Unlock instant, AI-driven research and patent intelligence for your innovation.

A defense method based on a large number of deployed decoy hosts to detect and intercept intranet attack sources

A technology of attack sources and hosts, which is applied in the field of defense based on the detection and interception of intranet attack sources based on the deployment of a large number of decoy hosts.

Active Publication Date: 2021-11-30
江苏极元信息技术有限公司
View PDF12 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0018] In order to overcome the deficiencies in the existing technology, a defense method based on the deployment of a large number of decoy hosts to detect and intercept intranet attack sources is provided. It is an attack discovery and security protection technology that prevents the outbreak of ransomware and prevents hackers from penetrating. It solves the problem Difficult to find and intercept network attacks in the intranet

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A defense method based on a large number of deployed decoy hosts to detect and intercept intranet attack sources
  • A defense method based on a large number of deployed decoy hosts to detect and intercept intranet attack sources

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0075] There are 20 computers in a certain intranet, 30 CNC numerical control industrial control computers (with computer CPU, hard disk, memory, peripherals and interfaces, and real-time operating system, control network and protocol, computing power, friendly man-machine interface etc.), connect by TCP / IP protocol, and form local area network by 2 switches of 48 ports before; Utilize the method of this application now, replace traditional switchboard with 2 switching devices. The main working principle is as follows:

[0076] 1) Switching equipment forms a network bridge br0, and binds an intranet address (192.168.5.2) to the bridge br0, and detects the IP and MAC of 20 computers and 30 CNC industrial control computers through ARP Ping;

[0077] 2) The switching device virtualizes 500,000 decoy hosts with virtual IP and MAC at the network layer through the CPU and memory, and binds them in batches on the bridge br0;

[0078] 3) When one of the 20 computers (192.168.5.88) is...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a defense method based on a large number of deployed decoy hosts to detect and intercept intranet attack sources, comprising the following steps: step 1: designing switching equipment and building a network bridge br0; step 2: connecting a computer or an industrial control computer to the network through a network cable Switch the device; Step 3: In the internal network, the switching device performs ARP Ping survival detection; Step 4: The switching device virtualizes the decoy host; Step 5: The hacker enters the internal network to infiltrate the internal network, the hacker detects the decoy host, and conducts Attack; Step 6: Resist hackers or ransomware attacks. The present invention can be combined with CPU-based switching equipment, deployed in all TCP / IP-based intranet systems, and has broad application prospects.

Description

technical field [0001] The invention relates to the field of computer network intranet protection, in particular to a defense method for detecting and intercepting intranet attack sources based on the deployment of a large number of decoy hosts. Background technique [0002] "North-south" traffic refers to traffic flowing from the external network to the internal network. Generally, firewalls are deployed at the egress of the network for security protection of "north-south" traffic. "East-west" traffic refers to the internal traffic generated by mutual access between servers in the network. According to statistics, more than 75% of the traffic in the current data center is "east-west" traffic. Whether it's stealing private information or damaging someone's reputation, taking down critical government infrastructure or putting businesses at risk, today's cybercriminals are constantly testing the boundaries of the security and resilience of their networks. [0003] Despite the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/26H04L29/12
CPCH04L43/10H04L61/103H04L63/1416H04L63/1491H04L2463/146
Inventor 卿婷
Owner 江苏极元信息技术有限公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com