Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Multi-layer honey network data transmission method and system

A data transmission method and a technology of a data transmission system, which are applied in digital transmission systems, transmission systems, network connections, etc., can solve the problems that the honeypot system cannot capture attack information, the resource utilization rate of the honeypot system is low, and resource waste is achieved. Avoid identified risks, improve resource utilization efficiency, and improve the effectiveness of protection

Inactive Publication Date: 2007-12-12
PEKING UNIV
View PDF0 Cites 89 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] Such a technical solution has the following two problems: first, the resource utilization rate of the honeypot system is low, and the highly interactive physical honeypot system and virtual machine honeypot system resources are often wasted on simple scanning and simple worm attacks; second, after discovering a honeypot system host, the attacker can easily identify whether the attack on the real target system is successful and take evasive measures
At present, attackers mainly identify the honeypot system from two aspects: the network and the system. The most important method is to check the hardware and system information of the attacked host to determine whether it is a virtual host. If it is a virtual host, it is a honeypot risk. After discovering these traces, the attacker is likely to give up the attack or eliminate the attack traces, and may even set the network address of the attacked host into the attack blacklist, so that the honeypot system cannot capture the attack information. Tank identification technology: Thorsten Hol, Frederic Raynal, "Detecting Honeypots and other suspicious environments", Proceedings of the2005 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, NY

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multi-layer honey network data transmission method and system
  • Multi-layer honey network data transmission method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0057] The present invention provides a method for multi-level analysis and processing of data streams sent to service hosts or internal networks. When the method analyzes network data streams arriving at a layered processing gateway:

[0058] 1. First, analyze and match the data flowing through the gateway according to the rules defined by the user. If the match is appropriate, the processing method of the data flow is determined according to the rules defined by the user;

[0059] 2. For the data flow that is not clearly defined by the user, it will be analyzed and processed by the network intrusion detection system to determine whether it is normal business data. For normal business data, the data is allowed to pass through the honeynet gateway;

[0060] 3. For the data of abnormal business data flow, redirect the data to honeypot systems with different deployment methods according to the threat level of the data.

[0061] 4. For the attack data flow entering the virtual h...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to multilayer honey-net data transmission method and system, and the gateway of honey-net receives the data flow of external network; the gateway of honey-net detects the network intrusion for the received data flow; the normal data flow can pass, which is sent to the target host computer; and the informal data flow is divide into high, middle and low according to dangerous level; and the data flow with high level is sent to physical honey-tank system, the data flow with middle level is sent to virtual machine honey-tank system, and the data floe with low level is sent to virtual honey-tank system. The invention can utilize the advantages of low interactive honey-tank system and high interactive honey-tank system, save system source, and improve the covering area of honey-tank system and the ability of obtaining the movable information of network attack and capturing the malice code; it can defeat the anti-honey tank technique. And it can be used in security field of computer network.

Description

technical field [0001] The invention belongs to the technical field of computer network security, and in particular relates to a data transmission method utilizing a multi-level honeynet and a multi-level honeynet data transmission system. Background technique [0002] With the development of Internet technology, network scanning, the spread of worms and virus codes, and malicious attacks by hackers are dangers that every host on the network may face at any time. Among them, most of the network attack activities are automatically completed by attack tools or malicious code spreading around. In addition, attack scripts and tools have become easy to obtain and use, that is to say, random attacks without high interaction requirements. The proportions of network scanning, system attack activities with high interaction requirements, and attack activities that identify honeypot system threats in all attack activities decrease rapidly in turn. [0003] The proposal of honeypot and...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/36H04L12/66
Inventor 韦韬梁知音韩心慧诸葛建伟邹维叶志远游红宇
Owner PEKING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com