Method for realizing chaff network data flow heavy orientation

A technology of redirection and data flow, which is applied in the direction of data exchange network, digital transmission system, electrical components, etc., can solve the problems of increasing the difficulty and untestability of network security protection, and cannot assist in the protection of local area networks, etc., to achieve fast processing speed , the effect of protecting the local area network

Inactive Publication Date: 2005-02-23
NANJING UNIV OF POSTS & TELECOMM
View PDF0 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But people are faced with new problems: 1) due to the firewall technology and intrusion detection system shutting out suspicious persons, the attackers cannot succeed, which will make the attackers constantly seek new technical means to attack and increase network security. Difficulty and untestability of protection
In this case, deceiving the network is a kind of mode in which willing people take the bait in a certain sense. It passively waits for the hacker's intrusion, and then records its every move. Doesn't help protect the LAN

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for realizing chaff network data flow heavy orientation
  • Method for realizing chaff network data flow heavy orientation
  • Method for realizing chaff network data flow heavy orientation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0042] The system of the present invention is as image 3 shown. It consists of ordinary PCs A1-A4, among which PC A1 imitates the INTERNET data source and sets its IP address as 10.10.139.10 and MAC address as 00:05:5d:e7:70:94. PC A3 is a decoy network, and its IP address is set to 192.186.1.1, and its MAC address is 00:05:5d:e8:52:75 (the decoy network can be formed by installing an operating system on an ordinary PC, or it can be based on this Then, it imitates a local area network to provide services to users through programming, and captures user behavior, and performs analysis and statistics, etc.). The protected network is PC A4 (it can be one or a local area network composed of multiple PCs), set its IP address to 192.186.1.1, and its MAC address to 00:e0:4c:89:eb:a0 . The algorithm of the system can be Figure 4 The flow chart implementation of the flow chart, the HanleOutP function in the flow chart does some MAC address processing work on the packets sent to th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The method includes following steps: all data accessing into the network are redirected , if the data is from Internet, the source address will be checked to decide if it is in list of questionable IP, if it is in the questionable IP list, its destination MAC address is replaced by the MAC address of the host corresponding to trap network, then transmitting it to trap network; if it is not in the questionable IP address list, it will be checked by using fire wall rule or the rule of instruction detection system, if it doesn't match the detection rules, it means the data is normal, then it will be sent to the protected network, if it matches the detection rules, it means the data is questionable, its destination address will be added into the questionable IP list, then it will be sent to trap network; if all data is from LAN, they will be directly sent out through Internet interface; if the data is from Honeyport, its source MAC address will be replaced by MAC address of corresponding host in LAN, then it will be sent out through Internet interface.

Description

technical field [0001] The invention relates to a method for protecting a network, in particular to a method for realizing decoy network data flow redirection. Background technique [0002] In recent years, the Internet and communication networks have developed rapidly around the world, which has had a great impact and change on the way of life of human society, and the subsequent network information security issues are becoming more and more important . The emergence of means such as network hackers, viruses, information theft and interference have made network security face serious challenges. The world pays a huge price for it every year, up to hundreds of millions of dollars, such as hacked bank account systems, virus outbreaks, and military network interference. [0003] Traditional network security technologies mainly include firewall technology and intrusion detection system. The main function of the firewall is to prevent illegal intruders from entering the networ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/00H04L12/24
Inventor 杨庚彭雷戴云平
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap