Active trapping method based on behavior capturing

A behavioral and trapping technology, applied in electrical components, transmission systems, platform integrity maintenance, etc., can solve problems such as lack of pertinence, incomplete data, and unknown attacks cannot provide effective protection, so as to improve the level of network security, The effect of preventing malicious code intrusion

Inactive Publication Date: 2014-02-12
江苏中科慧创信息安全技术有限公司
View PDF3 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Although the honeypot technology can make up for the deficiencies of the original passive security defense with the cooperation of network firewalls, intrusion detection systems and other security me

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Active trapping method based on behavior capturing
  • Active trapping method based on behavior capturing

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] The embodiment of the present invention provides a method and system for active trapping based on behavior capture to solve the defects of the data capture technology adopted by the existing honeypot system, and is mainly used for PC terminals, servers, and workstations on the network to actively, efficiently, System-level security defense.

[0024] In order to make the object, technical solution, and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings and examples.

[0025] Some malicious behaviors defended by the present invention include: process creation, thread creation, file operation, network operation, registry operation, stack operation, thread injection, advanced persistent threat attack (APT attack), and user account operation, etc. There are three main ways to obtain program behavior through hook technology, intercepting the system service distribution table ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention brings forward an active trapping method based on behavior capturing. A trapping system is established in a formulated network area. The active trapping method comprises the following three links: (1) an active trapping system is established in an advance defense of a network defense system, and an active trapping engine technology is adopted; an active trapping engine, target cheating, attack capturing, attack control, attack analysis and characteristic extracting are established in multiple systems included by a computer; (2) a dynamic depth target cheating attack behavior is utilized to trap a real attack objective of an attacker; (3) and the active trapping system makes the attacker be sure of the attack target according to the aforementioned judgment results so that the real attack objective of the attacker is trapped. According to the active trapping method based on behavior capturing, known and unknown attack behaviors can be captured, the security state of the whole network is mastered and the network security level is enhanced.

Description

technical field [0001] The invention specifically relates to an active trapping method based on behavior capture, which is used for active, efficient and system-level security defense on PC terminals, servers and workstations on the network. [0002] Background technique [0003] Nowadays, with the wide application of network technology, network attack incidents emerge in an endless stream, and network security has become the focus of today's research hotspots and social concerns. Existing network security technologies with firewalls and intrusion detection systems (IDS) as the core defense technologies usually lag behind. in a variety of attack techniques. As a new network security technology, honeypot technology has gradually attracted people's attention. It adopts a proactive approach, attracts attackers with its unique features, and at the same time analyzes various attack behaviors of attackers and finds effective countermeasures. [0004] Data capture technology is ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06F21/56
Inventor 赵象元
Owner 江苏中科慧创信息安全技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap