Situation awareness node defense method and system aiming at APT attack

A situational awareness and node technology, applied in the field of network security, can solve problems such as difficulty in dealing with online real-time unknown attacks, and achieve the effect of improving defense capabilities

Active Publication Date: 2021-08-31
SHANGHAI NEWDON TECH CO LTD
View PDF7 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, as far as the current technology is concerned, the network situation is changing rapidly, and it is difficult to accurately respond to fragmented and ultra-long latency threat behaviors by prior knowledge, and the attacker's attack strategies may be diversified, which also makes network attack prediction difficult to deal with. Unknown attacks online and in real time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Situation awareness node defense method and system aiming at APT attack
  • Situation awareness node defense method and system aiming at APT attack
  • Situation awareness node defense method and system aiming at APT attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0049] see figure 1 As shown, it is a flow chart S10 of a situation awareness node defense method for APT attacks provided by the present invention, and the implementation steps of the method are as follows:

[0050] S100. Collect information about the network node being attacked by the APT, and set a virtual backup node for the aforementioned network node.

[0051] The network node refers to a terminal in a network environment with an independent network address and data processing functions, and the data processing functions include but not limited to the functions of transmitting data, receiving data and / or analyzing data. Network nodes can be workstations, clients, network users, or personal computers, or they can be servers, printers, and other network-connected devices. The entire network environment includes multiple network nodes, and these network nodes are connected through communication lines to form a network topology. The communication line may be a wired commun...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a situation awareness node defense method and system for APT attacks, and relates to the technical field of network security. The node defense method comprises the following steps: collecting information that a network node is attacked by APT, and setting a virtual backup node for the network node; establishing a communication connection between the network node and the virtual backup node, storing the data information of the network node into the virtual backup node, and cutting off the connection between the network node and the associated network node; and establishing a connection between the virtual backup node and the associated network node. According to the method, the storage path of the data information is changed in real time based on the attack mode information in the network, so that an attacker is difficult to find the storage address of the data information to attack, and situation awareness system node defense is realized on the basis of ensuring normal communication of the whole network.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a situation awareness defense method against APT attacks. Background technique [0002] APT (Advanced Persistent Threat), also known as advanced persistent threat, multi-step network attack, has a high degree of concealment, latency and persistence, and is often used by hackers to target specific targets for a long-term, planned and organized Steal data. Compared with other forms of attack, APT attacks are more advanced, mainly reflected in the need to accurately collect the business process and target system of the attack target before launching the attack. [0003] Existing technical means, in the face of APT attacks, use the network security situational awareness system to predict the future security status and changing trends of the network. The situational awareness system uses scientific theories, methods and existing experience to judge and predict the developme...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1441
Inventor 杨腾霄韩可
Owner SHANGHAI NEWDON TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap