Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network security defense system and network security defense method based on dynamic transformation

A dynamic transformation, network security technology, applied in the field of network security

Active Publication Date: 2016-06-29
北京卫达信息技术有限公司
View PDF8 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the static nature of the existing network topology information, attackers often have sufficient time to analyze the intranet architecture and network address information, thereby gradually infiltrating the intranet and reaching the attack target

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security defense system and network security defense method based on dynamic transformation
  • Network security defense system and network security defense method based on dynamic transformation
  • Network security defense system and network security defense method based on dynamic transformation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach

[0071] The difference between the network security defense system based on dynamic transformation described in the second preferred embodiment of the present invention and the above-mentioned first preferred embodiment is only that, as Figure 7 As shown, the user can set the static feature of wIP in the terminal information table stored in the terminal information storage unit 14 through the management unit 11, that is, the wIP of a specific network terminal accessing the network in the intranet can be set to a static wIP, preferably A flag bit can be set in the terminal information table of the specific network terminal, and a corresponding flag value can be set in the flag bit to distinguish whether the wIP of the specific network terminal is a static wIP. In this way, two network terminals connected to the network in the intranet can communicate not only through the vIP, but also through the statically configured wIP. The reason for such modification is that in the existin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a network security defense system and network security defense method based on dynamic transformation. The network security defense system comprises a communication processing unit, a terminal information unit and a dynamic transformation unit. A terminal information table is configured for each network terminal in an inner network through the communication processing unit; the terminal information tables comprise true IP addresses, virtual IP addresses and outer network access IP addresses allocated to the network terminals; the dynamic transformation unit dynamically transforms the virtual IP addresses; and the communication processing unit enables the network terminals in the inner network to communicate with each other through the vIPs and communicate with the outer network through the wIPs. According to the system and the method, the static features of the conventional inner network are broken; through transforming the IP address information of the network terminals in the inner network, an attacker cannot obtain the topological structure of the inner network and cannot accurately obtain the true information of the network terminals in the inner network; therefore, the inner network attacking behaviors are effectively defensed; and the security of the inner network is improved.

Description

technical field [0001] The invention relates to the field of network security, in particular to a network security defense system and a network security defense method based on dynamic transformation. Background technique [0002] Intranet security is very important in the actual network environment, but it is ignored by most network security devices. Existing methods generally detect attack behaviors by collecting traffic, but abnormal traffic is often generated after the attack behavior, so such methods cannot provide real-time defense against the attack behavior. Another method is to deploy a network security defense system on hosts connected to the network. Although it can defend against some attacks, it cannot defend against unknown intranet attacks. Static IP address assignments allow attackers to accurately and quickly target attacks by scanning local or remote networks. Determining the IP address of the active host in the target network is the first step in most at...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1441H04L61/5014H04L61/4511
Inventor 耿童童
Owner 北京卫达信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com