CN104967609B - Intranet exploitation server access method, apparatus and system - Google Patents

Intranet exploitation server access method, apparatus and system Download PDF

Info

Publication number
CN104967609B
CN104967609B CN201510209834.8A CN201510209834A CN104967609B CN 104967609 B CN104967609 B CN 104967609B CN 201510209834 A CN201510209834 A CN 201510209834A CN 104967609 B CN104967609 B CN 104967609B
Authority
CN
China
Prior art keywords
server
intranet
exploitation
quarantine
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510209834.8A
Other languages
Chinese (zh)
Other versions
CN104967609A (en
Inventor
刘科峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201510209834.8A priority Critical patent/CN104967609B/en
Publication of CN104967609A publication Critical patent/CN104967609A/en
Application granted granted Critical
Publication of CN104967609B publication Critical patent/CN104967609B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a kind of Intranet exploitation server access method, apparatus and systems, belong to field of Internet communication.The request bag sent positioned at the access stratum server of the outer net is received the method includes the Quarantine Server between Intranet and outer net, and the request bag is to be sent to the access stratum server positioned at the client of the outer net;The Quarantine Server detects whether the request bag meets access consideration using technology of network isolation;If the request bag meets the access consideration, the request bag is sent to the purpose Intranet exploitation server positioned at the Intranet by the Quarantine Server, so that the purpose Intranet exploitation server responds the request bag, the purpose Intranet exploitation server is the Intranet exploitation server that the client request accesses.The present invention realizes the Network Isolation between Intranet and outer net while ensureing that client accesses Intranet exploitation server.The present invention is used for the access of Intranet exploitation server.

Description

Intranet exploitation server access method, apparatus and system
Technical field
The present invention relates to field of Internet communication, more particularly to a kind of Intranet exploitation server access method, device and it is System.
Background technology
It is a critically important project safely in internet industry, client is often refused due to secure context It is directly accessed company Intranet absolutely.Client is usually that the direct-connected exploitation server positioned at outer net is tested and debugged, in this way It is more inconvenient for the problem of client positions, repairs, if client is able to access that the Intranet positioned at Intranet and develops clothes It is engaged in device, the problem of being tested and debugged by the Intranet exploitation server, then can improving client positioning, the effect repaired Rate.
In the related technology, in order to achieve the purpose that client accesses Intranet exploitation server, outer net and Intranet are usually not It is completely isolated, it can access between each other.
But since outer net and Intranet do not have completely isolated, criminal is easy to penetrate into Intranet, so as to attack Intranet exploitation server is hit, in this way while achieving the purpose that client accesses Intranet exploitation server, can not ensure Intranet Safety.
Invention content
In order to solve while achieving the purpose that client accesses Intranet exploitation server, can not to ensure the safety of Intranet The problem of, an embodiment of the present invention provides a kind of Intranet exploitation server access method, apparatus and systems.The technical solution is such as Under:
In a first aspect, a kind of Intranet exploitation server access method is provided, the method includes:
Quarantine Server between Intranet and outer net receives asking for the access stratum server transmission positioned at the outer net Seek packet, the request bag is to be sent to the access stratum server positioned at the client of the outer net;
The Quarantine Server detects whether the request bag meets access consideration using technology of network isolation;
If the request bag meets the access consideration, the request bag is sent to positioned at described by the Quarantine Server The purpose Intranet exploitation server of Intranet, so that the purpose Intranet exploitation server responds the request bag, institute It is the Intranet exploitation server that the client request accesses to state purpose Intranet exploitation server.
Second aspect provides a kind of Intranet exploitation server access mechanism, is used for Quarantine Server, the Quarantine Server Between Intranet and outer net, described device includes:
First receiving module, the request bag that the access stratum server for receiving positioned at the outer net is sent, the request It wraps to be sent to the access stratum server positioned at the client of the outer net;
Isolation module, for detecting whether the request bag meets access consideration using technology of network isolation;
First sending module, for when the request bag meets the access consideration, the request bag to be sent to position In the purpose Intranet exploitation server of the Intranet, so that the purpose Intranet exploitation server rings the request bag It answers, the purpose Intranet exploitation server is the Intranet exploitation server that the client request accesses.
The third aspect provides a kind of Intranet exploitation server access system, the system comprises:
Positioned at the Intranet exploitation server of Intranet;
Positioned at the network access server of outer net;
And the Quarantine Server between Intranet and outer net, the Intranet described in the Quarantine Server second aspect Exploitation server access mechanism.
The advantageous effect that technical solution provided by the invention is brought is:
Intranet exploitation server access method provided by the invention, apparatus and system, due to setting between inner network and external network Quarantine Server is set, whether which meets access consideration using technology of network isolation detection request bag, is asking When packet meets access consideration, request bag is just sent to the purpose Intranet exploitation server positioned at Intranet, is ensureing client visit While asking Intranet exploitation server, the Network Isolation between Intranet and outer net is realized.
Description of the drawings
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for For those of ordinary skill in the art, without creative efforts, other are can also be obtained according to these attached drawings Attached drawing.
Fig. 1 is a kind of Intranet exploitation service involved by Intranet exploitation server access method provided in an embodiment of the present invention Device accesses the structural schematic diagram of system;
Fig. 2 is a kind of flow chart of Intranet exploitation server access method provided in an embodiment of the present invention;
Fig. 3 is the concrete structure schematic diagram that net exploitation server shown in FIG. 1 provided in an embodiment of the present invention accesses system;
Fig. 4 is the flow chart of another Intranet exploitation server access method provided in an embodiment of the present invention;
Fig. 5 is another Intranet exploitation clothes involved by Intranet exploitation server access method provided in an embodiment of the present invention The structural schematic diagram for device access system of being engaged in;
Fig. 6 is a kind of structural schematic diagram of Intranet exploitation server access mechanism provided in an embodiment of the present invention;
Fig. 7 is the structural schematic diagram of another Intranet exploitation server access mechanism provided in an embodiment of the present invention;
Fig. 8 is the structural schematic diagram of another Intranet exploitation server access mechanism provided in an embodiment of the present invention;
Fig. 9 is a kind of structural schematic diagram of server provided in an embodiment of the present invention.
Specific implementation mode
To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with attached drawing to embodiment party of the present invention Formula is described in further detail.
Referring to FIG. 1, it illustrates one involved by Intranet exploitation server access method provided in an embodiment of the present invention Kind Intranet exploitation server accesses the structural schematic diagram of system.It includes positioned at the interior of Intranet that the Intranet exploitation server, which accesses system, Net exploitation server 00;Positioned at the network access server 01 of outer net;And the Quarantine Server between Intranet and outer net 02, in embodiments of the present invention, the region between Intranet and outer net is properly termed as isolated area, and Quarantine Server 02 is located at isolated area Interior, which is all made of out strategy with Intranet and outer net, that is, is located at the device of Intranet and can access the clothes of the isolation in isolated area Business device 02, can also access the Quarantine Server 02 in isolated area, isolated area can be accessed in client positioned at the device of outer net When Intranet exploitation server, the Network Isolation between Intranet and outer net is realized.
It should be noted that outer net, Intranet are divided and are obtained according to the access way difference of internet, wherein outer Net is also referred to as wide area network (English:Wide Area Network;Referred to as:WAN), telenet (English:long haul network) Or public network, outer net usually bridge prodigious physical extent, from tens kilometers to thousands of kilometers, it can connect more the range covered A city or country, or across several continents and telecommunication can be provided, form international telecommunication network.The access side of outer net Formula is:Internet protocol (the English that the device surfed the Internet by outer net obtains:Internet Protocol;Referred to as:IP) address is Non-reserved address on internet, other devices on the device and internet in outer net can be accessed arbitrarily mutually;Intranet Refer generally to LAN, LAN (English:Local Area Network;Referred to as:LAN refer to) being counted by more in a certain region The calculating unit that calculation machine is mutually unified into.The access way of Intranet is:The IP address that the device surfed the Internet by Intranet obtains is internet On reserved address, for example, reserved address can have following 3 kinds of forms:1) 10.x.x.x;2) 172.16.x.x is extremely 172.31.x.x;3)192.168.x.x.The device of usual Intranet is with network address translation (English:Network Address Translation;Referred to as:NAT) agreement passes through a public gateway access internet.The device of Intranet can be on internet Other devices send connection request, but other devices can not send connection request to the device of Intranet on internet.Exploitation Server can carry out exploitation and detection of the function of client etc., and exploitation server can be located in Intranet or outer net, this Exploitation server in inventive embodiments positioned at Intranet is known as Intranet exploitation server, and the exploitation server for being located at outer net is referred to as outer The permission of net exploitation server, Intranet exploitation server is higher than the permission of outer net exploitation server, can be carried out to client more Kind test and debugging.Wherein, it debugs, refers to checking tracking by what tool carried out exception or data, be mainly used for looking into It sees that program is executing the data in key portion, or checks abnormal notice at breakpoint, to solve the problems, such as.Test refers to a series of sides Method or program circuit, are mainly reflected in test case, primarily to pinpointing the problems, debugging is mainly being found for test The solution of problem is carried out after problem.Network access server (English:Network Attached Server;Abbreviation:NAS) It is remote access access device, it can complete to remotely access, realize dialing virtual Private Network (English:Virtual Private Dial-up Networks;Referred to as:VPDN), the network applications such as structure Intranet.
The embodiment of the present invention provides a kind of Intranet exploitation server access method, as shown in Fig. 2, method includes:
Step 101, the Quarantine Server between Intranet and outer net receive the access stratum server transmission positioned at outer net Request bag, which is to be sent to access stratum server positioned at the client of outer net.
Whether step 102, Quarantine Server meet access consideration using technology of network isolation detection request bag.
If step 103, request bag meet access consideration, request bag is sent in the purpose of Intranet by Quarantine Server Net exploitation server, so that purpose Intranet exploitation server responds request bag, purpose Intranet exploitation server is visitor The Intranet exploitation server that the request of family end accesses.
In conclusion due between inner network and external network be provided with Quarantine Server, the Quarantine Server using network every Whether meet access consideration from technology detection request bag, when request bag meets access consideration, just request bag is sent to and is located at The purpose Intranet exploitation server of Intranet, while ensureing that client accesses Intranet exploitation server, realize Intranet with it is outer Network Isolation between net.
Optionally, be provided at least one TCP transponders on Quarantine Server, at least one TCP transponders with positioned at interior Intranet exploitation server in net corresponds,
Quarantine Server between Intranet and outer net receives the request bag sent positioned at the access stratum server of outer net, Including:
Quarantine Server receives the request bag that access stratum server is sent, purpose TCP transfers by purpose TCP transponders Device is the TCP transponders for accessing stratum server and being determined according to the destination address that request bag carries;
Request bag is sent to the purpose Intranet exploitation server positioned at Intranet by Quarantine Server, including:
Request bag is sent to purpose Intranet exploitation server by Quarantine Server by purpose TCP transponders.
Optionally, method further includes:
Quarantine Server detects whether the carry out port scan to Quarantine Server there are scanning machine;
If detect the presence of scanning machine carries out port scan to Quarantine Server, Quarantine Server generation is used to indicate presence The warning information of Cyberthreat.
Optionally, Quarantine Server detects whether the carry out port scan to Quarantine Server there are scanning machine, including:
Quarantine Server detects the server in preset time period with the presence or absence of the same IP address to Quarantine Server The port of predetermined number is accessed successively;
If in preset time period there are the server of the same IP address to the port of the predetermined number of Quarantine Server into Row accesses successively, and Quarantine Server determines that there are scanning machines to the carry out port scan of Quarantine Server;
If there is no the servers of the same IP address to the port of the predetermined number of Quarantine Server in preset time period It is accessed successively, Quarantine Server determines the carry out port scan to Quarantine Server there is no scanning machine.
Optionally, request bag is sent in Quarantine Server after the purpose Intranet exploitation server of Intranet, side Method further includes:
Quarantine Server receives the response bag that purpose Intranet exploitation server is sent, response bag by purpose TCP transponders It is that purpose Intranet exploitation server is generated according to request bag;
Response bag is sent to access stratum server by Quarantine Server by purpose TCP transponders, so that access layer takes Response bag is sent to client by business device.
In conclusion due between inner network and external network be provided with Quarantine Server, the Quarantine Server using network every Whether meet access consideration from technology detection request bag, when request bag meets access consideration, just request bag is sent to and is located at The purpose Intranet exploitation server of Intranet, while ensureing that client accesses Intranet exploitation server, realize Intranet with it is outer Network Isolation between net.
Referring to FIG. 3, it illustrates the concrete structure schematic diagrams that net exploitation server shown in FIG. 1 accesses system.This is interior Net exploitation server accesses system:At least one Intranet exploitation server 00 positioned at Intranet;Network positioned at outer net connects Enter server 01 and at least one client 04;Quarantine Server 02 between Intranet and outer net, Quarantine Server 02 On be provided at least one transmission control protocol (English:Transmission Control Protocol;Referred to as:TCP) transfer Device (proxy) 021, the TCP transponders on Quarantine Server 02 are corresponded with the Intranet exploitation server in Intranet. It is exemplary, in Fig. 3, in the Intranet exploitation server access system, it is deployed with 3 Intranet exploitation servers 00, respectively Intranet Exploitation server 001, Intranet exploitation server 002 and Intranet exploitation server 003, each Intranet exploitation server correspond to one A TCP transponders, then TCP transponders 021 totally 3, respectively TCP transponders 0211, TCP transponders 0212 and TCP transponders 0213, wherein Intranet exploitation server 001 is corresponding with TCP transponders 0211, Intranet exploitation server 002 and TCP transponders 0212 corresponds to, and Intranet exploitation server 003 is corresponding with TCP transponders 0213.
The embodiment of the present invention provides another Intranet exploitation server access method, can be applied to as shown in Figure 3 interior Net exploitation server accesses system, as shown in figure 4, this method includes:
Step 201, client send request bag to access stratum server.
In Intranet exploitation server carries out client test or debugging process, client is needed to pass through access layer service Device sends the request bag for testing or debugging to Intranet exploitation server, and Intranet exploitation server is by carrying out the request bag Test come find client there are the problem of, or by the request bag carry out debugging solve the problems, such as that client exists.
It is exemplary, it is assumed that client is QQ clients, and the QQ message of the QQ clients is shown as mess code in opposite end client (wherein, which is client used in the chatting object using the user of the QQ clients), then need to this QQ clients are tested, come determine client there are the problem of, determine client there are the problem of after, can be by right The QQ clients are debugged, and constantly to be corrected to problem, are finally solved the problems, such as, the QQ message of QQ clients is enable to send out Go out.The request bag can carry above-mentioned QQ message, and Intranet exploitation server determines client by detecting and responding the request bag End there are the problem of.
Request bag is sent to the purpose TCP transponders of Quarantine Server by step 202, access stratum server.
Access stratum server is located at the access layer of outer net, and access layer is often referred to be directly facing user's connection in network or access Part, access stratum server the request bag can be transmitted to router (Router), by the router obtain need arrive The next hop address reached, router has the function of judging network address and selects the paths IP, belongs to a kind of interconnect device, example , the operation principle of router is as follows:Access stratum server is by the destination address of purpose TCP transponders together with data information to ask The form of packet is asked to be sent to router;After router receives the request bag that access stratum server is sent, mesh is first taken out from packet header Address, and calculated according to the routing table being stored in the router and to be sent to the purpose TCP transponders of Quarantine Server most Good path, and request bag is sent to according to the optimal path purpose TCP transponders of the Quarantine Server, the request bag is from access It can pass through one or more routers, practical mistake during the purpose TCP transponders of stratum server arrival Quarantine Server Journey can refer to the prior art, this is no longer described in detail in the embodiment of the present invention.
Optionally, destination address is used for the unique mark request bag destination device to be sent, in the embodiment of the present invention, by It is corresponded in TCP transponders and Intranet exploitation server, the address of TCP transponders can be only carried in request bag, as long as should Request bag reaches the TCP transponders indicated by the address of the TCP transponders, so that it may to be turned the request bag by the TCP transponders It is sent to corresponding Intranet exploitation server, therefore destination address can include IP with recognition purpose TCP transponders, the destination address Location and purpose TCP port number, Internet protocol IP address are used to indicate the IP address of Quarantine Server, and purpose TCP port number is used for The port numbers of indicative purpose TCP transponders, exemplary, the embodiment of the present invention assumes the purpose TCP transponders of destination address instruction For the TCP transponders 0211 in Fig. 3.
Whether step 203, Quarantine Server meet access consideration using technology of network isolation detection request bag.
Technology of network isolation refers to two or more computers or network on the basis of disconnecting, and realizes letter Breath exchanges and resource-sharing, that is to say, that it can not only make the isolation of two real-time performances physically by technology of network isolation, but also Data exchange can be carried out under the network environment of safety.In embodiments of the present invention, Quarantine Server can pass through special physics Hardware and the security protocol framework between Intranet and outer net play security isolation leader, and two networks is made spatially to be physically isolated While, and the information such as virus, malicious code in data exchange process can be filtered, to ensure data information in believable network It swaps, share in environment, while also to ensure that user obtains required data information by stringent ID authentication mechanism.
Exemplary, in the embodiment of the present invention, Quarantine Server can pass through access control, authentication, encryption and number At least one of the security mechanisms such as signature realize Network Isolation.For example, according to corresponding to request bag user identity and its The a certain definition group belonged to limits access of the user to certain items of information, or limits the use to certain control functions.No Same security mechanism, corresponding different access consideration, the visit set by security mechanism in request bag meets Quarantine Server When asking condition, just allow the request bag being forwarded to Intranet exploitation server.
Wherein, access control controls client to Internet resources such as server, catalogue, files commonly used in system manager Access, access control is commonly divided into self contained navigation and forced symmetric centralization two major classes.Self contained navigation, refer to by The access object (file, tables of data etc.) that user has the right to create itself accesses, and can be by the access to these objects Power authorizes other users and withdraws its access rights from the user for authorizing permission;Forced symmetric centralization refers to by system (by special The system security official of door setting) the mandatory control unify of object that user is created, according to the rule decision of regulation Which user can carry out which object the access of what OS Type, even founder user, create one After a object, it is also possible to have no right to access the object.In embodiments of the present invention, Quarantine Server generally use forced symmetric centralization To carry out Network Isolation.
Authentication is also referred to as authentication or identity differentiates, refers to that behaviour is confirmed in computer and computer network system The process of writer identity so that it is determined that whether the user has access and the access right to certain resource, and then makes computer It can reliably and efficiently be executed with the access strategy of network system, prevent attacker from palming off the access that validated user obtains resource Permission ensures the safety of system and data, and authorizes the legitimate interests of visitor.The mode of authentication can by a variety of, Such as static password certification, dynamic password authentication or short message password certification.It is exemplary, it is assumed that the QQ message of QQ clients persistently can not It sends out, user contacts customer service, shows that QQ clients go wrong, customer service provides a user specific dynamic password, then carries The request bag of the dynamic password can be by the authentication of Quarantine Server, into Intranet.
Encryption refers to changing original information data with certain special algorithm so that even if the user of unauthorized obtains Encrypted information, but the method because not knowing decryption, still can not understand the content of information.Its specific method can refer to correlation Technology, comparison of the embodiment of the present invention are not detailed.
Digital signature, also known as public key digital signature or Electronic Signature are a kind of similar common physics label write on paper Name, but the technology in public key encryption field has been used to realize, the method for differentiating digital information.A set of digital signature is usually fixed Adopted two kinds of complementary operations, one is used to sign, another is for verifying.Its specific method can refer to the relevant technologies, this hair Bright embodiment comparison is not detailed.
In practical application, technology of network isolation may include network admittance control (English:Network Access Control;Referred to as:NAC) technology is terminated using NAC, and Network Isolation server can only allow legal, credible end Point device, such as personal computer (English:personal computer;Referred to as:PC), server, palm PC (English: Personal Digital Assistant;Referred to as:PDA), accesses Intranet is waited, without allowing other devices to access Intranet.
Optionally, in the embodiment of the present invention, the port numbers for the TCP transponders being arranged on Quarantine Server can be dynamic Port (Dynamic Ports) or privately owned port (Private Ports), such as port numbers 49152 to 65535, utilization rate compared with Port numbers that are low, selecting some not have leaky port numbers as TCP transponders in these port numbers, can reduce in TCP Turn the probability that the port numbers of device are found by criminal, realizes certain Network Isolation effect.
Step 204, Quarantine Server send out request bag when request bag meets access consideration, by purpose TCP transponders It send to the purpose Intranet exploitation server positioned at Intranet.
TCP transponders are used to a TCP packet completely going to another address set, and TCP packets can be request Packet or response bag.Due in the embodiment of the present invention TCP transponders with Intranet exploitation server be it is one-to-one, for Any one TCP transponder, another address set are the Intranet exploitation server corresponding to the TCP transponders, therefore, When purpose TCP transponders obtain request bag, which can be sent to the corresponding Intranet exploitation of purpose TCP transponders Server, i.e. purpose Intranet exploitation server, the purpose Intranet exploitation server are the Intranet exploitation clothes that client request accesses Business device, can respond request bag.
Exemplary, the embodiment of the present invention assumes that the purpose TCP transponders of destination address instruction are the TCP transponders in Fig. 3 0211, since Intranet exploitation server 001 is corresponding with TCP transponders 0211, then request bag is sent to interior by TCP transponders 0211 Net exploitation server 001.
Step 205, purpose Intranet exploitation server generate response bag according to request bag.
Exemplary, which may include the test generated according to request bag or tune-up data.
Response bag is sent to the purpose TCP transponders of Quarantine Server by step 206, purpose Intranet exploitation server.
Since Intranet exploitation server and TCP transponders correspond, response bag can be according to the former road of request bag Diameter is back to the corresponding purpose TCP transponders of purpose Intranet exploitation server.
Response bag is sent to access stratum server by step 207, Quarantine Server by purpose TCP transponders.
Since the access rights of Intranet exploitation server are higher, server is generally insulated without locating again to the response bag Reason need to only be carried out simple response bag forwarding by purpose TCP transponders, but, can also be right in order to ensure the safety of response bag Response bag is encrypted or the processing such as digital signature, can specifically refer to step 203, and the present invention does not repeat this.
Step 208 enters stratum server response bag is sent to client.
It is worth noting that in the embodiment of the present invention, TCP transponders on Quarantine Server 02 with it is interior in Intranet Net exploitation server corresponds, and not only can increase the difficulty that criminal inquires port numbers, can also realize request Packet or response bag are accurately forwarded.
Further, Quarantine Server is during executing step 203, can also detect whether there are scanning machine to every Carry out port scan from server;If detect the presence of scanning machine carries out port scan, Quarantine Server to Quarantine Server The warning information being used to indicate there are Cyberthreat is generated, which would generally be sent to system security official (also referred to as network Administrator).Optionally, Quarantine Server detects whether the carry out port scan to Quarantine Server there are scanning machine, including:Every From in server detection preset time period with the presence or absence of the server of the same IP address to the predetermined number of Quarantine Server Port access successively (also referred to as poll);If there are the servers of the same IP address to Quarantine Server in preset time period The port of predetermined number accessed successively, Quarantine Server determines that there are scanning machines and is swept to the carry out port of Quarantine Server It retouches;If in preset time period there is no the server of the same IP address to the port of the predetermined number of Quarantine Server carry out according to Secondary access, Quarantine Server determine the carry out port scan to Quarantine Server there is no scanning machine.It is exemplary, the preset time Section is 15 minutes, and predetermined number is at least ten.Detect whether that there are scanning machines is to the carry out port scan of Quarantine Server To try out correct port numbers, i.e., a kind of effective alarming mechanism can prevent criminal by accessing each port successively Make prompt system security official, prevents the attack of criminal.
In practical applications, it in Intranet exploitation server access system can also include the outer net exploitation service for being located at outer net Device 03, referring to FIG. 5, it illustrates the another kinds involved by Intranet exploitation server access method provided in an embodiment of the present invention Intranet exploitation server accesses the structural schematic diagram of system.It includes at least one be located at that the Intranet exploitation server, which accesses system, The Intranet exploitation server 00 of net;Positioned at the network access server 01 of outer net, at least one outer net exploitation server 03 and At least client 04;Quarantine Server 02 between Intranet and outer net, exemplary, in Fig. 5, which visits It asks in system, is deployed with 3 Intranet exploitation servers 00, respectively Intranet exploitation server 001, Intranet exploitation server 002 With 003,2 outer net exploitation servers 03 of Intranet exploitation server, respectively outer net exploitation server 031, outer net exploitation service Device 032.In Intranet exploitation server access system shown in Fig. 5, network access server can first judge that client is wanted The position of the exploitation server of access, if client access is Intranet exploitation server, detailed process can refer to step Rapid 201 to 208, if client access is outer net exploitation server, destination address is desired access to for identifying client Outer net exploitation server, after above-mentioned steps 201, access stratum server request bag is sent to what client desired access to Outer net exploitation server is generated the response bag of response by the outer net exploitation server, and according to backtracking to client.Into one Step, be also provided in outer net with the one-to-one TCP transponders of outer net exploitation server, to make requests on packet or response The forwarding of packet, then the setting method of destination address is identical as in step 202, in the retransmission method and step 204 of TCP transponders Identical, the embodiment of the present invention repeats no more this.
It should be noted that the sequencing of Intranet exploitation server access method step provided in an embodiment of the present invention can Suitably to be adjusted, step according to circumstances can also accordingly be increased and decreased, and any one skilled in the art exists The invention discloses technical scope in, the method that can readily occur in variation should be covered by the protection scope of the present invention, because This is repeated no more.
In conclusion due between inner network and external network be provided with Quarantine Server, the Quarantine Server using network every Whether meet access consideration from technology detection request bag, when request bag meets access consideration, just request bag is sent to and is located at The purpose Intranet exploitation server of Intranet, while ensureing that client accesses Intranet exploitation server, realize Intranet with it is outer Network Isolation between net.Also, it, can be to client since the permission of Intranet exploitation server is higher than outer net exploitation server Carry out preferably test and debugging.
The embodiment of the present invention provides a kind of structural schematic diagram of Intranet exploitation server access mechanism 30, as shown in Fig. 6, For Quarantine Server, between Intranet and outer net, which includes Quarantine Server:
First receiving module 301, the request bag that the access stratum server for receiving positioned at outer net is sent, request bag is position It is sent to access stratum server in the client of outer net.
Isolation module 302, for whether meeting access consideration using technology of network isolation detection request bag.
First sending module 303, for when request bag meets access consideration, request bag to be sent to the mesh positioned at Intranet Intranet exploitation server so that purpose Intranet exploitation server responds request bag, purpose Intranet exploitation server It is the Intranet exploitation server that client request accesses.
In conclusion due to being provided with Intranet exploitation server access mechanism, Intranet exploitation between inner network and external network Whether the isolation module in server access device meets access consideration using technology of network isolation detection request bag, in request bag When meeting access consideration, request bag is just sent to the purpose Intranet exploitation server positioned at Intranet by the first sending module, is being protected While demonstrate,proving client access Intranet exploitation server, the Network Isolation between Intranet and outer net is realized.
Further, be provided at least one TCP transponders on Quarantine Server, at least one TCP transponders be located at Intranet exploitation server in Intranet corresponds, and the first receiving module 301 is used for:It is received and is accessed by purpose TCP transponders The request bag that stratum server is sent, purpose TCP transponders are to access stratum server to be determined according to the destination address that request bag carries TCP transponders.First sending module 303, is used for:Request bag is sent to the exploitation of purpose Intranet by purpose TCP transponders Server.
The embodiment of the present invention provides the structural schematic diagram of another Intranet exploitation server access mechanism 30, such as Fig. 7 institutes Show, is used for Quarantine Server, between Intranet and outer net, device 30 includes Quarantine Server:
First receiving module 301, the request bag that the access stratum server for receiving positioned at outer net is sent, request bag is position It is sent to access stratum server in the client of outer net.
Isolation module 302, for whether meeting access consideration using technology of network isolation detection request bag.
First sending module 303, for when request bag meets access consideration, request bag to be sent to the mesh positioned at Intranet Intranet exploitation server so that purpose Intranet exploitation server responds request bag, purpose Intranet exploitation server It is the Intranet exploitation server that client request accesses.
Detection module 304, for detecting whether there are scanning machines to the carry out port scan of Quarantine Server.
Alarm module 305, for when detecting the presence of scanning machine to Quarantine Server progress port scan, generation to be used for There are the warning information of Cyberthreat for instruction.
Wherein, detection module 304 are used for:Survey preset time period in the presence or absence of the same IP address server to every The port of predetermined number from server is accessed successively;There is the server pair of the same IP address within a preset period of time When the port of the predetermined number of Quarantine Server is accessed successively, determine that there are scanning machines to the carry out port of Quarantine Server Scanning;The server that the same IP address is not present within a preset period of time carries out the port of the predetermined number of Quarantine Server When accessing successively, the carry out port scan to Quarantine Server there is no scanning machine is determined.
The embodiment of the present invention provides the structural schematic diagram of another Intranet exploitation server access mechanism 30, such as Fig. 8 institutes Show, is used for Quarantine Server, between Intranet and outer net, device 30 includes Quarantine Server:
First receiving module 301, the request bag that the access stratum server for receiving positioned at outer net is sent, request bag is position It is sent to access stratum server in the client of outer net.
Isolation module 302, for whether meeting access consideration using technology of network isolation detection request bag.
First sending module 303, for when request bag meets access consideration, request bag to be sent to the mesh positioned at Intranet Intranet exploitation server so that purpose Intranet exploitation server responds request bag, purpose Intranet exploitation server It is the Intranet exploitation server that client request accesses.
Second receiving module 306, for receiving the response that purpose Intranet exploitation server is sent by purpose TCP transponders Packet, response bag are that purpose Intranet exploitation server is generated according to request bag;
Response bag is sent to access stratum server by the second sending module 307 for passing through purpose TCP transponders, so that Stratum server must be accessed, response bag is sent to client.
In conclusion due to being provided with Intranet exploitation server access mechanism, Intranet exploitation between inner network and external network Whether the isolation module in server access device meets access consideration using technology of network isolation detection request bag, in request bag When meeting access consideration, request bag is just sent to the purpose Intranet exploitation server positioned at Intranet by the first sending module, is being protected While demonstrate,proving client access Intranet exploitation server, the Network Isolation between Intranet and outer net is realized.
The embodiment of the present invention provides a kind of Intranet exploitation server access system, and the system may include:Positioned at Intranet Intranet exploitation server;Positioned at the network access server of outer net;And service is isolated between Intranet and outer net Device, the Quarantine Server can be the Quarantine Server in any of the above-described embodiment.The Intranet exploitation server accesses system Can be that any Intranet exploitation server accesses system in Fig. 1, Fig. 3 and Fig. 5.
Fig. 9 shows a kind of structural schematic diagram of server provided in an embodiment of the present invention, interior in the embodiment of the present invention Net exploitation server access mechanism can be some or all of the server.The server can be background server cluster Server in 140.Specifically:
Server 400 includes central processing unit (CPU) 401 including random access memory (RAM) 402 and read-only deposits The system storage 404 of reservoir (ROM) 403, and connect the system bus of system storage 404 and central processing unit 401 405.Server 400 further includes the basic input/output (I/O of transmission information between each device helped in computer System) 406, and for the mass-memory unit of storage program area 413, application program 414 and other program modules 415 407。
Basic input/output 406 includes display 408 for showing information and for user's input information The input equipment 409 of such as mouse, keyboard etc.Wherein display 408 and input equipment 409 is all by being connected to system bus 405 input and output controller 410 is connected to central processing unit 401.Basic input/output 406 can also include defeated Enter o controller 410 for receiving and handling from the defeated of multiple other equipments such as keyboard, mouse or electronic touch pen Enter.Similarly, input and output controller 410 also provides output to display screen, printer or other kinds of output equipment.
Mass-memory unit 407 is connected by being connected to the bulk memory controller (not shown) of system bus 405 To central processing unit 401.Mass-memory unit 407 and its associated computer-readable medium are that server 400 provides Non-volatile memories.That is, mass-memory unit 407 may include such as hard disk or CD-ROM drive etc Computer-readable medium (not shown).
Without loss of generality, computer-readable medium may include computer storage media and communication media.Computer stores Medium includes any of the information such as computer-readable instruction, data structure, program module or other data for storage The volatile and non-volatile of method or technique realization, removable and irremovable medium.Computer storage media include RAM, ROM, EPROM, EEPROM, flash memory or other solid-state storages its technologies, CD-ROM, DVD or other optical storages, cassette, magnetic Band, disk storage or other magnetic storage apparatus.Certainly, skilled person will appreciate that computer storage media is not limited to It states several.Above-mentioned system storage 404 and mass-memory unit 407 may be collectively referred to as memory.
According to various embodiments of the present invention, server 400 can also pass through the network connections such as internet to network On remote computer operation.Namely server 400 can be by the Network Interface Unit 411 that is connected on system bus 405 It is connected to network 412, in other words, other kinds of network or long-range meter can also be connected to using Network Interface Unit 411 Calculation machine system (not shown).
Above-mentioned memory further includes one, and either more than one program one or more than one program are stored in storage In device, it is configured to be executed by CPU, this or more than one program include the Intranet exploitation that any of the above-described embodiment provides Server access method.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and module, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
One of ordinary skill in the art will appreciate that realizing that all or part of step of above-described embodiment can pass through hardware It completes, relevant hardware can also be instructed to complete by program, the program can be stored in a kind of computer-readable In storage medium, storage medium mentioned above can be read-only memory, disk or CD etc..
The foregoing is merely presently preferred embodiments of the present invention, is not intended to limit the invention, it is all the present invention spirit and Within principle, any modification, equivalent replacement, improvement and so on should all be included in the protection scope of the present invention.

Claims (9)

1. a kind of Intranet exploitation server access method, which is characterized in that the method includes:
Quarantine Server between Intranet and outer net receives the access layer clothes positioned at the outer net by purpose TCP transponders The request bag that business device is sent, the purpose TCP transponders are the purposes that the access stratum server is carried according to the request bag The TCP transponders that address determines, the request bag is described accessing stratum server to be sent to positioned at the client of the outer net, Be provided at least one TCP transponders on the Quarantine Server, at least one TCP transponders in the Intranet Intranet exploitation server correspond, the destination address includes IP address and purpose TCP port number, and the IP address is used for Indicate that the IP address of the Quarantine Server, the purpose TCP port number are used to indicate the port of the purpose TCP transponders Number;
The Quarantine Server detects whether the request bag meets access consideration using technology of network isolation;
If the request bag meets the access consideration, the Quarantine Server is asked by the purpose TCP transponders by described in Packet is asked to be sent to the purpose Intranet exploitation server positioned at the Intranet, so that the purpose Intranet exploitation server is to described Request bag is responded, and the purpose Intranet exploitation server is the Intranet exploitation server that the client request accesses.
2. according to the method described in claim 1, it is characterized in that, the method further includes:
The Quarantine Server detects whether that there are scanning machines and carries out port scan to the Quarantine Server;
If detect the presence of scanning machine carries out port scan to the Quarantine Server, the Quarantine Server generation is used to indicate There are the warning information of Cyberthreat.
3. according to the method described in claim 2, it is characterized in that, the Quarantine Server detects whether that there are scanning machines to institute It states Quarantine Server and carries out port scan, including:
Server in the Quarantine Server detection preset time period with the presence or absence of the same IP address services the isolation The port of the predetermined number of device is accessed successively;
If there are the servers of the same IP address to the end of the predetermined number of the Quarantine Server in the preset time period Mouth is accessed successively, and the Quarantine Server determines that there are scanning machines to the carry out port scan of the Quarantine Server;
If there is no the servers of the same IP address to the predetermined number of the Quarantine Server in the preset time period Port is accessed successively, and the Quarantine Server determines that there is no scanning machines and carries out port scan to the Quarantine Server.
4. according to the method described in claim 1, it is characterized in that, passing through the purpose TCP transfers in the Quarantine Server The request bag is sent to after the purpose Intranet exploitation server of the Intranet by device, and the method further includes:
The Quarantine Server receives the response that the purpose Intranet exploitation server is sent by the purpose TCP transponders Packet, the response bag is that the purpose Intranet exploitation server is generated according to the request bag;
The response bag is sent to the access stratum server by the Quarantine Server by the purpose TCP transponders, with So that the response bag is sent to the client by the access stratum server.
5. a kind of Intranet exploitation server access mechanism, which is characterized in that be used for Quarantine Server, the Quarantine Server is located at Between Intranet and outer net, at least one TCP transponders, at least one TCP transponders are provided on the Quarantine Server It is corresponded with the Intranet exploitation server in the Intranet, described device includes:
First receiving module, for receiving asking for the access stratum server transmission positioned at the outer net by purpose TCP transponders Seek packet, the request bag is to be sent to the access stratum server, the purpose TCP transfers positioned at the client of the outer net Device is the TCP transponders that the access stratum server is determined according to the destination address that the request bag carries, the destination address Including IP address and purpose TCP port number, the IP address is used to indicate the IP address of the Quarantine Server, the purpose TCP port number is used to indicate the port numbers of the purpose TCP transponders;
Isolation module, for detecting whether the request bag meets access consideration using technology of network isolation;
First sending module, for when the request bag meets the access consideration, by the purpose TCP transponders by institute It states request bag and is sent to purpose Intranet exploitation server positioned at the Intranet, so that the purpose Intranet exploitation server pair The request bag is responded, and the purpose Intranet exploitation server is the Intranet exploitation service that the client request accesses Device.
6. device according to claim 5, which is characterized in that described device further includes:
Detection module carries out port scan for detecting whether there are scanning machines to the Quarantine Server;
Alarm module, for when detecting the presence of scanning machine to Quarantine Server progress port scan, generating for referring to Show the warning information there are Cyberthreat.
7. device according to claim 6, which is characterized in that the detection module is used for:
Survey end of the interior server with the presence or absence of the same IP address of preset time period to the predetermined number of the Quarantine Server Mouth is accessed successively;
There are the servers of the same IP address to the end of the predetermined number of the Quarantine Server in the preset time period When mouth is accessed successively, determine that there are scanning machines to the carry out port scan of the Quarantine Server;
There is no the servers of the same IP address to the predetermined number of the Quarantine Server in the preset time period When port is accessed successively, determines that there is no scanning machines and port scan is carried out to the Quarantine Server.
8. device according to claim 5, which is characterized in that described device further includes:
Second receiving module, for receiving the sound that the purpose Intranet exploitation server is sent by the purpose TCP transponders It should wrap, the response bag is that the purpose Intranet exploitation server is generated according to the request bag;
Second sending module, for the response bag to be sent to the access stratum server by the purpose TCP transponders, So that the response bag is sent to the client by the access stratum server.
9. a kind of Intranet exploitation server accesses system, which is characterized in that the system comprises:
Positioned at the Intranet exploitation server of Intranet;
Positioned at the network access server of outer net;
And the Quarantine Server between Intranet and outer net, the Quarantine Server include any institute of claim 5 to 8 The Intranet exploitation server access mechanism stated.
CN201510209834.8A 2015-04-28 2015-04-28 Intranet exploitation server access method, apparatus and system Active CN104967609B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510209834.8A CN104967609B (en) 2015-04-28 2015-04-28 Intranet exploitation server access method, apparatus and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510209834.8A CN104967609B (en) 2015-04-28 2015-04-28 Intranet exploitation server access method, apparatus and system

Publications (2)

Publication Number Publication Date
CN104967609A CN104967609A (en) 2015-10-07
CN104967609B true CN104967609B (en) 2018-11-06

Family

ID=54221552

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510209834.8A Active CN104967609B (en) 2015-04-28 2015-04-28 Intranet exploitation server access method, apparatus and system

Country Status (1)

Country Link
CN (1) CN104967609B (en)

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109906586B (en) * 2016-12-30 2022-08-02 谷歌有限责任公司 System and method for configuration verification across secure network boundaries
CN107026850B (en) * 2017-03-17 2018-07-31 中科曙光南京研究院有限公司 A kind of intranet and extranet document exchange method
CN107172011A (en) * 2017-04-18 2017-09-15 东莞信大融合创新研究院 The method and device of data transfer
CN107147637B (en) * 2017-05-05 2019-01-08 腾讯科技(深圳)有限公司 A kind of task execution request processing method, device and computer storage medium
CN107566533B (en) * 2017-10-26 2020-08-04 南威软件股份有限公司 Internal and external network file sharing system based on NAS (network attached storage)
CN109246078B (en) * 2018-08-02 2022-09-13 平安科技(深圳)有限公司 Data interaction method and server
CN110971715A (en) * 2018-09-28 2020-04-07 贵州白山云科技股份有限公司 Headquarter access request method, device and system
CN110011955B (en) * 2018-12-06 2022-03-04 蚂蚁蓉信(成都)网络科技有限公司 SSRF vulnerability or attack determination and processing method, device, equipment and medium
CN110363025A (en) * 2019-06-28 2019-10-22 北京淇瑀信息科技有限公司 A kind of user data privacy management method, apparatus and electronic equipment
CN110727490B (en) * 2019-09-19 2024-09-06 平安科技(深圳)有限公司 Windows account remote management method, device and storage medium
CN113268406A (en) * 2020-02-14 2021-08-17 北京沃东天骏信息技术有限公司 Method, device, equipment and computer readable medium for testing software
CN111371741B (en) * 2020-02-19 2024-04-26 中国平安人寿保险股份有限公司 Method, device, computer equipment and storage medium for transmitting external network data to internal network
CN111985906A (en) * 2020-09-02 2020-11-24 中国银行股份有限公司 Remote office system, method, device and storage medium
CN112637176B (en) * 2020-12-17 2021-08-20 山东云天安全技术有限公司 Industrial network data isolation method, device and storage medium
CN114676434A (en) * 2020-12-24 2022-06-28 网神信息技术(北京)股份有限公司 Method, apparatus, electronic device, medium, and program for improving security of internet
CN112291279B (en) * 2020-12-31 2021-04-06 南京敏宇数行信息技术有限公司 Router intranet access method, system and equipment and readable storage medium
CN113472760A (en) * 2021-06-22 2021-10-01 上海外高桥造船有限公司 Enterprise internal cooperation management method, system, equipment and medium
CN114443594A (en) * 2021-12-18 2022-05-06 中国大唐集团科学技术研究院有限公司中南电力试验研究院 Network security data interaction method, system, device and storage medium
CN115150813B (en) * 2022-09-05 2023-01-20 北京智芯半导体科技有限公司 eSIM card code number writing method, writing device, communication system and server
CN116708580B (en) * 2023-08-08 2023-10-13 武汉华瑞测智能技术有限公司 Power plant intranet access method, equipment and medium based on network isolation device

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1281189A (en) * 2000-08-23 2001-01-24 深圳市宏网实业有限公司 Network security server and its intelligent protection method
CN1421771A (en) * 2001-11-27 2003-06-04 四川安盟科技有限责任公司 Guard system to defend network invansion of unkown attack trick effectively
CN1421772A (en) * 2001-11-27 2003-06-04 四川安盟科技有限责任公司 New system safety guarding method of observing invading scan behavior
CN1917426A (en) * 2005-08-17 2007-02-21 国际商业机器公司 Port scanning method and device, port scanning detection method and device, port scanning system
CN102271132A (en) * 2011-07-26 2011-12-07 北京星网锐捷网络技术有限公司 Control method and system for network access authority and client
CN104023024A (en) * 2014-06-13 2014-09-03 中国民航信息网络股份有限公司 Network defense method and device
CN104363165A (en) * 2014-11-14 2015-02-18 华东电网有限公司 Information interactive system under internal and external network isolation environment and data integrating method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1281189A (en) * 2000-08-23 2001-01-24 深圳市宏网实业有限公司 Network security server and its intelligent protection method
CN1421771A (en) * 2001-11-27 2003-06-04 四川安盟科技有限责任公司 Guard system to defend network invansion of unkown attack trick effectively
CN1421772A (en) * 2001-11-27 2003-06-04 四川安盟科技有限责任公司 New system safety guarding method of observing invading scan behavior
CN1917426A (en) * 2005-08-17 2007-02-21 国际商业机器公司 Port scanning method and device, port scanning detection method and device, port scanning system
CN102271132A (en) * 2011-07-26 2011-12-07 北京星网锐捷网络技术有限公司 Control method and system for network access authority and client
CN104023024A (en) * 2014-06-13 2014-09-03 中国民航信息网络股份有限公司 Network defense method and device
CN104363165A (en) * 2014-11-14 2015-02-18 华东电网有限公司 Information interactive system under internal and external network isolation environment and data integrating method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
《网络隔离环境下多节点接入控制技术研究》;陈征等;《小型微型计算机系统》;20140731;第35卷(第7期);第2-3节、图1-3,8 *

Also Published As

Publication number Publication date
CN104967609A (en) 2015-10-07

Similar Documents

Publication Publication Date Title
CN104967609B (en) Intranet exploitation server access method, apparatus and system
Izhikevich et al. {LZR}: Identifying unexpected internet services
US8756697B2 (en) Systems and methods for determining vulnerability to session stealing
Masoodi et al. Security & privacy threats, attacks and countermeasures in Internet of Things
Lee et al. A comprehensive security assessment framework for software-defined networks
Jero et al. Beads: Automated attack discovery in openflow-based sdn systems
CN103701700B (en) Node discovery method in a kind of communication network and system
US20020120575A1 (en) Method of and apparatus for ascertaining the status of a data processing environment
US20140020067A1 (en) Apparatus and method for controlling traffic based on captcha
US10397225B2 (en) System and method for network access control
Mallick et al. Navigating the Cyber security Landscape: A Comprehensive Review of Cyber-Attacks, Emerging Trends, and Recent Developments
Tok et al. Security analysis of SDN controller-based DHCP services and attack mitigation with DHCPguard
Hussein et al. Software-Defined Networking (SDN): the security review
Lu et al. An SDN‐based authentication mechanism for securing neighbor discovery protocol in IPv6
Alhaidary et al. Vulnerability analysis for the authentication protocols in trusted computing platforms and a proposed enhancement of the offpad protocol
Malik et al. Federated identity management (FIM): Challenges and opportunities
CN110198297A (en) Data on flows monitoring method, device, electronic equipment and computer-readable medium
US11784993B2 (en) Cross site request forgery (CSRF) protection for web browsers
Olazabal et al. Deploying man-in-the-middle attack on IoT devices connected to long range wide area networks (LoRaWAN)
CN102045310B (en) Industrial Internet intrusion detection as well as defense method and device
Joshi Network security: know it all
Amin et al. Edge-computing with graph computation: A novel mechanism to handle network intrusion and address spoofing in SDN
Yang et al. An SDN‐based MTD model
KR102362320B1 (en) System and method for communicating of network address mutation on dynamic network security
Jadhav et al. Detection and mitigation of arp spoofing attack

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant