Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Honeypot service port self-adaptive application method and system based on attack behavior analysis

A service port and behavior analysis technology, which is applied in the self-adaptive application field of honeypot service port, can solve the problems of increasing the detection by the attacker, increasing the running time of the system, increasing the probability of being detected, and achieving the effect of increasing the chance of trapping

Active Publication Date: 2020-07-10
广州锦行网络科技有限公司
View PDF8 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The present invention uses a low-interaction honeypot to cooperate with a high-interaction honeypot based on a vulnerability service or system, uses the low-interaction honeypot to quickly discover the existence of malicious samples, and uses a cloud deployment platform to quickly deploy a high-interaction service or system based on a vulnerability Honeypot, cooperates with high-interaction honeypot and low-interaction honeypot based on vulnerability services or systems to capture malicious samples, but when the invention is aimed at a large number of different types of business areas, it is necessary to set up high-interaction of multiple corresponding business areas Honeypot, when a large number of different types of attackers attack, the low-interaction honeypot must process a large amount of data and transfer traffic at the same time, which increases the running time of the system and increases the chance of being detected by the attacker. At the same time, the attacker's attack When the behavior changes, the high-interaction honeypot system cannot be changed in time, which further increases the chance of being detected

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Honeypot service port self-adaptive application method and system based on attack behavior analysis
  • Honeypot service port self-adaptive application method and system based on attack behavior analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] Preferred embodiments of the present invention will be described below in conjunction with the accompanying drawings. It should be understood that the embodiments described here are only used to illustrate and explain the present invention, and are not intended to limit the present invention.

[0034] combine figure 1 As shown, the present invention provides a honeypot service port adaptive application method based on attack behavior analysis, comprising the steps of:

[0035] S01. The honeypot system traps attackers for continuous attacks, and different attackers have different attack purposes and target application ports;

[0036] S02. The honeypot system collects and transmits attacker behavior data to the data analysis terminal of the honeypot system;

[0037] S03. The data analysis end of the honeypot system judges the collected attacker behavior data according to the judgment conditions;

[0038] S04. The data analysis terminal of the honeypot system outputs the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of network security, in particular to a honeypot service port self-adaptive application method and system based on attack behavior analysis. According to the invention, analysis is carried out based on attacker behavior data; an application service port of a honeypot system in a specific business area is automatically changed; the attack situation and the attack type of a certain specific service area can be self-adapted; the deployment efficiency of the application service port is improved, the attack type conforming to the service area is accurately captured, the trapping service port is efficiently transformed in real time in combination with the attack behavior characteristics and characteristics of an attacker, the system operation time consumption is greatly reduced, and the trapping rate and authenticity of the honeypot system are improved.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a honeypot service port self-adaptive application method and system based on attack behavior analysis. Background technique [0002] Honeypot technology generally pretends to be a vulnerable network service and business application, and opens an application service port to trap attackers to actively attack, monitor them, and record their attack behavior and data. [0003] Self-adaptation is the process of automatically adjusting processing methods and constraints according to data characteristics in the process of data processing and analysis, so as to adapt to the statistical distribution characteristics and structural characteristics of the processed data, so as to obtain the best processing effect. [0004] When the existing honeypot technology traps attackers, it will deploy a honeypot system in a specific business area, and open a service port related to the honeypo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1433H04L63/1491
Inventor 彭湖鑫
Owner 广州锦行网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com