CN110022301A - Firewall is used in internet of things equipment protection - Google Patents

Firewall is used in internet of things equipment protection Download PDF

Info

Publication number
CN110022301A
CN110022301A CN201910171953.7A CN201910171953A CN110022301A CN 110022301 A CN110022301 A CN 110022301A CN 201910171953 A CN201910171953 A CN 201910171953A CN 110022301 A CN110022301 A CN 110022301A
Authority
CN
China
Prior art keywords
service request
module
data
service
internet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910171953.7A
Other languages
Chinese (zh)
Inventor
胡磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Huaan Putt Network Technology Co Ltd
Original Assignee
Beijing Huaan Putt Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Huaan Putt Network Technology Co Ltd filed Critical Beijing Huaan Putt Network Technology Co Ltd
Priority to CN201910171953.7A priority Critical patent/CN110022301A/en
Publication of CN110022301A publication Critical patent/CN110022301A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a kind of internet of things equipment protection firewalls, are related to firewall technology field.In the present invention: service data is sent to threshold values monitoring unit by service request reception module;Service request handling module is configured as processing service data;Serve log analytical unit is configured as executing history service data analysis movement, and analysis result is sent to service request handling module and is handled;Service request handling module is connect with data cache module and service request feedback module respectively by data information uploading module.The present invention is by prejudging DDOS attack using threshold values monitoring unit, and pass through the identification of analysis and user's white list to serve log, priority processing is carried out to received service request, effective guarantee handles the normal service request of trusted users, at the same effectively prevent server because data processing amount is excessive cause servers go down the problem of.

Description

Firewall is used in internet of things equipment protection
Technical field
The invention belongs to firewall technology fields, more particularly to a kind of internet of things equipment protection firewall.
Background technique
Internet of things product is different from dedicated network electronic devices (such as computer, smart phone and tablet computer), it Major function is still offline task, and internet only plays the role of an enhancement information exchange.Unquestionably, on internet Thing can make our life more convenient, but it also can let us face new risk, the reason is that, most of Internet of Things Equipment lacks built-in security function, this makes them be highly susceptible to Malware and the attack of hacker, especially DDOS attack (distributed denial of service attack), server easily cause servers go down because of DDOS attack when handling service request information.
Summary of the invention
The purpose of the present invention is to provide a kind of internet of things equipment protection firewalls, by utilizing threshold values monitoring unit pair DDOS attack is prejudged, and by the identification of analysis and user's white list to serve log, is asked to received service Seek carry out priority processing, effective guarantee handles the normal service request of trusted users, while effectively preventing server Because data processing amount is excessive causes servers go down the problem of, solve existing server when handling service request information, The problem of easily causing servers go down because of DDOS attack.
In order to solve the above technical problems, the present invention is achieved by the following technical solutions:
The present invention is a kind of internet of things equipment protection firewall, comprising:
User terminal and service request receiving module, the service request reception module are configured as obtaining user terminal institute The service data of sending, and the service data is sent to threshold values monitoring unit;
Service request handling module, the service request handling module are configured as handling the service data;With And
Serve log analytical unit, it is dynamic that the serve log analytical unit is configured as execution history service data analysis Make, and analysis result is sent to service request handling module and is handled;
The service request handling module by data information uploading module respectively with data cache module and service request Feedback module connection.
Preferably, the threshold values monitoring unit is configured as executing supervisory control action to service request amount:
It is lower than threshold values in response to service request amount, then to user terminal back services request results;
It is higher than threshold values in response to service request amount, then opens modes of warning, and send alarm to service request handling module Signal.
It preferably, further include cloud, module is connect with serve log analytical unit by wireless communication in the cloud;It is described Serve log analytical unit includes user's white list and subscriber blacklist, and user's white list and subscriber blacklist are to user Degree of belief sorting module sends data information, and the users to trust degree sorting module is used to be handled according to history service data sequence Priority.
Preferably, service request handling process data is sent to serve log storage mould by the service request handling module Storage in block, the serve log memory module are connect by data information uploading module with serve log analytical unit.
Preferably, the data cache module is used to store the service order interrupted and process data.
The invention has the following advantages:
1, the present invention is by prejudging DDOS attack using threshold values monitoring unit, and passes through the analysis to serve log With the identification of user's white list, priority processing carried out to received service request, effective guarantee is to trusted users Normal service request processing, while effectively prevent server because data processing amount is excessive cause servers go down the problem of.
2, the present invention realizes the storage to the service data except priority by setting data cache module, It is handled convenient for the calling in server free or for future reference.
Certainly, it implements any of the products of the present invention and does not necessarily require achieving all the advantages described above at the same time.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, will be described below to embodiment required Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for ability For the those of ordinary skill of domain, without creative efforts, it can also be obtained according to these attached drawings other attached Figure.
Fig. 1 is a kind of internet of things equipment protection firewall logic figure of the invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts all other Embodiment shall fall within the protection scope of the present invention.
Refering to Figure 1, the present invention is a kind of internet of things equipment protection firewall, comprising:
User terminal and service request receiving module, service request reception module are configured as acquisition user terminal and are issued Service data, and service data is sent to threshold values monitoring unit;
Service request handling module, service request handling module are configured as processing service data;And
Serve log analytical unit, serve log analytical unit are configured as executing history service data analysis movement, and Analysis result is sent to service request handling module to handle;
Service request handling module is fed back with data cache module and service request respectively by data information uploading module Module connection.
Wherein, threshold values monitoring unit is configured as executing service request amount supervisory control action, and threshold values monitoring unit includes number According to traffic monitoring module:
It is lower than threshold values in response to service request amount, then to user terminal back services request results;
It is higher than threshold values in response to service request amount, then opens modes of warning, and send alarm to service request handling module Signal.
It wherein, further include cloud, module is connect with serve log analytical unit by wireless communication in cloud;Serve log point Analysing unit includes user's white list and subscriber blacklist, and user's white list and subscriber blacklist are to users to trust degree sorting module Data information is sent, users to trust degree sorting module is used for the processing priority that sorts according to history service data.
Wherein, service request handling process data is sent to serve log memory module memory by service request handling module Storage, serve log memory module are connect by data information uploading module with serve log analytical unit.
Wherein, data cache module is used to store the service order interrupted and process data.
One concrete application of the present embodiment are as follows: service request handling module obtains the service request that user terminal is issued Then data are monitored request amount by threshold values monitoring unit, if request amount exceeds threshold values, to service request handling mould Block sends signal;Serve log analytical unit obtains user's white list and subscriber blacklist by cloud, and combines serve log User that memory module is stored requests historical data to carry out the sequence processing of priority to the processing that user request, realizes pair Then the service request handling data of interruption are sent to data cache module by the priority processing of secure user request, be used for Data when the processor free time in called data buffer module are handled, and service request handling module is to the use with priority It requests that processing result is fed back to user terminal by service request feedback module after being handled in family.
It is worth noting that, included each unit is only drawn according to function logic in the above system embodiment Point, but be not limited to the above division, as long as corresponding functions can be realized;In addition, each functional unit is specific Title is also only for convenience of distinguishing each other, the protection scope being not intended to restrict the invention.
In addition, those of ordinary skill in the art will appreciate that realizing all or part of the steps in the various embodiments described above method It is that relevant hardware can be instructed to complete by program, corresponding program can store to be situated between in a computer-readable storage In matter, the storage medium, such as ROM/RAM, disk or CD.
Present invention disclosed above preferred embodiment is only intended to help to illustrate the present invention.There is no detailed for preferred embodiment All details are described, are not limited the invention to the specific embodiments described.Obviously, according to the content of this specification, It can make many modifications and variations.These embodiments are chosen and specifically described to this specification, is in order to better explain the present invention Principle and practical application, so that skilled artisan be enable to better understand and utilize the present invention.The present invention is only It is limited by claims and its full scope and equivalent.

Claims (5)

1. a kind of internet of things equipment protection firewall characterized by comprising
User terminal and service request receiving module, the service request reception module are configured as acquisition user terminal and are issued Service data, and the service data is sent to threshold values monitoring unit;
Service request handling module, the service request handling module are configured as handling the service data;And
Serve log analytical unit, the serve log analytical unit are configured as executing history service data analysis movement, and Analysis result is sent to service request handling module to handle;
The service request handling module is fed back with data cache module and service request respectively by data information uploading module Module connection.
2. a kind of internet of things equipment protection firewall according to claim 1, which is characterized in that the threshold values monitoring is single Member is configured as executing supervisory control action to service request amount:
It is lower than threshold values in response to service request amount, then to user terminal back services request results;
It is higher than threshold values in response to service request amount, then opens modes of warning, and send alarm signal to service request handling module.
3. a kind of internet of things equipment protection firewall according to claim 1, which is characterized in that it further include cloud, institute Stating cloud, module is connect with serve log analytical unit by wireless communication;
The serve log analytical unit includes user's white list and subscriber blacklist, user's white list and subscriber blacklist Data information is sent to users to trust degree sorting module, the users to trust degree sorting module is used for according to history service data Sort processing priority.
4. a kind of internet of things equipment protection firewall according to claim 1, which is characterized in that at the service request Service request handling process data is sent in serve log memory module by reason module to be stored, the serve log memory module It is connect by data information uploading module with serve log analytical unit.
5. a kind of internet of things equipment protection firewall according to claim 1, which is characterized in that the data buffer storage mould Block is used to store the service order interrupted and process data.
CN201910171953.7A 2019-03-07 2019-03-07 Firewall is used in internet of things equipment protection Pending CN110022301A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910171953.7A CN110022301A (en) 2019-03-07 2019-03-07 Firewall is used in internet of things equipment protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910171953.7A CN110022301A (en) 2019-03-07 2019-03-07 Firewall is used in internet of things equipment protection

Publications (1)

Publication Number Publication Date
CN110022301A true CN110022301A (en) 2019-07-16

Family

ID=67189338

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910171953.7A Pending CN110022301A (en) 2019-03-07 2019-03-07 Firewall is used in internet of things equipment protection

Country Status (1)

Country Link
CN (1) CN110022301A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114039738A (en) * 2020-07-21 2022-02-11 华为技术有限公司 Firewall rule configuration method and system, medium and electronic equipment thereof

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103856487A (en) * 2014-02-28 2014-06-11 汉柏科技有限公司 Method and system for protecting authorization DNS
CN105656962A (en) * 2014-11-11 2016-06-08 阿里巴巴集团控股有限公司 Service calling method and device
CN106713301A (en) * 2016-12-16 2017-05-24 四川长虹电器股份有限公司 Internet of Things security defense system for intelligent terminal
CN108156177A (en) * 2018-01-30 2018-06-12 国家电网公司 Information Network security postures based on big data perceive method for early warning
CN108174399A (en) * 2017-12-27 2018-06-15 瑞斯康达科技发展股份有限公司 Data processing method and system, the equipment of a kind of terminal device
US20180191675A1 (en) * 2016-12-30 2018-07-05 Fortinet, Inc. Security Fabric for Internet of Things (IOT)
CN108616534A (en) * 2018-04-28 2018-10-02 中国科学院信息工程研究所 A kind of method and system for protecting internet of things equipment ddos attack based on block chain

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103856487A (en) * 2014-02-28 2014-06-11 汉柏科技有限公司 Method and system for protecting authorization DNS
CN105656962A (en) * 2014-11-11 2016-06-08 阿里巴巴集团控股有限公司 Service calling method and device
CN106713301A (en) * 2016-12-16 2017-05-24 四川长虹电器股份有限公司 Internet of Things security defense system for intelligent terminal
US20180191675A1 (en) * 2016-12-30 2018-07-05 Fortinet, Inc. Security Fabric for Internet of Things (IOT)
CN108174399A (en) * 2017-12-27 2018-06-15 瑞斯康达科技发展股份有限公司 Data processing method and system, the equipment of a kind of terminal device
CN108156177A (en) * 2018-01-30 2018-06-12 国家电网公司 Information Network security postures based on big data perceive method for early warning
CN108616534A (en) * 2018-04-28 2018-10-02 中国科学院信息工程研究所 A kind of method and system for protecting internet of things equipment ddos attack based on block chain

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
丁玎: ""一种针对SDN架构网络的DoS攻击的防御策略"", 《中国优秀硕士学位论文全文数据库信息科技辑》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114039738A (en) * 2020-07-21 2022-02-11 华为技术有限公司 Firewall rule configuration method and system, medium and electronic equipment thereof
CN114039738B (en) * 2020-07-21 2023-02-03 华为技术有限公司 Firewall rule configuration method and system, medium and electronic equipment thereof

Similar Documents

Publication Publication Date Title
US11924170B2 (en) Methods and systems for API deception environment and API traffic control and security
US10432650B2 (en) System and method to protect a webserver against application exploits and attacks
US11671402B2 (en) Service resource scheduling method and apparatus
KR100942456B1 (en) Method for detecting and protecting ddos attack by using cloud computing and server thereof
US9148437B1 (en) Detecting adverse network conditions for a third-party network site
CN109617885B (en) Attack and subsidence host automatic judgment method and device, electronic equipment and storage medium
CN107645478B (en) Network attack defense system, method and device
CN108809749B (en) Performing upper layer inspection of a stream based on a sampling rate
CN105516081A (en) Method and system for issuing safety strategy by server and message queue middleware
CN107360122B (en) Method and device for preventing malicious request
EP3582463B1 (en) Threat detection method and apparatus
CN103384240B (en) A kind of P2P active defense method and system
CN104796406A (en) Method and device for identifying application
CN114301700B (en) Method, device, system and storage medium for adjusting network security defense scheme
CN110022301A (en) Firewall is used in internet of things equipment protection
US11063975B2 (en) Malicious content detection with retrospective reporting
US20120110665A1 (en) Intrusion Detection Within a Distributed Processing System
CN115208690A (en) Screening processing system based on data classification and classification
CN114285649A (en) Equipment protection method, system, protection equipment and computer readable storage medium
Iyengar et al. An effective layered load balance defensive mechanism against DDoS attacks in cloud computing environment
CN108471428B (en) DDoS attack active defense technology and equipment applied to CDN system
CN112351044A (en) Network security system based on big data
US20100157806A1 (en) Method for processing data packet load balancing and network equipment thereof
CN109327329B (en) Data model updating method and device
EP4181554A1 (en) Traffic control server and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190716

RJ01 Rejection of invention patent application after publication