Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Attack intelligent trapping system and method based on virtualization

A virtualized and intelligent technology, applied in the field of Internet security, can solve problems such as honeypot structure adjustment, high security protection cost, and inability to dynamically change decoy scenarios

Active Publication Date: 2019-07-12
XI AN JIAOTONG UNIV
View PDF8 Cites 37 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, the traditional honeypot system is mainly deployed in hardware servers. On the one hand, it is difficult to dynamically adjust the honeypot structure according to the attack behavior, that is, it is impossible to dynamically change the deception scene to achieve the effect of intelligent deception. On the other hand, a large number of physical The infrastructure is used for the deployment and operation of the honeypot system, and the cost of security protection is relatively high

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack intelligent trapping system and method based on virtualization
  • Attack intelligent trapping system and method based on virtualization
  • Attack intelligent trapping system and method based on virtualization

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] The implementation of the present invention will be described in detail below in conjunction with the drawings and examples.

[0040] Such as figure 1As shown, the system consists of five modules, which are two-level honeypots composed of various honeypots, attack intent identification module, honeypot scheduling module, honeypot monitoring module and Web management platform. The five modules are centered on two-level honeypots, and the final operation relies on changing the state of the honeypot to achieve intelligent deception, and how to change the state of the honeypot is realized through the honeypot scheduling module, which is the core of the system. The basic functions, that is to say, the main functions of the present invention can be realized by the two-level honeypot, the attack intention identification module and the honeypot scheduling module.

[0041] specifically:

[0042] Two-level honeypots, including first-level honeypots and second-level honeypots, a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

According to the virtualization-based attack intelligent trapping system provided by the invention, intelligent trapping of attackers is realized by constructing two stages of honeypots in the SDN. The first level is a reconnaissance honeypot and provides real services, and when an attacker scans the system and attacks the attacker, the reconnaissance honeypot and the attacker perform preliminaryinteraction to obtain attack data. Analyzing is carried out on the preliminary attack data to identify an attack target of an attacker and predict an attack intention of the attacker; and a corresponding second-stage honeypot is started, namely a special honeypot by combining a scene knowledge base, attack flows are migrated into the special honeypot, an attacker is enabled to perform deep interaction with the special honeypot, and the state of the special honeypot is stored for subsequent analysis after the attack is finished.

Description

technical field [0001] The invention belongs to the technical field of Internet security, relates to a honeypot system, and in particular to a virtualization-based attack intelligent deception system and method. Background technique [0002] The existing technology that can well deceive attackers is the honeypot technology. By arranging some decoy hosts, network services or information, the attackers can be lured to attack them, so that the attack behavior can be captured and analyzed to understand The tools and methods used by the attackers, as well as the inference of attack intentions and motivations, can enable the defenders to clearly understand the security threats they face, and enhance the security protection capabilities of the actual system through technical and management means. The honeypot can also be regarded as an intelligence collection system, which deliberately exposes the target of the attack and lures the hacker to attack. After the attacker invades, we c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06N3/00
CPCG06N3/006H04L63/1416H04L63/1491
Inventor 陶敬刘凯潜禹桥王悦韩婷张远鸣
Owner XI AN JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com