Method for defending APT attack and safety controller

A security controller and security device technology, applied in the field of network security, can solve problems such as complex attack forms, achieve the effect of reducing the burden on the detection system and reducing the false alarm rate

Inactive Publication Date: 2017-01-18
CHINA SOUTHERN POWER GRID COMPANY
View PDF4 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] 2) Attack forms are b

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for defending APT attack and safety controller
  • Method for defending APT attack and safety controller
  • Method for defending APT attack and safety controller

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, rather than all embodiments . Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0028] see figure 1 As shown, the embodiment of the present invention provides a schematic flowchart of a method for defending against APT attacks, and the specific implementation method includes:

[0029] In step S101, the security controller constructs a global data flow knowledge base according to the flow table information obtained from the network device, and the data flow knowledge base includes the flow direction of data flow in eac...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for defending an advanced persistent threat (APT) attack and a safety controller. The method comprises: a safety controller constructs a global data stream knowledge base according to flow table information obtained from a network device, wherein the data stream knowledge base includes flow directions of data streams in all network devices at all historical times in a global range; the safety controller directing an abnormal data stream in the data stream knowledge base to a safety device, so that the safety device can carry out depth detection on a data packet in the abnormal data stream conveniently; the safety controller receives warning information submitted by the safety device, wherein the warning information includes a suspected malicious behavior that is determined by the safety device during depth detection; and the safety controller carries out safety processing on the network devices based on the suspected malicious behavior in the warning information. The invention provides a novel method for defending an APT attack, so that an APT attack can be defended effectively.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method for defending against APT attacks and a security controller. Background technique [0002] Network security, especially the Internet security is facing unprecedented challenges, which mainly come from new types of attacks and threats that are organized, have specific targets, and last a long time. It is called APT (Advanced Persistent Threat) attack internationally, and it is generally called APT (Advanced Persistent Threat) attack in China. It is called "Advanced Sustainability Threat". Threat is a potential factor that causes damage to a specific system, organization and its assets, and reflects the process that the attackers continue to attack the attacked object in various forms for a long time according to their mission requirements. From a macro perspective, all aspects of security threats are a closed ring structure centered on the attacker. As time and various o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1441H04L63/1416
Inventor 张思拓
Owner CHINA SOUTHERN POWER GRID COMPANY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap