Monitoring method and device for preventing malicious security detection activity

A security detection and malicious technology, applied in the field of computing network security, can solve the problem of not being able to detect malicious attacks as soon as possible, and achieve the effect of reducing malicious attacks and alleviating communication pressure

Active Publication Date: 2017-06-23
INDUSTRIAL AND COMMERCIAL BANK OF CHINA +1
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At present, the industry's method of discovering and blocking malicious security detection activities is mainly from the side of the web server, which puts a lot of pressure on the side of the web server and cannot detect malicious attacks as soon as possible.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Monitoring method and device for preventing malicious security detection activity
  • Monitoring method and device for preventing malicious security detection activity
  • Monitoring method and device for preventing malicious security detection activity

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0074] Such as Figure 6 Shown is a schematic structural diagram of the monitoring device of this embodiment. In this embodiment, the monitoring device includes two parts: a monitoring unit and a processing unit. Such as Figure 7 Shown is a schematic diagram of the internal structure of the monitoring unit in the monitoring device of this embodiment. Under the same local area network, the monitoring unit is cyclically detected by the program, and the cyclic detection time interval can be adjusted. Considering the hardware I / O overhead, it is recommended to be 1 minute.

[0075] (1) Configuration file module, used for reading configuration file, determines monitoring object;

[0076] (2) an instruction sending module, used to send an instruction to monitor the activity state of the network card to each client;

[0077] (3) a temporary file generation module, used to determine whether the client with the network card in an active state is configured with a local agent; writ...

Embodiment 2

[0080] Such as Figure 9 Shown is a scheme diagram of the monitoring device of this embodiment. Such as Figure 10 Shown is the working flow chart of the monitoring device of this embodiment. Its working steps are:

[0081] (1) Perform parameter configuration on the monitoring module to determine the monitoring object, such as a certain client ip or an ip segment of a certain client, and write it into the configuration file.

[0082] (2) The monitoring module reads the configuration file and determines the monitoring object.

[0083] (3) Send an instruction to monitor the activity state of the network card to the detection object, and jump to the next step if an active network card is found, otherwise, this step is a 1-minute cycle.

[0084] (4) Determine whether the client whose network card is in an active state is configured with a local agent, and jump to the next step if the local agent is found, otherwise jump to step (3).

[0085] (5) Write the ip of the client who...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a monitoring method and device for preventing malicious security detection activity. The method comprises the following steps: configuring parameters, and determining a monitoring object; sending an instruction of monitoring network card action state to the monitoring object until an active network card is found; determining whether a client having the acting network card configures home agent or not; if so, writing the address information of the client having the acting network card and configuring the home agent into a temporary file, and creating a notifying instruction for requesting handling; reading the temporary file according to the notifying instruction for requesting handling, and determining the handling object; and sending an instruction for forbidding the acting network card of the client to the handled object.

Description

technical field [0001] The invention relates to the technical field of computing network security, in particular to a monitoring method and device for preventing malicious security detection activities. Background technique [0002] Party A agrees with Party B to carry out security testing on Party A’s Internet site, and signs an agreement, which is deemed to be authorization from Party A to Party B. Authorized security testing activities are the main means of discovering application security problems, but unauthorized security testing activities will lead to become a malicious attack. When performing security detection for B / S applications, there is a method of intercepting and modifying http / https requests through proxy, which is one of the most commonly used methods for security detection. Under this method, by modifying the proxy configuration of the client web browser, all the traffic generated by the client will be proxied to the designated proxy server. After receiv...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1441
Inventor 周芙蓉史经伟叶红苏建明戴雯
Owner INDUSTRIAL AND COMMERCIAL BANK OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products