CN109981606A - The hardware firewall detection device of universal serial bus - Google Patents
The hardware firewall detection device of universal serial bus Download PDFInfo
- Publication number
- CN109981606A CN109981606A CN201910172009.3A CN201910172009A CN109981606A CN 109981606 A CN109981606 A CN 109981606A CN 201910172009 A CN201910172009 A CN 201910172009A CN 109981606 A CN109981606 A CN 109981606A
- Authority
- CN
- China
- Prior art keywords
- firewall
- interface
- universal serial
- serial bus
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
Abstract
The invention discloses a kind of hardware firewall detection devices of universal serial bus.It is related to hardware firewall detection technique field.The present invention includes processor, storage device and firewall interface: processor is used to detect the data packet of universal serial bus transmission;Storage device is stored for data;Firewall interface is divided into firewall interface one, firewall interface two, and local firewall is arranged at bus interface, realizes Distributed structure;Firewall interface is equipped with the multistage security module that can dynamically update.Firewall interface of the present invention is divided into firewall interface one and firewall interface two, firewall interface one is for code, the transmitting, monitoring of data, shared storage information, firewall interface two is used for the monitoring of uart, gpio, usb interface transmission, multitask isolation processing really is realized, quickly realizes that the analysis processing of data packet guarantees the safety of data in storage device.
Description
Technical field
The invention belongs to hardware firewall detection technique fields, prevent fires more particularly to a kind of hardware of universal serial bus
Wall detection device.
Background technique
Computer fire proof wall Network Monitoring Technology be analysis, prevention, processing network correlation problem tool and method are provided,
It is one of the ways and means for implementing network management.The country has the product for having subnetwork management and network monitoring function,
But without disclosing its technical detail, and general network monitoring frame is not formed.Development and net with broadband network
How the expansion of network monitoring system scale monitors the huge communication data of flow on broadband, how to monitor simultaneously large number of
Managed device, the performance issue of network monitoring system, which becomes, determines the whether successful matter of utmost importance of a network monitoring system.
In existing storage device data easily by attack and destruction the problem of.
Summary of the invention
The purpose of the present invention is to provide a kind of hardware firewall detection device of universal serial bus, firewall interfaces point
For firewall interface one and firewall interface two, firewall interface one is for code, the transmission prison of data, shared storage information
Control, firewall interface two are used for the monitoring of uart, gpio, usb interface transmission, really realize multitask isolation processing, fastly
The analysis processing of the realization data packet of speed guarantees the safety of data in storage device, solves number in existing storage device
According to easily by attack and destruction the problem of.
In order to solve the above technical problems, the present invention is achieved by the following technical solutions:
The present invention be a kind of universal serial bus hardware firewall detection device, including processor, storage device and
Firewall interface:
The processor is used to detect the data packet of universal serial bus transmission;The storage device is stored for data;
The firewall interface is divided into firewall interface one, firewall interface two, and part fire prevention is arranged at bus interface
Wall realizes Distributed structure;
Wherein, firewall interface is equipped with the multistage security module that can dynamically update.
Preferably, it is equipped with local password firewall at the data-interface of the storage device, completes the guarantor to significant data
Shield.
Preferably, the firewall interface is that packet filter firewall works in network layer, source and mesh to data packet ground IP
With identification and control action.
Preferably, the firewall interface one is for code, the transmitting, monitoring of data, shared storage information;The fire prevention
Wall interface two is used for the monitoring of uart, gpio, usb interface transmission;Wherein, the firewall interface one, firewall interface two are real
Row multitask isolation processing.
Preferably, the processor obtains data packet by universal serial bus, complete paired data Packet type and network
Location filtering;Multiple application programs are stored in the processor.
Preferably, the multiple application program is executed by processor.
Preferably, the multiple application program is used for the analysis of data packet, completes the detection and disease of virus with malicious attack
The processing of poison and malicious attack, to treated, data are arranged.
Preferably, the encapsulation and data of data packet are completed after the multiple application program completion data processing by processor
The push of packet.
The invention has the following advantages:
Firewall interface of the present invention is divided into firewall interface one and firewall interface two, firewall interface one for code,
The transmitting, monitoring of data, shared storage information, firewall interface two are used for the monitoring of uart, gpio, usb interface transmission, really
Realize multitask isolation processing, quickly realize data packet analysis processing guarantee guarantee storage device in data safety
Property.
Certainly, it implements any of the products of the present invention and does not necessarily require achieving all the advantages described above at the same time.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, will be described below to embodiment required
Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for ability
For the those of ordinary skill of domain, without creative efforts, it can also be obtained according to these attached drawings other attached
Figure.
Fig. 1 is universal serial bus firewall schematic diagram of the invention;
Fig. 2 is firewall work flow diagram of the invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts all other
Embodiment shall fall within the protection scope of the present invention.
It please refers to shown in Fig. 1-2, the present invention is a kind of hardware firewall detection device of universal serial bus, including processing
Device, storage device and firewall interface:
Firewall technology experienced 3 packet filtering, application proxy gateway and state-detection developing stage.Packet filter is prevented
Wall with flues typically directly E-Packets, it is fully transparent to user, fast speed;Application proxy gateway firewall is to pass through server
Connection is established, can there is stronger authentication and registering functional;State-inspection firewall is to establish shape in its core
State connection table, and the data for passing in and out network are tracked into each session status using state table as session one by one.State prison
It surveys and whether data packet, which meets session state in which, is more considered not only according to rule list to the inspection of each packet, therefore mention
The control ability completely to transport layer is supplied.
Processor is used to detect the data packet of universal serial bus transmission;Storage device is stored for data;
Firewall interface is divided into firewall interface one, firewall interface two, and local firewall is arranged at bus interface, real
Existing Distributed structure;
Wherein, firewall interface is equipped with the multistage security module that can dynamically update.
Firewall interface is divided into firewall interface one and firewall interface two, and firewall interface one is used for code, data, is total to
The transmitting, monitoring of storage information is enjoyed, firewall interface two is used for the monitoring of uart, gpio, usb interface transmission, really realizes
Multitask isolation processing quickly realizes that the analysis processing of data packet guarantees the safety of data in storage device.
Wherein, it is equipped with local password firewall at the data-interface of storage device, completes the protection to significant data.
Wherein, firewall interface is that packet filter firewall works in network layer, source and mesh to data packet IP have and know
Other and control action.
Wherein, firewall interface one is for code, the transmitting, monitoring of data, shared storage information;Firewall interface two is used
In the monitoring of uart, gpio, usb interface transmission;Wherein, firewall interface one, firewall interface two are carried out at multitask isolation
Reason.
Wherein, processor obtains data packet, complete paired data Packet type and network address filtering by universal serial bus;
Multiple application programs are stored in processor.
Wherein, multiple application programs are executed by processor.
Wherein, multiple application programs are used for the analysis of data packet, complete the viral detection with malicious attack and virus and dislike
The processing of meaning attack, to treated, data are arranged.
Wherein, the encapsulation of data packet and pushing away for data packet are completed by processor after multiple application programs completion data processings
It send.
It is worth noting that, included each unit is only drawn according to function logic in the above system embodiment
Point, but be not limited to the above division, as long as corresponding functions can be realized;In addition, each functional unit is specific
Title is also only for convenience of distinguishing each other, the protection scope being not intended to restrict the invention.
In addition, those of ordinary skill in the art will appreciate that realizing all or part of the steps in the various embodiments described above method
It is that relevant hardware can be instructed to complete by program, corresponding program can store to be situated between in a computer-readable storage
In matter, the storage medium, such as ROM/RAM, disk or CD.
Present invention disclosed above preferred embodiment is only intended to help to illustrate the present invention.There is no detailed for preferred embodiment
All details are described, are not limited the invention to the specific embodiments described.Obviously, according to the content of this specification,
It can make many modifications and variations.These embodiments are chosen and specifically described to this specification, is in order to better explain the present invention
Principle and practical application, so that skilled artisan be enable to better understand and utilize the present invention.The present invention is only
It is limited by claims and its full scope and equivalent.
Claims (8)
1. a kind of hardware firewall detection device of universal serial bus, which is characterized in that including processor, storage device and
Firewall interface:
The processor is used to detect the data packet of universal serial bus transmission;The storage device is stored for data;
The firewall interface is divided into firewall interface one, firewall interface two, and local firewall is arranged at bus interface, real
Existing Distributed structure;
Wherein, firewall interface is equipped with the multistage security module that can dynamically update.
2. a kind of hardware firewall detection device of universal serial bus according to claim 1, which is characterized in that described
It is equipped with local password firewall at the data-interface of storage device, completes the protection to significant data.
3. a kind of hardware firewall detection device of universal serial bus according to claim 1, which is characterized in that described
Firewall interface is that packet filter firewall works in network layer, source and mesh to data packet IP there is identification and control action.
4. a kind of hardware firewall detection device of universal serial bus according to claim 1, which is characterized in that described
Firewall interface one is for code, the transmitting, monitoring of data, shared storage information;The firewall interface two for uart,
The monitoring of gpio, usb interface transmission;Wherein, the firewall interface one, firewall interface two carry out multitask isolation processing.
5. a kind of hardware firewall detection device of universal serial bus according to claim 1, which is characterized in that described
Processor obtains data packet, complete paired data Packet type and network address filtering by universal serial bus;In the processor
It is stored with multiple application programs.
6. a kind of hardware firewall detection device of universal serial bus according to claim 5, which is characterized in that described
Multiple application programs are executed by processor.
7. a kind of hardware firewall detection device of universal serial bus according to claim 5, which is characterized in that described
Multiple application programs are used for the analysis of data packet, complete the detection of virus and malicious attack and the processing of virus and malicious attack,
To treated, data are arranged.
8. a kind of hardware firewall detection device of universal serial bus according to claim 5, which is characterized in that described
Multiple application programs complete the encapsulation of data packet and the push of data packet by processor after completing data processing.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910172009.3A CN109981606A (en) | 2019-03-07 | 2019-03-07 | The hardware firewall detection device of universal serial bus |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910172009.3A CN109981606A (en) | 2019-03-07 | 2019-03-07 | The hardware firewall detection device of universal serial bus |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109981606A true CN109981606A (en) | 2019-07-05 |
Family
ID=67078142
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910172009.3A Pending CN109981606A (en) | 2019-03-07 | 2019-03-07 | The hardware firewall detection device of universal serial bus |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109981606A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111177765A (en) * | 2020-01-06 | 2020-05-19 | 广州知弘科技有限公司 | Financial big data processing method, storage medium and system |
CN112445958A (en) * | 2020-11-18 | 2021-03-05 | 厦门物之联智能科技有限公司 | Big data acquisition and storage system and method based on artificial intelligence |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101013406A (en) * | 2007-02-12 | 2007-08-08 | 北京飞天诚信科技有限公司 | Automatic-installable information safety equipment and control method thereof |
US20110154471A1 (en) * | 2009-12-23 | 2011-06-23 | Craig Anderson | Systems and methods for processing application firewall session information on owner core in multiple core system |
CN102138131A (en) * | 2009-08-03 | 2011-07-27 | 金士顿科技股份有限公司 | Universal serial bus - hardwate firewall (USB-HF) adaptor |
CN109274648A (en) * | 2018-08-28 | 2019-01-25 | 西安工业大学 | A kind of movable type cable firewall device |
-
2019
- 2019-03-07 CN CN201910172009.3A patent/CN109981606A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101013406A (en) * | 2007-02-12 | 2007-08-08 | 北京飞天诚信科技有限公司 | Automatic-installable information safety equipment and control method thereof |
CN102138131A (en) * | 2009-08-03 | 2011-07-27 | 金士顿科技股份有限公司 | Universal serial bus - hardwate firewall (USB-HF) adaptor |
US20110154471A1 (en) * | 2009-12-23 | 2011-06-23 | Craig Anderson | Systems and methods for processing application firewall session information on owner core in multiple core system |
CN109274648A (en) * | 2018-08-28 | 2019-01-25 | 西安工业大学 | A kind of movable type cable firewall device |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111177765A (en) * | 2020-01-06 | 2020-05-19 | 广州知弘科技有限公司 | Financial big data processing method, storage medium and system |
CN112445958A (en) * | 2020-11-18 | 2021-03-05 | 厦门物之联智能科技有限公司 | Big data acquisition and storage system and method based on artificial intelligence |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9942270B2 (en) | Database deception in directory services | |
CN109962891B (en) | Method, device and equipment for monitoring cloud security and computer storage medium | |
US11165812B2 (en) | Containment of security threats within a computing environment | |
CN106790091B (en) | Cloud safety protection system and flow cleaning method | |
EP3214568B1 (en) | Method, apparatus and system for processing cloud application attack behaviours in cloud computing system | |
US10476891B2 (en) | Monitoring access of network darkspace | |
US9769204B2 (en) | Distributed system for Bot detection | |
US9609019B2 (en) | System and method for directing malicous activity to a monitoring system | |
US9356950B2 (en) | Evaluating URLS for malicious content | |
KR101689295B1 (en) | Automated verification method of security event and automated verification apparatus of security event | |
TW201642618A (en) | System and method for threat-driven security policy controls | |
TW201642617A (en) | System and method for threat-driven security policy controls | |
WO2017139489A1 (en) | Automated honeypot provisioning system | |
US20100325685A1 (en) | Security Integration System and Device | |
CN104023034A (en) | Security defensive system and defensive method based on software-defined network | |
CN105991595A (en) | Network security protection method and device | |
WO2014094151A1 (en) | System and method for monitoring data in a client environment | |
WO2016081561A1 (en) | System and method for directing malicious activity to a monitoring system | |
Ko et al. | Management platform of threats information in IoT environment | |
CN113726790B (en) | Network attack source identification and blocking method, system, device and medium | |
CN104243442A (en) | Network access system, network protective equipment and terminal server | |
CN109981606A (en) | The hardware firewall detection device of universal serial bus | |
Ariffin et al. | API vulnerabilities in cloud computing platform: attack and detection | |
CN103067384A (en) | Threat processing method, system, linkage client, safety equipment and host | |
CN115086064A (en) | Large-scale network security defense system based on cooperative intrusion detection |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190705 |