CN108446557B - 基于防御蜜罐的安全威胁主动感知方法 - Google Patents
基于防御蜜罐的安全威胁主动感知方法 Download PDFInfo
- Publication number
- CN108446557B CN108446557B CN201810199011.5A CN201810199011A CN108446557B CN 108446557 B CN108446557 B CN 108446557B CN 201810199011 A CN201810199011 A CN 201810199011A CN 108446557 B CN108446557 B CN 108446557B
- Authority
- CN
- China
- Prior art keywords
- instruction
- function
- honeypot
- system function
- address space
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Agricultural Chemicals And Associated Chemicals (AREA)
- Debugging And Monitoring (AREA)
Abstract
Description
Claims (2)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810199011.5A CN108446557B (zh) | 2018-03-12 | 2018-03-12 | 基于防御蜜罐的安全威胁主动感知方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810199011.5A CN108446557B (zh) | 2018-03-12 | 2018-03-12 | 基于防御蜜罐的安全威胁主动感知方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108446557A CN108446557A (zh) | 2018-08-24 |
CN108446557B true CN108446557B (zh) | 2020-07-14 |
Family
ID=63193978
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810199011.5A Active CN108446557B (zh) | 2018-03-12 | 2018-03-12 | 基于防御蜜罐的安全威胁主动感知方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108446557B (zh) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109302426B (zh) * | 2018-11-30 | 2021-04-13 | 东软集团股份有限公司 | 未知漏洞攻击检测方法、装置、设备及存储介质 |
CN111027059B (zh) * | 2019-11-29 | 2022-07-19 | 武汉大学 | 一种基于llvm的抵御内存泄露的系统及方法 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101174285A (zh) * | 2006-11-03 | 2008-05-07 | 北京航空航天大学 | 嵌入系统总线防火墙 |
CN102054149A (zh) * | 2009-11-06 | 2011-05-11 | 中国科学院研究生院 | 一种恶意代码行为特征提取方法 |
CN104079555A (zh) * | 2006-02-16 | 2014-10-01 | 技术卫士安全有限责任公司 | 用于确定数据流的系统和方法 |
EP2887612A1 (en) * | 2013-12-17 | 2015-06-24 | Verisign, Inc. | Systems and methods for incubating malware in a virtual organization |
CN106528403A (zh) * | 2016-10-08 | 2017-03-22 | 西安电子科技大学 | 基于二进制代码植入技术的软件运行时监控方法 |
CN106534195A (zh) * | 2016-12-19 | 2017-03-22 | 杭州信雅达数码科技有限公司 | 一种基于攻击图的网络攻击者行为分析方法 |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110214157A1 (en) * | 2000-09-25 | 2011-09-01 | Yevgeny Korsunsky | Securing a network with data flow processing |
US9032525B2 (en) * | 2011-03-29 | 2015-05-12 | Mcafee, Inc. | System and method for below-operating system trapping of driver filter attachment |
-
2018
- 2018-03-12 CN CN201810199011.5A patent/CN108446557B/zh active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104079555A (zh) * | 2006-02-16 | 2014-10-01 | 技术卫士安全有限责任公司 | 用于确定数据流的系统和方法 |
CN101174285A (zh) * | 2006-11-03 | 2008-05-07 | 北京航空航天大学 | 嵌入系统总线防火墙 |
CN102054149A (zh) * | 2009-11-06 | 2011-05-11 | 中国科学院研究生院 | 一种恶意代码行为特征提取方法 |
EP2887612A1 (en) * | 2013-12-17 | 2015-06-24 | Verisign, Inc. | Systems and methods for incubating malware in a virtual organization |
CN106528403A (zh) * | 2016-10-08 | 2017-03-22 | 西安电子科技大学 | 基于二进制代码植入技术的软件运行时监控方法 |
CN106534195A (zh) * | 2016-12-19 | 2017-03-22 | 杭州信雅达数码科技有限公司 | 一种基于攻击图的网络攻击者行为分析方法 |
Non-Patent Citations (1)
Title |
---|
基于动态跟踪的主动防御系统的研究与实现;薛治平;《中国优秀硕士学位论文全文数据库 信息科技辑》;20080615;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN108446557A (zh) | 2018-08-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112738126B (zh) | 基于威胁情报和att&ck的攻击溯源方法 | |
US8627478B2 (en) | Method and apparatus for inspecting non-portable executable files | |
Gao et al. | Hmms (hidden markov models) based on anomaly intrusion detection method | |
US9424426B2 (en) | Detection of malicious code insertion in trusted environments | |
CN109558726B (zh) | 一种基于动态分析的控制流劫持攻击检测方法与系统 | |
EP3726410B1 (en) | Interpretation device, interpretation method and interpretation program | |
WO2022126981A1 (zh) | 恶意代码的识别方法、装置、计算机设备及介质 | |
CN106709325B (zh) | 一种监控程序的方法及装置 | |
CN104361283A (zh) | 防护Web攻击的方法 | |
CN107579997A (zh) | 无线网络入侵检测系统 | |
CN113632432B (zh) | 一种攻击行为的判定方法、装置及计算机存储介质 | |
CN110381092A (zh) | 一种自适应闭环解决网络威胁的防御系统及方法 | |
CN108446557B (zh) | 基于防御蜜罐的安全威胁主动感知方法 | |
CN112380542B (zh) | 基于错误场景生成的物联网固件漏洞挖掘方法及系统 | |
CN109800577B (zh) | 一种识别逃逸安全监控行为的方法及装置 | |
Ezzati-Jivan et al. | A stateful approach to generate synthetic events from kernel traces | |
CN108595953A (zh) | 对手机应用进行风险评估的方法 | |
US8646076B1 (en) | Method and apparatus for detecting malicious shell codes using debugging events | |
CN113037713A (zh) | 网络攻击的对抗方法、装置、设备及存储介质 | |
CN116112211A (zh) | 一种基于知识图谱的网络攻击链还原方法 | |
CN102073818A (zh) | 一种漏洞检测设备和方法 | |
CN113779578A (zh) | 移动端应用的智能混淆方法和系统 | |
CN111104670A (zh) | 一种apt攻击的识别和防护方法 | |
CN108573148B (zh) | 一种基于词法分析的混淆加密脚本识别方法 | |
CN108509796B (zh) | 一种风险性的检测方法及服务器 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB03 | Change of inventor or designer information | ||
CB03 | Change of inventor or designer information |
Inventor after: Hou Jun Inventor after: Sun Zhe Inventor after: Li Qianmu Inventor after: Rui Wei Inventor after: You Lirong Inventor before: Li Qianmu Inventor before: Sun Zhe Inventor before: Hou Jun Inventor before: Sun Kang Inventor before: You Lirong |
|
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20220207 Address after: 226000 4th and 5th floors, building 10B, Zilang science and Technology City, No. 60, Chongzhou Avenue, Nantong City, Jiangsu Province Patentee after: Jiangsu Zhongtian Internet Technology Co.,Ltd. Address before: 226009 No.5 Zhongtian Road, Nantong Development Zone, Jiangsu Province Patentee before: JIANGSU ZHONGTIAN TECHNOLOGY SOFTWARE TECHNOLOGY CO.,LTD. |