Intranet vulnerability attack defense method and related device
An intranet and vulnerability technology, applied in the computer field, it can solve the problems of false negatives and false positives, affecting the normal use of the enterprise network, and high IPS processing pressure, so as to reduce the possibility, ensure the normal use, and reduce the processing pressure.
Active Publication Date: 2020-10-27
TENCENT TECH (SHENZHEN) CO LTD
View PDF8 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0004] Current vulnerability attack defense methods such as intrusion prevention system (Intrusion Prevention System, IPS), although can make up for the insufficiency of intrusion detection system (intrusion detection system, IDS), real-time perception of vulnerability attacks, intercepting attack data packets, but IPS processing pressure Very large, it is easy to cause false negatives and false negatives, and once the false negatives or false positives may affect the normal use of the entire enterprise network
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0039] Embodiments of the present application are described below in conjunction with the accompanying drawings.
[0040] In order to prevent hackers from controlling electronic devices in the intranet and threatening the security of data assets through vulnerability attacks, various vulnerability attack defense methods are provided in related technologies, such as figure 1 In the shown IDS mode, the IDS mode usually uses the switch 103 to perform data packet port mirroring at the network routing device 102 of the internal network 104, and copies the data packets communicated between the internal network 104 and the external network 101 to the device 105 and forwards to an independent Detection of asynchronous bypass on the server. The defect of the IDS method is that it can only detect and alarm asynchronously, and once the hacker’s vulnerability attack data packet is sent to the target intranet electronic device, the target intranet electronic device is likely to establish a...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The embodiment of the present application discloses a method for defending against intranet vulnerability attacks and related devices. In the intranet, the driver layer of each intranet electronic device deploys a traffic detection module to perform vulnerability attack detection, that is, the intranet electronic devices load according to the function configuration file. For the corresponding local rule file, if the access data packet is obtained, the intranet electronic device invokes the traffic detection module to determine whether the access data packet is a vulnerability attack data packet according to the local rule file. If so, block the access data packet from the driver layer to the application layer of the intranet electronic device, so as to achieve the purpose of defending against vulnerability attacks. Vulnerability attack detection is performed at the driver layer and the vulnerability attack data packets are intercepted to improve the response speed of the vulnerability attack. In addition, vulnerability attack detection is distributed to each intranet electronic device, thereby reducing the processing pressure of vulnerability attack detection. As the processing pressure decreases, the scope of influence of false positives and false alarms is greatly reduced, ensuring the normal use of other electronic devices in the internal network.
Description
technical field [0001] The present application relates to the field of computers, in particular to a method for defending against intranet vulnerability attacks and a related device. Background technique [0002] As the proportion of enterprise informatization increases year by year, enterprise intranet security has become an important part of enterprise information security, and it is of great significance to protect the security of data assets. Once important data is obtained by hackers and illegally traded, it will cause huge losses to the enterprise. [0003] In order to obtain the data of the company's intranet, hackers usually break through a certain machine on the intranet, and then spread the intranet horizontally to control more machines through vulnerability attacks. After controlling the intranet machines, they can establish a secret channel to The file is transferred to the hacker, and even the entire disk file is directly encrypted to blackmail the company (ran...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G06F21/57
CPCG06F21/577H04L63/1408H04L63/1433
Inventor 朱迦南
Owner TENCENT TECH (SHENZHEN) CO LTD