CN108600260A - A kind of industry Internet of Things security configuration check method - Google Patents
A kind of industry Internet of Things security configuration check method Download PDFInfo
- Publication number
- CN108600260A CN108600260A CN201810436596.8A CN201810436596A CN108600260A CN 108600260 A CN108600260 A CN 108600260A CN 201810436596 A CN201810436596 A CN 201810436596A CN 108600260 A CN108600260 A CN 108600260A
- Authority
- CN
- China
- Prior art keywords
- layer
- security configuration
- network
- service
- platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Abstract
The invention discloses a kind of industrial Internet of Things security configuration check method, the method being made of four systems layer includes:Base platform A, system process layer B, kernel service layer C and external access layer D, base platform A include specialized hardware platform A1 and basic software platform A2, the specialized hardware platform A1 contain for the system provide calculating, storage, correspondence with foreign country hardware device;Basic software platform A2 contain the system-specific operating system, file system, hard disk encryption and decryption, program encryption and decryption, network service, database, Web service, etc. program execution environments, system process layer B includes data processing B1 and system service B2, the data processing B1 is internal system interface, offer system accesses database, access system file, data synchronize, the bottom datas processing business such as input and output processing.Data processing simultaneously can realize efficient access database, data cached, high concurrent.
Description
Technical field
The present invention relates to security configuration check method field more particularly to a kind of industrial Internet of Things security configuration verification sides
Method.
Background technology
Industrial Internet of Things smart machine is faced with the huge security threat attacked and be utilized.October 21 in 2016
Day, the multiple cities in the U.S. occur internet paralysis situation, including Twitter, Shopify, Reddit etc. including a large amount of interconnections
Netting well-known website a few hours can not normally access, these are utilized caused by equipment is mostly due to dangerous configuration, therefore,
How to formulate and evaluate and test the security configuration baseline of industrial internet of things equipment or system during deployment and has become promotion industry
Internet of Things level of security urgent problem.
The country has had more money IT security baseline to verify tool, and Some tools can support the safety of a small amount of industrial control equipment
The acquisition and analysis of configuration, but still the demand of the security baseline evaluation and test of industrial Internet of things system or equipment cannot be met;Because
Importance of these critical infrastructures in national economy also tends to become international hostile forces, hostile tissue, hacker attack
Target is hit, with the rapid development of science and technology, inspection method and device also obtain technological improvement, but present security configuration
It checks and problem reparation all needs manually to carry out, it is more demanding to the skills and experience of inspection personnel, directly operate equipment easily
Equipment misoperation is caused, system failure when causing to produce is affected to production system, there are greater risks.
Invention content
In view of the above-mentioned problems, the present invention provides a kind of industrial Internet of Things security configuration check method, solve present
Security configuration inspection and problem reparation all need manually to carry out, more demanding to the skills and experience of inspection personnel, directly operate
Equipment easily causes equipment misoperation, and system failure when causing to produce is affected to production system, there are asking for greater risk
Topic.
In order to solve the above technical problems, the technical solution adopted in the present invention is:Base platform A, system process layer B,
Kernel service layer C and external access layer D.
Further, base platform A includes specialized hardware platform A1 and basic software platform A2, the specialized hardware
Platform A1 contain for the system provide calculating, storage, correspondence with foreign country hardware device;Basic software platform A2 contains this
Unite special purpose operating system, file system, hard disk encryption and decryption, program encryption and decryption, network service, database, Web service, etc. programs
Running environment.
Further, system process layer B includes data processing B1 and system service B2, the data processing B1 are system
Internal interface provides system and accesses database, accesses system file, and data synchronize, the bottom datas processing such as input and output processing
Business.Data processing simultaneously can realize efficient access database, data cached, high concurrent, the functions such as multiple threads;System takes
The scheduling and monitoring that business B2 is mainly used for data acquisition interface management, acquires content extraction, acquisition tasks, outside is provided for upper layer
The acquisition of system data is supported, system information, the fingerprint of target device can be obtained by acquisition interface access target equipment
Information and security configuration information.
Further, kernel service layer C mainly include security configuration verification engine C1, report form statistics analysis engine C2,
Assets scanning engine C3, Network topology engine C4, the security configuration verification engine C1 by Modbus, S7,
Profibus, EtherCAT, OPC, DNP3, telnet, SSH, NETBIOS, HTTP and HTTPS etc. are remotely accessed, for
The operating system of Windows systems can directly carry out local inspection;Report form statistics analysis engine C2 is to configuring verification task knot
Fruit various dimensions statistical analysis, task timing variations, multitask are compared, multitask various dimensions merge (according to place province, city, department,
Operation system etc.), count (the more check items of single device, more tables of equipment check items, the more check items of more equipment) according to check item;It is described
Assets scanning engine C3 includes that assets detection, assets fingerprint recognition, assets service identification and asset management functions, the network are opened up
Flutter analysis engine, C4 includes the Topology Discovery of link layer and the Topology Discovery of network layer, and the Topology Discovery of link layer concentrates on pair
The Topology Discovery of the Topology Discovery of link layer device such as interchanger and host etc., network layer can be found that the integrated connection feelings of network
Condition, the equipment such as main router found in network.
Further, external access layer D include security configuration inspection, assets scanning, configuration template library, report management,
Subscriber management function displaying etc. provides third party's interface based on webservice and calls.
By the above-mentioned description of this invention it is found that compared to the prior art, the invention has the advantages that:
A kind of industrial Internet of Things security configuration check method of the present invention, can be by scanning system come the safety of assessment system
Property, as long as checking that target and tool are IP reachable, and check that target opens related service and port, so that it may remotely to be examined
It looks into, is unable to the through systems of IP and passes through access target equipment acquisition security configuration after the session connection to intermediate equipment or Bastion Host
Carry out security configuration baseline verification, for remotely check can by specify concurrent access number come and meanwhile check multiple equipment,
For industrial equipment module, industrial software, and the safety management of the different characteristics and industrial environment of related IT infrastructure are wanted
It asks, creates detailed operable security baseline, product access, network access testing, the acceptance of work, system O&M can be used as to match
Set, self-assessment, security hardening, safety patrol inspection authoritative guide, promote industrial control system safety to whole.
Description of the drawings
Fig. 1 is system structure of the invention figure;
Fig. 2 is that present system network disposes Organization Chart;
Fig. 3 is security configuration checking process figure of the present invention;
Fig. 4 is the structure diagram that network of the present invention expands that paving flutters discovery system;
Fig. 5 is that security configuration of the present invention verifies flow chart;
Fig. 6 is B/S Organization Charts of the present invention.
Specific implementation mode
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
Embodiment 1
A kind of industry Internet of Things security configuration check method, the method being made of four systems layer include:Base platform
A, system process layer B, kernel service layer C and external access layer D,
Base platform A includes specialized hardware platform A1 and basic software platform A2, the specialized hardware platform A1 include
For the system provide calculating, storage, correspondence with foreign country hardware device;Basic software platform A2 contains system-specific operation
System, file system, hard disk encryption and decryption, program encryption and decryption, network service, database, Web service, etc. program execution environments,
System process layer B includes data processing B1 and system service B2, the data processing B1 are internal system interface,
Offer system accesses database, accesses system file, and data synchronize, the bottom datas processing business such as input and output processing.Simultaneously
Data processing can realize efficient access database, data cached, high concurrent, the functions such as multiple threads;System service B2 is main
For data acquisition interface management, the scheduling and monitoring of acquisition content extraction, acquisition tasks, external system data are provided for upper layer
Acquisition support, system information, finger print information and the peace of target device can be obtained by acquisition interface access target equipment
Full configuration information,
Kernel service layer C includes mainly security configuration verification engine C1, report form statistics analysis engine C2, assets scanning engine
C3, Network topology engine C4, the security configuration verification engine C1 by Modbus, S7, Profibus, EtherCAT,
OPC, DNP3, telnet, SSH, NETBIOS, HTTP and HTTPS etc. are remotely accessed, the operation for Windows systems
System can directly carry out local inspection;Report form statistics analysis engine needs to export target device in long-range checking process
Access mode, login the user name and password, as long as checking that target and tool are IP reachable, and check that target opens related take
Business and port, so that it may remotely to be checked.For remotely check can by specify concurrent access number come and meanwhile check more
A equipment, it is through for being unable to IP, but can be by certain intermediate equipments, for example Bastion Host redirects, and can pass through jump
Turn listing function, the assets information and log-on message of the intermediate equipment redirected are set, by redirecting rear access target equipment.For
Need dynamic password, then it can be by sharing interactive function, manual entry is formed to corresponding intermediate equipment or Bastion Host
Active session, system acquire security configuration by access target equipment after the session connection to intermediate equipment or Bastion Host and carry out
Security configuration baseline is verified, and finally output configuration is verified as a result, finally according to security configuration inspection as a result, risk can be carried out
The result of scoring, security configuration can judge related in target device or system according to the security configuration requirement pre-defined
Whether the inspection item of configuration is up to standard, the judgement result of inspection item includes six states:Meet, do not meet, is to be confirmed, is uncomfortable
With, acquisition failure, be not carried out, grade distinguishing is carried out to all inspection items, and is assigned to different weighted values.Grade distinguishing can
To be divided into optional, general, important three grades.Based on the weight of each configuration item, according to hundred-mark system to the up to standard of destination host
Situation is given a mark, and exports the risk score of quantitative target device as a result, intranet network and industrial control equipment configuration is supported to verify
The security configuration of mainstream networked devices verifies function, and C2 verifies task result various dimensions statistical analysis to configuration, and task sequential becomes
Change, multitask is compared, and multitask various dimensions merge (according to place province, city, department, operation system etc.), are counted according to check item
(the more check items of single device, more tables of equipment check items, the more check items of more equipment);The assets scanning engine C3 includes that assets are visited
Survey, assets fingerprint recognition, assets service identification and asset management functions, the support of assets detecting function pass through automatically scanning technology,
It was found that the information technoloy equipment in network reachable IP and networked devices, and the fingerprint of equipment is automatically provided, judge the system class of equipment
Type.By input destination device address segment information (IP etc.), the information such as scanning strategy, obtain assets whether survive, assets fingerprint
With service etc. information.The target of assets detection includes operating system, database and the network equipment in information system, amounts to identification
System be more than 20 kinds, the output of assets fingerprint recognition includes the company-information, product type and corresponding system version of assets
Number etc. information, assets service identification function mainly by for target device port detect and service identification come to target device
The network service of unlatching and port are identified, and support low speed and non-attacking safety detection, are not influencing target device
In the case of scan target device port, the data packet of transmission is normal TCP/UDP connection packets, will not be to target device
Cause any exception;Production management function be mainly the information of target device scan automatically identify, normalize and
It preserves, while manual asset management, including assets also being supported to add, change, delete, inquire manually, the Network topology
Engine, while statistical analysis processing engine implementation security configuration is verified statistical forms output system compliance classification grade and is commented
It is fixed:Inspection result is advised according to closing, check item type is advised (such as based on closing:Log audit, system file, account management, purview certification
Deng), judgement closes rule integrated level and evaluates compliance, and classification scoring, whole to score:Grade area is carried out to all inspection items
Point, and it is assigned to different weighted values, grade distinguishing is segmented into optional, general, important three grades, is based on each configuration item
Weight, give a mark to the situation up to standard of destination host according to hundred-mark system, export the risk score knot of quantitative target device
Fruit, C4 include the Topology Discovery of link layer and the Topology Discovery of network layer, and the Topology Discovery of link layer concentrates on setting link layer
The Topology Discovery of standby such as interchanger and host, the Topology Discovery of network layer can be found that the integrated connection situation of network, mainly
It was found that the equipment such as router in network, network layer device includes router and three-tier switch, and router is used for realizing to net
The operations such as the addressing of network data packet and routing forwarding, three-tier switch are exactly the interchanger for having detail router function, network
Etale topology finds to refer to the discovery of the connection relation between network layer network element.The Topology Discovery of network layer includes finding
The connection between connection and router and subnet between router.There are many kinds of the topology discovery methods of network layer, common
Network layer topology find algorithm there are four types of:Network layer topology based on ICMP agreements finds algorithm, the network based on DNS Protocol
Etale topology finds algorithm, based on ospf protocol, wherein it is most wide with the Topology Discovery application range based on ICMP agreements, with base
Efficiency of algorithm highest is found in the network layer topology of snmp protocol.Following emphasis explains the Topology Discovery side based on ICMP agreements
Method, ICMP realize that Topology Discovery is realized based on Ping and Traceroute tools, and Ping programs are used for detecting purpose master
Whether machine is reachable, inaccessible detection host can be excluded in this way, improves detection efficient and saves detection time.
Traceroute programs, which are used for detecting, reaches the router that is passed through of destination host, and this method has relatively good general
Property, network topology can be found in certain degree, the disadvantage is that due to needing to inject a large amount of ICMP data packets into network, increased
Network load is added, on the other hand the time of search is long, while based on the considerations of current network security, some network managements
Member can close router to ICMP forwarding capabilities, and topology probe is caused to fail,
External access layer D includes security configuration inspection, assets scanning, configuration template library, report management, subscriber management function
Displaying etc. provides third party's interface based on webservice and calls, and function displayed page is embodied as user based on B/S frameworks and carries
For graphic user interface, Chinese operating system is may be mounted at, all operations are all based on menu mode, while providing detailed
Thin help function.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all essences in the present invention
All any modification, equivalent and improvement etc., should all be included in the protection scope of the present invention made by within refreshing and principle.
Claims (5)
1. a kind of industry Internet of Things security configuration check method, the method being made of four systems layer include:Base platform
(A), system process layer (B), kernel service layer (C), external access layer (D).
2. a kind of industrial Internet of Things security configuration check method according to claim 1, base platform (A) includes special
With hardware platform (A1) and basic software platform (A2), the specialized hardware platform (A1) contain for the system provide calculating,
It stores, the hardware device of correspondence with foreign country;Basic software platform (A2) contains the system-specific operating system, file system, hard
Disk encryption and decryption, program encryption and decryption, network service, database, Web service, etc. program execution environments.
3. a kind of industrial Internet of Things security configuration check method according to claim 1, system process layer (B) includes number
According to processing (B1) and system service (B2), the data processing (B1) is internal system interface, provides system and accesses database, visits
Ask that system file, data synchronize, the bottom datas processing business such as input and output processing.Data processing simultaneously can realize efficient access
Database, data cached, high concurrent, the functions such as multiple threads;System service (B2) be mainly used for data acquisition interface management,
The scheduling and monitoring for acquiring content extraction, acquisition tasks provide the acquisition support of external system data for upper layer, can be by adopting
Collect interface access target equipment to obtain system information, finger print information and the security configuration information of target device.
4. a kind of industrial Internet of Things security configuration check method according to claim 1, kernel service layer (C) mainly wrap
Verification engine containing security configuration (C1), report form statistics analysis engine (C2), assets scanning engine (C3), Network topology engine
(C4), the security configuration verification engine (C1) by Modbus, S7, Profibus, EtherCAT, OPC, DNP3, telnet,
SSH, NETBIOS, HTTP and HTTPS etc. are remotely accessed, this can be directly carried out for the operating system of Windows systems
Ground inspection;Report form statistics analysis engine (C2) verifies task result various dimensions statistical analysis to configuring, task timing variations, more
Business is compared, and multitask various dimensions merge (according to place province, city, department, operation system etc.), and (single device is counted according to check item
More check items, more tables of equipment check items, the more check items of more equipment);The assets scanning engine (C3) includes assets detection, assets
Fingerprint recognition, assets service identification and asset management functions, the Network topology engine, (C4) include the topology of link layer
It was found that the Topology Discovery with network layer, the Topology Discovery of link layer concentrate on opening up to link layer device such as interchanger and host etc.
Discovery is flutterred, the Topology Discovery of network layer can be found that the integrated connection situation of network, main to find that the router in network etc. is set
It is standby.
5. a kind of industrial Internet of Things security configuration check method according to claim 1, external access layer (D) includes peace
Full configuration inspection, assets scanning, configuration template library, report management, subscriber management function displaying etc., are provided based on webservice
Third party's interface call.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810436596.8A CN108600260A (en) | 2018-05-09 | 2018-05-09 | A kind of industry Internet of Things security configuration check method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810436596.8A CN108600260A (en) | 2018-05-09 | 2018-05-09 | A kind of industry Internet of Things security configuration check method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108600260A true CN108600260A (en) | 2018-09-28 |
Family
ID=63636054
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810436596.8A Pending CN108600260A (en) | 2018-05-09 | 2018-05-09 | A kind of industry Internet of Things security configuration check method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108600260A (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108900527A (en) * | 2018-07-20 | 2018-11-27 | 南京方恒信息技术有限公司 | A kind of security configuration check system |
CN110262420A (en) * | 2019-06-18 | 2019-09-20 | 国家计算机网络与信息安全管理中心 | A kind of distributed industrial control network security detection system |
CN110717726A (en) * | 2019-09-02 | 2020-01-21 | 山东翰林科技有限公司 | CI model definition method based on CMDB |
WO2020133893A1 (en) * | 2018-12-29 | 2020-07-02 | 江苏博智软件科技股份有限公司 | Industrial control situational awareness active probing system |
CN112132374A (en) * | 2020-03-25 | 2020-12-25 | 长扬科技(北京)有限公司 | Compliance scoring method and device for industrial control host |
CN113315767A (en) * | 2021-05-26 | 2021-08-27 | 国网山东省电力公司电力科学研究院 | Electric power Internet of things equipment safety detection system and method |
CN113791597A (en) * | 2021-11-17 | 2021-12-14 | 浙江齐安信息科技有限公司 | Method and device for collecting configuration item information of industrial control system and storage medium |
CN114079647A (en) * | 2020-08-11 | 2022-02-22 | 中国移动通信集团安徽有限公司 | Method, device and system for IP address filing verification and computing equipment |
CN115277204A (en) * | 2022-07-28 | 2022-11-01 | 国网安徽省电力有限公司电力科学研究院 | Portable network security configuration of electric power monitored control system checks reinforced apparatus |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120295693A1 (en) * | 2011-05-16 | 2012-11-22 | Bytnar Michael R | Dynamic signature management |
CN103390132A (en) * | 2012-05-07 | 2013-11-13 | 恒安嘉新(北京)科技有限公司 | Automatic Unix system security configuration check method |
CN104009869A (en) * | 2014-05-15 | 2014-08-27 | 华南理工大学 | Power secondary system information security level protection online compliance detection method |
CN104766166A (en) * | 2015-03-27 | 2015-07-08 | 杭州安恒信息技术有限公司 | Grade-protection-oriented information system security compliance check method |
CN107004008A (en) * | 2014-11-20 | 2017-08-01 | 微软技术许可有限责任公司 | Recognized using the associated documents of the automation inquiry to different data storage locations |
CN107590253A (en) * | 2017-09-19 | 2018-01-16 | 郑州云海信息技术有限公司 | A kind of automated detection method for MySQL database configuration security |
-
2018
- 2018-05-09 CN CN201810436596.8A patent/CN108600260A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120295693A1 (en) * | 2011-05-16 | 2012-11-22 | Bytnar Michael R | Dynamic signature management |
CN103390132A (en) * | 2012-05-07 | 2013-11-13 | 恒安嘉新(北京)科技有限公司 | Automatic Unix system security configuration check method |
CN104009869A (en) * | 2014-05-15 | 2014-08-27 | 华南理工大学 | Power secondary system information security level protection online compliance detection method |
CN107004008A (en) * | 2014-11-20 | 2017-08-01 | 微软技术许可有限责任公司 | Recognized using the associated documents of the automation inquiry to different data storage locations |
CN104766166A (en) * | 2015-03-27 | 2015-07-08 | 杭州安恒信息技术有限公司 | Grade-protection-oriented information system security compliance check method |
CN107590253A (en) * | 2017-09-19 | 2018-01-16 | 郑州云海信息技术有限公司 | A kind of automated detection method for MySQL database configuration security |
Non-Patent Citations (2)
Title |
---|
王万宁: "安全基线管理系统的研究与实现", 《中国优秀硕士学位论文全文数据库(电子期刊)》 * |
罗朝宇等: "基于SCAP框架的信息系统安全基线技术研究与应用", 《电力信息与通信技术》 * |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108900527A (en) * | 2018-07-20 | 2018-11-27 | 南京方恒信息技术有限公司 | A kind of security configuration check system |
WO2020133893A1 (en) * | 2018-12-29 | 2020-07-02 | 江苏博智软件科技股份有限公司 | Industrial control situational awareness active probing system |
CN110262420A (en) * | 2019-06-18 | 2019-09-20 | 国家计算机网络与信息安全管理中心 | A kind of distributed industrial control network security detection system |
CN110717726A (en) * | 2019-09-02 | 2020-01-21 | 山东翰林科技有限公司 | CI model definition method based on CMDB |
CN110717726B (en) * | 2019-09-02 | 2022-02-11 | 山东翰林科技有限公司 | CI model definition method based on CMDB |
CN112132374A (en) * | 2020-03-25 | 2020-12-25 | 长扬科技(北京)有限公司 | Compliance scoring method and device for industrial control host |
CN114079647A (en) * | 2020-08-11 | 2022-02-22 | 中国移动通信集团安徽有限公司 | Method, device and system for IP address filing verification and computing equipment |
CN114079647B (en) * | 2020-08-11 | 2023-07-21 | 中国移动通信集团安徽有限公司 | Method, device, system and computing equipment for checking IP address record |
CN113315767A (en) * | 2021-05-26 | 2021-08-27 | 国网山东省电力公司电力科学研究院 | Electric power Internet of things equipment safety detection system and method |
CN113315767B (en) * | 2021-05-26 | 2023-08-22 | 国网山东省电力公司电力科学研究院 | Electric power internet of things equipment safety detection system and method |
CN113791597A (en) * | 2021-11-17 | 2021-12-14 | 浙江齐安信息科技有限公司 | Method and device for collecting configuration item information of industrial control system and storage medium |
CN115277204A (en) * | 2022-07-28 | 2022-11-01 | 国网安徽省电力有限公司电力科学研究院 | Portable network security configuration of electric power monitored control system checks reinforced apparatus |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108600260A (en) | A kind of industry Internet of Things security configuration check method | |
CN108183895B (en) | Network asset information acquisition system | |
Buza et al. | CryPLH: Protecting smart energy systems from targeted attacks with a PLC honeypot | |
Xing et al. | Snortflow: A openflow-based intrusion prevention system in cloud environment | |
Jajodia et al. | Topological vulnerability analysis: A powerful new approach for network attack prevention, detection, and response | |
CN108900527A (en) | A kind of security configuration check system | |
KR20020035840A (en) | Method of surveilling internet communication | |
Albanese et al. | Deceiving attackers by creating a virtual attack surface | |
CN101803305A (en) | Network monitoring device, network monitoring method, and network monitoring program | |
Zoure et al. | Network services anomalies in NFV: Survey, taxonomy, and verification methods | |
Terplan | Intranet performance management | |
Ádám et al. | Artificial neural network based IDS | |
Sharma et al. | Analysis of NSL KDD dataset using classification algorithms for intrusion detection system | |
Aar et al. | Analysis of penetration testing tools | |
Aguirre-Anaya et al. | A new procedure to detect low interaction honeypots | |
Tsochev et al. | Improving the efficiency of idps by using hybrid methods from artificial intelligence | |
Nassar et al. | Improve the network performance by using parallel firewalls | |
Sourour et al. | Ensuring security in depth based on heterogeneous network security technologies | |
Mugitama et al. | An evidence-based technical process for openflow-based SDN forensics | |
Vigna | Network intrusion detection: dead or alive? | |
Zhang et al. | Toward comprehensive network verification: Practices, challenges and beyond | |
Liao et al. | ENAVis: Enterprise Network Activities Visualization. | |
Schmidt et al. | A malware detector placement game for intrusion detection | |
Basinya et al. | Implementation of an Intrusion Detection and Prevention System Module for Corporate Network Traffic Management | |
Miwa et al. | 2-3 A Development of Experimental Environ-ments" SIOS" and" VM Nebula" for Reproducing Internet Security Incidents |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20180928 |
|
WD01 | Invention patent application deemed withdrawn after publication |