CN107241354A - Malicious act based on wireless WIFI equipment finds blocking equipment and method - Google Patents
Malicious act based on wireless WIFI equipment finds blocking equipment and method Download PDFInfo
- Publication number
- CN107241354A CN107241354A CN201710594134.4A CN201710594134A CN107241354A CN 107241354 A CN107241354 A CN 107241354A CN 201710594134 A CN201710594134 A CN 201710594134A CN 107241354 A CN107241354 A CN 107241354A
- Authority
- CN
- China
- Prior art keywords
- malicious act
- flow
- wireless wifi
- user
- wifi equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Blocking equipment is found the invention discloses a kind of malicious act based on wireless WIFI equipment of network safety filed, it is located in wireless WIFI equipment, including:Protocol resolution module:Flow for being received to wireless WIFI equipment carries out protocol analysis, and therefrom extracts the characteristic value of the flow;Malicious act pattern base:Characteristic value for storing malicious act pattern;Comparison module:For the characteristic value of the characteristic value of the flow and malicious act pattern in the malicious act pattern base to be compared, so that the malicious act in the flow received to wireless WIFI equipment judges;Block module:User for the flow that there is malicious act to transmission shields.It has the technical effect that:Without be modified to network and terminal, wireless WIFI equipment and the use safety of user are improved.Blocking-up method is found the invention also discloses a kind of malicious act based on wireless WIFI equipment of network safety filed.
Description
Technical field
The present invention relates to a kind of malicious act based on wireless WIFI equipment of network safety filed find blocking equipment and
Method.
Background technology
It is easy with the access terminals such as the maturation and notebook computer of radio network technique, smart mobile phone, tablet personal computer
In carrying and variation, wireless networking has been incorporated among study and work and daily life.Current WIFI traps have two kinds:First
It is " setting set " to plant, and second is " attack ".The former builds free WIFI in public, lures the user of " ignorant of the fact "
Infect, and record all operation informations that user is carried out on the net.The latter makes mainly for some home network users in user
With while also to hacker provide invasion facilitate.
The content of the invention
The invention aims to overcome the deficiencies in the prior art, there is provided a kind of malice row based on wireless WIFI equipment
To find blocking equipment and method, it only needs to change wireless WIFI equipment, without being modified to network and terminal, and passes through
The flow for passing in and out wireless WIFI equipment is carried out protocol analysis and extracts characteristic value to be compared to find malicious act and blocking,
Improve wireless WIFI equipment and the use safety of user.
Realizing a kind of technical scheme of above-mentioned purpose is:A kind of malicious act based on wireless WIFI equipment finds that blocking is set
Standby, it is located in wireless WIFI equipment, including:
Protocol resolution module:Flow for being received to wireless WIFI equipment carries out protocol analysis, and therefrom extracts institute
State the characteristic value of flow;
Malicious act pattern base:Characteristic value for storing malicious act pattern;
Comparison module:For by the spy of malicious act pattern in the characteristic value of the flow and the malicious act pattern base
Value indicative is compared, so that the malicious act in the flow received to wireless WIFI equipment judges;
Block module:User for the flow that there is malicious act to transmission shields.
Further, the malicious act pattern base for can cloud update malicious act pattern base.
Further, in the malicious act pattern base cloud renewal process, described all users of blocking module shield.
Further, the protocol resolution module synchronously parsing send the flow user user profile, and by institute
The user profile for stating user is sent to the blocking module.
Further, the network address or device coding of the user profile of the user for the user.
Realizing a kind of technical scheme of above-mentioned purpose is:A kind of malicious act based on wireless WIFI equipment finds blocking side
Method, comprises the following steps:
Protocol analysis step:The flow received to wireless WIFI equipment carries out protocol analysis, extracts the spy of the flow
Value indicative;
Comparison step:The characteristic value of the characteristic value of the flow and the malicious act pattern in malicious act pattern base is entered
Row compares;If the characteristic value of the characteristic value of the flow and any one malicious act pattern in the malicious act pattern base
Matching, then judge there is malicious act in the flow;
Block step:The user for sending the flow that there is malicious act is found, the user is shielded.
Further, it is additionally included in the malicious act pattern base cloud renewal step carried out when the wireless WIFI equipment starts
Suddenly, malicious act pattern base cloud, which is updated in step, shields all users.
Further, in the protocol analysis step, first pass through protocol analysis and protocol assembly is carried out to the flow, then carry
Take the characteristic value of the flow.
Further, synchronously parsing sends the user profile of the user of the flow in data protocol analyzing step;Block
The user profile of the user for the flow that there is malicious act according to sending in step, shielding correspondence user.
Further, the network address or device coding of the user profile of the user for the user.
A kind of malicious act based on wireless WIFI equipment for employing the present invention finds the technical scheme of blocking equipment, its
In wireless WIFI equipment, including:Protocol resolution module:Flow for being received to wireless WIFI equipment carries out agreement solution
Analysis, and therefrom extract the characteristic value of the flow;Malicious act pattern base:Characteristic value for storing malicious act pattern;Than
Compared with module:For the characteristic value of the characteristic value of the flow and malicious act pattern in the malicious act pattern base to be compared
Compared with so that the malicious act in the flow received to wireless WIFI equipment judges;Block module:For existing to sending
The user of the flow of malicious act is shielded.It has the technical effect that:It only needs to change wireless WIFI equipment, without to network
And terminal is modified, and by carrying out protocol analysis to the flow for passing in and out wireless WIFI equipment and extracting characteristic value to be compared
To find malicious act and blocking, wireless WIFI equipment and the use safety of user are improved.
A kind of malicious act based on wireless WIFI equipment for employing the present invention finds the technical scheme of blocking-up method, bag
Include the following steps:Protocol analysis step:The flow received to wireless WIFI equipment carries out protocol analysis, extracts the flow
Characteristic value;Comparison step:The characteristic value of the characteristic value of the flow and the malicious act pattern in malicious act pattern base is entered
Row compares;If the characteristic value of the characteristic value of the flow and any one malicious act pattern in the malicious act pattern base
Matching, then judge there is malicious act in the flow;Block step:The user for sending the flow that there is malicious act is found,
Shield the user.It has the technical effect that:It only needs to change wireless WIFI equipment, without being modified to network and terminal, and
By protocol analysis is carried out to the flow for passing in and out wireless WIFI equipment and extract characteristic value be compared with find malicious act and
Blocking, WIFI equipment that raising is wireless and user's uses safety.
Brief description of the drawings
Fig. 1 has found the schematic diagram of blocking equipment for a kind of malicious act based on wireless WIFI equipment of the present invention.
Fig. 2 has found the flow chart of blocking-up method for a kind of malicious act based on wireless WIFI equipment of the present invention.
Embodiment
Refer to Fig. 1 and Fig. 2, the present inventor in order to be able to preferably understand technical scheme,
It is described in detail below by specifically embodiment, and with reference to accompanying drawing:
Embodiment 1
The part in dotted line in Fig. 1 is referred to, a kind of malicious act based on wireless WIFI equipment of the invention finds resistance
Disconnected equipment, in wireless WIFI equipment, including:
Protocol resolution module 1:Flow for being received to wireless WIFI equipment carries out protocol analysis, and therefrom extracts institute
State the characteristic value of flow.
Malicious act pattern base 2:Characteristic value for storing malicious act pattern.
Comparison module 3:For by the spy of the malicious act pattern in the characteristic value of the flow and malicious act pattern base 2
Value indicative is compared, so that the malicious act in the flow received to wireless WIFI equipment judges.If the flow
Characteristic value is matched with the characteristic value of any one malicious act pattern in malicious act pattern base 2, then is judged in the flow
There is malicious act.If the characteristic value of the characteristic value of the flow and whole malicious act patterns in malicious act pattern base 2
Mismatch, then judge malicious act is not present in the flow.
Block module 4:For there is the user of the flow of malicious act to transmission, i.e. attacker is shielded, and blocking should
Access of the user for wireless WIFI equipment.
Malicious act pattern base 2 for can cloud update malicious act pattern base, malicious act pattern base 2 connection block module
4, opened in wireless WIFI equipment, malicious act pattern base 2 enters the mistake for racking and updating or remotely updating by wireless WIFI equipment
Cheng Zhong, blocks module 4 to block all users for the access of wireless WIFI equipment.
The connection of protocol resolution module 1 blocks module 4, during protocol analysis is carried out to wireless WIFI equipment, synchronous
Parsing sends the user profile of the user of the flow, and the user profile of the user is the network address or the equipment of the user
Coding.The user profile of the user of transmitted traffic is sent to blocking module 4 by protocol resolution module 1.When comparison module 3 is found
After the flow that there is malicious act, module 4 is blocked to have the user profile of user of the flow of malicious act, screen according to transmission
The user is covered, the user is blocked for the access of wireless WIFI equipment, it is ensured that the safety of other users.
A kind of malicious act based on wireless WIFI equipment of the present invention finds blocking equipment, positioned at wireless WIFI equipment
On, the flow for passing in and out wireless WIFI is monitored, therefore without being modified to network and terminal, while by turnover nothing
The flow of line WIFI equipment carries out protocol analysis and extracted after characteristic value, the malice Sexual pattern with malicious act pattern base 2
Characteristic value be compared, to find malicious act and corresponding user, corresponding user is blocked, it is wireless to ensure
WIFI equipment and do not send the flow that there is malicious act user using safety and normal access.
Embodiment 2
Referring to Fig. 2, a kind of malicious act based on wireless WIFI equipment of the present invention finds blocking-up method, including it is following
Step:
Malicious act pattern base cloud updates step:The wireless WIFI equipment is carried out when starting, to malicious act pattern base
Enter to rack renewal or it is long-range update, malicious act pattern base enter to rack to shield in renewal or long-range renewal process all users for
The access of wireless WIFI equipment.
Protocol analysis step:The flow received to wireless WIFI equipment carries out protocol analysis, extracts the spy of the flow
Value indicative;Its common practice is to first pass through protocol analysis to carry out protocol assembly to the flow, then extracts the feature of the flow
Value, and parsing sends the user profile of the user of the flow simultaneously.The user profile of the user is the network of the user
Address or device coding.
Comparison step:The characteristic value of the characteristic value of the flow and the malicious act pattern in malicious act pattern base is entered
Row compares;The traffic characteristic value is matched with the characteristic value of the malicious act pattern in malicious act pattern base, if the stream
The characteristic value of amount is matched with the characteristic value of any one malicious act pattern in the malicious act pattern base, then judges described
There is malicious act in flow.If the characteristic value of the flow and whole malicious act patterns in the malicious act pattern base
Characteristic value mismatch, then judge in the flow be not present malicious act.
Block step:The user profile of the user, i.e. attacker of the flow that there is malicious act according to sending, shielding correspondence
User, blocks its normal access to wireless WIFI equipment, and to not sending the user for the flow that there is malicious act, it is ensured that its
It is normal to access.
A kind of malicious act based on wireless WIFI equipment of the present invention finds blocking-up method, is by wireless WIFI equipment
Carry out, it is monitored to the flow for passing in and out wireless WIFI, therefore without being modified to network and terminal, while by right
The flow for passing in and out wireless WIFI equipment carries out protocol analysis and extracted after characteristic value, the malice sexual behaviour with malicious act pattern base
The characteristic value of pattern is compared, and to find malicious act and corresponding user, corresponding user is blocked, to ensure
Wireless WIFI equipment and do not send the flow that there is malicious act user using safety and normal access.
Those of ordinary skill in the art it should be appreciated that the embodiment of the above be intended merely to explanation the present invention,
And be not used as limitation of the invention, as long as in the spirit of the present invention, the change to embodiment described above
Change, modification will all fall in the range of claims of the present invention.
Claims (10)
1. a kind of malicious act based on wireless WIFI equipment finds blocking equipment, it is located in wireless WIFI equipment, its feature
It is, including:
Protocol resolution module:Flow for being received to wireless WIFI equipment carries out protocol analysis, and therefrom extracts the stream
The characteristic value of amount;
Malicious act pattern base:Characteristic value for storing malicious act pattern;
Comparison module:For by the characteristic value of malicious act pattern in the characteristic value of the flow and the malicious act pattern base
It is compared, so that the malicious act in the flow received to wireless WIFI equipment judges;
Block module:User for the flow that there is malicious act to transmission shields.
2. a kind of malicious act based on wireless WIFI equipment according to claim 1 finds blocking equipment, its feature exists
In:The malicious act pattern base for can cloud update malicious act pattern base.
3. a kind of malicious act based on wireless WIFI equipment according to claim 2 finds blocking equipment, its feature exists
In:In the malicious act pattern base cloud renewal process, described all users of blocking module shield.
4. a kind of malicious act based on wireless WIFI equipment according to claim 1 finds blocking equipment, its feature exists
In:The protocol resolution module synchronously parses the user profile for the user for sending the flow, and the user of the user is believed
Breath is sent to the blocking module.
5. a kind of malicious act based on wireless WIFI equipment according to claim 4 finds blocking equipment, its feature exists
In:The network address or device coding of the user profile of the user for the user.
6. a kind of malicious act based on wireless WIFI equipment finds blocking-up method, comprise the following steps:
Protocol analysis step:The flow received to wireless WIFI equipment carries out protocol analysis, extracts the characteristic value of the flow;
Comparison step:The characteristic value of the characteristic value of the flow and the malicious act pattern in malicious act pattern base is compared
Compared with;If the characteristic value of the characteristic value of the flow and any one malicious act pattern in the malicious act pattern base
Match somebody with somebody, then judge there is malicious act in the flow;
Block step:The user for sending the flow that there is malicious act is found, the user is shielded.
7. a kind of malicious act based on wireless WIFI equipment according to claim 6 finds blocking-up method, its feature exists
In:It is additionally included in the malicious act pattern base cloud carried out when the wireless WIFI equipment starts and updates step, malicious act mould
Formula storehouse cloud, which is updated in step, shields all users.
8. a kind of malicious act based on wireless WIFI equipment according to claim 6 finds blocking-up method, its feature exists
In:In the protocol analysis step, first pass through protocol analysis and protocol assembly is carried out to the flow, then extract the spy of the flow
Value indicative.
9. a kind of malicious act based on wireless WIFI equipment according to claim 6 finds blocking-up method, its feature exists
In:Synchronously parsing sends the user profile of the user of the flow in data protocol analyzing step;Block in step according to transmission
There is the user profile of the user of the flow of malicious act, shielding correspondence user.
10. a kind of malicious act based on wireless WIFI equipment according to claim 9 finds blocking-up method, its feature exists
In:The network address or device coding of the user profile of the user for the user.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710594134.4A CN107241354A (en) | 2017-07-20 | 2017-07-20 | Malicious act based on wireless WIFI equipment finds blocking equipment and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710594134.4A CN107241354A (en) | 2017-07-20 | 2017-07-20 | Malicious act based on wireless WIFI equipment finds blocking equipment and method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107241354A true CN107241354A (en) | 2017-10-10 |
Family
ID=59991187
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710594134.4A Pending CN107241354A (en) | 2017-07-20 | 2017-07-20 | Malicious act based on wireless WIFI equipment finds blocking equipment and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107241354A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10863358B2 (en) | 2017-07-13 | 2020-12-08 | Sophos Limited | Threat index based WLAN security and quality of service |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090172821A1 (en) * | 2004-06-30 | 2009-07-02 | Faycal Daira | System and method for securing computer stations and/or communication networks |
CN102571796A (en) * | 2012-01-13 | 2012-07-11 | 电子科技大学 | Protection method and protection system for corpse Trojans in mobile Internet |
CN203233438U (en) * | 2013-04-24 | 2013-10-09 | 成都艺创科技有限公司 | Internet surfing traffic control router |
CN104378762A (en) * | 2014-11-19 | 2015-02-25 | 北京极科极客科技有限公司 | Method for monitoring Internet surfing flow of user |
CN106778229A (en) * | 2016-11-29 | 2017-05-31 | 北京瑞星信息技术股份有限公司 | A kind of malicious application based on VPN downloads hold-up interception method and system |
CN106789980A (en) * | 2016-12-07 | 2017-05-31 | 北京亚鸿世纪科技发展有限公司 | A kind of monitoring administration method and device of website legitimacy |
-
2017
- 2017-07-20 CN CN201710594134.4A patent/CN107241354A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090172821A1 (en) * | 2004-06-30 | 2009-07-02 | Faycal Daira | System and method for securing computer stations and/or communication networks |
CN102571796A (en) * | 2012-01-13 | 2012-07-11 | 电子科技大学 | Protection method and protection system for corpse Trojans in mobile Internet |
CN203233438U (en) * | 2013-04-24 | 2013-10-09 | 成都艺创科技有限公司 | Internet surfing traffic control router |
CN104378762A (en) * | 2014-11-19 | 2015-02-25 | 北京极科极客科技有限公司 | Method for monitoring Internet surfing flow of user |
CN106778229A (en) * | 2016-11-29 | 2017-05-31 | 北京瑞星信息技术股份有限公司 | A kind of malicious application based on VPN downloads hold-up interception method and system |
CN106789980A (en) * | 2016-12-07 | 2017-05-31 | 北京亚鸿世纪科技发展有限公司 | A kind of monitoring administration method and device of website legitimacy |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10863358B2 (en) | 2017-07-13 | 2020-12-08 | Sophos Limited | Threat index based WLAN security and quality of service |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104143078B (en) | Living body faces recognition methods, device and equipment | |
CN104168625B (en) | Smart machine and its method and wireless routing device for being connected to wireless routing device | |
CN105578491B (en) | A kind of method and device of 4G user information and application data correlation | |
CN104283918B (en) | A kind of WLAN terminal type acquisition methods and system | |
Zhao et al. | Secure machine-type communications toward LTE heterogeneous networks | |
CN104615585B (en) | Handle the method and device of text message | |
CN104144462B (en) | Obtain the method, device and mobile terminal of mobile terminal network access way | |
CN109275145A (en) | Equipment behavior detection and barrier processing method, medium and electronic equipment | |
CN102685147B (en) | Mobile communication honeypot capturing system and implementation method thereof | |
CN105323736A (en) | IMSI obtaining method and device, and signal monitoring system | |
CN103997566A (en) | Mobile phone-based remote door opening system and method thereof | |
CN105992245A (en) | Data acquiring method, data acquiring device and data acquiring system | |
CN106921460A (en) | Signal shielding system and method based on wireless network | |
CN104010060B (en) | The method and electronic equipment of identification incoming call incoming call side's identity | |
CN107241354A (en) | Malicious act based on wireless WIFI equipment finds blocking equipment and method | |
CN110519556A (en) | A kind of method that electricity encloses base station Yu video detection target association | |
CN103220277A (en) | Method, device and system for monitoring cross site scripting attacks | |
CN109673011B (en) | Mobile terminal identity information correlation analysis method and device | |
CN205100755U (en) | Intelligence safe deposit box device | |
WO2016134608A1 (en) | Method and apparatus for identifying pseudo base station | |
CN109413637A (en) | Electromagnetic interference control method and relevant device | |
CN106792712B (en) | Automatic monitoring framework system for SIP (Session initiation protocol) of VoLTE (Voice over Long term evolution) equipment | |
CN103167502B (en) | Based on the method for the illegal calling of OTA technology regulation | |
CN106991747A (en) | A kind of long-range control method of intelligent coffer | |
CN105516093B (en) | A kind of method and router of anti-loiter network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20171010 |
|
WD01 | Invention patent application deemed withdrawn after publication |