Network attack prevention phantom device establishment method, medium and device

A network attack and establishment method technology, applied in the field of network security, can solve the problems that traps are easily bypassed, camouflage technology cannot camouflage well, and personnel security professional technical requirements are high.

Inactive Publication Date: 2018-07-24
SHENZHEN LEAGSOFT TECH
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] Existing active defense technologies such as honeynets and honeypots can effectively perceive and capture automated attacks such as botnets and scripts, but the camouflage technologies in the existing technologies cannot camouflage well, and are easy to be seen through by attackers, and traps are also easy Easily bypassed, poor defense
At the same time, the deployment and maintenance of active defense technologies such as traditional honeynets and honeypots have high requirements for personnel security expertise

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack prevention phantom device establishment method, medium and device
  • Network attack prevention phantom device establishment method, medium and device
  • Network attack prevention phantom device establishment method, medium and device

Examples

Experimental program
Comparison scheme
Effect test

no. 1 example

[0054] Please refer to figure 1 , figure 1 It is a flow chart of a method for establishing a phantom device against network attack provided by a specific embodiment of the present invention. The method for establishing a phantom device against network attack provided by this embodiment includes:

[0055] Step S101: Obtain features of real devices in the local area network.

[0056] Step S102: Classify the real devices according to the features, and use each type of real devices as a device template.

[0057] Step S103: Set the configuration file of the phantom device according to the device template.

[0058] Step S104: Load the configuration file to generate the phantom device.

[0059] Wherein, the feature may include: device type, operating system, operating system fingerprint, open port, vendor feature, and the like.

[0060] Classify each real device in the LAN according to its characteristics, and a category corresponds to a device template. For example, one operati...

no. 2 example

[0092] The present invention corresponding to the first embodiment also provides a method for preventing network attacks, please refer to figure 2 , which is a schematic diagram of a method for preventing network attacks provided by an embodiment of the present invention.

[0093] A method for preventing network attacks provided by the second embodiment of the present invention includes:

[0094] Step S101: Monitor the communication information of the phantom device in the local area network in real time; wherein, the phantom device is established by the method described in the first embodiment;

[0095] Step S102: judging whether there are other devices communicating with the phantom device;

[0096] Step S103: If not, continue to monitor the communication information of the phantom device;

[0097] Step S104: If yes, mark the other devices as suspicious devices;

[0098] Step S105: blocking the communication between the suspicious device and the phantom device and the re...

no. 3 example

[0108] In the above-mentioned first embodiment, a method for establishing a phantom device for preventing network attacks is provided. In combination with the above-mentioned first embodiment, the third embodiment of the present invention provides a computer-readable storage medium on which a computer program is stored. When the program is executed by the processor, the method for establishing a phantom device for preventing network attacks provided by the above-mentioned first embodiment is implemented.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a network attack prevention phantom device establishment method, a medium and a device. The method comprises the steps of obtaining features of true devices in a local area network; classifying the true devices according to the features, and taking each class of the true devices as device templates; setting configuration files of phantom devices according to the device templates; and loading the configuration files and generating the phantom devices. The similarity between the phantom devices generated by the method and the corresponding true devices is high, the phantomdevices can be perfectly camouflaged in the network, the high simulation camouflage can be realized, network attacks can be timely and effectively sensed, and the trapping, alarm and evidence obtaining can be carried out. The established phantom devices are simple in deployment and utilization, consumed computer resources and human resources are relatively few, and a security professional skill demand for deployment and maintenance personnel are low.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method, medium and equipment for establishing a phantom device for preventing network attacks. Background technique [0002] Existing active defense technologies such as honeynets and honeypots can effectively perceive and capture automated attacks such as botnets and scripts, but the camouflage technologies in the existing technologies cannot camouflage well, and are easy to be seen through by attackers, and traps are also easy Easily bypassed, less defensive. At the same time, the deployment and maintenance of active defense technologies such as traditional honeynets and honeypots have high requirements for personnel security expertise. Contents of the invention [0003] Aiming at the defects in the prior art, the present invention provides a method, medium and equipment for establishing a phantom device against network attacks. The phantom device established can ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1483H04L63/1491H04L61/5046H04L61/5007H04L2101/622H04L63/0236H04L61/5038
Inventor 肖政涂大志戴昌
Owner SHENZHEN LEAGSOFT TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap