Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for preventing honeypot from being controlled to become jump server based on virtual switching

A technology of virtual switching and switching, applied in the field of network security, can solve problems such as violation and intrusion, and achieve the effect of avoiding false positives

Active Publication Date: 2021-08-13
江苏天翼安全技术有限公司
View PDF8 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If the deployed large-scale honeypot is attacked by hackers due to insufficient security, it is very likely to be used as a springboard to invade the real server, thus violating the original intention of deploying the honeypot and giving hackers more attack channels

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for preventing honeypot from being controlled to become jump server based on virtual switching

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] The technical solutions of the present invention will be described in detail below, but the protection scope of the present invention is not limited to the embodiments.

[0021] The invention discloses a virtual exchange-based method for preventing a honeypot from being charged as a springboard machine, comprising the following steps:

[0022] Step 1: The SDN controller interacts with the Openvswitch through the OpenFlow protocol, and defines flow entry rules according to flow entry and exit rules.

[0023] In this step, the SDN controller interacts with the OpenvSwitch switch based on the OpenFlow protocol, and defines its flow entry rules according to the flow entry and exit rules. The entry and exit rules of the flow in this solution are to prohibit the honeypot from initiating external requests, that is, the data packets sent by the honeypot to the outside world Both are discarded, but the honeypot is allowed to send packets to the honeypot management system, while ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for preventing a honeypot from being controlled to become a jump server based on virtual switching, which comprises the following steps of: utilizing an SDN controller to interact with an Openswitch switch through an OpenFlow protocol; defining a flow table item according to a rule; matching all messages entering the switch with a source MAC address in the flow table item of the switch according to a flow table; determining the validity / invalidity of the messages; matching the valid message determined according to the MAC address with the source IP in the switch flow table item according to the flow table, continuing to determining the validity / invalidity of the messages, and finally transferring the messages to a honeypot. Based on the OpenFlow protocol, the message passing through the switch is determined in the protocol, the determined invalid message is transferred to the honeypot, all attacks are limited in the range of the honeypot, then the message passing through the honeypot is periodically cleaned, so that the honeypot is prevented from being controlled to become a jump server to invade a real server, and the safety of a network system is guaranteed.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a virtual exchange-based method for preventing a honeypot from being charged as a springboard machine. Background technique [0002] Currently, when deploying honeypots, low-interaction honeypots or high-interaction honeypots are usually used. The security of low-interaction honeypots is strong, but the intensity of intrusion detection is low. When using high-interaction honeypots, it is usually necessary to add a lot of rules and restrictions in the user's network or join its monitoring system to ensure that honeypots Tank system security. In the existing technologies, some intrusion detection technologies also use honeypots, but once a honeypot is controlled by an attacker, it can move laterally in the environment where the honeypot is located, and even use the honeypot as a springboard. Attacks on other servers endanger the entire network. If the deployed large-sca...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/931
CPCH04L49/70H04L63/1491
Inventor 宋彦春郑昭翼胡惠
Owner 江苏天翼安全技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com