Active defense method and system for information network security

An information network and active defense technology, applied in the field of network security management, can solve problems such as difficulty in adapting defense measures

Inactive Publication Date: 2021-09-21
孙勐
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the current defense measures are gradually difficult to adapt to the spread and execution of malicious code in the new network security environment formed by the continuous expansion of network system scale and the gradual transformation of servers to cloud platforms.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Active defense method and system for information network security
  • Active defense method and system for information network security
  • Active defense method and system for information network security

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0056] Embodiment 1: Embodiment 1 of the present invention provides an active defense method for information network security, such as figure 1 As shown, the method includes the following steps:

[0057] S1 sends to the server platform a first request for verifying the integrity of the underlying code of the server platform;

[0058] S2 receives the first response information from the server platform for the first request, and judges whether the application program has been tampered with based on the first response information; if so, then controls the server platform to stop starting; if not, then reports to the server platform sending a second request for evaluating the security status of the server platform; wherein the first response information includes a code hash value collected during startup of the server platform; and comparing the hash value of the code with the initial trust The underlying code integrity verification results obtained by the difference between valu...

Embodiment 2

[0092] Based on the same technical concept, Embodiment 2 of the present invention also provides an active defense system oriented to information network security, such as image 3 As shown, the system includes:

[0093] The request module 101 is configured to send to the server platform a first request for verifying the integrity of the underlying code of the server platform;

[0094]The verification module 102 is configured to receive first response information from the server platform for the first request, and judge whether the application program has been tampered with based on the first response information; if so, control the server platform to stop starting; if not , then send a second request for evaluating the security status of the server platform to the server platform; wherein, the first response information includes the code hash value collected during the startup process of the server platform; and by comparing the hash value of the code The bottom code integrit...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an information network security-oriented active defense method and system. The method comprises the following steps: sending a first request for verifying the integrity of a bottom layer code of a server platform to the server platform; receiving the first response information for the first request from the server platform, and judging whether the application program is tampered or not based on the first response information; if yes, controlling the server platform to stop starting, and if not, sending a second request used for evaluating the safety state of the server platform to the server platform; receiving second response information aiming at the second request from the server platform, evaluating a platform security risk value based on the second response information, and determining a security defense strategy to realize active defense. According to the scheme, the problem that the information network is difficult to resist complex network attacks is solved.

Description

technical field [0001] The invention belongs to the technical field of network security management, and in particular relates to an active defense method and system for information network security. Background technique [0002] In response to the increasing number of network security incidents, different departments such as enterprises and governments have deployed various network security products to ensure the normal implementation of network applications. Such as firewall, intrusion detection, identity authentication, data encryption and decryption, secure communication protocol, fault-tolerant technology, log auditing, etc. "Based on the principle, build a security wall to defend against attacks. In this mode, the server's security protection measures are still passive defense; on the one hand, through the deployment of various types of physical isolation devices, firewalls and intrusion detection equipment, the identification and blocking of viruses, Trojan horses, an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1466
Inventor 孙勐
Owner 孙勐
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap