CN106534181A - Household network safety controller and control method thereof - Google Patents

Household network safety controller and control method thereof Download PDF

Info

Publication number
CN106534181A
CN106534181A CN201611129730.7A CN201611129730A CN106534181A CN 106534181 A CN106534181 A CN 106534181A CN 201611129730 A CN201611129730 A CN 201611129730A CN 106534181 A CN106534181 A CN 106534181A
Authority
CN
China
Prior art keywords
module
network
control
honey jar
virtual machine
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611129730.7A
Other languages
Chinese (zh)
Inventor
张燕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shangluo University
Original Assignee
Shangluo University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shangluo University filed Critical Shangluo University
Priority to CN201611129730.7A priority Critical patent/CN106534181A/en
Publication of CN106534181A publication Critical patent/CN106534181A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a household network safety controller and a control method thereof. The controller comprises a control host, a display screen is arranged on the control host, one side of the control host is provided with a network interface, the control host is connected with a household router, the control host is internally provided with a core circuit board, and the core circuit board is provided with a microprocessor, a display module, an alarm module, a wireless control module, a relay module, an encryption and decryption module and a network safety monitoring module. According to the controller and the control method thereof, the structural principle is simple, virus attack information of the network can be monitored in real time, the household network is prevented from virus attack, the household router is encrypted, and the anti-risk capability, namely the anti-cracking capability, is improved effectively.

Description

A kind of home network safety governor and control method
Technical field
The present invention relates to home network controller technology field, specially a kind of home network safety governor and controlling party Method.
Background technology
As the maturation of China's computer networking technology, the application of computer network are also increasingly wider, computer becomes People's life, work, the indispensable instrument of study, major part computer is attached by network at present, so in reality There is certain net potential safety hazard during use, network signal is stolen, Network Virus Propagation and the network information are attacked more Seriously, in order to ensure the safety of computer network, all it is provided with and the LAN effect of network can be protected to change planes and fire wall, though its Network security performance so can be improve to a certain extent, but which for home network, which is relatively costly, and be in It is also a kind of wasting of resources used in front yard, so its stability in use and use range, the suitability and reality is affected to a certain extent It is restricted with property.
The content of the invention
It is an object of the invention to provide a kind of home network safety governor and control method, to solve above-mentioned background skill The problem proposed in art.
For achieving the above object, the present invention provides following technical scheme:A kind of home network safety governor, including control Main frame, the control main frame are provided with display screen, and the control main frame side is provided with networking interface, and the control main frame connects house With router, core circuit plate inside the control main frame, is provided with, the core circuit plate is provided with microprocessor, shows mould Block, alarm module, wireless control module, relay module, encryption/decryption module and network security monitoring modular, the microprocessor Device connects display module, alarm module, wireless control module, relay module and network security monitoring modular respectively, described Wireless control module connects home router, and the encryption/decryption module connects home router and microprocessor respectively.
Preferably, the honey jar that the network security monitoring modular is included deep net induction apparatuss and is connected with the deep net induction apparatuss Server, the deep net induction apparatuss include flow import modul, data control block, attack detection module, logging modle, warning Display module, unknown network attack extraction module, data base and journal file;The honey jar server includes virtual machine honey jar group With virtual machine honey jar group control module, the virtual machine honey jar group is made up of multiple virtual machine honey jars being currently running;
The input of the flow import modul is connected with monitored network, its outfan simultaneously with data control block, Attack detection module, the input of logging modle are connected, bidirectional interface and the virtual machine honey jar faciation of the data control block Even, also it is connected with the input of attack detection module, logging modle while one outfan is connected with monitored network, institute Another outfan for stating data control block is connected with the input of virtual machine honey jar group control module, the virtual machine honey jar The outfan of group control module is connected with virtual machine honey jar faciation, the second input and the attack detection module of the logging modle Outfan is connected, and the outfan of the logging modle is connected with the input of data base and journal file, the journal file Outfan and unknown network are attacked extraction module and are connected, the outfan of the data base and meanwhile with alarm display module and non-Hownet Network is attacked extraction module and is connected.
Preferably, the encryption/decryption module includes encrypting module and deciphering module, is provided with first in the encrypting module Fpga chip, RS485 communication interfaces, first fpga chip connect RS485 communication interfaces;The deciphering module Second fpga chip, the 2nd RS485 communication interfaces are provided with inside, second fpga chip connects the 2nd RS485 communication interfaces, institute State Receiver module, key deposit module.
Preferably, control method is comprised the following steps:
Flow information, internet worm characteristic information in A, network security monitoring modular real time monitoring network, and will collection Signal send to microprocessor processes;
After being analyzed and processed after B, microprocessor receive information, if being tested with abnormal information, encryption and decryption mould is controlled Block is encrypted to home router;
If C, not detecting abnormal signal, control home router work is detected during networking different again Regular signal, then control relay module work, disconnects working power, protects home network.
Compared with prior art, the invention has the beneficial effects as follows:
(1) present configuration principle is simple, can real time monitoring network virus attack information, prevent home network to be subject to disease Poison is attacked, while can be encrypted to home router, effectively improves the ability to ward off risks being cracked.
(2) the network security monitoring modular sensitivity that the present invention is adopted is high, can using high interaction honey jar is laid in deep net Depth is carried out with attacker to interact, so as to accurately identify the attack signature of virus attack person.
(3) encryption/decryption module that the present invention is adopted, can further improve the safety of home router data transfer.
Description of the drawings
Fig. 1 is schematic structural view of the invention;
Fig. 2 is the core circuit plate control principle block diagram of the present invention;
Fig. 3 is the network security monitoring modular theory diagram of the present invention;
Fig. 4 is the encryption/decryption module theory diagram of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Site preparation is described, it is clear that described embodiment is only a part of embodiment of the invention, rather than the embodiment of whole.It is based on Embodiment in the present invention, it is every other that those of ordinary skill in the art are obtained under the premise of creative work is not made Embodiment, belongs to the scope of protection of the invention.
Fig. 1-4 are referred to, the present invention provides a kind of technical scheme:A kind of home network safety governor, including control master Machine 1, the control main frame 1 are provided with display screen 2, and 1 side of the control main frame is provided with networking interface 3, and the control main frame 1 connects Home router 4 is connect, core circuit plate 5 inside the control main frame 1, is provided with, the core circuit plate 5 is provided with microprocessor 6th, display module 7, alarm module 8, wireless control module 9, relay module 10, encryption/decryption module 11 and network security monitoring Module 12, the microprocessor 6 connect display module 7, alarm module 8, wireless control module 9, relay module 10 respectively with And network security monitoring modular 12, the connection home router 4 of the wireless control module 9, the encryption/decryption module 11 connect respectively Connect home router 4 and microprocessor 6.
In the present embodiment, network security monitoring modular 12 is included deep net induction apparatuss 13 and is connected with the deep net induction apparatuss 13 Honey jar server 14, the deep net induction apparatuss 13 include flow import modul 15, data control block 16, attack detection module 17th, logging modle 18, alarm display module 19, unknown network attack extraction module 20, data base 21 and journal file 22;It is described Honey jar server 14 includes virtual machine honey jar group 23 and virtual machine honey jar group control module 24, and the virtual machine honey jar group 23 is by more The individual virtual machine honey jar composition being currently running;
The input of the flow import modul 15 is connected with monitored network, and its outfan is while and data control block 16th, attack detection module 17, the input of logging modle 18 are connected, the bidirectional interface and virtual machine of the data control block 16 Honey jar group 23 be connected, while one outfan is connected with monitored network also with attack detection module 17, logging modle 18 Input be connected, another outfan of the data control block 16 and the input of virtual machine honey jar group control module 24 It is connected, the outfan of the virtual machine honey jar group control module 24 is connected with virtual machine honey jar group 23, the logging modle 18 Second input is connected with the outfan of attack detection module 17, outfan and data base 21 and the daily record of the logging modle 18 The input of file 22 is connected, and outfan and the unknown network of the journal file 22 are attacked extraction module 20 and be connected, the number Extraction module 20 is attacked with alarm display module 19 and unknown network simultaneously according to the outfan in storehouse 21 to be connected, the net that the present invention is adopted The sensitivity of network safety monitoring module is high, can carry out depth with attacker using the high interaction honey jar of laying in deep net and interact, so as to Accurately identify the attack signature of virus attack person.
In the present embodiment, encryption/decryption module 11 includes encrypting module 25 and deciphering module 26, sets in the encrypting module 25 There are the first fpga chip 27, RS485 communication interfaces 28, first fpga chip 27 connects RS485 communication interfaces 28;The second fpga chip 29, the 2nd RS485 communication interfaces 30, second fpga chip 29 are provided with the deciphering module 26 Connect the 2nd RS485 communication interfaces 30, access between RS485 communication interfaces 28 and the 2nd RS485 communication interfaces 30 Key generator 31, key issuing server 32, key reception module 33, key deposit module 34, the present invention is adopted plus solution Close module, can further improve the safety of home router data transfer.
The control method of the present invention is comprised the following steps:
Flow information, internet worm characteristic information in A, network security monitoring modular real time monitoring network, and will collection Signal send to microprocessor processes;
After being analyzed and processed after B, microprocessor receive information, if being tested with abnormal information, encryption and decryption mould is controlled Block is encrypted to home router;
If C, not detecting abnormal signal, control home router work is detected during networking different again Regular signal, then control relay module work, disconnects working power, protects home network.
Present configuration principle is simple, can real time monitoring network virus attack information, prevent home network to be subject to virus Attack, while can be encrypted to home router, effectively improve the ability to ward off risks being cracked.
Although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with Understanding can carry out various changes, modification, replacement to these embodiments without departing from the principles and spirit of the present invention And modification, the scope of the present invention be defined by the appended.

Claims (4)

1. a kind of home network safety governor, including control main frame (1), it is characterised in that:Control main frame (1) is provided with Display screen (2), control main frame (1) side are provided with networking interface (3), described control main frame (1) connection home router (4) it is, described to be provided with core circuit plate (5) inside control main frame (1), core circuit plate (5) be provided with microprocessor (6), Display module (7), alarm module (8), wireless control module (9), relay module (10), encryption/decryption module (11) and network Safety monitoring module (12), microprocessor (6) connect display module (7), alarm module (8), wireless control module respectively (9), relay module (10) and network security monitoring modular (12), described wireless control module (9) connection home router (4), encryption/decryption module (11) connect home router (4) and microprocessor (6) respectively.
2. a kind of home network safety governor according to claim 1, it is characterised in that:The network security monitors mould Block (12) includes deep net induction apparatuss (13) and the honey jar server (14) being connected with deep net induction apparatuss (13), the deep net sense Answer device (13) include flow import modul (15), data control block (16), attack detection module (17), logging modle (18), Alarm display module (19), unknown network attack extraction module (20), data base (21) and journal file (22);The honey jar clothes Business device (14) includes virtual machine honey jar group (23) and virtual machine honey jar group control module (24), virtual machine honey jar group (23) by Multiple virtual machine honey jar compositions being currently running;
The input of flow import modul (15) is connected with monitored network, and its outfan is while and data control block (16), attack detection module (17), the input of logging modle (18) are connected, the bidirectional interface of data control block (16) It is connected with virtual machine honey jar group (23), goes back and attack detection module while one outfan is connected with monitored network (17), the input of logging modle (18) is connected, another outfan and the virtual machine honey jar of data control block (16) The input of group control module (24) is connected, outfan and the virtual machine honey jar group of the virtual machine honey jar group control module (24) (23) it is connected, second input of logging modle (18) is connected with the outfan of attack detection module (17), the record The outfan of module (18) is connected with the input of data base (21) and journal file (22), the output of journal file (22) End is attacked extraction module (20) with unknown network and is connected, the outfan of data base (21) and meanwhile with alarm display module (19) Extraction module (20) is attacked with unknown network to be connected.
3. a kind of home network safety governor according to claim 1, it is characterised in that:Encryption/decryption module (11) Including encrypting module (25) and deciphering module (26), be provided with encrypting module (25) the first fpga chip (27), first RS485 communication interfaces (28), described first fpga chip (27) connect RS485 communication interfaces (28);The deciphering module (26) the second fpga chip (29), the 2nd RS485 communication interfaces (30), described second fpga chip (29) connection second is provided with RS (485) communication interface (30), accesses between RS485 communication interfaces (28) and the 2nd RS485 communication interfaces (30) Key generator (31), key issuing server (32), key reception module (33), key deposit module (34).
4. a kind of control method of the home network safety governor described in claim 1 is realized, it is characterised in that:Control method Comprise the following steps:
Flow information, internet worm characteristic information in A, network security monitoring modular real time monitoring network, and the letter that will be gathered Number send to microprocessor processes;
After being analyzed and processed after B, microprocessor receive information, if being tested with abnormal information, encryption/decryption module pair is controlled Home router is encrypted;
If C, not detecting abnormal signal, control home router work detects abnormal letter during networking again Number, then control relay module work disconnects working power, protects home network.
CN201611129730.7A 2016-12-09 2016-12-09 Household network safety controller and control method thereof Pending CN106534181A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611129730.7A CN106534181A (en) 2016-12-09 2016-12-09 Household network safety controller and control method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611129730.7A CN106534181A (en) 2016-12-09 2016-12-09 Household network safety controller and control method thereof

Publications (1)

Publication Number Publication Date
CN106534181A true CN106534181A (en) 2017-03-22

Family

ID=58341539

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611129730.7A Pending CN106534181A (en) 2016-12-09 2016-12-09 Household network safety controller and control method thereof

Country Status (1)

Country Link
CN (1) CN106534181A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107306208A (en) * 2017-07-17 2017-10-31 合肥执念网络科技有限公司 A kind of router network safety management system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1936862A1 (en) * 2006-12-18 2008-06-25 Alcatel Lucent Home network secure module for a homeplug network
CN103607399A (en) * 2013-11-25 2014-02-26 中国人民解放军理工大学 Special IP network safety monitor system and method based on hidden network
CN104869112A (en) * 2015-04-23 2015-08-26 中山弘博企业管理咨询有限公司 Computer network safety controller
CN104992127A (en) * 2015-07-09 2015-10-21 李志学 Computer data safety management apparatus
CN204808334U (en) * 2015-06-29 2015-11-25 唐山学院 Computer network safety governor
CN205754424U (en) * 2016-07-01 2016-11-30 吉林铁道职业技术学院 Network security controller of computer

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1936862A1 (en) * 2006-12-18 2008-06-25 Alcatel Lucent Home network secure module for a homeplug network
CN103607399A (en) * 2013-11-25 2014-02-26 中国人民解放军理工大学 Special IP network safety monitor system and method based on hidden network
CN104869112A (en) * 2015-04-23 2015-08-26 中山弘博企业管理咨询有限公司 Computer network safety controller
CN204808334U (en) * 2015-06-29 2015-11-25 唐山学院 Computer network safety governor
CN104992127A (en) * 2015-07-09 2015-10-21 李志学 Computer data safety management apparatus
CN205754424U (en) * 2016-07-01 2016-11-30 吉林铁道职业技术学院 Network security controller of computer

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107306208A (en) * 2017-07-17 2017-10-31 合肥执念网络科技有限公司 A kind of router network safety management system

Similar Documents

Publication Publication Date Title
CN103684922B (en) Outlet information privacy checking detection platform system based on SDN (self-defending network) and detection method
CN103607399A (en) Special IP network safety monitor system and method based on hidden network
CN104506507A (en) Honey net safeguard system and honey net safeguard method for SDN (self-defending network)
CN108259472A (en) Dynamic joint defence mechanism based on attack analysis realizes system and method
CN107566359A (en) A kind of intelligent fire-proofing wall system and means of defence
CN108076053A (en) A kind of real-time traffic towards wireless internet of things is intercepted and abnormity early warning system and method
CN107070893A (en) A kind of power distribution network terminal IEC101 protocol massages certification method of discrimination
CN206193795U (en) Computer intelligent information secure processing device
CN106572103B (en) hidden port detection method based on SDN network architecture
CN106534181A (en) Household network safety controller and control method thereof
CN206712543U (en) A kind of network information security supervising device
Xie et al. A micro-segmentation protection scheme based on zero trust architecture
CN106302520A (en) A kind of remote control class wooden horse sweep-out method and device
CN110457897A (en) A kind of database security detection method based on communication protocol and SQL syntax
CN206178834U (en) Computer network information safety coefficient
CN109120619A (en) A kind of computer network communications system
CN205788190U (en) A kind of office computer information security managing and control system based on fingerprint identification technology
CN107959596A (en) A kind of method and network system of the monitoring network based on network system
CN103336931A (en) Computer-networking information-safety application system
CN203911973U (en) Expansible network system suitably used for large-scale local area network security
CN201707676U (en) Virtualized enterprise information management system
CN107547546B (en) Lightweight height interaction honey network data transmission method, system based on card computer
CN206790520U (en) A kind of safety and protection system for electricity customer service center
CN202353603U (en) Safety protection system for emergency commanding platform
CN106651361A (en) Internet terminal for financial IC (Integrated Circuit) card and transaction method thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170322