An active network defense system for embedded and its defense method

An active network and defense system technology, applied in transmission systems, electrical components, etc., can solve problems such as ARP spoofing, replay attacks, and inability to accurately judge network messages, and achieve convenient and flexible use, high accuracy, and security Effect

Active Publication Date: 2020-05-01
NANJING ACOINFO TECH CO LTD
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] The exception handling module is used to handle exceptions after packet detection finds problems. The exception handling methods are divided into two types: the first one is for network packets that can clearly determine problems, such as SYN floods, network storms, Distributed denial-of-service attacks, etc., the exception handling module notifies the firewall filter of the driver layer, and starts to perform corresponding filtering operations on the network packets received by the embedded device; ARP spoofing, replay attacks, etc., the exception handling module actively sends request messages, asks the device communicating with it, and determines whether there is a problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An active network defense system for embedded and its defense method
  • An active network defense system for embedded and its defense method
  • An active network defense system for embedded and its defense method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] Embodiment one: if image 3 As shown, for ARP spoofing, the defense method of the active network defense system of the present invention, the specific steps are as follows:

[0047] 1. The system will maintain an ARP information table. When receiving an ARP response message, it will first check whether there are related entries in the current table. protocol stack.

[0048] 2. If there is an entry, it will judge whether the content of the currently received message is consistent with the description of the entry. If they are consistent, go to step 3 to determine whether the current entry is in an abnormal state. If not, the flag bit of the current table entry will be set to indicate that an exception has occurred and the same goes to step 3.

[0049] 3. When detecting the abnormal state of the table item, if the flag bit shows that it is not an abnormal state, the message will be passed directly to the protocol stack. Otherwise, it will judge whether the embedded de...

Embodiment 2

[0065] Embodiment two: if Figure 4 Shown, for network storm, SYN flood attack, the defense method of active network defense system of the present invention, concrete steps are as follows:

[0066] 1. First receive the network packet and judge whether it is a broadcast packet. If it is a broadcast packet, go to the next step. If it is not a broadcast packet, further judge whether there is an IP packet header. If there is an IP packet header, go to the next step. If not The IP packet header judges that the current packet is allowed to pass;

[0067] 2. Set the detection flag according to the message type, and judge whether there is this device information in the device information table, if not, create a new device entry information and enter the next step, if there is, directly enter the next step;

[0068] 3. Make a corresponding cumulative count judgment according to the flag bit, and judge whether the number of received messages within one second is greater than the set th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

An active network defense system for embedded equipment includes a network protocol stack module and an active network defense module. The active network defense module comprises a firewall upper-layer module and a firewall bottom-layer module. The firewall upper-layer module includes a message detection module and an exception handling module. A system defense method includes: 1, installing an active network defense system; 2, enabling the message detection module to analyzes a received network message to determine whether the message has a problem, directly transmitting the message to a protocol stack if not, or going to the next step if so; 3, enabling an exception handling unit to determine whether an exception message is an attack message, going to the next step if so, or sending a request message to query the real environment of the network and returning to step 2 if not; 4, discarding the current message, setting a white / black list, and opening a bottom-layer filter. The active network defense system for embedded equipment has characteristics of active identification and defense, and can prevent common embedded network attacks suffered by embedded equipment, thereby protecting the network security of the embedded equipment.

Description

technical field [0001] The invention belongs to the embedded field, in particular to an embedded active network defense system and a defense method thereof. Background technique [0002] With the rapid development of embedded devices, more and more embedded devices are being connected to the network in their applications, such as automotive electronic equipment, medical equipment and power equipment. When these devices are able to access the network, if adequate security issues are not considered, then they will be vulnerable to cyber attacks. Without some corresponding security measures, these attacks may damage the functions, systems and information inside the device. [0003] Nowadays, there are many network firewalls on the market, but most of these firewalls are used in the fields of servers, enterprises and personal PCs. There are relatively few network firewalls for embedded devices. [0004] The existing embedded network firewall currently has the following defect...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/02H04L63/101H04L63/1416H04L63/1466
Inventor 李孝成
Owner NANJING ACOINFO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap