450 results about "Hacker" patented technology

A method of authenticating an online transaction over a first network uses 2-factor authentication of the user to defeat hacker attacks. A communication device is registered for use with the method. The communication device is configured to receive messages over a second network independent of the first network. The user is authenticated over the first network using a first factor, such as a username and password, and then initiates the transaction. A request to execute the transaction is received and a one-time password is obtained to be used as a second factor of authentication. The one-time password and details describing the transaction are sent to the communication device over the second network. The one-time password is received from the user over the first network to complete the second factor of authentication.

A website system configuration method which is based on crawler technology and used for file management, safety defense and testing diagnosis can automatically establish management files for files and URL link of website and adopts the management files as the basic foundation to judge whether the webpage is attacked by hackers and whether the link relationship is falsified so as to find the error link of the website. The method can automatically and fully test the URL response time contained in the website so as to find illegal link and 'sensitive words' in the webpage; and the method can be adopted as the tool for the website test, diagnosis, evaluation and safety defense.

Aspects of the invention comprise methods and systems for collecting penetration tester data, i.e. data from one or more simulated hacker attacks on an organization's digital infrastructure in order to test the organization's defenses, and utilizing the data to train machine learning models which aid in documenting tester training session work by automatically logging, classifying or clustering engagements or parts of engagements and suggesting commands or hints for an tester to run during certain types of engagement training exercises, based on what the system has learned from previous tester activities, or alternatively classifying the tools used by the tester into a testing tool type category.

A security system provides a defense from known and unknown viruses, worms, spyware, hackers, and unwanted or unknown software. The system can implement centralized policies that allow an administrator to approve, block, quarantine, or log file activities. The system maintains file meta-information in the hosts and in the server. A host detects file operations which can cause changes to file content or file name, and updates the host and/or server meta-information as a result. Changes in server meta-information are made available to hosts.

Data surveillance techniques are presented for the detection of security issues, especially of the kind where privileged data may be stolen by steganographic, data manipulation or any form of exfiltration attempts. Such attempts may be made by rogue users or admins from the inside of a network, or from outside hackers who are able to intrude into the network and impersonate themselves as legitimate users. The system and methods use a triangulation process whereby analytical results pertaining to data protocol, user-behavior and packet content are combined to establish a baseline for the data. Subsequent incoming data is then scored and compared against the baseline to detect any security anomalies. The above data surveillance techniques are also applied for detecting intentional or unintentional exfiltration/leak of privileged data/assets between unauthorized users/groups of the organization. Such detection may be performed based on analyzing threat stream data from threat intelligence providers.

The invention discloses a method for ensuring the security of client software. The method comprises the following steps of: 1, downloading the software by using a terminal, and adding terminal identity authentication information into a software packet by using a server; 2, transmitting a binding request to the server by using the terminal; 3, verifying the legality of the binding request, and if the binding request is legal, transmitting a binding success information to the terminal; 4, verifying the legality of the binding success information; 5, transmitting a login request to the server by using the terminal; 6, verifying the legality of the login request, and if the login request is legal, transmitting a login success information to the terminal; and 7, verifying the legality of the login success information, and if the login success information is legal, keeping a session. By the method, the software can be better prevented from being falsified; the security of communication between the terminal and the server can be ensured; replay attacks can be effectively prevented; the software can be detected whether to be falsified or not; and even though a hacker downloads the software and attacks the server by falsifying the software, only the terminal cannot be used normally and the normal use of other users may not be influenced.

The utility model discloses a unidirectional protocol isolation method in network and the special device. The utility model truly realizes unidirectional protocol isolation between the internal and the external network, ensures the safety of the internal network, eliminates the direct dialogue between hackers and the internal network, and has the functions of virus prevention, visit control and safe auditing; the data can only be transmitted unidirectionally from the network with a lower safety grade to the network with a higher safety grade; contrarily, when the data packet is transmitted from a credible terminal to an incredible terminal, hardware circuit support is not available and the data circulation is impossible, thus data in internal network with higher grade leaking out to the network with lower grade is impossible, the security of the system is improved further.

The invention discloses an edge computing data security and privacy protection method based on Fabric, and the method prevents the data from being damaged by artificial malicious deletion and hacker attack due to the non-tamper characteristic of a block chain. Due to the fact that a user can apply for inquiring and obtaining data at any node for building the Fabric, the data safety can be guaranteed under the condition that equipment is accidentally damaged. And the Fabric node built on the edge computing device shares the information to the alliance chain network through broadcasting. In thisway, the information is safely shared to other edge computing nodes which build the Fabric. Due to the fact that all operation on the block chain network can verify the identity of the user, it is guaranteed that only the user authorized with the query authority can obtain data from Fabric, personnel or operators who do not have qualification cannot inquire the data, and privacy data protection is completed. And finally, the protection of the Fabric on the security and privacy of the edge computing data is realized.

The invention provides a DDoS attack defense method and device. The method comprises the steps that a scheduling system maps multiple IP addresses of the business objective to multiple network areas or network lines, and the mapping relation of the multiple IP addresses and the multiple network areas or the network lines is saved in a DNS server so that the DNS server is enabled to return the IP address which is mapped to the network area or the network line to which the network of the client side belongs of the business objective to the client side according to the mapping relation when the DNS server receives the DNS analysis request of the client side for the business objective; if DDoS attack to the IP address returned to the client side by the DNS server is monitored, blackhole routing is configured for the IP address; and the mapping relation of the IP address and the mapped network area or the network line saved in the DNS server is deleted. According to the technical scheme, the DDoS attack initiating difficulty of the hacker can be increased and switching of the IP addresses can be realized.

The invention discloses a washing machine control method and a washing system. A washing machine can be controlled through an intelligent terminal, when the intelligent terminal controls the washing machine, identity authentication is needed and comprises the two modes of human body characteristic authentication and password authentication, when the washing machine detects that human body characteristic authentication of a user is successful, the user is authorized with rights of administrators, when the washing machine detects that password authentication of a user is successful, the user isauthorized with generic rights, and the rights of administrators have more control functions compared with the generic rights. According to the method, the safety of the washing machine is greatly improved, hacker attack manipulation is prevented, the users are authorized with different control rights according to different authentication modes, safer and more comprehensive control functions can be provided for the users conveniently, and use of the users is facilitated.

The invention discloses an Internet of Things honeynet system based on SOAP service simulation, and belongs to the technical field of Internet of Things security. The objective of the invention is tomonitor and collect the security state of the Internet of Things, capture the malicious request of a hacker for the Internet of Things, and collect malicious samples. According to the method, a middle-high interaction honeypot is designed according to a router SOAP service vulnerability CVE-2017-17215;; in order to prevent the situation that a hacker performs injecting service details which are not completed by the simulation serviceand the simulation service honeypot cannot respond and cannot capture subsequent malicious codes and samples, the function of supplementing the simulation servicehoneypot with the honeypot for providing the real SOAP service is realized by using equipment firmware with vulnerabilities; in order to capture more types of SOAP attacks, the SOAP port exposed mostin 2018 is analyzed, and a corresponding multi-port honeypot is manufactured. The honeypots are deployed to a plurality of nodes, a control center is designed at the same time to distribute commands and transmit files, and Docker technology packaging is assisted to achieve rapid deployment. Hackers cannot control the Internet of Things equipment through SOAP service vulnerabilities, so that the security of the Internet of Things is improved.

The invention relates to a method for controlling data in the active defense system of Honeynet by keeping the counting statistics for failed connections, wherein, every IP source address is provided with a counting statistic on the record thereof kept by a short-term counter: if the counting value of the short-term counter exceeds the threshold, that the worm abnormal behavior is detected is determined and the data packets sent from the IP source address are controlled, but if not, the multi-round detection mechanism is triggered and the record of the IP source address is kept in a long-term detection list; and if the timeout happens to a long-term counter, and the counting value thereof exceeds the threshold, that the worm abnormal behavior is detected is determined and the data packets are controlled, and if not, that the data packets are normal and can be released is determined. The method has the advantages that unknown or stealth aggressive behaviors which intentionally slow down the rate of the aggressive behaviors to bypass the control of firewalls, as well as low-rate aggressive behaviors can be identified, particularly, the novel aggressive behavior pattern invented by hackers can be analyzed and identified.

The invention discloses an automatic generation method for a layout protection circuit of a safety chip. The method is an automatic wiring method in an integrated circuit aided design software tool and belongs to the fields of layout and wiring in the integrated circuit aided design software tool. With the increasing popularity of the safety chip, a physical attack technology aiming at the safety chip is gradually mastered by hackers, therefore, the safety of the safety chip is seriously challenged. In order to prevent physical attack, a metal shield is manually arranged on the topmost layer of a metal layer in layout of an efficient circuit by chip design manufacturers; and a signal line of the shield is continuously monitored. At present, the protection circuit is designed through a manual method by domestic safety chip design enterprises, therefore, the efficiency is low and mistakes can be easily made. In the automatic generation method for the layout protection circuit provided by the invention, the layout protection circuit which completely covers the safety chip is automatically generated by a computer program, so that the work can be finished in an extremely short time, development efficiency is greatly increased, and correctness of the layout protection circuit is guaranteed.

The invention discloses a method and a system for defending a distributed denial of service attack. The method comprises the following steps: detecting an IP address of an access network within a set time slice, comparing the detected IP address with a legal IP address which is allowed to be accessed and saved in a legal IP record set of a database, and determining an increasing rate of a number of new IP addresses within unit time; and executing further operation according to the increasing rate of the new IP addresses within the unit time: executing an attack-free processing way, and normally providing services; executing a processing way under a feeler flooding DDoS attack; or executing a processing way under a formal flooding DDoS attack. Through adoption of the method and the system, defensive power can be dynamically adjusted according to an attack type of a hacker, so that an attack source of the hacker is directly denied.

The invention provides a safety reinforcement method for a cloud computing platform. The method is characterized in that: programs on the cloud computing platform are subjected to out-of-band encryption authorization by adopting an active defense technology based on server system reinforcement (SSR) and the out-of-band encryption authorization, and the legitimacy of running a cloud computing program and the security of related data access are ensured under the support of the SSR by dynamic cross authorization between a cloud platform operation monitoring and management system and an external security management center. Therefore, a program running right is prevented from being illegally stolen and controlled by a super hacker Trojan, critical data is prevented from being illegally accessed, and the security of the cloud platform program running and the critical data can be greatly improved.

The invention discloses a method for preventing the leakage of user information. The method for preventing the leakage of user information comprises the following steps: a client sends a registrationrequest; the server side returns a key; the client uses the key value for encryption and transmits the encrypted data to the server side; the user enters the user name password and sends a login request; the server side performs verification and returns the data. According to the invention, the security mechanism is the dynamic nature, the timestamp of each login is inconsistent, and even if a hacker intercepts the encrypted value, the encrypted value will lose efficacy if the sent request can not be simulated within 2 minutes; the invention has great significance to improve the security of the user information.

The invention discloses a CentOS high-interaction honeypot system based on Docker, and the system comprises: a basic service module which is used for deploying a large number of other basic services based on a basic CentOS mirror image, so as to simulate the operation environment of a real host, and improve the interactivity between a honeypot and a hacker; a vulnerability service module which isused for remaining common vulnerabilities and increasing the mode of entering the honeypot system while increasing the number of services in the honeypot system, reducing the difficulty of entering the honeypot system, enabling an attacker to enter the honeypot and collecting data of the attacker; and a data aggregation module which is used for analyzing the operation of the attacker after entering the honeypot system, aggregating all the operations performed by the same user in the honeypot system into one session id through a remote IP, a remote port, a process number and an operation time quadruple, analyzing the operation intention of the attack author and tracing an attack path. The invention further provides an implementation method of the CentOS high-interaction honeypot system based on the Docker. The CentOS high-interaction honeypot system based on the Docker plays a role in protecting real host service.