32results about How to "Reduce the probability of being attacked" patented technology

The invention discloses a domestic TCM based dynamic measurement method. Paging measurement is performed on a program sector of a process through a TCM safe module; a kernel module instantly warns a user and pauses program execution when measurement is abnormal; the user makes a his own selection if program execution is resorted or stopped according to warning information. Compared with the prior art, the domestic TCM based dynamic measurement method can effectively improve the safe performance of a file, decrease the probability that the file is attacked, monitors a personal terminal in real time, decrease safety risk, is high in practicability, and is easy to promote.

The invention discloses a DNP3 protocol fuzzy testing method based on a sequence generation confrontation network, comprising the steps of: 1. constructing a DNP3 protocol sample database; 2. preprocessing the DNP3 protocol sample data; 3. mutating the preprocessed DNP3 protocol sample data; 4. Generate primary test cases; 5. Test case similarity comparison to remove redundancy; 6. Seed test case variation; 7. DNP3 protocol fuzz testing; 8. Vulnerability verification; 9. Abnormal test case debugging and monitoring. The invention utilizes the sequence generation confrontation network to generate test cases with a high pass rate; reduces the redundancy of test cases through a screening algorithm using the similarity of use cases as an index; introduces a random mutation strategy to mutate test cases, and improves the diversity of test cases and the probability of loophole discovery ; By analyzing the stack frame information of the program when the vulnerability occurs, find and record the cause of the vulnerability, thereby reducing the probability of the industrial control system being attacked and improving the security of the industrial control system.

The present invention provides a security management method and system for centralized network data, which defines designated network resources as physical security layer, network intermediate security layer, service security layer and main control node, and defines the protection system as physical security layer, network The four parts of the middle security layer, the business security layer and the main control node realize the one-to-one correspondence between the composition of the protection system and the specified network layer. Not only can the security layer be dynamically adjusted in real time according to the state of the physical device, but also the size of the attribute domain can be dynamically adjusted to avoid excessive concentration of physical devices and reduce the probability of being attacked. The technical means of attribute encryption is introduced to encrypt the transmitted data to better protect the business data of different users.

The present invention provides a method and system for managing network nodes in an Internet of Things environment, defining designated network resources and systems as five parts: a first-level node layer, a second-level node layer, a network transmission layer, a business layer, and a master control node, and Using two-level network management, it is easy to expand to multi-level management, saving a lot of node addresses. Not only can the security layer be dynamically adjusted in real time according to the status of the first-level nodes, but also the size of the attribute domain can be dynamically adjusted to avoid excessive concentration of the second-level nodes and reduce the probability of being attacked. The technical means of attribute encryption is introduced to encrypt the transmitted data to better protect the business data of different users.

The present invention relates to an information distribution method of mobile terminal; in the process of mutual authentication between a mobile terminal and a network server, the mobile terminal sends the relevant information code of the mobile terminal to an authentication server; after the authentication succeeds, a session key is established; the authentication server sends the relevant information code of the mobile terminal to the network server; according to the relevant information code of the mobile terminal, the network server completes the operation of information distribution and returns operating results to the authentication server; the authentication server informs the mobile terminal of the authentication and the information distribution results. With the method of the present invention, the information distribution is embedded to the AKA process, reduces the communication cost and can reduce omissions and errors of information distribution by the network server as possible; the present invention can use the session key consulted in the authentication process to encrypt distributed information and reduces the probability of being attacked. The key consulted in theAKA process has safe protection on data distribution and improves the safe performance.