CN110022301A - Firewall is used in internet of things equipment protection - Google Patents
Firewall is used in internet of things equipment protection Download PDFInfo
- Publication number
- CN110022301A CN110022301A CN201910171953.7A CN201910171953A CN110022301A CN 110022301 A CN110022301 A CN 110022301A CN 201910171953 A CN201910171953 A CN 201910171953A CN 110022301 A CN110022301 A CN 110022301A
- Authority
- CN
- China
- Prior art keywords
- service request
- module
- data
- service
- internet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a kind of internet of things equipment protection firewalls, are related to firewall technology field.In the present invention: service data is sent to threshold values monitoring unit by service request reception module;Service request handling module is configured as processing service data;Serve log analytical unit is configured as executing history service data analysis movement, and analysis result is sent to service request handling module and is handled;Service request handling module is connect with data cache module and service request feedback module respectively by data information uploading module.The present invention is by prejudging DDOS attack using threshold values monitoring unit, and pass through the identification of analysis and user's white list to serve log, priority processing is carried out to received service request, effective guarantee handles the normal service request of trusted users, at the same effectively prevent server because data processing amount is excessive cause servers go down the problem of.
Description
Technical field
The invention belongs to firewall technology fields, more particularly to a kind of internet of things equipment protection firewall.
Background technique
Internet of things product is different from dedicated network electronic devices (such as computer, smart phone and tablet computer), it
Major function is still offline task, and internet only plays the role of an enhancement information exchange.Unquestionably, on internet
Thing can make our life more convenient, but it also can let us face new risk, the reason is that, most of Internet of Things
Equipment lacks built-in security function, this makes them be highly susceptible to Malware and the attack of hacker, especially DDOS attack
(distributed denial of service attack), server easily cause servers go down because of DDOS attack when handling service request information.
Summary of the invention
The purpose of the present invention is to provide a kind of internet of things equipment protection firewalls, by utilizing threshold values monitoring unit pair
DDOS attack is prejudged, and by the identification of analysis and user's white list to serve log, is asked to received service
Seek carry out priority processing, effective guarantee handles the normal service request of trusted users, while effectively preventing server
Because data processing amount is excessive causes servers go down the problem of, solve existing server when handling service request information,
The problem of easily causing servers go down because of DDOS attack.
In order to solve the above technical problems, the present invention is achieved by the following technical solutions:
The present invention is a kind of internet of things equipment protection firewall, comprising:
User terminal and service request receiving module, the service request reception module are configured as obtaining user terminal institute
The service data of sending, and the service data is sent to threshold values monitoring unit;
Service request handling module, the service request handling module are configured as handling the service data;With
And
Serve log analytical unit, it is dynamic that the serve log analytical unit is configured as execution history service data analysis
Make, and analysis result is sent to service request handling module and is handled;
The service request handling module by data information uploading module respectively with data cache module and service request
Feedback module connection.
Preferably, the threshold values monitoring unit is configured as executing supervisory control action to service request amount:
It is lower than threshold values in response to service request amount, then to user terminal back services request results;
It is higher than threshold values in response to service request amount, then opens modes of warning, and send alarm to service request handling module
Signal.
It preferably, further include cloud, module is connect with serve log analytical unit by wireless communication in the cloud;It is described
Serve log analytical unit includes user's white list and subscriber blacklist, and user's white list and subscriber blacklist are to user
Degree of belief sorting module sends data information, and the users to trust degree sorting module is used to be handled according to history service data sequence
Priority.
Preferably, service request handling process data is sent to serve log storage mould by the service request handling module
Storage in block, the serve log memory module are connect by data information uploading module with serve log analytical unit.
Preferably, the data cache module is used to store the service order interrupted and process data.
The invention has the following advantages:
1, the present invention is by prejudging DDOS attack using threshold values monitoring unit, and passes through the analysis to serve log
With the identification of user's white list, priority processing carried out to received service request, effective guarantee is to trusted users
Normal service request processing, while effectively prevent server because data processing amount is excessive cause servers go down the problem of.
2, the present invention realizes the storage to the service data except priority by setting data cache module,
It is handled convenient for the calling in server free or for future reference.
Certainly, it implements any of the products of the present invention and does not necessarily require achieving all the advantages described above at the same time.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, will be described below to embodiment required
Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for ability
For the those of ordinary skill of domain, without creative efforts, it can also be obtained according to these attached drawings other attached
Figure.
Fig. 1 is a kind of internet of things equipment protection firewall logic figure of the invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts all other
Embodiment shall fall within the protection scope of the present invention.
Refering to Figure 1, the present invention is a kind of internet of things equipment protection firewall, comprising:
User terminal and service request receiving module, service request reception module are configured as acquisition user terminal and are issued
Service data, and service data is sent to threshold values monitoring unit;
Service request handling module, service request handling module are configured as processing service data;And
Serve log analytical unit, serve log analytical unit are configured as executing history service data analysis movement, and
Analysis result is sent to service request handling module to handle;
Service request handling module is fed back with data cache module and service request respectively by data information uploading module
Module connection.
Wherein, threshold values monitoring unit is configured as executing service request amount supervisory control action, and threshold values monitoring unit includes number
According to traffic monitoring module:
It is lower than threshold values in response to service request amount, then to user terminal back services request results;
It is higher than threshold values in response to service request amount, then opens modes of warning, and send alarm to service request handling module
Signal.
It wherein, further include cloud, module is connect with serve log analytical unit by wireless communication in cloud;Serve log point
Analysing unit includes user's white list and subscriber blacklist, and user's white list and subscriber blacklist are to users to trust degree sorting module
Data information is sent, users to trust degree sorting module is used for the processing priority that sorts according to history service data.
Wherein, service request handling process data is sent to serve log memory module memory by service request handling module
Storage, serve log memory module are connect by data information uploading module with serve log analytical unit.
Wherein, data cache module is used to store the service order interrupted and process data.
One concrete application of the present embodiment are as follows: service request handling module obtains the service request that user terminal is issued
Then data are monitored request amount by threshold values monitoring unit, if request amount exceeds threshold values, to service request handling mould
Block sends signal;Serve log analytical unit obtains user's white list and subscriber blacklist by cloud, and combines serve log
User that memory module is stored requests historical data to carry out the sequence processing of priority to the processing that user request, realizes pair
Then the service request handling data of interruption are sent to data cache module by the priority processing of secure user request, be used for
Data when the processor free time in called data buffer module are handled, and service request handling module is to the use with priority
It requests that processing result is fed back to user terminal by service request feedback module after being handled in family.
It is worth noting that, included each unit is only drawn according to function logic in the above system embodiment
Point, but be not limited to the above division, as long as corresponding functions can be realized;In addition, each functional unit is specific
Title is also only for convenience of distinguishing each other, the protection scope being not intended to restrict the invention.
In addition, those of ordinary skill in the art will appreciate that realizing all or part of the steps in the various embodiments described above method
It is that relevant hardware can be instructed to complete by program, corresponding program can store to be situated between in a computer-readable storage
In matter, the storage medium, such as ROM/RAM, disk or CD.
Present invention disclosed above preferred embodiment is only intended to help to illustrate the present invention.There is no detailed for preferred embodiment
All details are described, are not limited the invention to the specific embodiments described.Obviously, according to the content of this specification,
It can make many modifications and variations.These embodiments are chosen and specifically described to this specification, is in order to better explain the present invention
Principle and practical application, so that skilled artisan be enable to better understand and utilize the present invention.The present invention is only
It is limited by claims and its full scope and equivalent.
Claims (5)
1. a kind of internet of things equipment protection firewall characterized by comprising
User terminal and service request receiving module, the service request reception module are configured as acquisition user terminal and are issued
Service data, and the service data is sent to threshold values monitoring unit;
Service request handling module, the service request handling module are configured as handling the service data;And
Serve log analytical unit, the serve log analytical unit are configured as executing history service data analysis movement, and
Analysis result is sent to service request handling module to handle;
The service request handling module is fed back with data cache module and service request respectively by data information uploading module
Module connection.
2. a kind of internet of things equipment protection firewall according to claim 1, which is characterized in that the threshold values monitoring is single
Member is configured as executing supervisory control action to service request amount:
It is lower than threshold values in response to service request amount, then to user terminal back services request results;
It is higher than threshold values in response to service request amount, then opens modes of warning, and send alarm signal to service request handling module.
3. a kind of internet of things equipment protection firewall according to claim 1, which is characterized in that it further include cloud, institute
Stating cloud, module is connect with serve log analytical unit by wireless communication;
The serve log analytical unit includes user's white list and subscriber blacklist, user's white list and subscriber blacklist
Data information is sent to users to trust degree sorting module, the users to trust degree sorting module is used for according to history service data
Sort processing priority.
4. a kind of internet of things equipment protection firewall according to claim 1, which is characterized in that at the service request
Service request handling process data is sent in serve log memory module by reason module to be stored, the serve log memory module
It is connect by data information uploading module with serve log analytical unit.
5. a kind of internet of things equipment protection firewall according to claim 1, which is characterized in that the data buffer storage mould
Block is used to store the service order interrupted and process data.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910171953.7A CN110022301A (en) | 2019-03-07 | 2019-03-07 | Firewall is used in internet of things equipment protection |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910171953.7A CN110022301A (en) | 2019-03-07 | 2019-03-07 | Firewall is used in internet of things equipment protection |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110022301A true CN110022301A (en) | 2019-07-16 |
Family
ID=67189338
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910171953.7A Pending CN110022301A (en) | 2019-03-07 | 2019-03-07 | Firewall is used in internet of things equipment protection |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110022301A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114039738A (en) * | 2020-07-21 | 2022-02-11 | 华为技术有限公司 | Firewall rule configuration method and system, medium and electronic equipment thereof |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103856487A (en) * | 2014-02-28 | 2014-06-11 | 汉柏科技有限公司 | Method and system for protecting authorization DNS |
CN105656962A (en) * | 2014-11-11 | 2016-06-08 | 阿里巴巴集团控股有限公司 | Service calling method and device |
CN106713301A (en) * | 2016-12-16 | 2017-05-24 | 四川长虹电器股份有限公司 | Internet of Things security defense system for intelligent terminal |
CN108156177A (en) * | 2018-01-30 | 2018-06-12 | 国家电网公司 | Information Network security postures based on big data perceive method for early warning |
CN108174399A (en) * | 2017-12-27 | 2018-06-15 | 瑞斯康达科技发展股份有限公司 | Data processing method and system, the equipment of a kind of terminal device |
US20180191675A1 (en) * | 2016-12-30 | 2018-07-05 | Fortinet, Inc. | Security Fabric for Internet of Things (IOT) |
CN108616534A (en) * | 2018-04-28 | 2018-10-02 | 中国科学院信息工程研究所 | A kind of method and system for protecting internet of things equipment ddos attack based on block chain |
-
2019
- 2019-03-07 CN CN201910171953.7A patent/CN110022301A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103856487A (en) * | 2014-02-28 | 2014-06-11 | 汉柏科技有限公司 | Method and system for protecting authorization DNS |
CN105656962A (en) * | 2014-11-11 | 2016-06-08 | 阿里巴巴集团控股有限公司 | Service calling method and device |
CN106713301A (en) * | 2016-12-16 | 2017-05-24 | 四川长虹电器股份有限公司 | Internet of Things security defense system for intelligent terminal |
US20180191675A1 (en) * | 2016-12-30 | 2018-07-05 | Fortinet, Inc. | Security Fabric for Internet of Things (IOT) |
CN108174399A (en) * | 2017-12-27 | 2018-06-15 | 瑞斯康达科技发展股份有限公司 | Data processing method and system, the equipment of a kind of terminal device |
CN108156177A (en) * | 2018-01-30 | 2018-06-12 | 国家电网公司 | Information Network security postures based on big data perceive method for early warning |
CN108616534A (en) * | 2018-04-28 | 2018-10-02 | 中国科学院信息工程研究所 | A kind of method and system for protecting internet of things equipment ddos attack based on block chain |
Non-Patent Citations (1)
Title |
---|
丁玎: ""一种针对SDN架构网络的DoS攻击的防御策略"", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114039738A (en) * | 2020-07-21 | 2022-02-11 | 华为技术有限公司 | Firewall rule configuration method and system, medium and electronic equipment thereof |
CN114039738B (en) * | 2020-07-21 | 2023-02-03 | 华为技术有限公司 | Firewall rule configuration method and system, medium and electronic equipment thereof |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11924170B2 (en) | Methods and systems for API deception environment and API traffic control and security | |
US10432650B2 (en) | System and method to protect a webserver against application exploits and attacks | |
US11671402B2 (en) | Service resource scheduling method and apparatus | |
KR100942456B1 (en) | Method for detecting and protecting ddos attack by using cloud computing and server thereof | |
US9148437B1 (en) | Detecting adverse network conditions for a third-party network site | |
CN109617885B (en) | Attack and subsidence host automatic judgment method and device, electronic equipment and storage medium | |
CN107645478B (en) | Network attack defense system, method and device | |
CN108809749B (en) | Performing upper layer inspection of a stream based on a sampling rate | |
CN105516081A (en) | Method and system for issuing safety strategy by server and message queue middleware | |
CN107360122B (en) | Method and device for preventing malicious request | |
EP3582463B1 (en) | Threat detection method and apparatus | |
CN103384240B (en) | A kind of P2P active defense method and system | |
CN104796406A (en) | Method and device for identifying application | |
CN114301700B (en) | Method, device, system and storage medium for adjusting network security defense scheme | |
CN110022301A (en) | Firewall is used in internet of things equipment protection | |
US11063975B2 (en) | Malicious content detection with retrospective reporting | |
US20120110665A1 (en) | Intrusion Detection Within a Distributed Processing System | |
CN115208690A (en) | Screening processing system based on data classification and classification | |
CN114285649A (en) | Equipment protection method, system, protection equipment and computer readable storage medium | |
Iyengar et al. | An effective layered load balance defensive mechanism against DDoS attacks in cloud computing environment | |
CN108471428B (en) | DDoS attack active defense technology and equipment applied to CDN system | |
CN112351044A (en) | Network security system based on big data | |
US20100157806A1 (en) | Method for processing data packet load balancing and network equipment thereof | |
CN109327329B (en) | Data model updating method and device | |
EP4181554A1 (en) | Traffic control server and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190716 |
|
RJ01 | Rejection of invention patent application after publication |