Malicious sample cultivation high interaction to low interaction system and method

A high-interaction, low-interaction technology, applied in transmission systems, electrical components, etc., can solve the problems of high cost, high cost, and low efficiency in high concurrency implementation, and achieve the effect of efficient malicious sample monitoring

Active Publication Date: 2017-06-30
SHENZHEN ANZHITIAN INFORMATION TECH
View PDF7 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The efficiency of high-interaction implementation is relatively low, and the risk is high. It needs to consume a lot of network and physical resources to realize the operating environment to achieve the effect. The implementation of long-term high concurrency is expensive.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious sample cultivation high interaction to low interaction system and method
  • Malicious sample cultivation high interaction to low interaction system and method
  • Malicious sample cultivation high interaction to low interaction system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] The preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings, and unnecessary details and functions for the present invention will be omitted during the description to avoid confusing the understanding of the present invention. Although exemplary embodiments are shown in the drawings, it should be understood that the invention may be embodied in various forms and is not limited to the embodiments set forth herein. Rather, these embodiments are provided so that the present disclosure can be more thoroughly understood, and the scope of the present invention can be fully conveyed to those skilled in the art.

[0022] figure 1 is a schematic diagram illustrating an application scenario of the communication system 100 according to the present invention. Such as figure 1 As shown, communication system 100 may include production network server 110 and command and control server 120 . The production networ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious sample cultivation high interaction to low interaction system. The system comprises a high interaction module which is used for obtaining first packet data of malicious behavior network communication based on at least two secondary reoperation malicious behaviors in an operation environment, wherein the unchanged first packet data in an operation process is analog replay data; and a low interaction module which is used for sending the first packet data to the malicious behaviors of the same family based on the analog replay data and monitoring and obtaining the network information of the behavior network communication. According to the system and the method, the technical problem that in the prior art, the network information of samples is obtained in a high interaction mode, the efficiency of monitoring a command and controlling a server or attack behaviors is low, and an operation environment is realized through consumption of a great number of network and physical resources to achieve an effect is solved.

Description

technical field [0001] The present invention relates to the technical field of computer security, and more specifically relates to a system and method for transforming high-interaction into low-interaction in malicious sample breeding honeynet. Background technique [0002] In the prior art, farming honeynet technology can be divided into two categories according to the interaction degree of farming honeynet data: low-interaction farming honeynet and high-interaction farming honeynet. The low-interaction breeding honeynet adopts simulation technology, there is no real operating system and services, and the degree of interaction is low. It can only simulate the response behavior of the operating system and applications based on known vulnerabilities; the high-interaction farming honeynet runs on the real operating system. Deploying real applications can construct a real service environment and capture richer attack data. [0003] At present, researchers need to breed a large...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416
Inventor 康学斌李拾萱肖新光
Owner SHENZHEN ANZHITIAN INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap