Network authentication attack prediction method and system

A technology of network authentication and prediction method, applied in the field of network security, which can solve problems such as being vulnerable to man-in-the-middle attacks and not forcing the establishment of TLS security channels

Inactive Publication Date: 2020-02-18
武汉思普崚技术有限公司
View PDF3 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] In the existing SDN network, it is not mandatory to establish a TLS security channel between the controller and the switch, and the default state is disabled, which makes the network vulnerable, and there may be c

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network authentication attack prediction method and system
  • Network authentication attack prediction method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] The preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings, so that the advantages and features of the present invention can be more easily understood by those skilled in the art, so that the protection scope of the present invention can be more clearly defined.

[0047] figure 1 The flow chart of the network authentication attack prediction method provided for this application, the method includes:

[0048] Obtain network traffic data and identify the type of network based on network characteristics;

[0049] Collect data fragments in network traffic, extract exploitable attack vectors from them, and merge the received data fragments with historical data fragments locally on the server;

[0050] Use the analysis model to analyze the merged data fragments to find possible abnormal data fragments, mark the network nodes or terminals to which the abnormal data fragments belong as abnormal points, and analyze whe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a network authentication attack prediction method and system. The method comprises the following steps: establishing a security encryption channel between a controller and a switch, adding a trusted authority CA to authenticate and sign the controller and the switch, realizing bidirectional authentication between the controller and the switch, and performing key negotiationbetween the controller and the switch to realize targeted improvement of SDN network vulnerability; meanwhile, collecting data fragment copies; extracting available attack vectors; and analyzing whether the data fragments are abnormal or not and whether the plurality of abnormal data fragments are logically associated or not, thereby determining abnormal points, obtaining potential attack trajectories and security vulnerabilities of the network nodes, predicting whether the abnormal network nodes are improved in the future or not, and predicting whether other nodes similar to the network nodesare attacked or not.

Description

Technical field [0001] This application relates to the field of network security technology, and in particular to a network authentication attack prediction method and system. Background technique [0002] In the existing SDN network, the TLS security channel is not compulsorily established between the controller and the switch, and the default state is not open, which makes the network fragile. There may be clear text communication between the controller and the switch, and any third party can intercept it. Or modify the content of the communication between the two parties, which is vulnerable to man-in-the-middle attacks. There is a lack of certificate verification between the controller and the switch. The attacker can easily intercept the request sent by the controller to the switch and pretend to communicate with the switch as the controller to obtain all the content of the communication between the switch and the controller. [0003] At the same time, the reasons for the abn...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/08H04L9/32H04L29/06
CPCH04L9/0838H04L9/321H04L9/3247H04L63/1425H04L63/1441
Inventor 段彬
Owner 武汉思普崚技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap