Unlock instant, AI-driven research and patent intelligence for your innovation.

Sandbox construction method based on mimicry thought

A construction method and sandbox technology, applied in the field of network security, to achieve the effects of preventing breaches, ensuring correctness, increasing cognition and attack difficulty

Active Publication Date: 2021-02-19
ZHEJIANG UNIV
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

It is difficult for the traditional sandbox system to accurately detect malicious traffic and actively defend against malicious attacks on the file system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Sandbox construction method based on mimicry thought
  • Sandbox construction method based on mimicry thought
  • Sandbox construction method based on mimicry thought

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The invention designs a sandbox construction method based on the idea of ​​mimic defense, which can actively defend against malicious attacks on the file system. The present invention designs a flow transfer module, a sandbox heterogeneous module, a mimicry judgment module, and a monitoring platform module, and realizes the construction of a mimicry sandbox by building a module for a sandbox isomer, and detects the operating system, simulation speed, and malware The sandbox is heterogeneously processed in terms of behavior and other aspects, so that the sandbox has active defense capabilities. When the traffic passes through the sandbox system module, the module will select k from all sandbox isomers for traffic processing. After the processing result is judged by the mimicry judgment module, the abnormal rate of each isomer is modified with the judgment result. When When the abnormal rate of a certain isomer is higher than a certain value, the isomer will be taken offl...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a sandbox construction method based on a mimicry thought. The sandbox construction method can actively defend malicious attacks on a file system. According to the invention, aflow transmission module, a sandbox heterogeneous module, a mimicry decision module and a monitoring platform module are designed, and the mimicry sandbox is constructed by constructing the sandbox heterogeneous module. The sandbox is subjected to isomerization processing in the aspects of an operating system, malicious software detection behaviors, the virtual degree of the sandbox, detection report contents, caustic responsibility requirements of file analysis and detection and the like, so that the sandbox has an active defense capability. When flow passes through the sandbox system module,the sandbox system module selects k isomers from all sandbox isomers for flow processing, after a processing result is judged by the mimicry judgment module, the judgment result is used for modifyingthe abnormal rate of each isomer, when the abnormal rate of a certain isomer is higher than a certain value, offline self-cleaning operation is carried out on the isomer, and finally, a judgment result is transmitted to the monitoring platform, and returned to the service system.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a method for constructing a sandbox based on the idea of ​​mimicry. Background technique [0002] The sandbox system, also known as the unknown threat detection system, mainly detects and protects files at the application level to prevent malicious and harmful files from entering the enterprise system or spreading in the enterprise network, thereby avoiding security hazards. The sandbox system is mainly deployed on the security boundary, such as "internal and external network boundaries", "logically independent two DMZ area boundaries", "physical boundaries", etc. "Intranet and internal network boundaries" mainly refer to the boundary between the Internet and the enterprise intranet The border is the most vulnerable to attacks; "the border of two DMZ areas that are logically independent" generally refers to the internal border abstracted from the enterprise i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06F21/53
CPCG06F21/53H04L63/1408H04L63/1416H04L63/1425
Inventor 吴春明陈双喜赵若琰
Owner ZHEJIANG UNIV
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com