CN109981606A - The hardware firewall detection device of universal serial bus - Google Patents

The hardware firewall detection device of universal serial bus Download PDF

Info

Publication number
CN109981606A
CN109981606A CN201910172009.3A CN201910172009A CN109981606A CN 109981606 A CN109981606 A CN 109981606A CN 201910172009 A CN201910172009 A CN 201910172009A CN 109981606 A CN109981606 A CN 109981606A
Authority
CN
China
Prior art keywords
firewall
interface
universal serial
serial bus
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910172009.3A
Other languages
Chinese (zh)
Inventor
胡磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Huaan Putt Network Technology Co Ltd
Original Assignee
Beijing Huaan Putt Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Huaan Putt Network Technology Co Ltd filed Critical Beijing Huaan Putt Network Technology Co Ltd
Priority to CN201910172009.3A priority Critical patent/CN109981606A/en
Publication of CN109981606A publication Critical patent/CN109981606A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks

Abstract

The invention discloses a kind of hardware firewall detection devices of universal serial bus.It is related to hardware firewall detection technique field.The present invention includes processor, storage device and firewall interface: processor is used to detect the data packet of universal serial bus transmission;Storage device is stored for data;Firewall interface is divided into firewall interface one, firewall interface two, and local firewall is arranged at bus interface, realizes Distributed structure;Firewall interface is equipped with the multistage security module that can dynamically update.Firewall interface of the present invention is divided into firewall interface one and firewall interface two, firewall interface one is for code, the transmitting, monitoring of data, shared storage information, firewall interface two is used for the monitoring of uart, gpio, usb interface transmission, multitask isolation processing really is realized, quickly realizes that the analysis processing of data packet guarantees the safety of data in storage device.

Description

The hardware firewall detection device of universal serial bus
Technical field
The invention belongs to hardware firewall detection technique fields, prevent fires more particularly to a kind of hardware of universal serial bus Wall detection device.
Background technique
Computer fire proof wall Network Monitoring Technology be analysis, prevention, processing network correlation problem tool and method are provided, It is one of the ways and means for implementing network management.The country has the product for having subnetwork management and network monitoring function, But without disclosing its technical detail, and general network monitoring frame is not formed.Development and net with broadband network How the expansion of network monitoring system scale monitors the huge communication data of flow on broadband, how to monitor simultaneously large number of Managed device, the performance issue of network monitoring system, which becomes, determines the whether successful matter of utmost importance of a network monitoring system. In existing storage device data easily by attack and destruction the problem of.
Summary of the invention
The purpose of the present invention is to provide a kind of hardware firewall detection device of universal serial bus, firewall interfaces point For firewall interface one and firewall interface two, firewall interface one is for code, the transmission prison of data, shared storage information Control, firewall interface two are used for the monitoring of uart, gpio, usb interface transmission, really realize multitask isolation processing, fastly The analysis processing of the realization data packet of speed guarantees the safety of data in storage device, solves number in existing storage device According to easily by attack and destruction the problem of.
In order to solve the above technical problems, the present invention is achieved by the following technical solutions:
The present invention be a kind of universal serial bus hardware firewall detection device, including processor, storage device and Firewall interface:
The processor is used to detect the data packet of universal serial bus transmission;The storage device is stored for data;
The firewall interface is divided into firewall interface one, firewall interface two, and part fire prevention is arranged at bus interface Wall realizes Distributed structure;
Wherein, firewall interface is equipped with the multistage security module that can dynamically update.
Preferably, it is equipped with local password firewall at the data-interface of the storage device, completes the guarantor to significant data Shield.
Preferably, the firewall interface is that packet filter firewall works in network layer, source and mesh to data packet ground IP With identification and control action.
Preferably, the firewall interface one is for code, the transmitting, monitoring of data, shared storage information;The fire prevention Wall interface two is used for the monitoring of uart, gpio, usb interface transmission;Wherein, the firewall interface one, firewall interface two are real Row multitask isolation processing.
Preferably, the processor obtains data packet by universal serial bus, complete paired data Packet type and network Location filtering;Multiple application programs are stored in the processor.
Preferably, the multiple application program is executed by processor.
Preferably, the multiple application program is used for the analysis of data packet, completes the detection and disease of virus with malicious attack The processing of poison and malicious attack, to treated, data are arranged.
Preferably, the encapsulation and data of data packet are completed after the multiple application program completion data processing by processor The push of packet.
The invention has the following advantages:
Firewall interface of the present invention is divided into firewall interface one and firewall interface two, firewall interface one for code, The transmitting, monitoring of data, shared storage information, firewall interface two are used for the monitoring of uart, gpio, usb interface transmission, really Realize multitask isolation processing, quickly realize data packet analysis processing guarantee guarantee storage device in data safety Property.
Certainly, it implements any of the products of the present invention and does not necessarily require achieving all the advantages described above at the same time.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, will be described below to embodiment required Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for ability For the those of ordinary skill of domain, without creative efforts, it can also be obtained according to these attached drawings other attached Figure.
Fig. 1 is universal serial bus firewall schematic diagram of the invention;
Fig. 2 is firewall work flow diagram of the invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts all other Embodiment shall fall within the protection scope of the present invention.
It please refers to shown in Fig. 1-2, the present invention is a kind of hardware firewall detection device of universal serial bus, including processing Device, storage device and firewall interface:
Firewall technology experienced 3 packet filtering, application proxy gateway and state-detection developing stage.Packet filter is prevented Wall with flues typically directly E-Packets, it is fully transparent to user, fast speed;Application proxy gateway firewall is to pass through server Connection is established, can there is stronger authentication and registering functional;State-inspection firewall is to establish shape in its core State connection table, and the data for passing in and out network are tracked into each session status using state table as session one by one.State prison It surveys and whether data packet, which meets session state in which, is more considered not only according to rule list to the inspection of each packet, therefore mention The control ability completely to transport layer is supplied.
Processor is used to detect the data packet of universal serial bus transmission;Storage device is stored for data;
Firewall interface is divided into firewall interface one, firewall interface two, and local firewall is arranged at bus interface, real Existing Distributed structure;
Wherein, firewall interface is equipped with the multistage security module that can dynamically update.
Firewall interface is divided into firewall interface one and firewall interface two, and firewall interface one is used for code, data, is total to The transmitting, monitoring of storage information is enjoyed, firewall interface two is used for the monitoring of uart, gpio, usb interface transmission, really realizes Multitask isolation processing quickly realizes that the analysis processing of data packet guarantees the safety of data in storage device.
Wherein, it is equipped with local password firewall at the data-interface of storage device, completes the protection to significant data.
Wherein, firewall interface is that packet filter firewall works in network layer, source and mesh to data packet IP have and know Other and control action.
Wherein, firewall interface one is for code, the transmitting, monitoring of data, shared storage information;Firewall interface two is used In the monitoring of uart, gpio, usb interface transmission;Wherein, firewall interface one, firewall interface two are carried out at multitask isolation Reason.
Wherein, processor obtains data packet, complete paired data Packet type and network address filtering by universal serial bus; Multiple application programs are stored in processor.
Wherein, multiple application programs are executed by processor.
Wherein, multiple application programs are used for the analysis of data packet, complete the viral detection with malicious attack and virus and dislike The processing of meaning attack, to treated, data are arranged.
Wherein, the encapsulation of data packet and pushing away for data packet are completed by processor after multiple application programs completion data processings It send.
It is worth noting that, included each unit is only drawn according to function logic in the above system embodiment Point, but be not limited to the above division, as long as corresponding functions can be realized;In addition, each functional unit is specific Title is also only for convenience of distinguishing each other, the protection scope being not intended to restrict the invention.
In addition, those of ordinary skill in the art will appreciate that realizing all or part of the steps in the various embodiments described above method It is that relevant hardware can be instructed to complete by program, corresponding program can store to be situated between in a computer-readable storage In matter, the storage medium, such as ROM/RAM, disk or CD.
Present invention disclosed above preferred embodiment is only intended to help to illustrate the present invention.There is no detailed for preferred embodiment All details are described, are not limited the invention to the specific embodiments described.Obviously, according to the content of this specification, It can make many modifications and variations.These embodiments are chosen and specifically described to this specification, is in order to better explain the present invention Principle and practical application, so that skilled artisan be enable to better understand and utilize the present invention.The present invention is only It is limited by claims and its full scope and equivalent.

Claims (8)

1. a kind of hardware firewall detection device of universal serial bus, which is characterized in that including processor, storage device and Firewall interface:
The processor is used to detect the data packet of universal serial bus transmission;The storage device is stored for data;
The firewall interface is divided into firewall interface one, firewall interface two, and local firewall is arranged at bus interface, real Existing Distributed structure;
Wherein, firewall interface is equipped with the multistage security module that can dynamically update.
2. a kind of hardware firewall detection device of universal serial bus according to claim 1, which is characterized in that described It is equipped with local password firewall at the data-interface of storage device, completes the protection to significant data.
3. a kind of hardware firewall detection device of universal serial bus according to claim 1, which is characterized in that described Firewall interface is that packet filter firewall works in network layer, source and mesh to data packet IP there is identification and control action.
4. a kind of hardware firewall detection device of universal serial bus according to claim 1, which is characterized in that described Firewall interface one is for code, the transmitting, monitoring of data, shared storage information;The firewall interface two for uart, The monitoring of gpio, usb interface transmission;Wherein, the firewall interface one, firewall interface two carry out multitask isolation processing.
5. a kind of hardware firewall detection device of universal serial bus according to claim 1, which is characterized in that described Processor obtains data packet, complete paired data Packet type and network address filtering by universal serial bus;In the processor It is stored with multiple application programs.
6. a kind of hardware firewall detection device of universal serial bus according to claim 5, which is characterized in that described Multiple application programs are executed by processor.
7. a kind of hardware firewall detection device of universal serial bus according to claim 5, which is characterized in that described Multiple application programs are used for the analysis of data packet, complete the detection of virus and malicious attack and the processing of virus and malicious attack, To treated, data are arranged.
8. a kind of hardware firewall detection device of universal serial bus according to claim 5, which is characterized in that described Multiple application programs complete the encapsulation of data packet and the push of data packet by processor after completing data processing.
CN201910172009.3A 2019-03-07 2019-03-07 The hardware firewall detection device of universal serial bus Pending CN109981606A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910172009.3A CN109981606A (en) 2019-03-07 2019-03-07 The hardware firewall detection device of universal serial bus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910172009.3A CN109981606A (en) 2019-03-07 2019-03-07 The hardware firewall detection device of universal serial bus

Publications (1)

Publication Number Publication Date
CN109981606A true CN109981606A (en) 2019-07-05

Family

ID=67078142

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910172009.3A Pending CN109981606A (en) 2019-03-07 2019-03-07 The hardware firewall detection device of universal serial bus

Country Status (1)

Country Link
CN (1) CN109981606A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111177765A (en) * 2020-01-06 2020-05-19 广州知弘科技有限公司 Financial big data processing method, storage medium and system
CN112445958A (en) * 2020-11-18 2021-03-05 厦门物之联智能科技有限公司 Big data acquisition and storage system and method based on artificial intelligence

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101013406A (en) * 2007-02-12 2007-08-08 北京飞天诚信科技有限公司 Automatic-installable information safety equipment and control method thereof
US20110154471A1 (en) * 2009-12-23 2011-06-23 Craig Anderson Systems and methods for processing application firewall session information on owner core in multiple core system
CN102138131A (en) * 2009-08-03 2011-07-27 金士顿科技股份有限公司 Universal serial bus - hardwate firewall (USB-HF) adaptor
CN109274648A (en) * 2018-08-28 2019-01-25 西安工业大学 A kind of movable type cable firewall device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101013406A (en) * 2007-02-12 2007-08-08 北京飞天诚信科技有限公司 Automatic-installable information safety equipment and control method thereof
CN102138131A (en) * 2009-08-03 2011-07-27 金士顿科技股份有限公司 Universal serial bus - hardwate firewall (USB-HF) adaptor
US20110154471A1 (en) * 2009-12-23 2011-06-23 Craig Anderson Systems and methods for processing application firewall session information on owner core in multiple core system
CN109274648A (en) * 2018-08-28 2019-01-25 西安工业大学 A kind of movable type cable firewall device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111177765A (en) * 2020-01-06 2020-05-19 广州知弘科技有限公司 Financial big data processing method, storage medium and system
CN112445958A (en) * 2020-11-18 2021-03-05 厦门物之联智能科技有限公司 Big data acquisition and storage system and method based on artificial intelligence

Similar Documents

Publication Publication Date Title
US9942270B2 (en) Database deception in directory services
CN109962891B (en) Method, device and equipment for monitoring cloud security and computer storage medium
US11165812B2 (en) Containment of security threats within a computing environment
CN106790091B (en) Cloud safety protection system and flow cleaning method
EP3214568B1 (en) Method, apparatus and system for processing cloud application attack behaviours in cloud computing system
US10476891B2 (en) Monitoring access of network darkspace
US9769204B2 (en) Distributed system for Bot detection
US9609019B2 (en) System and method for directing malicous activity to a monitoring system
US9356950B2 (en) Evaluating URLS for malicious content
KR101689295B1 (en) Automated verification method of security event and automated verification apparatus of security event
TW201642618A (en) System and method for threat-driven security policy controls
TW201642617A (en) System and method for threat-driven security policy controls
WO2017139489A1 (en) Automated honeypot provisioning system
US20100325685A1 (en) Security Integration System and Device
CN104023034A (en) Security defensive system and defensive method based on software-defined network
CN105991595A (en) Network security protection method and device
WO2014094151A1 (en) System and method for monitoring data in a client environment
WO2016081561A1 (en) System and method for directing malicious activity to a monitoring system
Ko et al. Management platform of threats information in IoT environment
CN113726790B (en) Network attack source identification and blocking method, system, device and medium
CN104243442A (en) Network access system, network protective equipment and terminal server
CN109981606A (en) The hardware firewall detection device of universal serial bus
Ariffin et al. API vulnerabilities in cloud computing platform: attack and detection
CN103067384A (en) Threat processing method, system, linkage client, safety equipment and host
CN115086064A (en) Large-scale network security defense system based on cooperative intrusion detection

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190705