Method of forwarding attack traffic to honeypot

A technology for attacking traffic and traffic forwarding, applied to electrical components, transmission systems, etc., can solve problems such as complex data transmission process, high deployment cost, and high cost of masquerading agents, and achieve simple deployment, network security maintenance, and strong operability Effect

Pending Publication Date: 2020-06-19
江苏天网计算机技术有限公司
View PDF4 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The existing masquerade proxy technology cannot realize the interaction between the attacker and the honeypot through the simple rule configuration of the traffic forwarding module, but needs to be managed by deploying the honeypot agent terminal and the honeypot management terminal, which makes the cost of masquerading proxy high, and the existing Masquerade proxy technology, the deployment cost is relatively large, and the data transmission process is relatively complicated

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method of forwarding attack traffic to honeypot
  • Method of forwarding attack traffic to honeypot

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] The technical solutions of the present invention will be described in detail below, but the protection scope of the present invention is not limited to the embodiments.

[0020] A method of forwarding attack traffic to a honeypot, such as figure 1 As shown, the attacker accesses the sensitive content of the real business client, and the real business client forwards the traffic after receiving it. After receiving the request, the honeypot will attack and obtain evidence and reply to the access request. In the present invention, unlike the prior art, what the client visits at the beginning is the real business. However, if the sensitive port of the real business is accessed, the gateway will Convert this access request to a honeypot. In the existing technical solution, the client first accesses the honeypot agent, and the honeypot agent decides whether to send the access request to the honeypot or real business, which increases the deployment cost. .

[0021] Such as ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for forwarding attack traffic to a honeypot. A gateway agent mode is adopted; a gateway and a flow forwarding module are simply deployed; request access to a sensitiveport on a real service server is forwarded to a gateway; the gateway carries out flow forwarding module rule configuration, forwards the request of the attacker to the honeypot, the honeypot carriesout attack evidence obtaining and replies the access request of the attacker, forwarding of the data packet is easily achieved through the gateway, and the situation that the whole communication quality is affected by instability generated in the agent disguising process is prevented. Intrusion detection is carried out, deployment is easy and convenient, operability is high, network safety and enterprise service safety and stability are maintained, and convenience is provided for disguise agency deployment of small and medium-sized enterprises.

Description

technical field [0001] The invention relates to computer information security, in particular to a method for forwarding attack traffic to a honeypot. Background technique [0002] Honeypot technology is essentially a technology to deceive the attacker. By arranging some hosts, network services or information as bait, the attacker is induced to attack them, so that the attack behavior can be captured and analyzed, and the attack behavior can be understood. The tools and methods used by the party, and the attack intention and motivation can be speculated, so that the defense party can clearly understand the security threats they face, and enhance the security protection capabilities of the actual system through technical and management means. [0003] The existing masquerade proxy technology cannot realize the interaction between the attacker and the honeypot through the simple rule configuration of the traffic forwarding module, but needs to be managed by deploying the honeyp...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1491H04L63/1416
Inventor 宋彦春郑昭翼
Owner 江苏天网计算机技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap