Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Honeynet-based risk prewarning system and method in information production environment

A technology for production environment and risk warning, applied in transmission systems, electrical components, etc.

Active Publication Date: 2013-01-16
STATE GRID CORP OF CHINA +1
View PDF4 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If honeynet related functions are disabled, it will pose a risk. The reason for this is that hackers can disable data control / data collection functions without the administrator's knowledge. Once disabled, hackers can continue to forge data to make administrators think Still running functions such as data acquisition

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Honeynet-based risk prewarning system and method in information production environment
  • Honeynet-based risk prewarning system and method in information production environment
  • Honeynet-based risk prewarning system and method in information production environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0116] The present invention can be carried out in two stages. Traffic detectability between Phase 1 is primarily based on Type I and Type II errors (eg, network traffic). The second stage is to determine the alarm time. It is well known that anomaly-based detection methods tend to have a high false positive rate.

[0117] Measuring the time and accuracy of detection can help users determine a suitable honeynet. There are two important factors in this, the certainty of the current active network and the timeliness of the warning. figure 2 and 3 Shows the interactions between these modules and the associated data flow. The data stream of tcpdump may be fed into three modules, which are used to detect signatures, anomalies and traffic. The warning results output by it can be submitted for audit by the reaction module.

[0118] like Figure 7 As shown, a back-to-back Cisco PIX515E firewall is currently running in a production network environment, and the network is set in...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a honeynet-based risk prewarning system and a honeynet-based risk prewarning method in an information production environment. The system is provided with a network analyzer at least. When a honey pot is attacked, the honey pot can remind a client which is attacked by the honey pot so that the client can take appropriate measures. In addition, the attacked honey pot can also remind other honeynets of attacks. The communication aims to remind the client which receives the same or similar attacks. More importantly, in appropriate situations, the alarm can early warn other clients to take the appropriate measures to prevent the attacks and circulate in the same way; and through an intelligent analysis technology, a report form generated after the client takes and executes the appropriate measures to a manager for viewing. Because the system belongs to a modularized system, the system is updated or expanded easily, and the distributed design advantages can be realized.

Description

technical field [0001] The invention relates to the technical field of computer network security, in particular to a honeynet-based risk early warning system and method in an information production environment. Background technique [0002] At present, with the development of Internet technology, network scanning, the spread of worms and virus codes, and malicious attacks by hackers have become dangers that every host on the network may encounter at any time. In response to the above-mentioned dangers, antivirus software and firewall technologies have been developed, but they are all passive. The proposal of honeypot and honeynet technology was formally produced in order to actively attack and study these security threats on the network. [0003] Honeynet is a new concept gradually developed in honeypot technology, and it can also become a trapping network. A honeynet usually contains one or more honeypots, and honeypot technology is essentially a research-type high-intera...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
Inventor 任天成刘新井俊双马雷孟瑜
Owner STATE GRID CORP OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products