CN106888221A - A kind of Secure Information Tanslation Through Netware method - Google Patents
A kind of Secure Information Tanslation Through Netware method Download PDFInfo
- Publication number
- CN106888221A CN106888221A CN201710246228.2A CN201710246228A CN106888221A CN 106888221 A CN106888221 A CN 106888221A CN 201710246228 A CN201710246228 A CN 201710246228A CN 106888221 A CN106888221 A CN 106888221A
- Authority
- CN
- China
- Prior art keywords
- file
- protocol
- network data
- data
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
Abstract
The present invention discloses a kind of Secure Information Tanslation Through Netware method, including:In data link layer, Internet and transport layer, the data message information of network data is filtered based on ICP/IP protocol, acquisition meets the primary network data of ICP/IP protocol;In application layer, judge the application layer protocol of primary network data whether meet regulation, obtain the two grade network data for meeting regulation;Parse the application layer protocol of two grade network data, extract the content of text of two grade network data, judge whether the content of text meets user's setting, termination does not meet the network transmission of the corresponding two grade network data of content of text of user's setting, obtains three-level network data and continues transmission in a network.Inventive network information secure transmission method is filtered to the data message information of network data based on ICP/IP protocol, application layer protocol is judged and is parsed, it is deep into inside application layer data, by the multi-level analysis to network data, the security of network data is improved.
Description
Technical field
The present invention relates to field of network data transmission, more particularly to a kind of Secure Information Tanslation Through Netware method.
Background technology
Traditional firewall only carries out security protection to Internet and transport layer, and only the packet header to network packet is divided
, to realize the filtering of network packet, there are security breaches, it is necessary to user adds other software and hardwares just improves safe effect in analysis,
But cost is increased simultaneously, improve the complexity of detection.
Additionally, after having hardware firewall, user typically can also install antivirus software.Conventional antivirus software is to file
Parsing can only accomplish the judgement of known viruse or wooden horse file, itself is not judged according to the formatted data of file,
It is also conventional hacker by file propagation virus, wooden horse etc. and file is as the carrier of data, and its Cyberthreat is great
Means.Therefore, protected by antivirus software, unitary function has potential safety hazard.
The content of the invention
It is an object of the invention to provide a kind of Secure Information Tanslation Through Netware method, the security of information transfer can be improved.
To achieve the above object, the invention provides following scheme:
A kind of Secure Information Tanslation Through Netware method, the safe transmission method includes:
In data link layer, Internet and transport layer, based on ICP/IP protocol to the data message information of network data
Filtered, termination does not meet the network transmission of the network data of ICP/IP protocol, acquisition meets the primary web of ICP/IP protocol
Network data;
In application layer, judge whether the application layer protocol of the primary network data meets regulation, terminate against regulation
The corresponding primary network data of application layer protocol network transmission, acquisition meets the two grade network data of regulation;
The application layer protocol of the two grade network data is parsed, the content of text of two grade network data is extracted, judges described
Whether the content of text of two grade network data meets user's setting, and the content of text that termination does not meet user's setting is corresponding two grades
The network transmission of network data, obtains three-level network data and continues transmission in a network.
Optionally, the application layer protocol is included at least one in http protocol, File Transfer Protocol, smtp protocol and POP3 agreements
Person.
Optionally, whether the application layer protocol for judging the primary network data meets regulation includes:
The dangerous command word of preset protocol head and agreement afterbody;
Judge the whether dangerous order of protocol headers and/or agreement afterbody of the application layer protocol of the primary network data
The use of word, if it has, the corresponding primary network data of application layer protocol then using dangerous command word is against regulation;Otherwise
Meet.
Optionally, the user is set includes setting the rank of file to be detected, and select file suffix name, file format are simultaneously
Storage.
Optionally, the rank of the file to be detected is divided into primary, intermediate and senior;Wherein,
Whether the data judged in the application layer meet user is set includes:
When file to be detected rank for it is primary when, the suffix name of primary detection file whether the file suffixes name with storage
Matching, terminates the network transmission of the corresponding two grade network data of unmatched filename;
When the rank of file to be detected is for middle rank, after primary detection is completed, whether the file header of middle rank detection file
Matched with the file suffixes name of storage, terminate the network transmission of the corresponding two grade network data of unmatched file header;
When the rank of file to be detected is senior, after primary detection and intermediate detection is completed, senior detection file
Whether content is matched with the file suffixes name of storage, and the network for terminating the corresponding two grade network data of unmatched file content is passed
It is defeated.
Optionally, the file suffixes name of the selection, file format are stored in the form of tables of data.
Optionally, it is described filtering is carried out to the data message information of network data based on ICP/IP protocol to include:
Judge whether IP address, MAC Address and the port of the data message information are effective based on ICP/IP protocol, such as
Fruit is that then the corresponding network data of effective data message information meets ICP/IP protocol;Do not meet otherwise.
According to the specific embodiment that the present invention is provided, the invention discloses following technique effect:
Inventive network information secure transmission method is carried out based on ICP/IP protocol to the data message information of network data
Filter, application layer protocol judged and is parsed, be deep into inside application layer data, by the multi-level analysis to network data,
Improve the security of network data.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to institute in embodiment
The accompanying drawing for needing to use is briefly described, it should be apparent that, drawings in the following description are only some implementations of the invention
Example, for those of ordinary skill in the art, without having to pay creative labor, can also be according to these accompanying drawings
Obtain other accompanying drawings.
Fig. 1 is the flow chart of embodiment of the present invention Secure Information Tanslation Through Netware method.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Site preparation is described, it is clear that described embodiment is only a part of embodiment of the invention, rather than whole embodiments.It is based on
Embodiment in the present invention, it is every other that those of ordinary skill in the art are obtained under the premise of creative work is not made
Embodiment, belongs to the scope of protection of the invention.
It is an object of the invention to provide a kind of Secure Information Tanslation Through Netware method, based on ICP/IP protocol to network data
Data message information is filtered, application layer protocol is judged and is parsed, is deep into inside application layer data, by network number
According to multi-level analysis, improve network data security.
It is below in conjunction with the accompanying drawings and specific real to enable the above objects, features and advantages of the present invention more obvious understandable
The present invention is further detailed explanation to apply mode.
As shown in figure 1, inventive network information secure transmission method includes:
Step 100:In data link layer, Internet and transport layer, based on ICP/IP protocol to the data of network data
Message information is filtered, and termination does not meet the network transmission of the network data of ICP/IP protocol, and acquisition meets ICP/IP protocol
Primary network data.
Step 200:In application layer, judge whether the application layer protocol of the primary network data meets regulation, terminate not
Meet the network transmission of the corresponding primary network data of application layer protocol of regulation, acquisition meets the two grade network data of regulation.
Step 300:The application layer protocol of the two grade network data is parsed, the content of text of two grade network data is extracted,
Judge whether the content of text of the two grade network data meets user's setting, termination does not meet the content of text pair of user's setting
The network transmission of the two grade network data answered, obtains three-level network data and continues transmission in a network.
Wherein, in step 100, based on ICP/IP protocol judge the IP address of the data message information, MAC Address with
And whether effectively port, if it is, the corresponding network data of effective data message information meets ICP/IP protocol;Otherwise not
Meet.
The application layer protocol includes at least one of http protocol, File Transfer Protocol, smtp protocol and POP3 agreements.
In step 200, whether the application layer protocol for judging the primary network data meets regulation includes:
Step 201:The dangerous command word of preset protocol head and agreement afterbody;
Step 202:Whether judge the protocol headers and/or agreement afterbody of the application layer protocol of the primary network data has
The use of dangerous command word;If it has, not met using the corresponding primary network data of application layer protocol of dangerous command word then
Regulation;Otherwise meet.The link transmission of network data against regulation in termination application layer protocol.
User is set includes setting the rank of file to be detected, and select file suffix name, file format are simultaneously stored.It is preferred that
, the file suffixes name of the selection, file format are stored in the form of tables of data, are easy to user to select and set.
Wherein, the rank of the file to be detected is divided into primary, intermediate and senior.The number judged in the application layer
According to whether meet user set include:When file to be detected rank for it is primary when, the suffix name of primary detection file whether with
The file suffixes name matching of storage, terminates the network transmission of the corresponding two grade network data of unmatched filename;When to be detected
When the rank of file is for middle rank, after primary detection is completed, the file header of middle rank detection file whether the file suffixes with storage
Name matching, terminates the network transmission of the corresponding two grade network data of unmatched file header;When the rank of file to be detected is height
During level, after primary detection and middle rank detection is completed, whether the content of senior detection file matches with the file suffixes name of storage,
Terminate the network transmission of the corresponding two grade network data of unmatched file content.
Application layer protocol parsing (i.e. document analysis) mechanism is a kind of white list mechanism, only recognizes known user file,
Forbid the unknown file of transmission, wherein comprising forbidding other dangerous files such as virus document.Thus can effectively forbid disease
The transmission of malicious file.Relative to the blacklist mechanism of antivirus software, this white list mechanism of document analysis can not be because virus
Renewal and None- identified, substantially increase the security of system.
Inventive network information secure transmission method can be on the basis of high-property transmission be ensured, it is ensured that the peace of network data
Entirely.On the basis of traditional gateway, increase the parsing to application layer protocol, be deep into inside application layer data, it is ensured that network number
According to security, on application layer protocol, the file transmitted to it carries out multi-level analysis, including:Filename, keyword,
Format information etc., it is ensured that file as data vectors safe reliability.
Each embodiment is described by the way of progressive in this specification, and what each embodiment was stressed is and other
The difference of embodiment, between each embodiment identical similar portion mutually referring to.
Specific case used herein is set forth to principle of the invention and implementation method, and above example is said
It is bright to be only intended to help and understand the method for the present invention and its core concept;Simultaneously for those of ordinary skill in the art, foundation
Thought of the invention, will change in specific embodiments and applications.In sum, this specification content is not
It is interpreted as limitation of the present invention.
Claims (7)
1. a kind of Secure Information Tanslation Through Netware method, it is characterised in that the safe transmission method includes:
In data link layer, Internet and transport layer, the data message information of network data is carried out based on ICP/IP protocol
Filtering, termination does not meet the network transmission of the network data of ICP/IP protocol, and acquisition meets the primary network number of ICP/IP protocol
According to;
In application layer, judge whether the application layer protocol of the primary network data meets regulation, terminate against regulation answering
With the network transmission of the corresponding primary network data of layer protocol, the two grade network data for meeting regulation are obtained;
The application layer protocol of the two grade network data is parsed, the content of text of two grade network data is extracted, described two grades are judged
Whether the content of text of network data meets user's setting, and termination does not meet the corresponding two grade network of content of text of user's setting
The network transmission of data, obtains three-level network data and continues transmission in a network.
2. Secure Information Tanslation Through Netware method according to claim 1, it is characterised in that the application layer protocol includes
At least one of http protocol, File Transfer Protocol, smtp protocol and POP3 agreements.
3. Secure Information Tanslation Through Netware method according to claim 1, it is characterised in that the judgement primary network
Whether the application layer protocol of data meets regulation includes:
The dangerous command word of preset protocol head and agreement afterbody;
Judge the whether dangerous command word of protocol headers and/or agreement afterbody of the application layer protocol of the primary network data
Use;If it has, the corresponding primary network data of application layer protocol then using dangerous command word is against regulation;Otherwise accord with
Close.
4. Secure Information Tanslation Through Netware method according to claim 1, it is characterised in that the user is set includes setting
The rank of file to be detected, select file suffix name, file format are simultaneously stored.
5. Secure Information Tanslation Through Netware method according to claim 4, it is characterised in that the rank of the file to be detected
It is divided into primary, intermediate and senior;Wherein,
Whether the data judged in the application layer meet user is set includes:
When file to be detected rank for it is primary when, the suffix name of primary detection file whether the file suffixes name with storage
Match somebody with somebody, terminate the network transmission of the corresponding two grade network data of unmatched filename;
When the rank of file to be detected is for middle rank, after primary detection is completed, the file header of middle rank detection file whether with deposit
The file suffixes name matching of storage, terminates the network transmission of the corresponding two grade network data of unmatched file header;
When the rank of file to be detected is senior, after primary detection and intermediate detection is completed, the content of senior detection file
Whether matched with the file suffixes name of storage, terminate the network transmission of the corresponding two grade network data of unmatched file content.
6. the Secure Information Tanslation Through Netware method according to claim 4 or 5, it is characterised in that after the file of the selection
Sew name, file format to be stored in the form of tables of data.
7. the Secure Information Tanslation Through Netware method according to any one of claim 1-5, it is characterised in that described to be based on
ICP/IP protocol carries out filtering to the data message information of network data to be included:
Judge whether IP address, MAC Address and the port of the data message information are effective based on ICP/IP protocol, if
It is that then the corresponding network data of effective data message information meets ICP/IP protocol;Do not meet otherwise.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710246228.2A CN106888221A (en) | 2017-04-15 | 2017-04-15 | A kind of Secure Information Tanslation Through Netware method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710246228.2A CN106888221A (en) | 2017-04-15 | 2017-04-15 | A kind of Secure Information Tanslation Through Netware method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106888221A true CN106888221A (en) | 2017-06-23 |
Family
ID=59182980
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710246228.2A Pending CN106888221A (en) | 2017-04-15 | 2017-04-15 | A kind of Secure Information Tanslation Through Netware method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106888221A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108322484A (en) * | 2018-04-11 | 2018-07-24 | 江苏亨通工控安全研究院有限公司 | A kind of industrial control data ferry-boat system |
| CN112565290A (en) * | 2020-12-22 | 2021-03-26 | 深信服科技股份有限公司 | Intrusion prevention method, system and related equipment |
| CN115996152A (en) * | 2023-03-23 | 2023-04-21 | 北京腾达泰源科技有限公司 | Security protection method, device, equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103634306A (en) * | 2013-11-18 | 2014-03-12 | 北京奇虎科技有限公司 | Security detection method and security detection server for network data |
| CN103873463A (en) * | 2014-02-26 | 2014-06-18 | 北京优炫软件股份有限公司 | Multistage filter firewall system and multistage filter method |
| CN103905269A (en) * | 2013-11-29 | 2014-07-02 | 哈尔滨安天科技股份有限公司 | Network two-way detection method and system based on format recognition technology |
| CN104063633A (en) * | 2014-04-29 | 2014-09-24 | 航天恒星科技有限公司 | Safe auditing system based on filter driver |
| US20150200962A1 (en) * | 2012-06-04 | 2015-07-16 | The Board Of Regents Of The University Of Texas System | Method and system for resilient and adaptive detection of malicious websites |
-
2017
- 2017-04-15 CN CN201710246228.2A patent/CN106888221A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150200962A1 (en) * | 2012-06-04 | 2015-07-16 | The Board Of Regents Of The University Of Texas System | Method and system for resilient and adaptive detection of malicious websites |
| CN103634306A (en) * | 2013-11-18 | 2014-03-12 | 北京奇虎科技有限公司 | Security detection method and security detection server for network data |
| CN103905269A (en) * | 2013-11-29 | 2014-07-02 | 哈尔滨安天科技股份有限公司 | Network two-way detection method and system based on format recognition technology |
| CN103873463A (en) * | 2014-02-26 | 2014-06-18 | 北京优炫软件股份有限公司 | Multistage filter firewall system and multistage filter method |
| CN104063633A (en) * | 2014-04-29 | 2014-09-24 | 航天恒星科技有限公司 | Safe auditing system based on filter driver |
Non-Patent Citations (1)
| Title |
|---|
| 周文刚: "基于语义的信息过滤算法及其应用", 《中国优秀硕士学位论文全文数据库》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108322484A (en) * | 2018-04-11 | 2018-07-24 | 江苏亨通工控安全研究院有限公司 | A kind of industrial control data ferry-boat system |
| CN112565290A (en) * | 2020-12-22 | 2021-03-26 | 深信服科技股份有限公司 | Intrusion prevention method, system and related equipment |
| CN112565290B (en) * | 2020-12-22 | 2022-11-22 | 深信服科技股份有限公司 | Intrusion prevention method, system and related equipment |
| CN115996152A (en) * | 2023-03-23 | 2023-04-21 | 北京腾达泰源科技有限公司 | Security protection method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103916389B (en) | Defend the method and fire wall of HttpFlood attacks | |
| CN104702584B (en) | A kind of Modbus communications access control methods based on self-learning-ruler | |
| CN101399749B (en) | Method, system and device for packet filtering | |
| CN101378395B (en) | Method and apparatus for preventing reject access aggression | |
| US20140317733A1 (en) | Method and client for ensuring user network security | |
| CN106302371B (en) | A kind of firewall control method and system based on subscriber service system | |
| CN106888221A (en) | A kind of Secure Information Tanslation Through Netware method | |
| CN106789980A (en) | A kind of monitoring administration method and device of website legitimacy | |
| CN104394122A (en) | HTTP (Hyper Text Transport Protocol) service firewall based on adaptive agent mechanism | |
| CN103313429A (en) | Processing method for recognizing fabricated WIFI (Wireless Fidelity) hotspot | |
| CN105578463B (en) | A kind of method and device of dual link safety communication | |
| CN109743325A (en) | A kind of Brute Force attack detection method, system, equipment and storage medium | |
| CN110830446A (en) | SPA security verification method and device | |
| CN104519012A (en) | SIP-protocol-based method and system for detecting communication network attack | |
| CN107911219A (en) | A kind of anti-CC methods of API based on key signature | |
| CN103188254A (en) | Network security protection method capable of giving consideration to both smoothness and safety of internal and external network information | |
| CN106304057A (en) | A kind of general WIFI authentication method and system | |
| CN103795736B (en) | Firewall networking system for different networking channels of mobile terminal | |
| CN102075535B (en) | Distributed denial-of-service attack filter method and system for application layer | |
| CN101662357A (en) | Method for accessing secure gateway client | |
| CN112231679B (en) | Terminal equipment verification method and device and storage medium | |
| CN110120957A (en) | A kind of twin method and system of safe disposal number based on intelligent scoring mechanism | |
| CN1905553B (en) | Method for ensuring selected user access on DOS attacking or apparatus overload | |
| Nirmal et al. | Maximizing online security by providing a 3 factor authentication system to counter-attack'Phishing' | |
| CN108282443B (en) | Crawler behavior identification method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170623 |
|
| RJ01 | Rejection of invention patent application after publication |