CN108924131A - A kind of camera Internet of Things mimicry means of defence and device - Google Patents

A kind of camera Internet of Things mimicry means of defence and device Download PDF

Info

Publication number
CN108924131A
CN108924131A CN201810710903.7A CN201810710903A CN108924131A CN 108924131 A CN108924131 A CN 108924131A CN 201810710903 A CN201810710903 A CN 201810710903A CN 108924131 A CN108924131 A CN 108924131A
Authority
CN
China
Prior art keywords
camera
behavior
request
data package
request data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810710903.7A
Other languages
Chinese (zh)
Inventor
王辉
范渊
莫金友
黄进
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Dbappsecurity Technology Co Ltd
Original Assignee
Hangzhou Dbappsecurity Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Dbappsecurity Technology Co Ltd filed Critical Hangzhou Dbappsecurity Technology Co Ltd
Priority to CN201810710903.7A priority Critical patent/CN108924131A/en
Publication of CN108924131A publication Critical patent/CN108924131A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The present invention provides one kind to be directed to camera Internet of Things mimicry means of defence and device, after obtaining the request data package that outside access end is interacted with camera internet of things equipment, whether judgement belongs to suspected attack behavior with the behavior that the camera interacts, when if YES, suspected attack behavior is blocked, and modified response data packet is returned to the corresponding outside access end of the suspected attack behavior, it is non-camera to inform and upset the identity of camera described in attack end, the malicious attack data packet of sustained-release is caused to fail, achieve the effect that hide and protect camera, camera device be can effectively avoid by the threat of attack invasion.

Description

A kind of camera Internet of Things mimicry means of defence and device
Technical field
The present invention relates to network safety filed, in particular to a kind of camera Internet of Things mimicry means of defence and Device.
Background technique
The network environment of camera usually has decentralized, in large scale, obscurity boundary etc., is highly prone to hacker's Therefore attack and utilization it is imperative to carry out security protection to camera.However, the security protection of most of cameras is usual Be missing from, existing camera security protection is all based on access or access control, cardinal principle be based on IP, port, Agreement etc. carries out the policy control of black and white lists, can not protect the attack for camera itself vulnerability exploit, such as attacks Person has forged source IP and has attacked, and just easily enters camera network, and then built-in system is attacked and controlled.
Summary of the invention
In view of this, the embodiment of the present invention is designed to provide a kind of camera Internet of Things mimicry means of defence and dress It sets, to alleviate the above problem.
In a first aspect, the embodiment of the invention provides a kind of camera Internet of Things mimicry means of defence, the method includes: Obtain the request data package that outside access end is interacted with camera internet of things equipment;Based on the request data package, judgement with When the behavior that the camera interacts belongs to suspected attack behavior, to the corresponding outside access end of the suspected attack behavior Return to modified response data packet;Wherein, it is non-take the photograph that the modified response data packet, which characterizes the identity of the camera, As head.
Second aspect, the embodiment of the invention provides a kind of camera Internet of Things mimicry protective device, described device includes: Obtain module, the request data package interacted for obtaining outside access end with camera internet of things equipment;
Judgment module, for being based on the request data package, judgement belongs to the behavior that the camera interacts can Doubt attack;Execution module, for returning to modified number of responses to the corresponding outside access end of the suspected attack behavior According to packet;Wherein, it is non-camera that the modified response data packet, which characterizes the identity of the camera,.
Compared with prior art, what various embodiments of the present invention proposed is directed to camera Internet of Things mimicry means of defence and dress The beneficial effect set is:After obtaining the request data package that outside access end is interacted with camera internet of things equipment, judgement and institute State whether the behavior that camera interacts belongs to suspected attack behavior, if YES when, suspected attack behavior is blocked, And modified response data packet is returned to the corresponding outside access end of the suspected attack behavior, to inform and upset initiation The identity of camera described in the attack end of interbehavior is non-camera, and the malicious attack data packet of sustained-release is caused to fail, Achieve the effect that hide and protect camera, can effectively avoid camera device by the threat of attack invasion.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate Appended attached drawing, is described in detail below.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, below will be to needed in the embodiment attached Figure is briefly described, it should be understood that the following drawings illustrates only certain embodiments of the present invention, therefore is not construed as pair The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this A little attached drawings obtain other relevant attached drawings.
Fig. 1 is the schematic diagram that camera provided in an embodiment of the present invention and access end interact;
Fig. 2 is the structural block diagram of electronic equipment provided in an embodiment of the present invention;
Fig. 3 is a kind of flow chart for camera Internet of Things mimicry means of defence that first embodiment of the invention provides;
Fig. 4 is a kind of structural block diagram for camera Internet of Things mimicry protective device that second embodiment of the invention provides.
Specific embodiment
Below in conjunction with attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete Ground description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Usually exist The component of the embodiment of the present invention described and illustrated in attached drawing can be arranged and be designed with a variety of different configurations herein.Cause This, is not intended to limit claimed invention to the detailed description of the embodiment of the present invention provided in the accompanying drawings below Range, but it is merely representative of selected embodiment of the invention.Based on the embodiment of the present invention, those skilled in the art are not doing Every other embodiment obtained under the premise of creative work out, shall fall within the protection scope of the present invention.
It should be noted that:Similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined in a attached drawing, does not then need that it is further defined and explained in subsequent attached drawing.Meanwhile of the invention In description, term " first ", " second " etc. are only used for distinguishing description, are not understood to indicate or imply relative importance.
As shown in Figure 1, being the schematic diagram that camera 100 provided in an embodiment of the present invention is interacted with access end 200.Institute It states camera 100 to be communicatively coupled by network and one or more access ends 200, to carry out data communication or interaction.Institute Stating access end 200 can be network server, database server etc., be also possible to PC (personal Computer, PC), tablet computer, smart phone, personal digital assistant (personal digital assistant, PDA) Deng.
As shown in Fig. 2, being the block diagram of a kind of electronic equipment 300 provided in an embodiment of the present invention.The electronics is set Standby 300 include:Camera Internet of Things mimicry protective device, memory 110, storage control 120, processor 130, Peripheral Interface 140, input-output unit 150, audio unit 160, display unit 170.
The memory 110, storage control 120, processor 130, Peripheral Interface 140, input-output unit 150, sound Frequency unit 160 and each element of display unit 170 are directly or indirectly electrically connected between each other, with realize data transmission or Interaction.It is electrically connected for example, these elements can be realized between each other by one or more communication bus or signal wire.It is described to take the photograph As head Internet of Things mimicry protective device includes depositing described at least one can be stored in the form of software or firmware (firmware) In reservoir 110 or the software function module that is solidificated in the operating system (operating system, OS) of client device.Institute Processor 130 is stated for executing the executable module stored in memory 110, such as camera Internet of Things mimicry protection dress Set including software function module or computer program.
Wherein, memory 110 may be, but not limited to, random access memory (Random Access Memory, RAM), read-only memory (Read Only Memory, ROM), programmable read only memory (Programmable Read-Only Memory, PROM), erasable read-only memory (Erasable Programmable Read-Only Memory, EPROM), Electricallyerasable ROM (EEROM) (Electric Erasable Programmable Read-Only Memory, EEPROM) etc.. Wherein, memory 110 is for storing program, and the processor 130 executes described program after receiving and executing instruction, aforementioned Method performed by the electronic equipment 300 for the flow definition that any embodiment of the embodiment of the present invention discloses can be applied to processor In 130, or realized by processor 130.
Processor 130 may be a kind of IC chip, the processing capacity with signal.Above-mentioned processor 130 can To be general processor, including central processing unit (Central Processing Unit, abbreviation CPU), network processing unit (Network Processor, abbreviation NP) etc.;Can also be digital signal processor (DSP), specific integrated circuit (ASIC), Field programmable gate array (FPGA) either other programmable logic device, discrete gate or transistor logic, discrete hard Part component.It may be implemented or execute disclosed each method, step and the logic diagram in the embodiment of the present invention.General processor It can be microprocessor or the processor be also possible to any conventional processor etc..
Various input/output devices are couple processor 130 and memory 110 by the Peripheral Interface 140.Some In embodiment, Peripheral Interface 140, processor 130 and storage control 120 can be realized in one single chip.Other one In a little examples, they can be realized by independent chip respectively.
Input-output unit 150 is used to be supplied to the interaction that user input data realizes user and electronic equipment 300.It is described Input-output unit 150 may be, but not limited to, mouse and keyboard etc..
Audio unit 160 provides a user audio interface, may include one or more microphones, one or more raises Sound device and voicefrequency circuit.
Display unit 170 provides an interactive interface (such as user interface) between electronic equipment 300 and user Or it is referred to for display image data to user.In the present embodiment, the display unit 170 can be liquid crystal display or touching Control display.It can be the touching of the capacitance type touch control screen or resistance-type of support single-point and multi-point touch operation if touch control display Control screen etc..Single-point and multi-point touch operation is supported to refer to that touch control display can sense on the touch control display one or more The touch control operation generated simultaneously at a position, and the touch control operation that this is sensed transfers to processor 130 to be calculated and handled.
First embodiment
Referring to figure 3., Fig. 3 is a kind of stream for camera Internet of Things mimicry means of defence that first embodiment of the invention provides Cheng Tu, the method are applied to electronic equipment.Process shown in Fig. 3 will be described in detail below, the method includes:
Step S110:Obtain the request data package that outside access end is interacted with camera internet of things equipment.
Optionally, electronic equipment can be obtained by way of installation monitoring programme or log collection or traffic monitoring The request data package that outside access end is interacted with camera internet of things equipment, wherein the request data package is from access end to institute State camera initiation.
Step S120:Based on the request data package, judgement can with whether the behavior that the camera interacts belongs to Doubt attack.
Certainly, before judging whether to belong to suspected attack behavior with the behavior that the camera interacts, electronics is set It is standby request data package to be parsed, obtain the source IP and request content of the request data package.
Wherein, the source can be the IP for issuing the access end of interbehavior with IP, and the request content can be described The content that access end is requested access to the camera, the content requested access to include access character.
As an alternative embodiment, whether belonging to suspicious attack with the behavior that the camera interacts in judgement When hitting behavior, may include:
Judging that the source IP is not belonging to pre-set white list range, or is judging that the request content is wrapped When the character contained belongs to the character in predetermined attack character repertoire, judge that the behavior interacted with the camera belongs to Suspected attack behavior starts mimicry protection mode to camera, and intercepts the interbehavior.
Otherwise, judge that the behavior interacted with the camera is not belonging to suspected attack behavior, and to the camera shooting The behavior that head interacts is let pass.
As another optional embodiment, it when electronic equipment parses request data package, can parse pre- If the multiple request data packages got in the period obtain source IP, the request content of each request data package, And the request number of times in the difference source IP.At this point, whether belonging to suspicious attack with the behavior that the camera interacts in judgement When hitting behavior, may include:
Judging that the source IP is not belonging to pre-set white list range, or is judging that the request content is wrapped The character contained belong to it is predetermined attack character repertoire in character or the request number of times be greater than preset value when, judgement with The behavior that the camera interacts belongs to suspected attack behavior, starts mimicry protection mode to camera, and intercept the friendship Mutual behavior.
Otherwise, judge that the behavior interacted with the camera is not belonging to suspected attack behavior, and to the camera shooting The behavior that head interacts is let pass.
Wherein, the source IP of multiple non-suspicious interbehaviors of characterization is saved within the scope of pre-set white list, in advance The attack character of multiple suspicious interbehaviors of characterization is saved in determining attack character repertoire.
Step S130:When judgement belongs to suspected attack behavior, to the corresponding outside access end of the suspected attack behavior Return to modified response data packet.
Wherein, it is non-camera that the modified response data packet, which characterizes the identity of the camera,.
Optionally, modified response data packet is returned to the corresponding outside access end of the suspected attack behavior, it can be with Including:
The port of the former response data packet of modification and/or protocol type and/or data field, obtain modified response data Packet;The modified response data packet is returned to the corresponding outside access end of the suspected attack behavior.
Second embodiment
Referring to figure 4., Fig. 4 is a kind of camera Internet of Things mimicry protective device 400 that second embodiment of the invention provides Structural block diagram.Structural block diagram shown in Fig. 4 will be illustrated below, shown device includes:
Obtain module 410, the request data package interacted for obtaining outside access end with camera internet of things equipment;
Judgment module 420 judges that the behavior interacted with the camera belongs to for being based on the request data package Suspected attack behavior;
Execution module 430, for returning to modified number of responses to the corresponding outside access end of the suspected attack behavior According to packet.
Wherein, it is non-camera that the modified response data packet, which is used to characterize the identity of the camera,.
Optionally, the judgment module 420, specifically can be used for:
The request data package is parsed, source IP, the request content of the request data package are obtained;Judging the source IP is not belonging to pre-set white list range or is judging that it is predetermined that character that the request content is included belongs to When attacking the character in character repertoire, judgement belongs to suspected attack behavior with the behavior that the camera interacts.
Optionally, the judgment module 420, specifically can be used for:
The multiple request data packages got within a preset period of time are parsed, each request data package is obtained Source IP, request content, and the request number of times in the difference source IP are judging that the source IP is not belonging to pre-set white name Single range, or in the character for judging that character that the request content is included belongs in predetermined attack character repertoire, or When request number of times described in person is greater than preset value, judgement belongs to suspected attack behavior with the behavior that the camera interacts.
Optionally, the judgment module 430, specifically can be used for:
The port of the former response data packet of modification and/or protocol type and/or data field, obtain modified response data Packet;The modified response data packet is returned to the corresponding outside access end of the suspected attack behavior.
Optionally, the acquisition module 410, specifically can be used for:
By way of installation monitoring programme or log collection or traffic monitoring, outside access end and camera object are obtained The request data package of networked devices interaction.
The present embodiment to the process of the respective function of each Implement of Function Module of camera Internet of Things mimicry protective device 400, Content described in above-mentioned Fig. 1 to embodiment illustrated in fig. 3 is referred to, details are not described herein again.
In conclusion a kind of camera Internet of Things mimicry means of defence and device that the embodiment of the present invention proposes, are being obtained After the request data package for taking outside access end to interact with camera internet of things equipment, the row interacted with the camera is judged Whether to belong to suspected attack behavior, if YES when, return to modification to the corresponding outside access end of the suspected attack behavior Response data packet afterwards, so that the identity for informing and upsetting camera described in the attack end of initiation interbehavior is non-camera, Cause the malicious attack data packet of sustained-release to fail, achievees the effect that hide and protect camera, can effectively avoid camera Threat of the equipment by attack invasion.
In several embodiments provided herein, it should be understood that disclosed device and method can also pass through Other modes are realized.The apparatus embodiments described above are merely exemplary, for example, flow chart and block diagram in attached drawing Show the device of multiple embodiments according to the present invention, the architectural framework in the cards of method and computer program product, Function and operation.In this regard, each box in flowchart or block diagram can represent the one of a module, section or code Part, a part of the module, section or code, which includes that one or more is for implementing the specified logical function, to be held Row instruction.It should also be noted that function marked in the box can also be to be different from some implementations as replacement The sequence marked in attached drawing occurs.For example, two continuous boxes can actually be basically executed in parallel, they are sometimes It can execute in the opposite order, this depends on the function involved.It is also noted that every in block diagram and or flow chart The combination of box in a box and block diagram and or flow chart can use the dedicated base for executing defined function or movement It realizes, or can realize using a combination of dedicated hardware and computer instructions in the system of hardware.
In addition, each functional module in each embodiment of the present invention can integrate one independent portion of formation together Point, it is also possible to modules individualism, an independent part can also be integrated to form with two or more modules.
It, can be with if the function is realized and when sold or used as an independent product in the form of software function module It is stored in a computer readable storage medium.Based on this understanding, technical solution of the present invention is substantially in other words The part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meter Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a People's computer, server or network equipment etc.) it performs all or part of the steps of the method described in the various embodiments of the present invention. And storage medium above-mentioned includes:USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic or disk.It needs Illustrate, herein, relational terms such as first and second and the like be used merely to by an entity or operation with Another entity or operation distinguish, and without necessarily requiring or implying between these entities or operation, there are any this realities The relationship or sequence on border.Moreover, the terms "include", "comprise" or its any other variant are intended to the packet of nonexcludability Contain, so that the process, method, article or equipment for including a series of elements not only includes those elements, but also including Other elements that are not explicitly listed, or further include for elements inherent to such a process, method, article, or device. In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including the element Process, method, article or equipment in there is also other identical elements.
The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, for the skill of this field For art personnel, the invention may be variously modified and varied.All within the spirits and principles of the present invention, made any to repair Change, equivalent replacement, improvement etc., should all be included in the protection scope of the present invention.It should be noted that:Similar label and letter exist Similar terms are indicated in following attached drawing, therefore, once being defined in a certain Xiang Yi attached drawing, are then not required in subsequent attached drawing It is further defined and explained.
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any Those familiar with the art in the technical scope disclosed by the present invention, can easily think of the change or the replacement, and should all contain Lid is within protection scope of the present invention.Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. a kind of camera Internet of Things mimicry means of defence, which is characterized in that the method includes:
Obtain the request data package that outside access end is interacted with camera internet of things equipment;
Based on the request data package, when judgement belongs to suspected attack behavior with the behavior that the camera interacts, to The modified response data packet of the corresponding outside access end return of suspected attack behavior;Wherein, the modified response The identity that data packet characterizes the camera is non-camera.
2. judgement is taken the photograph with described the method according to claim 1, wherein described be based on the request data package The behavior interacted as head belongs to suspected attack behavior, including:
The request data package is parsed, source IP, the request content of the request data package are obtained;
Judging that the source IP is not belonging to pre-set white list range or is judging that the request content included When character belongs to the character in predetermined attack character repertoire, judgement belongs to suspicious with the behavior that the camera interacts Attack.
3. judgement is taken the photograph with described the method according to claim 1, wherein described be based on the request data package Whether the behavior interacted as head belongs to suspected attack behavior, including:
The multiple request data packages got within a preset period of time are parsed, the source of each request data package is obtained IP, request content, and the request number of times in the difference source IP;
Judging that the source IP is not belonging to pre-set white list range, or is judging that the request content included Character belong to it is predetermined attack character repertoire in character or the request number of times be greater than preset value when, judgement with it is described The behavior that camera interacts belongs to suspected attack behavior.
4. method according to claim 1 to 3, which is characterized in that the corresponding external visit of the suspected attack behavior Ask that end returns to modified response data packet, including:
The port of the former response data packet of modification and/or protocol type and/or data field, obtain modified response data packet;
The modified response data packet is returned to the corresponding outside access end of the suspected attack behavior.
5. according to the method described in claim 4, it is characterized in that, the acquisition outside access end and camera internet of things equipment Interactive request data package, including:
By way of installation monitoring programme or log collection or traffic monitoring, outside access end and camera Internet of Things are obtained The request data package of equipment interaction.
6. a kind of camera Internet of Things mimicry protective device, which is characterized in that described device includes:
Obtain module, the request data package interacted for obtaining outside access end with camera internet of things equipment;
Judgment module, for being based on the request data package, judgement belongs to suspicious attack with the behavior that the camera interacts Hit behavior;
Execution module, for returning to modified response data packet to the corresponding outside access end of the suspected attack behavior;Its In, the identity that the modified response data packet characterizes the camera is non-camera.
7. device according to claim 6, which is characterized in that the judgment module is used for
The request data package is parsed, source IP, the request content of the request data package are obtained;Judging the source IP not Belong to pre-set white list range or is judging that the character that the request content is included belongs to predetermined attack When character in character repertoire, judgement belongs to suspected attack behavior with the behavior that the camera interacts.
8. device according to claim 6, which is characterized in that the judgment module is used for:
The multiple request data packages got within a preset period of time are parsed, the source of each request data package is obtained IP, request content, and the request number of times in the difference source IP are judging that the source IP is not belonging to pre-set white list model It encloses, or in the character for judging that character that the request content is included belongs in predetermined attack character repertoire, Huo Zhesuo When stating request number of times greater than preset value, judgement belongs to suspected attack behavior with the behavior that the camera interacts.
9. according to device as claimed in claim 6 to 8, which is characterized in that the execution module, for modifying former number of responses According to the port of packet and/or protocol type and/or data field, modified response data packet is obtained;To the suspected attack row The modified response data packet is returned for corresponding outside access end.
10. device according to claim 9, which is characterized in that the acquisition module is used for
By way of installation monitoring programme or log collection or traffic monitoring, outside access end and camera Internet of Things are obtained The request data package of equipment interaction.
CN201810710903.7A 2018-07-02 2018-07-02 A kind of camera Internet of Things mimicry means of defence and device Pending CN108924131A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810710903.7A CN108924131A (en) 2018-07-02 2018-07-02 A kind of camera Internet of Things mimicry means of defence and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810710903.7A CN108924131A (en) 2018-07-02 2018-07-02 A kind of camera Internet of Things mimicry means of defence and device

Publications (1)

Publication Number Publication Date
CN108924131A true CN108924131A (en) 2018-11-30

Family

ID=64423312

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810710903.7A Pending CN108924131A (en) 2018-07-02 2018-07-02 A kind of camera Internet of Things mimicry means of defence and device

Country Status (1)

Country Link
CN (1) CN108924131A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101729871A (en) * 2009-12-24 2010-06-09 公安部第一研究所 Method for safe cross-domain access to SIP video monitoring system
CN103906046A (en) * 2014-04-17 2014-07-02 上海电机学院 Safe point-to-point on-demand routing method based on identity hiding
CN104869120A (en) * 2015-05-22 2015-08-26 中国人民解放军信息工程大学 Active hiding method of router identity characteristic information
CN105471866A (en) * 2015-11-23 2016-04-06 深圳市联软科技有限公司 Protection method and apparatus for mobile application
CN105471912A (en) * 2015-12-31 2016-04-06 深圳市深信服电子科技有限公司 Security defense method and system of monitoring system
EP3068095A2 (en) * 2015-02-19 2016-09-14 Fujitsu Limited Monitoring apparatus and method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101729871A (en) * 2009-12-24 2010-06-09 公安部第一研究所 Method for safe cross-domain access to SIP video monitoring system
CN103906046A (en) * 2014-04-17 2014-07-02 上海电机学院 Safe point-to-point on-demand routing method based on identity hiding
EP3068095A2 (en) * 2015-02-19 2016-09-14 Fujitsu Limited Monitoring apparatus and method
CN104869120A (en) * 2015-05-22 2015-08-26 中国人民解放军信息工程大学 Active hiding method of router identity characteristic information
CN105471866A (en) * 2015-11-23 2016-04-06 深圳市联软科技有限公司 Protection method and apparatus for mobile application
CN105471912A (en) * 2015-12-31 2016-04-06 深圳市深信服电子科技有限公司 Security defense method and system of monitoring system

Similar Documents

Publication Publication Date Title
US11818169B2 (en) Detecting and mitigating attacks using forged authentication objects within a domain
US11570204B2 (en) Detecting and mitigating golden ticket attacks within a domain
US10728261B2 (en) System and method for cyber security threat detection
US10560471B2 (en) Detecting web exploit kits by tree-based structural similarity search
CN102932329B (en) A kind of method, device and client device that the behavior of program is tackled
US20220201042A1 (en) Ai-driven defensive penetration test analysis and recommendation system
EP3219068B1 (en) Method of identifying and counteracting internet attacks
CN111274583A (en) Big data computer network safety protection device and control method thereof
CN110417778B (en) Access request processing method and device
US10997289B2 (en) Identifying malicious executing code of an enclave
CN113489713B (en) Network attack detection method, device, equipment and storage medium
US9639689B1 (en) User authentication
CN111898124B (en) Process access control method and device, storage medium and electronic equipment
CN109167781A (en) A kind of recognition methods of network attack chain and device based on dynamic associated analysis
CN109347876B (en) Security defense method and related device
US20230308459A1 (en) Authentication attack detection and mitigation with embedded authentication and delegation
CN110839025A (en) Centralized web penetration detection honeypot method, device and system and electronic equipment
CN103220277B (en) The monitoring method of cross-site scripting attack, Apparatus and system
CN107231383B (en) CC attack detection method and device
CN108924131A (en) A kind of camera Internet of Things mimicry means of defence and device
CN108830087A (en) security patch management method and device
CN109560960B (en) WAF brute force cracking protection parameter configuration method and device and WAF system
CN114417349A (en) Attack result determination method, device, electronic equipment and storage medium
Singh et al. TabSol: an efficient framework to defend Tabnabbing
CN108471430A (en) A kind of Internet of Things embedded-type security means of defence and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20181130