Honeypot bait distribution method and device, storage medium and electronic equipment

A honeypot and decoy technology, applied in the field of network security, can solve problems such as low efficiency, lack of attack intention, inconvenient decoy deployment, etc., to achieve the effect of improving security and improving defense efficiency

Active Publication Date: 2021-06-25
广州锦行网络科技有限公司
View PDF8 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the work of deploying bait is usually only done by Party A. Due to some confidential reasons, it is inconvenient for Party B’s implementers to deploy bait in Party A’s company
The personnel of Party A’s company may not be as familiar with the honeypot products as the personnel of Party B, and may encounter various problems in the process of deploying the bait, and the bait may even be ineffective and inefficient
In add

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Honeypot bait distribution method and device, storage medium and electronic equipment
  • Honeypot bait distribution method and device, storage medium and electronic equipment
  • Honeypot bait distribution method and device, storage medium and electronic equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0042] The method embodiment provided in Embodiment 1 of the present application may be executed in a server, a computer, a honeypot host device, or a similar computing device. Take running on the server as an example, figure 1 It is a block diagram of the hardware structure of a server in the embodiment of the present invention. like figure 1 As shown, the server can include one or more ( figure 1 Only one is shown in ) processor 102 (processor 102 may include but not limited to processing devices such as microprocessor MCU or programmable logic device FPGA) and memory 104 for storing data. Optionally, the above-mentioned server can also be A transmission device 106 for communication functions and an input and output device 108 are included. Those of ordinary skill in the art can understand that, figure 1 The shown structure is only for illustration, and it does not limit the structure of the above server. For example, the server may also include figure 1 more or fewer ...

Embodiment 2

[0099] In this embodiment, a honeypot decoy distributing device is also provided, which is used to implement the above embodiments and preferred implementation modes, and what has been explained will not be repeated. As used below, the term "module" may be a combination of software and / or hardware that implements a predetermined function. Although the apparatus described in the following embodiments is preferably implemented in software, implementations in hardware, or a combination of software and hardware, are also possible and contemplated.

[0100] Figure 5 is a structural block diagram of a honeypot decoy distribution device according to an embodiment of the present invention, as Figure 5 As shown, the device includes: an acquisition module 50, a generation module 52, and an allocation module 54, wherein,

[0101] An acquisition module 50, configured to acquire attack behavior data of network attack sources executing attack events;

[0102] A generating module 52, co...

Embodiment 3

[0116] The embodiment of the present application also provides an electronic device, Image 6 is a structural diagram of an electronic device according to an embodiment of the present invention, such as Image 6 As shown, it includes a processor 61, a communication interface 62, a memory 63 and a communication bus 64, wherein the processor 61, the communication interface 62, and the memory 63 complete mutual communication through the communication bus 64, and the memory 63 is used to store computer programs; The processor 61 is configured to implement the following steps when executing the program stored in the memory 63: acquire the attack behavior data of the attack event executed by the network attack source; generate the attack path of the attack event according to the attack behavior data, wherein the The attack path includes several key nodes attacked by the network attack source; honeypot decoys are distributed on the key nodes of the attack path.

[0117] Further, obt...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a honeypot bait distribution method and device, a storage medium and electronic equipment, and belongs to the field of network security. The method comprises the following steps: acquiring attack behavior data of a network attack source for executing an attack event; generating an attack path of the attack event according to the attack behavior data, wherein the attack path comprises a plurality of key nodes attacked by the network attack source; and distributing honeypot bait on the key node of the attack path. Through the method and the device, the technical problem that a honeypot in the related technology cannot defend attacks in a targeted manner is solved, and the defense efficiency of a honeypot network is improved.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method and device for distributing honeypot decoys, a storage medium, and electronic equipment. Background technique [0002] In related technologies, the infiltration methods commonly used by attackers (such as hackers) are divided into three stages: before infiltration. The attacker will collect the target's asset information and draw an asset map. Some major sites have impregnable defenses and are generally not targeted by attacks. Attackers often obtain information on other assets of the enterprise through subdomain blasting or third-party website searches. After asset analysis is complete. The attacker will confirm the penetration breakthrough. At this time, some vulnerable containers, frameworks, services, and unreasonable permissions and system settings may be exploited and become the precise target of the attacker. Faced with valuable weaknesses, attackers will even ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1491
Inventor 吴建亮胡鹏陈寿彬
Owner 广州锦行网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap