CN107563197A - It is a kind of to drag storehouse to hit storehouse attack defense method for database layer - Google Patents
It is a kind of to drag storehouse to hit storehouse attack defense method for database layer Download PDFInfo
- Publication number
- CN107563197A CN107563197A CN201710765207.1A CN201710765207A CN107563197A CN 107563197 A CN107563197 A CN 107563197A CN 201710765207 A CN201710765207 A CN 201710765207A CN 107563197 A CN107563197 A CN 107563197A
- Authority
- CN
- China
- Prior art keywords
- storehouse
- attack
- database
- sql
- hit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
Drag storehouse to hit storehouse attack defense method for database layer the present invention relates to a kind of, the backstage defense module for being configured to inveigle attack in database, input SQL request, return value of the backstage defense module according to SQL request, judged;If meeting Prerequisite, blocked;Otherwise accessed to be normal, complete request, returned data simultaneously terminates.The present invention in practical operation, reacts for the SQL request of input by the backstage defense module for inveigling attack, judges that current SQL with the presence or absence of aggressiveness, is blocked to aggressive SQL, aligned frequentation and ask returned data.The present invention by directly in data lab setting back door structure, can more actively, intelligence, efficiently excavate and find dragging storehouse and hitting storehouse behavior for attacker, ensure the safety of database.
Description
Technical field
The present invention relates to the technical field of the transmission of digital information, such as telegraph communication, more particularly to a kind of network technology,
Database safeguarding technical elements drag storehouse to hit storehouse attack defense method for database layer.
Background technology
With internet and the high speed development of mobile Internet, increasing application is linked into network so that more
Its facility brought is realized come more people, work, life, the amusement of people is gradually inseparable with network.
However, most of network english teachings that people use are all based on web, possess magnanimity in these web systems
User data, these data not only can bring to user's spirit and economically massive losses, can also give service provider after leakage
Operator be negatively affected.Mainly include among these and hit storehouse attack and drag storehouse to attack.Storehouse is hit, is a kind of assault side
Formula, hacker dictionary table corresponding to generation, attempt batch and log in other by collecting the user and encrypted message that internet has been revealed
Behind website, a series of users that can be logged in are obtained.Storehouse is dragged, is the valuable website of hacker attacks, the data of registered user
The behavior that database is all stolen.Storehouse is dragged, storehouse behavior is hit serious puzzlement, or even direct band can be all brought to the daily life of user
Carry out economic loss, harmfulness is very big, and the protection of user data is always a focus of nowadays internet world, security service provider
Carrying out time consuming attacking and defending war always on user data this stage between hacker.
Traditional defence drag storehouse, hit storehouse method be differentiated control password, periodic modification password, website vulnerability detection, net
Monitoring etc., but these methods are not all protected for database in real time is distorted in monitoring and website to extension horse of standing in real time.
The content of the invention
It is a primary object of the present invention to overcome the shortcomings of existing network technology, database safeguarding technology, there is provided one
Kind drags storehouse to hit storehouse attack defense method for database layer.
The technical scheme is that a kind of drag storehouse to hit storehouse attack defense method, methods described bag for database layer
Include following steps:
Step 1.1:It is configured to inveigle the backstage defense module of attack in database;
Step 1.2:Input SQL request;
Step 1.3:Return value of the backstage defense module according to SQL request, is judged;If meeting Prerequisite, hindered
It is disconnected;Otherwise accessed to be normal, complete request, returned data simultaneously terminates.
Preferably, in the step 1.1, backstage defense module includes being used to inveigle the honey jar attacked, drags storehouse for defence
The protection table of attack and log in any one or a few in SQL statement template for defend to hit storehouse attack.
Preferably, the backstage defense module uses the honey jar for being used for inveigling attack;The honey jar is included in database
The test table based on Honeypot Techniques established, and name, and insertion is based on honey jar in some tables in database and database
The test data of technology;If the return value of step 1.3 is data in honey jar, meet Prerequisite, current SQL request is to drag storehouse
Attack, block.
Preferably, the name character of the test table includes character " user ".
Preferably, some tables in the database include user's table, fund table and credit;The test data includes
With actual user's table, fund table and account internal information of statement or the incoherent data of business.
Preferably, the backstage defense module, which uses, is used to defend the protection table for dragging storehouse to attack, and rotection thresholds is set, if step
Rapid 1.3 return value is data in protection table, and returned data then meets Prerequisite not in rotection thresholds, and current SQL please
Ask to drag storehouse to attack, block.
Preferably, it is described to drag storehouse to include disposably dragging storehouse attack and batch to drag storehouse to attack;For defending disposably to drag storehouse to attack
The protection table hit is configured in database, and the rotection thresholds are the line number of the protection table configured in database;For defending to criticize
The protection table that amount drags storehouse to attack is configured in database, and the rotection thresholds are the line number of the protection table configured in database, looked into
Ask time interval and inquiry times.
Preferably, the backstage defense module use be used for defend hit storehouse attack log in SQL statement template, configuration logs in
The frequency of failure, matched after handling SQL request with SQL statement formwork structure, if the return value of step 1.3 is to log in failure
The extreme value of number, then meet Prerequisite, and current SQL request blocks to hit storehouse attack.
Preferably, judge current SQL request and comprise the following steps to hit storehouse attack:
Step 2.1:The parameter of current SQL request is deleted or is indicated using characteristic symbol, SQL statement mould is logged in generation
The mode of plate generates the SQL request of standardization;
Step 2.2:The SQL request of step 2.1 is matched with logging in SQL statement template, if it fails to match, blocked, it is no
The IP for sending SQL request is then allowed to be logged in;
Step 2.3:If the IP login times for sending SQL request exceed logging in the frequency of failure and logging in failure for database configuration,
Then current SQL request blocks to hit storehouse attack;Otherwise, success is logged in.
Preferably, the SQL statement template is only to include the SQL statement of log on request feature structure.
A kind of optimization of present invention offer drags storehouse to hit storehouse attack defense method for database layer, by being attacked for inveigling
The backstage defense module hit, in practical operation, reacted for the SQL request of input, judge that current SQL whether there is and attack
Hitting property, aggressive SQL is blocked, align frequentation and ask returned data.The present invention at data lab setting back door by directly tying
Structure, can more actively, intelligence, efficiently excavate and find dragging storehouse and hitting storehouse behavior for attacker, ensure the safety of database.
Embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, to the technology in the embodiment of the present invention
Scheme is clearly and completely described, it is clear that and described embodiment is part of the embodiment of the present invention, rather than whole
Embodiment, based on the embodiment in the present invention, those of ordinary skill in the art institute on the premise of creative work is not made
The every other embodiment obtained, belongs to the scope of protection of the invention.
Storehouse is dragged to hit storehouse attack defense method for database layer the present invention relates to a kind of, methods described includes following step
Suddenly.
Step 1.1:It is configured to inveigle the backstage defense module of attack in database.
Step 1.2:Input SQL request.
Step 1.3:Return value of the backstage defense module according to SQL request, is judged;If meeting Prerequisite, enter
Row blocks;Otherwise accessed to be normal, complete request, returned data simultaneously terminates.
In the step 1.1, backstage defense module includes being used to inveigle the honey jar attacked, the guarantor for defending to drag storehouse to attack
Shield table and log in any one or a few in SQL statement template for defend to hit storehouse attack.
In the present invention, backstage defense module, which is mainly used in inveigling, to be attacked and returns to specific return value for attack so that is attacked
Hitting can be identified and block, it is allowed to the progress normally accessed.
In the present invention, backstage defense module can be for inveigling the honey jar of attack, the protection for defending to drag storehouse to attack
Table and the one or more for logging in SQL statement template that storehouse attack is hit for defence, by technical staff according to actual attack feelings
Condition is voluntarily set.
Below to for inveigling the honey jar of attack, the protection table of storehouse attack being dragged for defence and for defending to hit storehouse attack
The situation for logging in SQL statement template is done and described one by one.
The backstage defense module uses the honey jar for being used for inveigling attack;The honey jar is included in the base established in database
In the test table of Honeypot Techniques, and name, and the survey based on Honeypot Techniques is inserted in some tables in database and database
Try data;If the return value of step 1.3 is data in honey jar, meet Prerequisite, current SQL request hinders to drag storehouse to attack
It is disconnected.
The name character of the test table includes character " user ".
Some tables in the database include user's table, fund table and credit;The test data includes and reality
User's table, fund table and account internal information of statement or the incoherent data of business.
In the present invention, honey jar is the black box that network manager sets by careful arrangement, by arranging some works
For the information of bait, attacker is cheated, lures that attacker implements to attack to bait information into, so as to attack
Captured and analyzed, and then strengthen the security protection ability of actual information by technology and management means.
In the present invention, generally, the table comprising " user " keyword is the object that attacker frequently attacks, therefore will
Test table is named as " user " or including character " user ".
In the present invention, test table is that regular traffic does not access, therefore the test table to configuration is once found in SQL request
Operation, will be considered as dragging storehouse to attack, and block immediately.
In the present invention, including some tables of user's table, fund table and credit are typically judged as important table, and important table is deposited
The important information of lane database is stored up, some tables include and are not limited to user's table, fund table and credit.
In the present invention, test data refers to some inserted in important table and actual user or the incoherent number of business
According to, therefore these data are to be accessed in regular traffic, therefore once find to exist in SQL query returning result and survey
Data are tried, will be considered as dragging storehouse to attack, and block immediately.
The backstage defense module, which uses, to be used to defend the protection table for dragging storehouse to attack, and sets rotection thresholds, if step 1.3
Return value is data in protection table, and returned data then meets Prerequisite not in rotection thresholds, and current SQL request is to drag
Storehouse is attacked, and is blocked.
It is described to drag storehouse to include disposably dragging storehouse attack and batch to drag storehouse to attack;For the protection for defending disposably to drag storehouse to attack
Table is configured in database, and the rotection thresholds are the line number of the protection table configured in database;For defending batch to drag storehouse to attack
The protection table hit is configured in database, and the rotection thresholds are between the line number of the protection table configured in database, query time
Every and inquiry times.
In the present invention, storehouse is disposably dragged to refer to disposably export data in batches, by configuration protection table and rotection thresholds,
The line number of table is such as protected, when configured protection table being included in SQL request and return line number exceedes configured line number
It will be considered as doubtful and disposably drag storehouse, and block immediately.
In the present invention, it is a kind of deformation for disposably dragging storehouse that automatic batch, which drags storehouse, refer to periodically automatically by data by batch
Secondary export, by line number, query time interval and the inquiry times of configuration protection table and rotection thresholds, such as protection table, once
In SQL request, find same IP while meet the following condition in the time interval configured:
1. the configured protection table of inquiry;
2. inquiry times exceed configured inquiry times;
3. returning to line number exceedes configured line number;
Then being considered as doubtful automatic batch drags storehouse to attack, and blocks immediately.
The backstage defense module uses be used to defending hitting storehouse attack to log in SQL statement template, and configuration logs in unsuccessfully secondary
Number, is matched after handling SQL request with SQL statement formwork structure, if the return value of step 1.3 is to log in the frequency of failure
Extreme value, then meet Prerequisite, and current SQL request blocks to hit storehouse attack.
Judge current SQL request and comprise the following steps to hit storehouse attack:
Step 2.1:The parameter of current SQL request is deleted or is indicated using characteristic symbol, SQL statement mould is logged in generation
The mode of plate generates the SQL request of standardization;
Step 2.2:The SQL request of step 2.1 is matched with logging in SQL statement template, if it fails to match, blocked, it is no
The IP for sending SQL request is then allowed to be logged in;
Step 2.3:If the IP login times for sending SQL request exceed logging in the frequency of failure and logging in failure for database configuration,
Then current SQL request blocks to hit storehouse attack;Otherwise, success is logged in.
The SQL statement template is only to include the SQL statement of log on request feature structure.
In the present invention, configuration logs in SQL statement template, refer in the SQL statement by log on request argument section delete or
It is indicated using specific symbol, generation one does not have the SQL statement that parameter only has log on request feature structure.
In the present invention, in step 2.2, when it fails to match, it is determined as aggressive SQL injection, blocks.
In the present invention, following examples are provided:
1. configuring the test table my_user based on Honeypot Techniques and inserting some data, using this table as bait, attacker is lured into
Attacked, once finding that attacker operates to test table my_user, then judge that it is blocked for attacker;
2. configuration protection table user tables, configuration testing data user A, user B, user C, these data are in practical business operation
It will not relate to, using test data as bait, lure that attacker is attacked into, operated once finding that attacker operates to return
As a result these data are included in, then judge that it is blocked for attacker;
3. configuration protection table user tables, line number threshold values are 20 rows, when same IP has carried out operation and operating result to user tables
It is 30 to return to line number, then it is that one kind disposably drags storehouse behavior to be blocked to operate this IP doubtful;
4. configuration protection table user tables, line number threshold values are 5 rows, time interval is 1 second, number of operations is 3 times, if same IP is 1
Multi-pass operation is carried out to user tables in second and meets number of operations more than 3 times, while returns to line number every time and is more than 5 rows, then it is assumed that
The doubtful one kind of this IP drags storehouse behavior to be blocked automatically;
5. by configure log in SQL statement template such as select * from user where user=:1 and
password=:2, log in SQL statement template if this is used for multiple times in same IP and repeatedly logged in and log in failure, when logging in
The frequency of failure logs in the frequency of failure more than configuration attempt, then it is that a kind of behavior of automatic collision storehouse is blocked to operate this IP doubtful.
The present invention by configuring honey jar lures that attacker is attacked into, for finding attacker and being blocked, by with
Put protection table and set rotection thresholds, for find disposably to drag storehouse and it is automatic drag storehouse behavior and block, log in SQL by configuring
Sentence template, configuration attempt log in the frequency of failure, right in practical operation for finding hitting storehouse behavior and blocking for attacker
Reacted in the SQL request of input, judge that current SQL with the presence or absence of aggressiveness, is blocked, to normal to aggressive SQL
Access returned data.The present invention by directly in data lab setting back door structure, can more actively, intelligence, efficiently excavate
And dragging storehouse and hitting storehouse behavior for attacker is found, ensure the safety of database.
Claims (10)
1. a kind of drag storehouse to hit storehouse attack defense method for database layer, it is characterised in that:It the described method comprises the following steps:
Step 1.1:It is configured to inveigle the backstage defense module of attack in database;
Step 1.2:Input SQL request;
Step 1.3:Return value of the backstage defense module according to SQL request, is judged;If meeting Prerequisite, hindered
It is disconnected;Otherwise accessed to be normal, complete request, returned data simultaneously terminates.
2. a kind of the storehouse is dragged to hit storehouse attack defense method for database layer according to claim 1, it is characterised in that:Institute
State in step 1.1, backstage defense module drags the protection table of storehouse attack including the honey jar for trick attack, for defence and is used for
What storehouse attack was hit in defence logs in any one or a few in SQL statement template.
3. a kind of the storehouse is dragged to hit storehouse attack defense method for database layer according to claim 2, it is characterised in that:Institute
State backstage defense module and use the honey jar for being used for inveigling attack;The honey jar be included in established in database based on Honeypot Techniques
Test table, and name, and the test data based on Honeypot Techniques is inserted in some tables in database and database;If step
Rapid 1.3 return value is data in honey jar, then meets Prerequisite, and current SQL request blocks to drag storehouse to attack.
4. a kind of the storehouse is dragged to hit storehouse attack defense method for database layer according to claim 3, it is characterised in that:Institute
Stating the name character of test table includes character " user ".
5. a kind of the storehouse is dragged to hit storehouse attack defense method for database layer according to claim 3, it is characterised in that:Institute
Some tables stated in database include user's table, fund table and credit;The test data includes and actual user's table, fund
Table and account internal information of statement or the incoherent data of business.
6. a kind of the storehouse is dragged to hit storehouse attack defense method for database layer according to claim 2, it is characterised in that:Institute
State backstage defense module and use the protection table for dragging storehouse to attack for defence, set rotection thresholds, if the return value of step 1.3 is guarantor
Data in table are protected, and returned data then meets Prerequisite not in rotection thresholds, current SQL request hinders to drag storehouse to attack
It is disconnected.
7. a kind of the storehouse is dragged to hit storehouse attack defense method for database layer according to claim 6, it is characterised in that:Institute
State and drag storehouse to include disposably dragging storehouse attack and batch to drag storehouse to attack;Protection table for defending disposably to drag storehouse to attack is configured in number
According in storehouse, the rotection thresholds are the line number of the protection table configured in database;For the protection table for defending batch to drag storehouse to attack
In database, the rotection thresholds are line number, query time interval and the inquiry time of the protection table configured in database for configuration
Number.
8. a kind of the storehouse is dragged to hit storehouse attack defense method for database layer according to claim 2, it is characterised in that:Institute
Stating backstage defense module uses be used to defending hitting storehouse attack to log in SQL statement template, and configuration logs in the frequency of failure, please to SQL
Ask and matched after being handled with SQL statement formwork structure, if the return value of step 1.3 is to log in the extreme value of the frequency of failure, accorded with
Prerequisite is closed, current SQL request blocks to hit storehouse attack.
9. a kind of the storehouse is dragged to hit storehouse attack defense method for database layer according to claim 8, it is characterised in that:Sentence
Current SQL request of breaking comprises the following steps to hit storehouse attack:
Step 2.1:The parameter of current SQL request is deleted or is indicated using characteristic symbol, SQL statement mould is logged in generation
The mode of plate generates the SQL request of standardization;
Step 2.2:The SQL request of step 2.1 is matched with logging in SQL statement template, if it fails to match, blocked, it is no
The IP for sending SQL request is then allowed to be logged in;
Step 2.3:If the IP login times for sending SQL request exceed logging in the frequency of failure and logging in failure for database configuration,
Then current SQL request blocks to hit storehouse attack;Otherwise, success is logged in.
10. a kind of the storehouse is dragged to hit storehouse attack defense method for database layer according to claim 2, it is characterised in that:
The SQL statement template is only to include the SQL statement of log on request feature structure.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710765207.1A CN107563197A (en) | 2017-08-30 | 2017-08-30 | It is a kind of to drag storehouse to hit storehouse attack defense method for database layer |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710765207.1A CN107563197A (en) | 2017-08-30 | 2017-08-30 | It is a kind of to drag storehouse to hit storehouse attack defense method for database layer |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107563197A true CN107563197A (en) | 2018-01-09 |
Family
ID=60978388
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710765207.1A Pending CN107563197A (en) | 2017-08-30 | 2017-08-30 | It is a kind of to drag storehouse to hit storehouse attack defense method for database layer |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107563197A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110290098A (en) * | 2018-03-19 | 2019-09-27 | 华为技术有限公司 | A kind of method and device of defending against network attacks |
| CN111131271A (en) * | 2019-12-26 | 2020-05-08 | 北京天融信网络安全技术有限公司 | Security defense method and device, electronic equipment and computer readable storage medium |
| CN111404935A (en) * | 2020-03-16 | 2020-07-10 | 广州锦行网络科技有限公司 | Honeypot service port self-adaptive application method and system based on attack behavior analysis |
| CN111680294A (en) * | 2020-06-15 | 2020-09-18 | 杭州安恒信息技术股份有限公司 | Database monitoring method, device and equipment based on high-interaction honeypot technology |
| CN112000984A (en) * | 2020-08-24 | 2020-11-27 | 杭州安恒信息技术股份有限公司 | Data leakage detection method, device, equipment and readable storage medium |
| CN113037724A (en) * | 2021-02-26 | 2021-06-25 | 中国银联股份有限公司 | Method and device for detecting illegal access |
| CN113254997A (en) * | 2021-05-27 | 2021-08-13 | 中国电信股份有限公司 | Method and device for defending database against dragging, electronic equipment and computer medium |
| CN114640530A (en) * | 2022-03-24 | 2022-06-17 | 深信服科技股份有限公司 | Data leakage detection method and device, electronic equipment and readable storage medium |
| CN117118752A (en) * | 2023-10-23 | 2023-11-24 | 山东爱书人家庭教育科技有限公司 | Method, system, device and medium for resisting information attack |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101370008A (en) * | 2007-08-13 | 2009-02-18 | 杭州安恒信息技术有限公司 | System for real-time intrusion detection of SQL injection WEB attacks |
| CN104811449A (en) * | 2015-04-21 | 2015-07-29 | 深信服网络科技(深圳)有限公司 | Base collision attack detecting method and system |
| CN105763548A (en) * | 2016-02-06 | 2016-07-13 | 北京祥云天地科技有限公司 | User login identification method based on behavior model and equipment and system thereof |
-
2017
- 2017-08-30 CN CN201710765207.1A patent/CN107563197A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101370008A (en) * | 2007-08-13 | 2009-02-18 | 杭州安恒信息技术有限公司 | System for real-time intrusion detection of SQL injection WEB attacks |
| CN104811449A (en) * | 2015-04-21 | 2015-07-29 | 深信服网络科技(深圳)有限公司 | Base collision attack detecting method and system |
| CN105763548A (en) * | 2016-02-06 | 2016-07-13 | 北京祥云天地科技有限公司 | User login identification method based on behavior model and equipment and system thereof |
Non-Patent Citations (1)
| Title |
|---|
| 刘凯: "信息泄露之拖库撞库思考及安全防御策略", 《HTTPS://WENKU.BAIDU.COM/VIEW/DA506FC58AD63186BCEB19E8B8F67C1CFAD6EEC7.HTML》 * |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110290098A (en) * | 2018-03-19 | 2019-09-27 | 华为技术有限公司 | A kind of method and device of defending against network attacks |
| US11570212B2 (en) | 2018-03-19 | 2023-01-31 | Huawei Technologies Co., Ltd. | Method and apparatus for defending against network attack |
| CN111131271A (en) * | 2019-12-26 | 2020-05-08 | 北京天融信网络安全技术有限公司 | Security defense method and device, electronic equipment and computer readable storage medium |
| CN111404935B (en) * | 2020-03-16 | 2020-12-04 | 广州锦行网络科技有限公司 | Honeypot service port self-adaptive application method and system based on attack behavior analysis |
| CN111404935A (en) * | 2020-03-16 | 2020-07-10 | 广州锦行网络科技有限公司 | Honeypot service port self-adaptive application method and system based on attack behavior analysis |
| CN111680294A (en) * | 2020-06-15 | 2020-09-18 | 杭州安恒信息技术股份有限公司 | Database monitoring method, device and equipment based on high-interaction honeypot technology |
| CN112000984A (en) * | 2020-08-24 | 2020-11-27 | 杭州安恒信息技术股份有限公司 | Data leakage detection method, device, equipment and readable storage medium |
| CN113037724A (en) * | 2021-02-26 | 2021-06-25 | 中国银联股份有限公司 | Method and device for detecting illegal access |
| CN113037724B (en) * | 2021-02-26 | 2023-12-15 | 中国银联股份有限公司 | Method and device for detecting illegal access |
| CN113254997A (en) * | 2021-05-27 | 2021-08-13 | 中国电信股份有限公司 | Method and device for defending database against dragging, electronic equipment and computer medium |
| CN114640530A (en) * | 2022-03-24 | 2022-06-17 | 深信服科技股份有限公司 | Data leakage detection method and device, electronic equipment and readable storage medium |
| CN114640530B (en) * | 2022-03-24 | 2023-12-29 | 深信服科技股份有限公司 | Data leakage detection method and device, electronic equipment and readable storage medium |
| CN117118752A (en) * | 2023-10-23 | 2023-11-24 | 山东爱书人家庭教育科技有限公司 | Method, system, device and medium for resisting information attack |
| CN117118752B (en) * | 2023-10-23 | 2024-01-09 | 山东爱书人家庭教育科技有限公司 | Method, system, device and medium for resisting information attack |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107563197A (en) | It is a kind of to drag storehouse to hit storehouse attack defense method for database layer | |
| US8561188B1 (en) | Command and control channel detection with query string signature | |
| CN111193719A (en) | Network intrusion protection system | |
| CN107888607A (en) | A kind of Cyberthreat detection method, device and network management device | |
| CN103428224B (en) | A kind of method and apparatus of intelligence defending DDoS (Distributed Denial of Service) attacks | |
| CN103561004A (en) | Cooperative type active defense system based on honey nets | |
| CN102271068A (en) | Method for detecting DOS/DDOS (denial of service/distributed denial of service) attack | |
| CN110855697A (en) | Active defense method for network security in power industry | |
| CN112383503A (en) | Network security event processing method | |
| Shen et al. | Adaptive Markov game theoretic data fusion approach for cyber network defense | |
| Ankali et al. | Detection architecture of application layer DDoS attack for internet | |
| CN113992444A (en) | Network attack traceability and anti-system based on host computer defense | |
| CN107122657B (en) | Database agent device for defending SQL injection attack | |
| KR20080026122A (en) | Method for defending against denial of service attacks in ip networks by target victim self-identification and control | |
| CN110120957B (en) | Safe disposal digital twin method and system based on intelligent scoring mechanism | |
| KR20110037645A (en) | Apparatus and method for protecting ddos | |
| CN112039865A (en) | Network attack detection and response method driven by threat | |
| CN113364799A (en) | Method and system for processing network threat behaviors | |
| CN110430158B (en) | Acquisition agent deployment method and device | |
| Boggs et al. | Discovery of emergent malicious campaigns in cellular networks | |
| CN114448731B (en) | Honeypot deployment method, device, equipment and computer readable medium | |
| CN113489694B (en) | Dynamic defense system for resisting large-flow attack in honey farm system | |
| CN112437085B (en) | Network attack identification method and device | |
| Gao et al. | A cyber deception defense method based on signal game to deal with network intrusion | |
| CN106993005A (en) | The method for early warning and system of a kind of webserver |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180109 |