Security protection methods, devices and system

A security protection and security gateway technology, applied in the field of network security, can solve problems such as illegal manipulation of IoT devices, IoT device failures, security accidents, etc.

Inactive Publication Date: 2019-02-15
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF5 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, as the public gradually shifts their attention to the Internet of Things, the security of IoT devices is also coveted by malicious attackers. Due to the wide variety of IoT devices and widespread exposure, IoT devices are extremely fragile and easy to be attacked Vulnerabilities are discovered and exploited by the attackers, resulting in the illegal manipulation of IoT devices, the decline of user experience, and even the modification of some important data of IoT devices, causing IoT device failures and serious security incidents. Therefore, a security protection solution is urgently needed. To protect the security of IoT devices

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security protection methods, devices and system
  • Security protection methods, devices and system
  • Security protection methods, devices and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0071] figure 1 A schematic diagram of a security protection process provided by an embodiment of the present invention, the process includes:

[0072] S101: Receive the real-time traffic information of the IoT device sent by the security gateway, and determine the target characteristic value corresponding to the preset traffic characteristic of the IoT device in the current detection cycle according to the traffic information of the IoT device at each moment in the current detection cycle .

[0073] The security protection method provided by the embodiment of the present invention is applied to a security server. The security server may also be a security server cluster composed of multiple security servers, or a security platform composed of multiple security servers. There can be one or more security gateways with a communication connection with the security server, and there can be one or more IoT devices connected to the security gateway. An example of a security gatewa...

Embodiment 2

[0084] Different from traditional terminals such as computers or mobile phones, the destination address of IoT devices is relatively fixed and can be enumerated. In order to further improve the effect of security protection, on the basis of the above embodiments, in the embodiments of the present invention, according to The flow information of the Internet of Things device at each moment in the current detection cycle, before determining the target characteristic value corresponding to the preset flow characteristic of the current detection cycle of the Internet of Things device, the method further includes:

[0085] receiving the IP and / or domain name accessed by the IoT device sent by the security gateway;

[0086] Judging whether the IP and / or domain name is recorded in the IP and / or domain name whitelist corresponding to the IoT device, wherein the IP and / or domain name whitelist is based on the historical IP and domain names visited by the IoT device / or determined by th...

Embodiment 3

[0093] In order to prevent a single Internet of Things device from being mistaken for being normal due to abnormal access or being attacked, on the basis of the above-mentioned embodiments, in the embodiment of the present invention, if the target characteristic value corresponds to the preset traffic of the current detection period The difference between the predicted feature values ​​of the features is less than a deviation threshold, the method further comprising:

[0094] receiving the device model of the IoT device sent by the security gateway;

[0095] Judging whether the target traffic feature value and the IP and / or domain name are in the pre-saved traffic feature set and IP and / or domain name set corresponding to the device model;

[0096] If not, send a blocking instruction to block the traffic transmission of the IoT device to the security gateway, so that the security gateway blocks the traffic transmission of the IoT device.

[0097] In this embodiment of the law...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses security protection methods, devices and system. A method comprises the steps that a security server receives real-time traffic information of Internet of things equipment sentby a security gateway, and determines a target feature value of a preset traffic feature corresponding to a current detection period of the Internet of things equipment according to traffic information of the Internet of things equipment at each moment within the current detection period; judging whether a difference value between the target feature value and a predicted feature value of a presettraffic feature corresponding to the current detection period is smaller than a deviation threshold or not, wherein the predicted feature value is determined according to each history feature value of the preset traffic feature corresponding to the set number of history detection periods before the current detection period, and a preset prediction algorithm; and if the difference value is not smaller than the deviation threshold, a blocking instruction for blocking traffic transmission of the Internet of things equipment is sent to the security gateway, so the security gateway blocks the traffic transmission of the Internet of things equipment. A provided security protection scheme is used for ensuring security of the Internet of things equipment.

Description

technical field [0001] The present invention relates to the technical field of network security, in particular to a security protection method, device and system. Background technique [0002] The Internet of Things (IOT) is the third wave of information development after the development of computers and the Internet. The Internet of Things refers to a network that connects items with various networks for information exchange and communication in accordance with agreed protocols to achieve intelligent identification, positioning, tracking, monitoring and management. The Internet of Things will realize the extensive "networking" of things and things, people and things, and the network and people's daily life will be closer in the era of the Internet of Things. With the development of Internet of Things technology, the application of Internet of Things devices in industrial manufacturing, smart home and other fields has increased, which has brought great convenience to people...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/101H04L63/1408H04L63/1425H04L63/1441H04L61/4511
Inventor 桑鸿庆刘文懋张星张克雷
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products