Method and system for constructing large-scale trapping scenarios based on cloud computing

A large-scale, cloud computing technology, applied in the field of network security, to achieve the effect of improving capabilities, high classification efficiency, and enhancing uniqueness

Active Publication Date: 2021-01-08
北京元支点信息安全技术有限公司
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Traditional honeypots can only use fixed and rigid methods to deceive attackers. With the continuous improvement of attack levels, it is necessary to use more dynamic, novel and flexible multi-dimensional deception baits to build new honeypots to achieve better and more Faster and more accurate deception of the attacker's purpose

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for constructing large-scale trapping scenarios based on cloud computing
  • Method and system for constructing large-scale trapping scenarios based on cloud computing
  • Method and system for constructing large-scale trapping scenarios based on cloud computing

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0034] Such as figure 1 Shown, the method for constructing a large-scale trapping scene based on cloud computing, the method performs the following steps:

[0035] Step 1: Establish multiple clouds with the same application layer, transport layer, network layer, link layer and physical layer as the local side, and each cloud is regarded as a mirror decoy container on the local side;

[0036] Step 2: Collect local-side bait resource data, which at least includes: user behavior data, application usage data, network environment data, login credential data, file data, and traffic data; Preprocessing, obtain the preprocessing data, classify the preprocessing data, and add labels to each sub-dataset obtained after classification; then perform learning mapping based on the sub-datasets with labels to complete the training of the classifier; based on adding The sub-dataset of the label is trained using the established clustering model to complete the training of the clusterer;

[00...

Embodiment 2

[0042] On the basis of the previous embodiment, in the step 1, the method of setting up the same cloud as the application layer, transport layer, network layer, link layer and physical layer of the local end performs the following steps: Execute on the remote cloud server Builder application program, the remote cloud server includes processor, memory, operating system, and storage space for storing software application program and creating cloud image; providing said software application program, which includes application program code and application program data; reading a device configuration file indicating configuration settings for use with the software application, including one or more virtual machines, class paths, and environment variable settings; receiving information about the type of manager to be used with the application instructions; write the interface device of the virtual machine that is specific to the manager type and conforms to the configuration settings...

Embodiment 3

[0045] On the basis of the previous embodiment, the method for data preprocessing in step 2 performs the following steps: for the collected local end data, remove unique attributes, process missing values ​​and abnormal value detection and processing; and then perform data processing Reduction processing, including: removing the mean value, calculating the covariance matrix, calculating the eigenvalues ​​and eigenvectors of the covariance matrix, sorting the eigenvalues ​​from large to small, retaining the largest eigenvector, converting the data to a new space constructed by the eigenvector In; finally the new data after processing.

[0046] Specifically, data reduction refers to minimizing the amount of data while maintaining the original appearance of the data as much as possible (the necessary prerequisite for completing this task is to understand the mining task and be familiar with the content of the data itself). For small or medium-sized datasets, general data preproce...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of neural networks, and specifically relates to a method and a system for constructing a large-scale trapping scene based on cloud computing. The method performs the following steps: Step 1: Establish multiple application layers, transport layers, network layers, and links with the local end Clouds with the same layer and physical layer, each cloud is regarded as a mirrored decoy container on the local side; Step 2: Collect the decoy resource data on the local side, the decoy resource data includes at least: user behavior data, application usage data, network environment Data, login credential data, file data, and traffic data; perform data preprocessing on the collected local data, obtain preprocessed data, and classify the preprocessed data. It classifies and learns the decoy resource data to ensure that different decoy resource data can be used for more suitable model training, so that the generated decoy will be more deceptive.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a method and a system for constructing a large-scale trapping scene based on cloud computing. Background technique [0002] With the continuous popularization of the Internet, more and more units and personal computers are connected to the Internet, and network security problems are becoming more and more serious. Every host on the Internet may be attacked. In recent years, hackers have repeatedly invaded corporate networks. How to ensure enterprise network security and build a safe and reliable enterprise network has become an urgent problem to be solved. [0003] A honeypot is like an intelligence collection system, and a honeypot seems to be an intentional target to lure hackers to attack. So after the attacker invades, you can know how he succeeded, and keep abreast of the latest attacks and vulnerabilities launched against the server. It is also possib...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G06K9/62
CPCH04L63/1491G06F18/23G06F18/24323G06F18/214
Inventor 任俊博
Owner 北京元支点信息安全技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap