Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Content audit system based on active defense mechanism and content audit method thereof

An active defense and content auditing technology, applied in the field of network security, can solve problems such as the abuse of power by managers, the reduction of damage to industrial network equipment, and improper operations by executives.

Active Publication Date: 2017-08-29
北京天地和兴科技有限公司
View PDF5 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] 1. For the various industrial control hosts in the industrial control network, such as malicious sabotage by insiders from the engineer station and operator station, management personnel abusing their power, improper operation by executive personnel, and man-made sabotage operations, they can only be monitored and passively defended after the event, and cannot be blocked. before the damage occurs;
[0007] 2. For the industrial control hosts in the industrial control network, such as malicious code software and viruses from the engineer station and operator station, the attack on the industrial control network can only be monitored and passively defended afterwards, and cannot be blocked before the damage occurs;
[0008] In short, the existing industrial control network audit equipment cannot adopt an active defense strategy against unreasonable human operations, viruses, and malware codes from various industrial control hosts, so that these hazards are blocked in the industrial control host and do not spread to the industrial network. , especially the "Stuxnet" virus that occurred on the industrial network equipment of Iran's Bushehr nuclear power plant, which can minimize the damage caused to industrial network equipment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Content audit system based on active defense mechanism and content audit method thereof
  • Content audit system based on active defense mechanism and content audit method thereof
  • Content audit system based on active defense mechanism and content audit method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] refer to Figure 1-6 , a specific embodiment of the present invention includes an active defense module 1 and a verification module 2, and the active defense module 1 and the verification module 2 are connected through Ethernet communication;

[0040] Active Defense Module 1 includes,

[0041] The data frame interception module 3 sent by the network is used to intercept the data frame;

[0042]The data frame whitelist matching module 4 is used to carry out source-destination MAC, source-destination IP, transport layer protocol, source-destination port and other data of the intercepted network transmission data frame with each whitelist data in the whitelist baseline library 5. Compare and match data such as destination MAC, source and destination IP, transport layer protocol, and source and destination ports;

[0043] The data frame blacklist matching module 6 is used for data such as source destination MAC, source destination IP, transport layer protocol, source dest...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a content audit system based on an active defense mechanism. The content audit system comprises an active defense module and a verification module, the active defense module comprises a network transmission data frame interception module, a data frame white list matching module, a data frame blacklist matching module, a data frame recombination and redirection module, a data frame sending module and a data frame accepting and restoring module; the verification module comprises a communication processing module and a judging module. The invention further discloses a content audit method of the content audit system based on the active defense mechanism. By adoption of the content audit system and the content audit method disclosed by the invention, the shortcomings of the prior art can be improved, and the system security can be improved through an active security policy.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a content auditing system and a content auditing method based on an active defense mechanism. Background technique [0002] Industrial control system network content audit equipment is a special product for information security that records and analyzes the protocols, data and behaviors in the industrial control network, and makes certain response measures. [0003] Existing audit equipment generally adopts the bypass access method, and uses the white list mechanism to record and analyze the configuration changes and command changes of each industrial control host computer in the industrial control network, such as engineer stations and operator stations. Configuration changes include Configuration uploading, downloading, and command changes include operations such as writing commands and related parameters. The real-time requirements for these operations are usually sev...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/101H04L63/1466
Inventor 王小东李佐民王蔚庭
Owner 北京天地和兴科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com