publish a random character string; and when it is detected that a hash value obtained by continuous hash operation of the target node based on the random character string and a workload proof mechanism is smaller than or equal to a preset threshold, judging that the target node passes verification. According to the method, a target node is used forreplacing a coordinator node in a DAG block chain to realize decentralization; through the competition mode, the verification of the transaction is no longer limited to the coordinator node, the efficiency of transaction verification is improved, the probability that the DAG network is attacked is greatly reduced, and the data security of the network is improved.

The embodiment of the invention discloses a method, device and electronic equipment for protecting target application, and relates to the information security technology, wherein the probability of application attack can be reduced, and the application security is improved. The method comprises the following steps: when the pre-input hook function monitors that a file system opening routine function is called, hooking the file system opening routine function using the hook function; calling a progress path acquisition function, and acquiring the operation progress path name calling the file system opening routine function; and if the acquired operation progress path name is the same as any debugger progress path name in a preset debugger progress path name library, rejecting the calling of the file system opening routine function. The method, device and electronic equipment are applicable to the anti-debugging protection of application.

The invention discloses a honeypot protection system, which uses a simulation node to simulate a real node in a protected network, and the simulation node is configured with all idle IP addresses in the protected network, so that the simulation node can be accessed externally as the real node in the protected network. Under the condition, if an attacker accesses the protected network, the attacker does not only access the real node in the protected network but possibly accesses the simulation node, but the simulation node does not run the actual network service, so that the probability that the protected network is attacked is reduced, and the probability that the real server is attacked is also reduced. Meanwhile, the honeypot group can capture the flow data of the access simulation node and the protected network, so that the attack information can be captured by the honeypot, and the network safety is protected and improved.

According to the method and system for managing network nodes in an Internet of Things environment, specified network resources and system are defined as a first-level node layer, a second-level nodelayer, a network transmission layer, a service layer and a main control node, a two-level network management mode is adopted, multi-level management can be easily expanded, and a large number of nodeaddresses are saved. Not only can the security hierarchy be dynamically adjusted in real time according to the state of the primary node, but also the size of the attribute domain can be dynamically adjusted, the secondary node is prevented from being excessively concentrated, and the attacked probability is reduced. A technical means of attribute encryption is introduced to perform attribute encryption on the transmission data, so that the service data of different users can be better protected.

The invention provides an industrial internet intrusion detection and defense method and device, and relates to the technical field of network security detection and defense. The industrial internet intrusion detection and defense method comprises the following steps: after a client sends a service request, the service request is detected through a router, the service request is directly rejected when the detection is not passed, and when the detection is passed, a camera authority of the client is requested to identify the face of an operator of the client to verify the identity; and when the verification is not passed, the service request is rejected. By increasing operation frequency verification, the frequency of face verification, iris authentication and IP address can be effectively reduced, the operation frequency of an operator can be well limited, the operator is prevented from carrying out operation without limitation, impact on a network can be relieved to a certain degree, the probability that the network is attacked can be reduced, the intensity that the network is attacked can be relieved, normal operation of the network is further ensured, and meanwhile the defects in the prior art can be overcome.

The invention discloses a voting method based on a P2P network. The voting method comprises the following core characteristics: a broadcasting method for saving network bandwidth; controlling the network voting concurrency; a multi-order verification/confirmation method which can reduce the attacked probability to be close to zero; and performing quantitative immunization against attacks. According to the method, several technical difficulties, such as network bandwidth occupation, network voting concurrency control and quantitative immunity of attack defense, which hinder the P2P network voting system from being put into use are solved.

The invention belongs to the technical field of unmanned aerial vehicle control, and particularly relates to an attack batch division method in a complex environment. The method comprises the following steps: S1, acquiring each target position numbered according to importance degree; S2, according to the current aerial carrier situation and weapon tail end constraint conditions, calculating a single-target launching area; S3, calculating an attack area corresponding to the current situation downloader; S4, taking the target with the highest current importance level as a basic target, and traversing and moving the attack area in a plane where the target is located; S5, selecting a result containing the most targets, and outputting a target number; S6, performing multi-target release area intersection solution on the release areas corresponding to the solved target numbers to obtain a first multi-target release area; and S7, removing the targets in the step S5, repeating the steps S4 to S6, and obtaining other multi-target delivery areas. According to the invention, the cabin door opening time is shortened, and the radar reflection area increasing time is shortened, so that the attacked probability is reduced.

The invention discloses a file security detection method and device and electronic equipment, and is used for solving the problem that the security of files cannot be rapidly detected in batches in the prior art. The method comprises the steps that a security detection server acquires multiple groups of log data and multiple groups of rule data from a log acquisition database; the security detection server associates the multiple groups of log data with the multiple groups of rule data to obtain multiple groups of to-be-detected data, and one group of to-be-detected data comprises one group oflog data and one group of rule data; and the security detection server performs security detection operation on multiple groups of log data in the multiple groups of to-be-detected data based on multiple groups of rule data in the multiple groups of to-be-detected data, so as to determine the security of multiple files corresponding to the multiple groups of log data.