Method for controlling data in active defense system of Honeynet

A technology of active defense and data control, applied in the field of information security, which can solve the problems of helplessness in intelligent identification

Inactive Publication Date: 2009-10-14
WUXI ZHIGAOZHI TECH
View PDF0 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Existing honeynet technology cannot detect unknown or concealed attacks that deliberately slow down the attack rate in order to bypass the control of the firewall, and it is also helpless to intelligently identify slow attack behaviors, which may mistake malicious data carefully constructed by hackers let go

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for controlling data in active defense system of Honeynet

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017] The present invention will be further described below in conjunction with drawings and embodiments.

[0018] The present invention aims to provide a data control method in an advanced honeynet defense system, using a multi-round detection mechanism in the honeynet system framework to improve the data control and attack behavior feature classification technology; to solve the problems that plague the honeynet work efficiency Key issues of data control.

[0019] The present invention controls in a targeted manner by analyzing the differences among various attack behavior modes, so that the high-efficiency honeynet defense system can classify and identify the slow attack data flow. The traditional honeynet is not intelligent enough to deliberately slow down the attack rate in order to bypass the unknown attack behavior controlled by the firewall, and it is also helpless to intelligently distinguish the hidden attack behavior. The invention introduces a multi-round detecti...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for controlling data in the active defense system of Honeynet by keeping the counting statistics for failed connections, wherein, every IP source address is provided with a counting statistic on the record thereof kept by a short-term counter: if the counting value of the short-term counter exceeds the threshold, that the worm abnormal behavior is detected is determined and the data packets sent from the IP source address are controlled, but if not, the multi-round detection mechanism is triggered and the record of the IP source address is kept in a long-term detection list; and if the timeout happens to a long-term counter, and the counting value thereof exceeds the threshold, that the worm abnormal behavior is detected is determined and the data packets are controlled, and if not, that the data packets are normal and can be released is determined. The method has the advantages that unknown or stealth aggressive behaviors which intentionally slow down the rate of the aggressive behaviors to bypass the control of firewalls, as well as low-rate aggressive behaviors can be identified, particularly, the novel aggressive behavior pattern invented by hackers can be analyzed and identified.

Description

technical field [0001] The invention relates to a data control method in a honeynet active defense system, belonging to the technical field of information security. Background technique [0002] With the popularization and promotion of network information construction, security issues have gradually become a research focus and hot spot in the field of network technology. As an active network defense technology, the honeynet system tricks hackers into attacking virtual systems and conducts comprehensive and in-depth tracking and analysis of hacker attacks and malware activities to achieve the purpose of protecting hosts. [0003] my country discovered the first computer crime in 1986. By 1990, 130 cases were discovered and cracked, and 1,200 cases were discovered in 1993-1994. According to the 2008 National Information Network Security Status and Computer Virus Epidemic Investigation Report of the Ministry of Public Security, the proportion of information network security i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 扬雄朱宇光祝明段涛
Owner WUXI ZHIGAOZHI TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap