Advanced persistent threat trapping system and method

An advanced, trapping technology, applied in transmission systems, electrical components, etc., can solve the problems that attackers cannot detect, cannot fully capture unknown programs, and have high costs, and achieve the effect of easy analysis and forensics

Inactive Publication Date: 2015-10-14
HARBIN ANTIY TECH
View PDF4 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The current main method of countering advanced persistent threat attacks is to automatically analyze and determine unknown malicious code, and assume that the source of capture is on key servers and gateways, but the problem is that unknown programs cannot be fully capt

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Advanced persistent threat trapping system and method
  • Advanced persistent threat trapping system and method

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0033] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned objectives, features and advantages of the present invention more obvious and understandable, the technical solutions of the present invention will be further detailed in conjunction with the accompanying drawings. Description.

[0034] The present invention provides an advanced sustainable threat trapping system and method, which can solve the above-mentioned problems. Through the present invention, unknown malicious program attacks can be actively induced, and the attack process can be monitored and recorded, which is convenient for forensics and analysis. , And can share the security threats to normal business systems.

[0035] An advanced sustainable threat trapping system, such as figure 1 Shown, including:

[0036] The application honeypot 101 is used to establish an application honeypot of the same server ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an advanced persistent threat trapping system and method. The system comprises an application-type honeypot, an application data capture module and an application client proxy module. According to the system provided by the invention, the application data capture module is deployed in a switch, a security data filtering product or a background audit system, suspicious data or flows are directed to the application client proxy module, and the application client proxy module sends the data to the application-type honeypot. The application-type honeypot is close to a real service system server, and can effectively confuse attackers. Long-term availability of the application-type honeypot in the system facilitates the analysis and evidence discovery of advanced persistent threats, and the application-type honeypot can share the threats of the normal service server system at the same time.

Description

technical field [0001] The invention relates to the field of computer network security, in particular to an advanced sustainable threat trapping system and method. Background technique [0002] Advanced sustainable threats are based on traditional attack threats, further upgraded to targeted attacks, attacks that can be latent for a long time, and most of them threaten important units such as enterprises, governments, military or factories. The current main method of countering advanced persistent threat attacks is to automatically analyze and determine unknown malicious code, and assume that the source of capture is on key servers and gateways, but the problem is that unknown programs cannot be fully captured, and for Intranet attackers cannot be detected. In addition, due to the tracking and analysis of unknown programs in the actual business server, the cost is high and it is difficult to implement. Passively detect unknown malicious code, but cannot actively obtain sus...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1491
Inventor 王维肖新光
Owner HARBIN ANTIY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap