Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network security dynamic defense system and method based on big data

A dynamic defense and network security technology, applied in transmission systems, electrical components, etc., to achieve good defense effects and prolong attack time.

Active Publication Date: 2021-05-11
上海磐御网络科技有限公司
View PDF9 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the face of targeted APT attacks, ransomware, mining viruses and other new attack methods, traditional technical means based on feature detection have great limitations in dealing with dynamic, changeable, high-intensity, etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security dynamic defense system and method based on big data
  • Network security dynamic defense system and method based on big data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0030] Such as figure 1 As shown, a kind of network security dynamic defense system based on big data that the present invention proposes, comprises big data module, dynamic defense module, backup module and monitoring module; Big data module and dynamic defense module are all bidirectionally connected with monitoring module; Backup module It is used for all data in the data module, dynamic defense module, and monitoring module, as well as attack behavior data; the big data module includes a data collection unit, a data management unit, and a threat release unit; the data collection unit, data management unit, and threat release unit are connected in sequence; The data acquisition unit scans the data packets circulating in each node in the network, collects and restores the data packet image files online in real time, and extracts abnormal behavior data; after the data management unit obtains the abnormal behavior data, it cleans its characteristic information, Grouping, summa...

Embodiment 2

[0041] Such as figure 2 As shown, the present invention proposes a network security dynamic defense method based on big data, and the steps are as follows:

[0042] S1. Extract and model according to the attack behavior characteristics recorded in the database, and combine it with the random change state of the defense system. Each system state corresponds to a different attack surface, and the attack and defense sides predict the attack surface. Through the machine Learning and establishing a defense model with the perspective of both offense and defense;

[0043] S2. The data collection unit scans the data packets circulating in each node in the network, collects and restores the data packet image files online in real time, and extracts abnormal behavior data;

[0044] S3. After the data management unit obtains the abnormal behavior data, it cleans, groups, and summarizes its characteristic information, and conducts intelligent analysis in combination with the abnormal beh...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network security dynamic defense system and method based on big data. The system comprises a big data module, a dynamic defense module, a backup module and a monitoring module, the big data module and the dynamic defense module are both bidirectionally connected with the monitoring module; and the backup module is used for all data and attack behavior data in the data module, the dynamic defense module and the monitoring module. Abnormal behaviors in a data packet are positioned and analyzed through a big data module, active defense and passive defense are matched, a dynamic defense model with attacking and defending view angles is established, an attacker is actively spoofed, the sight of the attacker is disturbed, and the attacker is decoy to carry out attack by setting a honeypot, so that the attack time is prolonged and the attack efficiency is improved. The opportunity is provided for the defense model to implement the defense scheme, the dynamic, real-time and active defense of the defense system is finally realized, and the defense effect is good.

Description

technical field [0001] The invention relates to the field, in particular to a big data-based network security dynamic defense system and method. Background technique [0002] In recent years, cyberspace has rapidly risen to a new battlefield among major powers. APT attacks, DDoS, and industrial Internet attacks represented by government enterprises and scientific research institutions have become increasingly serious, leading to the theft of important intelligence data of government enterprises and institutions, and industrial interconnection systems. The financial infrastructure was destroyed and the financial infrastructure suffered heavy economic losses, seriously endangering my country's national security and social and economic interests. In the face of new attack methods such as targeted APT attacks, ransomware, and mining viruses, traditional technical means based on feature detection have great limitations in dealing with dynamic, changeable, and high-intensity aspect...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1491H04L63/20
Inventor 黄龙飞
Owner 上海磐御网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products