Safety detecting method and system of network data flow

A data flow, network technology, used in network connections, transmission systems, electrical components, etc.

Inactive Publication Date: 2008-02-06
PEKING UNIV
View PDF0 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] 3. Prohibit certain internal hosts from accessing the external network
[0019] That is to say, there is no satisfactory method that can solve the above-mentioned deficiencies in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Safety detecting method and system of network data flow
  • Safety detecting method and system of network data flow

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] The present invention will be described in detail below in conjunction with preferred embodiments with reference to the accompanying drawings of the present invention.

[0044] As shown in Figure 1, it is a schematic diagram of the gateway connecting the external network, the internal network host and the honeypot system. In this implementation, the gateway uses a computer system with three network cards, which are respectively connected to the external network, the internal network host, and the honeypot system.

[0045] As shown in FIG. 2, it represents a flow chart of the method of the present invention.

[0046] (1) The gateway judges that a certain data flow may be dangerous according to the following methods:

[0047] A. The characteristics of a certain data flow conform to the gateway’s dangerous data flow matching rules;

[0048] B. One end of the data flow is on the blacklist, or the data flow accesses restricted internal host resources;

[0049] C. One end ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a safety inspecting method and the system pf a network data flow; wherein, the gateway of the system inspects the data floe of the network according to the configured rule and repositions the specified dangerous data flow into a honeypot system so as to prevent the data flow reaching target host computer. The honeypot system accepts the data flow and simulates the host computer of the data flow as well as exchanges with the original host computer of the data flow. Then the honeypot system makes records on the exchanging process, and makes judgements on whether the data flow has danger or not as well as restores the judged results to the gateway, which processes the data flow as per the specified processing rule according to the judged results of the honeypot system. The invention can carry out overall inspection based on actions, inspect and block illegal contents or dangerous data and detect unfound and unregistered new attacks. Therefore, the invention can extensively be applied in the technical field of safety on the computer network.

Description

technical field [0001] The invention belongs to the technical field of computer network security, and relates to a security detection method of network data flow and a security detection system of network data flow. Background technique [0002] An internal network with multiple hosts is often connected to the Internet through a gateway. On the gateway, security checks are usually performed on the incoming and outgoing data streams to prevent the internal network from being attacked by malicious people on the Internet, or prevent the internal network from being attacked by malicious people on the Internet. Infected hosts attack other hosts on the Internet. [0003] Such a gateway usually judges whether the data flow is safe or not according to the configured security rules when performing security checks on the data flow. Usually, security rules similar to the following can be configured: [0004] 1. Prohibit external hosts from accessing undisclosed internal hosts. [000...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/66
Inventor 龚晓锐朴爱花
Owner PEKING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap