Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Device and method for capturing malicious samples through targeted dynamic deployment of honeypots

A dynamic deployment and targeted technology, applied in transmission systems, electrical components, etc., can solve the problems that malicious samples cannot be accurately forwarded to high-interaction honeypots, occupy large computing resources, and it is difficult to implement vulnerability services or system simulations

Active Publication Date: 2021-05-28
北京经纬信安科技有限公司
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] First, the existing malicious sample acquisition technology is difficult to simulate a large number of vulnerable services or systems; when multiple PCs spread malicious samples at the same time, there may be a large number of identical or different attack characteristics occurring at the same time, and the existing technology is very difficult. Difficult to capture all kinds of malicious samples attacked at the same time
[0006] Second, in the prior art, malicious samples exploiting vulnerabilities cannot be accurately forwarded to high-interaction honeypots containing corresponding vulnerable services or systems. It cannot be guaranteed to be correctly infected, making it difficult to capture malicious samples based on vulnerability attacks
[0007] Third, existing technologies cannot be dynamically deployed for the vulnerabilities used in attacks
[0008] Fourth, the capture of existing malicious samples requires a large amount of computing resources, and the cost of large-scale deployment of high-interaction honeypots is very high

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Device and method for capturing malicious samples through targeted dynamic deployment of honeypots
  • Device and method for capturing malicious samples through targeted dynamic deployment of honeypots
  • Device and method for capturing malicious samples through targeted dynamic deployment of honeypots

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] Exemplary embodiments will be described in detail herein, examples of which are illustrated in the accompanying drawings. Where the following description refers to the drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the illustrative examples below are not intended to represent all implementations consistent with this application. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present application as recited in the appended claims.

[0049] figure 1 It is a schematic diagram of a device for capturing malicious samples using targeted dynamic deployment of honeypots according to an exemplary embodiment, such as figure 1 As shown, this embodiment provides a device for capturing malicious samples by utilizing a honeypot for targeted dynamic deployment, and the device includes a virtual honeypot, a central control system and a cl...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

This application relates to a device and method for capturing malicious samples through targeted dynamic deployment of honeypots. The device includes a virtual honeypot, a central control system, and a cloud deployment platform; the present invention uses a virtual honeypot to capture attack activities and attack characteristics; a virtual honeypot Upload the captured attack signatures to the central control system; the central control system analyzes the uploaded attack signatures; the cloud deployment platform starts a high-interaction honeypot containing the vulnerability corresponding to the attack signature; imports the virtual honeypot traffic into the activated high-interaction honeypot In the honeypot, the corresponding high-interaction honeypot is infected. The present invention uses a low-interaction honeypot to cooperate with a high-interaction honeypot based on a vulnerability service or system, uses the low-interaction honeypot to quickly discover the existence of malicious samples, and uses a cloud deployment platform to quickly deploy a high-interaction service or system based on a vulnerability Honeypots, which cooperate with high-interaction honeypots and low-interaction honeypots based on vulnerability services or systems to capture malicious samples.

Description

technical field [0001] The invention belongs to the field of computer network security, and in particular relates to a device and method for capturing malicious samples through targeted dynamic deployment of honeypots. Background technique [0002] Honeypots are computer devices that are carefully designed and deployed to attract intruders to collect information for research and analysis or to extend the attacker's attack intent. Honeypots are divided into low-interaction honeypots, medium-interaction honeypots, and high-interaction honeypots according to their interaction capabilities. The main feature of low-interaction honeypots is simulation. The deception technology is implemented by simulating operating systems and services. The attacker has only a small amount of interaction with the honeypot, so the attack information obtained is relatively small, and it is more suitable for capturing automatic attack tools or For attacks launched by network worms, low-interaction h...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1416H04L63/1433H04L63/1491H04L67/10
Inventor 李春强丘国伟于磊
Owner 北京经纬信安科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com