93results about How to "Reduce the risk of attack" patented technology

The invention provides a Docker implementing system and a communication method thereof. The Docker implementing system comprises a management VPC and a user VPC. Each VPC comprises a virtual routing device and a virtual machine. The management VPC comprises a VPC management module, a control node, a container database, and a configuration service discovery storage system. The virtual machine of the user VPC is provided with a local container management module, a proxy module, and containers. The containers are used for storing the application of a user. A safe tunnel is provided between the virtual routing device of the management VPC and the virtual routing device of the user VPC. The control node sends messages to the virtual machine of the user VPC via the safe tunnel between the virtual routing device of the management VPC and the virtual routing device of the user VPC. The virtual machine of the user VPC transmits the messages to the local container management module of the virtual machine of the user VPC. The Docker implementing system may reduce a risk that the application of the user is attacked by other users and improve system security.

The present invention relates to computer security technology, and is a client end computer security protecting mechanism established around the certificating server based on software identity certification. The present invention includes: 1. establishing security certificating database with the unique flag code as ID; 2. establishing certificating server for providing software security certificating function with the security certificating database as kernel; 3. establishing security policy for limiting the software running in the client end; 4. monitoring the client end computer and extracting the unique ID and submitting it to the certificating server before starting the executable file; 5. inquiring the security certificating database with the certificating server and feeding back the corresponding security information to the client end computer; and 6. the client end computer judging whether to execute the software. Compared with traditional antivirus method, the present invention has more wide protection.

The invention discloses a dynamically and smoothly expandable data acquisition system and method. The dynamically and smoothly expandable data acquisition system comprises a central data acquisition system and a data acquisition terminal, wherein the central data acquisition system comprises a gateway routing node, a data acquisition man aging node, data acquisition nodes, a security authenticating node, an acquired data storing node, a monitoring node, a time synchronizing service node, a security certificate storing node, a log managing node and a log storing node; the central data acquisition system communicates with the data acquisition terminal through a communication network; the data acquisition terminal transmits acquired device data to the data acquisition node, submits a data acquisition application form to the gateway routing node, acquires a node routing information form according to data fed back by the gateway routing node, and initiates a business report block transmission request to each data acquisition node for encrypted transmission of the data. According to the invention, the problems that the existing data acquisition system is high in expansion cost, poor in expansion capability and high in security risk under new application requirements are solved.

The invention relates to a bi-directional certification method for a certification server and a mesh network and a system thereof, belonging to the communication technical field; the certification server comprises a trust degree distribution module, a node state detecting module, a trust degree lowering/deprivation module and a trust degree management module, wherein the trust degree distributionmodule is used to determinate the security level of the node according to the received information of the node which requires to be certificated, and generates the trust degree time stamp after successful certification, and time stamp is sent to the node which requires to be certificated together with the signature algorithm mark after the signature; the node state detecting module is used to detect if nodes are attacked; the trust degree lowering/deprivation module is used to receive the break information or lower/deprive the trust degree of the node which is attacked; the rust degree management module is sued to store the user identity information of nodes in the Mesh network, which is successfully certificated, and the trust degree, the signatures and time stamps which are approved by the AS. The invention realizes that all nodes in the mesh network can choose correlation nodes based on the trust degree; moreover, the invention also realizes the bi-directional certification by verifying the trust degree signatures fed back from the correlation nodes at one time.

The invention discloses an unmanned aerial vehicle cluster air combat method based on a wolf roundup behavior. The method comprises the steps that first, an unmanned aerial vehicle cluster air combatis initialized; second, cluster air combat situation threat cost is constructed; third, an unmanned aerial vehicle cluster air combat encirclement topological structure is determined by use of wolf situation learning; fourth, the encirclement topological structure is mapped into a wolf roundup formation configuration; fifth, unmanned aerial vehicle formation encirclement control is performed basedon the wolf roundup configuration; and sixth, a cluster air combat formation control instruction is output. The method can support a dynamically-changing air combat environment, an attack rick of anunmanned aerial vehicle cluster is effectively lowered, and optimal overcome effectiveness is achieved; and meanwhile, the stability of an attack formation, the consistency of attack behaviors and a high target damage probability are guaranteed, and dynamic decision, consistency control and other difficulties in cluster control are overcome.

The invention discloses an identity authentication method for a Hadoop cluster. The method comprises the following steps: step one, a client sends a request to an authentication server to request for the ticket granting, the request is sent to the authentication server in a plaintext way, the request message comprises a user name, an authorization server name, a valid survival period, the first random number and a user located Kerberos field user information; step two, after receiving the request message of the client, the authentication server firstly finds a key of the user in a local database according to the user name, if the finding is successful, the authentication is continued. By adopting an authentication mode based on the PKI, the command of the user is unnecessary to save on the KDC, the risk point of the system is reduced, and the security of the Hadoop cluster identity authentication is greatly improved.

The invention relates to an industrial access control method. The method comprises the following steps: a virtual access control gateway receives a first request sent by a control station, wherein the first request is used for requesting to operate target control equipment or is used for requesting to access the target control equipment; after the first request is received, the virtual access control gateway authenticates the control station in accordance with an authorization strategy; if the authorization passes, the virtual access control gateway carries out authorization check operation in accordance with authorization rules; if the authorization check passes, the virtual access control gateway sends a second request to the target control equipment, wherein the second request is used for requesting to operate the target control equipment. The invention also relates to an industrial access control device and a virtual access control gateway. The method, the device and the equipment disclosed by the invention have the capability of reducing the risk of suffering network attack of an industrial control system, have no need to transform the traditional systems, and can be used for a heritage industrial control system.

The embodiment of the invention discloses a network security protection method, a device and storage medium. Various attacks can be effectively intercepted, and the risk that a business system is attacked is relieved. The method disclosed by the embodiment of the invention comprises the following steps: detecting network traffic entering a host, and determining whether an attack behavior is existent by querying an attack behavior feature base; if the attack behavior is existent, generating a virtual honeypot with a corresponding loophole according to the attack behavior, and importing the network traffic into the virtual honeypot; analyzing the network traffic in the virtual honeypot to acquire the attack feature of the novel attack behavior; writing the novel attack behavior containing the attack feature in the attack behavior feature base; if the network traffic is unreceived within the preset time, destroying the virtual honeypot.

The invention discloses a pseudo AP detection method based on an RSSI, and belongs to the field of wireless network safety. The method comprises the steps: obtaining the RSSI sequences of all current APs; selecting the effective RSSI sequence from the RSSI sequences; selecting a reference AP, corresponding to a target AP, from all current Aps; generating an effective RSSI fingerprint library according to the obtained reference AP through combining with the effective RSSI sequence, thereby obtaining the similarity of the reference AP with the reference AP in the effective RSSI fingerprint library; carrying out positioning according to the similarity; obtaining the first fingerprint data of the target AP at a virtual positioning place, obtaining a fingerprint difference between the first fingerprint data and second fingerprint data through combining with the actually obtained second fingerprint data at the target AP, and obtaining a pseudo AP detection result according to the similarity and the section where the fingerprint difference is located. The method can shorten the detection time in the prior art, improves the timeliness of detection, does not need the connection with a suspicious AP in a detection process, and reduces the risks of network attack.

A network video monitoring system includes a core-control module, a plurality of network video recording (NVR) hosts, and a plurality of cameras. The core-control module assigns the cameras to the NVR hosts respectively for controlling the camera by the NVR hosts according to status of each NVR host. In this application, the core-control module obtains the status of each NVR host periodicity for determining if the NVR hosts are over loading or failed, and re-assigns the cameras automatically for the overloaded or malfunctioned NVR hosts. The application rescues the NVR hosts from the over loading problem, and prevents the termination of the monitoring action of the cameras when one of the NVR host malfunctions.

Embodiments of the invention disclose a method and a system for forged mail detection for detecting and identifying forged mails and reducing the risk of e-mails being maliciously attacked. The method comprises: obtaining transmission protocol data of a target e-mail; identifying the identity information of a sender of the target e-mail from the transmission protocol data; and detecting whether the identity information of the sender is forged, and if there is a forgery, determining that the target e-mail is a forged mail.

The embodiment of the invention discloses a hardware trojan resistant integrated circuit design method and system. The hardware trojan resistant integrated circuit design method comprises the steps that internal nodes with integrated circuit conversion probability lower than a preset conversion probability threshold value form a first node set; the internal nodes having the lowest signal probability and smallest logic depth in the first node set are selected to form a second node set; according to the number of the internal nodes in the second node set, corresponding internal nods are selected to be inserted into a preset circuit, wherein the preset circuit comprises a one-from-two multiplexer and one scanning trigger; when the key path delay of an integrated circuit after preset circuit insertion is compared with the key path delay of an original integrated circuit, whether new internal nodes are needed for replacement and need to be inserted into the preset circuit or not is determined. After the corresponding internal nods are selected to be inserted into the preset circuit, the node conversion probability is improved, the activated probability is improved when hardware trojan selecting nodes are inserted, so that hardware trojans cannot find appropriate insertion nodes to be inserted into the integrated circuit, the risk that the integrated circuit is attached by hardware trojans is reduced.

The invention discloses an over-the-air (OTA) method and device with a risk control function and equipment. The method comprises the following steps: receiving an OTA service request; judging whether the OTA service request includes an authentication serial number, an operator server identifier, a timestamp and a service content package or not; if the received OTA service request includes the authentication serial number, the operator server identifier and the timestamp, transmitting the authentication serial number, the operator server identifier and the timestamp to an OTA gateway in order to compare with corresponding records of an authentication serial number, a specific operator server identifier and a timestamp which are allocated by the OTA gateway to authenticate the operator server identifier at the request of an operator server for authentication; and opening the service content package in response to an authentication pass message received from the OTA gateway in order to update locally-stored content according to content of the service content package. Through adoption of the OTA method and device with the risk control function and the equipment, the security of the OTA method is enhanced.

The invention discloses a multi-user security hard disk and a control method thereof, the multi-user security hard disk at least comprises an interface module, a hard disk controller and a storage unit, and the interface module is used for carrying out data communication with a host; the storage unit opens up a plurality of independent partitions for multi-user data storage; the hard disk controller is connected with the interface module and the storage unit, is used for controlling the work of the storage unit according to an instruction of the host, and at least comprises a user authentication unit and a partition management unit, and the user authentication unit is used for carrying out user information authentication and sending authentication result information to the partition management unit; and the partition management unit is used for managing the corresponding partition of the storage unit according to the authenticated user information, so that the hard disk controller canonly perform read-write operation on the partition. Compared with the prior art, the physical isolation of each user data storage area is realized through the bottom chip of the storage equipment, sothat the data security performance is greatly improved.

The invention discloses a router with infrared detection equipment. The router comprises a router main body and further comprises the infrared detection equipment, wherein the infrared detection equipment comprises a base, a connecting plate and an infrared sensor; the base is connected with the router main body; the bottom end of the connecting plate is connected with the base; and the infrared sensor is connected with the top of the connecting plate. The router with the infrared detection equipment disclosed by the invention has the advantages that: the infrared detection equipment is arranged and a power supply of the router is automatically switched off after a user leaves away for a period of time, so that the danger of attacking the router is greatly reduced; and meanwhile, when the user is close to the router, the power supply is automatically switched on, so that the use is very convenient.

The invention discloses a power distribution safety protection monitoring system, which comprises a power distribution master station and a plurality of substations. The power distribution master station is provided with a master processing module, a master check module and a master communication module. Each substation is provided with a slave processing module, a slave check module and a slave communication module. The master communication module is in communication connection with the slave communication modules; the master communication module and the slave communication modules are used for communication data two-way transmission; the master check module is connected with the master processing module and the master communication module, and is used for checking substation identity information in the communication data received by the master communication module, and after the check passes, the master processing module carries out processing on substation control information in the communication data; and the slave check modules are connected with the slave processing modules and the slave communication modules. The new power distribution safety protection monitoring system can improve power distribution safety protection in both-way communication.

The embodiment of the invention discloses a design method and system for an anti-hardware Trojan horse chip. The method comprises the following steps of: acquiring the conversion probability of internal nodes of an integrated circuit; forming a first node set by internal nodes, the conversion probability of which is smaller than a predetermined conversion probability threshold value; acquiring the minimal signal probability from the first node set and forming a second node set by the internal nodes, the logic depths of which are the smallest; and selecting corresponding internal nodes according to the quantity of the internal nodes in the second node set, and inserting the internal nodes into an and logic gate or an or logic gate. After the selected corresponding internal nodes are inserted into the and logic gate or the or logic gate, the conversion probability of corresponding nodes is increased, and the corresponding conversion probability of the whole integrated circuit is also increased, so that when the hardware Trojan horse selects nodes to insert, the probability that the hardware Trojan is activated is increased, so that the hardware Trojan horse cannot find proper insertion points to be inserted into the integrated circuit, and therefore, the risk that the integrated circuit is attached by the hardware Trojan horse is reduced.

The invention provides a medium/media access control (MAC) address conflict detection method, which comprises that: before accessing a network, local network equipment transmits a MAC address conflict detection request message to a destination multicast address, wherein the request message carries a current MAC address of the network equipment; destination network equipment receiving the request message extracts the MAC address from the message request, detects the MAC address, and when judging that the extracted MAC address is the same as own MAC address, transmits a MAC address conflict detection response message to a requesting multicast address; and the local network equipment receiving the response message generates a new MAC address. The invention also discloses a MAC address conflict detection device and a MAC address conflict detection system. By the method, the device and the system, the occurrence of MAC address conflicts can be effectively avoided, the network equipment can be ensured to access the network normally, normal network service can be provided for a user, and risks in network attacks can be reduced.

The present invention discloses an attack testing system of a precision time synchronization protocol (PTP) clock. The system comprises a PTP main clock connected with an interval timer and a PTP network switch; a bagging tester connected with the PTP network switch, the PTP network switch also being connected with a network damage device; the network damage device also connected with an under-test PTP slave clock; and the under-test PTP slave clock also connected with the interval timer, wherein the interval timer is used for receiving and calculating a difference value between pulses per second sent by the PTP main clock and pulses per second sent by the under-test PTP slave clock, and determining the anti-attack capability of the under-test PTP slave clock according to the difference value. Another attack testing system of a PTP clock and an attack testing method of the PTP clock are also provided. With adoption of the system and the method provided by the present invention, the anti-attack capability of the PTP clock can be tested and judged, the PTP clocks can be improved by researchers according to test results, and under attack risks are reduced.