Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Active network defense system for embedded equipment and defense method thereof

An active network and defense system technology, applied in transmission systems, electrical components, etc., can solve problems such as ARP spoofing, replay attacks, and inability to accurately judge network messages, and achieve convenient and flexible use, high accuracy, and security Effect

Active Publication Date: 2017-11-17
NANJING ACOINFO TECH CO LTD
View PDF9 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] The exception handling module is used to handle exceptions after packet detection finds problems. The exception handling methods are divided into two types: the first one is for network packets that can clearly determine problems, such as SYN floods, network storms, Distributed denial-of-service attacks, etc., the exception handling module notifies the firewall filter of the driver layer, and starts to perform corresponding filtering operations on the network packets received by the embedded device; ARP spoofing, replay attacks, etc., the exception handling module actively sends request messages, asks the device communicating with it, and determines whether there is a problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Active network defense system for embedded equipment and defense method thereof
  • Active network defense system for embedded equipment and defense method thereof
  • Active network defense system for embedded equipment and defense method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] Example 1: as image 3 As shown, for ARP spoofing, the specific steps of the defense method of the active network defense system of the present invention are as follows:

[0047] 1. An ARP information table will be maintained within the system. When an ARP reply message is received, it will first detect whether there are relevant entries in the current table. If not, add it to it, and let the message pass the detection and pass it to the protocol stack.

[0048] 2. If there is an entry, it will be judged whether the content of the currently received message is consistent with the description of the entry. If they are consistent, go to step 3 to determine whether the current entry is in an abnormal state. If it is inconsistent, the current entry flag will be set, indicating that an exception occurs and the same goes to step 3.

[0049] 3. When detecting the abnormal state of the entry, if the flag bit shows that it is not abnormal, the message will be passed directly ...

Embodiment 2

[0065] Example 2: as Figure 4 As shown, for network storm, SYN flood attack, the defense method of the active network defense system of the present invention, the specific steps are as follows:

[0066] 1. First receive the network packet and judge whether it is a broadcast packet. If it is a broadcast packet, go to the next step. If it is not a broadcast packet, further judge whether there is an IP packet header. If there is an IP packet header, go to the next step. The IP packet header determines that the current packet is allowed to pass;

[0067] 2. Set the detection flag bit according to the message type, and determine whether there is this device information in the device information table, if not, create a new device entry information and then go to the next step, if there is, go directly to the next step;

[0068] 3. Make a corresponding cumulative count judgment according to the flag bit, and judge whether the number of received packets in one second is greater than...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

An active network defense system for embedded equipment includes a network protocol stack module and an active network defense module. The active network defense module comprises a firewall upper-layer module and a firewall bottom-layer module. The firewall upper-layer module includes a message detection module and an exception handling module. A system defense method includes: 1, installing an active network defense system; 2, enabling the message detection module to analyzes a received network message to determine whether the message has a problem, directly transmitting the message to a protocol stack if not, or going to the next step if so; 3, enabling an exception handling unit to determine whether an exception message is an attack message, going to the next step if so, or sending a request message to query the real environment of the network and returning to step 2 if not; 4, discarding the current message, setting a white / black list, and opening a bottom-layer filter. The active network defense system for embedded equipment has characteristics of active identification and defense, and can prevent common embedded network attacks suffered by embedded equipment, thereby protecting the network security of the embedded equipment.

Description

technical field [0001] The invention belongs to the field of embedded, in particular to an active network defense system for embedded and a defense method thereof. Background technique [0002] With the rapid development of embedded devices, more and more embedded devices are being connected to the network in their applications, such as automotive electronic equipment, medical equipment and power equipment. When these devices are able to access the network, if sufficient security issues are not considered, they will be vulnerable to cyber attacks. Without some appropriate security measures, these attacks may compromise the functionality of the device, the system, and the information inside the device. [0003] Today, there are many network firewalls on the market, but most of these firewalls are used in the field of servers, enterprises and personal PCs. There are relatively few network firewalls for embedded devices. [0004] The existing embedded network firewalls curre...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/02H04L63/101H04L63/1416H04L63/1466
Inventor 李孝成
Owner NANJING ACOINFO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products