CN110475227A - The method, apparatus of car networking protecting information safety, system, electronic equipment - Google Patents

The method, apparatus of car networking protecting information safety, system, electronic equipment Download PDF

Info

Publication number
CN110475227A
CN110475227A CN201910684559.3A CN201910684559A CN110475227A CN 110475227 A CN110475227 A CN 110475227A CN 201910684559 A CN201910684559 A CN 201910684559A CN 110475227 A CN110475227 A CN 110475227A
Authority
CN
China
Prior art keywords
emulation
vehicle device
network channel
trapping
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910684559.3A
Other languages
Chinese (zh)
Other versions
CN110475227B (en
Inventor
章赟杰
陈凯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Fanyi Shangxing Technology Co Ltd
Original Assignee
Shanghai Fanyi Shangxing Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Fanyi Shangxing Technology Co Ltd filed Critical Shanghai Fanyi Shangxing Technology Co Ltd
Priority to CN201910684559.3A priority Critical patent/CN110475227B/en
Publication of CN110475227A publication Critical patent/CN110475227A/en
Application granted granted Critical
Publication of CN110475227B publication Critical patent/CN110475227B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/088Access security using filters or firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/06Testing, supervising or monitoring using simulated traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a kind of method, apparatus of car networking protecting information safety, electronic equipment, emulation car machine information is sent to car networking service platform by first network channel by trapping node, receive the attack information from the first network channel, the attack information is sent to car networking protective platform by the second network channel, second network channel is the network channel being isolated with the first network channel.By initiatively utilizing emulation vehicle device analogue simulation vehicle device information, to the mode that attack information is traped, statistical sample quantity is reduced, efficiency is higher, attack information is sent by the second network channel, since the second network channel and first network channel are isolated, on the one hand, emulation vehicle device will not have an impact the normal vehicle device in car networking system, on the other hand, it is difficult to be attacked by attacker to the process that car networking protective platform sends attack information, it is highly-safe.

Description

The method, apparatus of car networking protecting information safety, system, electronic equipment
Technical field
The present invention relates to computer information processing fields, in particular to a kind of side of car networking protecting information safety Method, device, system, electronic equipment.
Background technique
Car networking is " automobile motive objects networking technology ", refers to the electronic label identification vehicle device by being loaded on vehicle, Using identification technologies such as less radio-frequencies, is realized by car networking service system and the attribute information of vehicle is extracted and effectively benefit With effectively being supervised to the operating status of vehicle and provide integrated service.
But car networking service system may suffer from attacking, so that information leakage is made even to service situations such as out of control, because This, with the rapid development of car networking technology, it is necessary to develop corresponding car networking safety protection technique.
Summary of the invention
This specification embodiment provides a kind of method, apparatus of car networking protecting information safety, system, electronic equipment, uses To solve the problems, such as that safety existing for existing car networking Protective Information Security Techniques is poor, efficiency is lower.
This specification embodiment provides a kind of method of car networking protecting information safety, comprising:
It traps node and emulation car machine information is sent to car networking service platform by first network channel;
Receive the attack information from the first network channel;
The attack information is sent to car networking protective platform by the second network channel, second network channel is The network channel being isolated with the first network channel.
In a kind of embodiment wherein, the first network channel is external network cannels, second network channel For internal network channels.
In a kind of embodiment wherein, the vehicle device information includes:
At least one of in the interactive information of the behavioural information for emulating vehicle device, status information and environment.
In a kind of embodiment wherein, sent out by first network channel to car networking service platform in the trapping node Before sending emulation car machine information, further includes:
The trapping node obtains the vehicle device by the emulation vehicle device for establishing decoupling communication connection with the trapping node Information.
In a kind of embodiment wherein, the trapping node is built by the second network channel and emulation trapping backstage Vertical communication connection makes emulation trapping backstage control institute according to emulator command or the received attack information of the trapping node The behavior of emulation vehicle device is stated, and vehicle device information is obtained according to the behavior of the emulation vehicle device;
The trapping node obtains the vehicle device by the emulation vehicle device for establishing decoupling communication connection with the trapping node Information, comprising:
The trapping node obtains the vehicle device from the virtualization vehicle device service of simulation backstage by the second network channel Information.
In a kind of embodiment wherein, which is characterized in that the M trapping node by the second network channel with it is described Communication connection is established on emulation trapping backstage, and the attack information for making emulation trapping backstage trap node forwarding according to M controls Each behavior for traping the corresponding emulation vehicle device of node, and vehicle device information, M > 2 are obtained according to the behavior of the emulation vehicle device.
In a kind of embodiment wherein, emulation trapping backstage is virtualization vehicle device service of simulation backstage.
In a kind of embodiment wherein, which is characterized in that the first network channel includes radio network information channel, described Second network channel is wire channel.
This specification embodiment provides a kind of device of car networking protecting information safety, comprising:
First network channel communication module is sent by first network channel to car networking service platform for traping node Emulation car machine information, for receiving the attack information from the first network channel;
Second network channel communication module is prevented for the attack information to be sent to car networking by the second network channel Protect platform, make the car networking protective platform according to the attack information carry out security protection, second network channel for The network channel that the first network channel is isolated.
In a kind of embodiment wherein, which is characterized in that the second network channel communication module, it is logical in the trapping node Cross first network channel to car networking service platform send emulation car machine information before, be also used to:
The trapping node is set to obtain the vehicle by the emulation vehicle device for establishing decoupling communication connection with the trapping node Machine information.
In a kind of embodiment wherein, the trapping node is built by the second network channel and emulation trapping backstage Vertical communication connection makes emulation trapping backstage control institute according to emulator command or the received attack information of the trapping node The behavior of emulation vehicle device is stated, and vehicle device information is obtained according to the behavior of the emulation vehicle device;
The trapping node obtains the vehicle device by the emulation vehicle device for establishing decoupling communication connection with the trapping node Information, comprising:
The trapping node obtains the vehicle device from the virtualization vehicle device service of simulation backstage by the second network channel Information.
In a kind of embodiment wherein, after the M trapping node is by the second network channel and emulation trapping Platform establishes communication connection, and the attack information for making emulation trapping backstage trap node forwarding according to M controls each trapping node The behavior of corresponding emulation vehicle device, and vehicle device information, M > 2 are obtained according to the behavior of the emulation vehicle device.
This specification embodiment provides a kind of system of car networking protecting information safety, comprising: trapping node, emulation trapping From the background, vehicle device and car networking protective platform are emulated;
Emulation trapping backstage is established with the emulation vehicle device to be communicated to connect, and is sent behavior to the emulation vehicle device and is referred to It enables, and acquires the emulation car machine information of the emulation vehicle device;
The trapping node is established and is communicated to connect by the second network channel and emulation trapping backstage, described in obtaining Emulation car machine information;
The trapping node is established by first network channel and car networking service platform and is communicated to connect, and first network is passed through Channel sends emulation car machine information to car networking service platform, and receives the attack information from the first network channel, institute Stating the second network channel is the network channel being isolated with the first network channel;
The trapping node also passes through the second network channel and the car networking protective platform is established and communicated to connect, will be described It attacks information and car networking protective platform is sent to by the second network channel.
In a kind of embodiment wherein, the veneer including at least one M trapping node having, M emulation vehicle device, M>2;
The trapping node also passes through the second network channel and the car networking protective platform is established and communicated to connect, and also wraps It includes:
M trapping node is established and is communicated to connect by the second network channel and emulation trapping backstage, and the emulation is made The attack information that node forwarding is traped according to M in trapping backstage controls the behavior of the corresponding emulation vehicle device of each trapping node.
This specification embodiment also provides a kind of electronic equipment, wherein the electronic equipment includes:
Processor;And
The memory of computer executable instructions is stored, the executable instruction when executed executes the processor The method that this specification any embodiment is recorded.
This specification embodiment also provides a kind of computer readable storage medium, wherein the computer-readable storage medium Matter stores one or more programs, and one or more of programs when being executed by a processor, realize specification any embodiment Record method.
By initiatively being reduced using emulation vehicle device analogue simulation vehicle device information to the mode that attack information is traped Statistical sample quantity, efficiency is higher, attack information is sent by the second network channel, due to the second network channel and the first net Network channel is isolated, therefore, on the one hand, emulation vehicle device will not have an impact the normal vehicle device in car networking system, another party Face, the process for sending attack information to car networking protective platform is difficult to be attacked by attacker, highly-safe.
Detailed description of the invention
In order to keep technical problem solved by the invention, the technological means of use and the technical effect of acquirement clearer, Detailed description of the present invention specific embodiment below with reference to accompanying drawings.But it need to state, drawings discussed below is only this The attached drawing of invention exemplary embodiment of the present, to those skilled in the art, before not making the creative labor It puts, the attached drawing of other embodiments can be obtained according to these attached drawings.
Fig. 1 is a kind of schematic illustration of the system for car networking protecting information safety that this specification embodiment provides;
Fig. 2 is a kind of schematic illustration of the system for car networking protecting information safety that this specification embodiment provides;
Fig. 3 is a kind of schematic illustration of the system for car networking protecting information safety that this specification embodiment provides;
Fig. 4 is a kind of schematic illustration of the method for car networking protecting information safety that this specification embodiment provides;
Fig. 5 is a kind of schematic illustration of the device for car networking protecting information safety that this specification embodiment provides;
Fig. 6 is the structural schematic diagram for a kind of electronic equipment that this specification embodiment provides;
Fig. 7 is a kind of schematic illustration for computer-readable medium that this specification embodiment provides.
Specific embodiment
The protection of prior art squadron car networking information security mainly reduces the general of information leakage by setting firewall Rate, and the abnormal behaviour of car-mounted terminal is detected, to obtain attack information and then analytical attack behavior, but this side Formula is substantially to analyze after attack generation attack, and a large amount of statistical sample is needed therefore to compare Passively, safety is poor, efficiency is lower.
Therefore, it is necessary to propose a kind of protecting information safety method that safety is good, high-efficient.
A kind of method that this specification embodiment proposes car networking protecting information safety passes through the first net by trapping node Network channel sends emulation car machine information to car networking service platform, receives the attack information from the first network channel, will The attack information is sent to car networking protective platform by the second network channel, makes the car networking protective platform according to It attacks information and carries out security protection, second network channel is the network channel being isolated with the first network channel.It is logical It crosses and statistical sample initiatively is reduced to the mode that attack information is traped using emulation vehicle device analogue simulation vehicle device information Quantity, efficiency is higher, attack information is sent by the second network channel, since the second network channel and first network channel are separated by From therefore, on the one hand, emulation vehicle device will not have an impact the normal vehicle device in car networking system, on the other hand, to car networking The process that protective platform sends attack information is difficult to be attacked by attacker, highly-safe.
Exemplary embodiment of the present invention is described more fully with reference to the drawings.However, exemplary embodiment can Implement in a variety of forms, and is understood not to that present invention is limited only to embodiments set forth herein.On the contrary, it is exemplary to provide these Embodiment enables to the present invention more full and complete, easily facilitates the technology that inventive concept is comprehensively communicated to this field Personnel.Identical appended drawing reference indicates same or similar element, component or part in figure, thus will omit weight to them Multiple description.
Under the premise of meeting technical concept of the invention, the feature described in some specific embodiment, structure, spy Property or other details be not excluded for can be combined in any suitable manner in one or more other embodiments.
In the description for specific embodiment, feature, structure, characteristic or the other details that the present invention describes are to make Those skilled in the art fully understands embodiment.But, it is not excluded that those skilled in the art can practice this hair Bright technical solution is one or more without special characteristic, structure, characteristic or other details.
Flow chart shown in the drawings is merely illustrative, it is not necessary to including all content and operation/step, It is not required to execute by described sequence.For example, some operation/steps can also decompose, and some operation/steps can close And or part merge, therefore the sequence actually executed is possible to change according to the actual situation.
Block diagram shown in the drawings is only functional entity, not necessarily must be corresponding with physically separate entity. I.e., it is possible to realize these functional entitys using software form, or realized in one or more hardware modules or integrated circuit These functional entitys, or these functional entitys are realized in heterogeneous networks and/or processor device and/or microcontroller device.
Although it should be understood that may indicate the attribute of number using first, second, third, etc. to describe various devices herein Part, element, component or part, but this should not be limited by these attributes.These attributes are to distinguish one and another one.Example Such as, the first device is also referred to as the second device without departing from the technical solution of essence of the invention.
Term "and/or" or " and/or " include the associated all combinations for listing any of project or more persons.
Fig. 1 is a kind of schematic illustration of the system for car networking protecting information safety that this specification embodiment provides.It should System includes:
Node 101, car networking protective platform 102 are traped, emulation trapping backstage 103 emulates vehicle device 104;
Wherein, emulation trapping backstage 103 is established with the emulation vehicle device 104 communicates to connect, and sends row to emulation vehicle device 104 To instruct, and acquire the emulation car machine information of the emulation vehicle device 104;
Node 101 is traped to establish and communicate to connect by the second network channel and emulation trapping backstage 103, it is described imitative to obtain True vehicle device information;
It traps node 101 and communication connection is established by first network channel and car networking service platform 20, make to trap node 101 send emulation car machine information to car networking service platform 20 by first network channel, and receive and come from the first network The attack information of channel, second network channel are the network channel being isolated with the first network channel;
It traps node 101 and communication connection is also established by the second network channel and car networking protective platform 102, save trapping The attack information is sent to car networking protective platform 102 by the second network channel by point 101.
In this specification embodiment, emulation car machine information may include the behavioural information of the emulation vehicle device, state letter At least one of in the interactive information of breath and environment.
The system may include several links at work:
Link is forged in emulation: trapping node 101, and emulation trapping platform, emulation vehicle device is connected by establishing communication connection Into car networking service platform, to forge the process that normal vehicle device and car networking service platform interact, so as to lure into Attacker implements to attack to them.
It obtains attack information link: forging normal vehicle device and during car networking service platform interacts, if forging Person attacks trapping node, then traps node and obtain attack information, and be transmitted to car networking protective platform.
Since first network channel is isolated with the second network channel, attacker is difficult to or this emulation lures Behavior is caught, security threat will not be generated to normal vehicle device;Attack information is obtained in a manner of emulating trapping, statistical sample has Specific aim, statistic is smaller, therefore, in this way, efficiently and safely obtaining attack information.Pass through analytical attack information, it will be appreciated that Tool and method used in attacker, thus it is speculated that attack intension and motivation can allow protector clearly to understand them and be faced Security threat, and enhance by technology and management means the security protection ability of real system.
In this specification embodiment, emulation trapping platform to emulation vehicle device control, can be according to emulator command into Row control can also be controlled according to attack instruction, is not particularly limited herein, for example, the links in Fig. 1 can be with structure It is recycled at one, it is every to carry out a circulation, primary attack information can be obtained, in actual application scenarios, this can be with needle Security protection is carried out to the continuous attack of attacker.
By analysis it has also been discovered that this programme is not the simple direct normal vehicle device using in car networking service platform Emulation forgery is carried out, this is because it has been found which, which exists, makes to trap the risk that link influences normal vehicle device, Its basic reason be by normal vehicle device carry out emulation trapping attack information in the way of, be substantially using normal vehicle device and Che Lian The original network communication channel of net service platform is traped, and this discovery is formally based on, and applicant proposes to utilize and the first net Second network channel of network channel isolation carries out emulation trapping, is thought deeply around this thought, and just having obtained 10, this is complete Whole system, therefore, applicant propose above system and corresponding method and non-obvious.
For the system by the way that the trapping node of forwarding attack information and emulation vehicle device is separately positioned, it is flat to emulate trapping to make it Platform is communicated as transfer, is realized: using a variety of channels will emulate vehicle device be placed in various environment while, due to luring The channel for catching node and emulation trapping platform is to can be set with first network channel isolation, emulation vehicle device in various environment In, so as to more advantageously obtain comprehensive emulation car machine information, emulation vehicle device is difficult to return the vehicle to the garage and knock off in the Internet services platform and attacks The control for the person of hitting can be improved flexibility, the safety of setting, reduce the influence to normal vehicle device.
In this specification embodiment, system 10 may include a veneer of M trapping node having, M emulation Vehicle device, M > 2;
The trapping node also passes through the second network channel and the car networking protective platform is established and communicated to connect, and also wraps It includes:
M trapping node is established and is communicated to connect by the second network channel and emulation trapping backstage, and the emulation is made The attack information that node forwarding is traped according to M in trapping backstage controls the behavior of the corresponding emulation vehicle device of each trapping node.
An analog veneer is allowed to simulate multiple trapping nodes by trapping node and emulation trapping backstage decoupling, it is right It is few to run resource requirement, cost is greatly saved.
In this specification embodiment, trapping node can have SIM (Subscriber Identity Module client Identification module) or with SIM SIM network is collectively formed, in this way, trapping node, which can pass through signal tower, accesses car networking service Platform, this channel can be used as, first network channel.
In this specification embodiment, car networking service platform can be deployed in Cloud Server, do not do specifically explain herein It states.
Fig. 2 is a kind of schematic illustration of the system for car networking protecting information safety that this specification embodiment provides, and is shown The schematic illustration of a kind of first network channel and the second network channel is gone out.
In Fig. 2, first network channel includes the radio network information channel being made of signal tower, is external mobile network, the Two network channels indicate that trapping node is passing through as normal user's locomotive except external mobile network's access internet, also Trapping system is accessed by internal network and manages console, and the second network channel can be internal network channels such as by emulation car The channel in local area network that machine, trapping node, emulation trapping backstage are formed by way of cable network, wherein trapping management System control position may include car networking protective platform or emulation trapping platform, not shown in FIG. 2 other in system 10 Part is not specifically described herein.
Fig. 3 is a kind of schematic illustration of the system for car networking protecting information safety that this specification embodiment provides, and is shown Go out trapping node and emulates the Principle of Communication schematic diagram of locomotive.
In Fig. 3, a SIM is configured for each trapping node, is that each trapping node forms independent network, this is multiple SIM is located in a veneer, realizes integrated, another aspect, trapping node passes through network implementations (can see with analogue simulation container Make emulation locomotive) decoupling connection, improve flexibility,
Certainly, other parts not shown in FIG. 3 in system 10 are not specifically described herein.
Based on the same inventive concept, this specification embodiment also provides a kind of method of car networking protecting information safety.
Fig. 4 is a kind of schematic illustration of the method for car networking protecting information safety that this specification embodiment provides.It should Method includes:
S401: trapping node sends emulation car machine information to car networking service platform by first network channel.
S402: the attack information from the first network channel is received.
S403: the attack information is sent to car networking protective platform by the second network channel, makes the car networking Protective platform carries out security protection according to the attack information, and second network channel is to be separated by with the first network channel From network channel.
By initiatively being reduced using emulation vehicle device analogue simulation vehicle device information to the mode that attack information is traped Statistical sample quantity, efficiency is higher, attack information is sent by the second network channel, due to the second network channel and the first net Network channel is isolated, therefore, on the one hand, emulation vehicle device will not have an impact the normal vehicle device in car networking system, another party Face, the process for sending attack information to car networking protective platform is difficult to be attacked by attacker, highly-safe.
On the other hand, by by the trapping node of forwarding attack information and emulation vehicle device it is separately positioned, make its with emulation lure Catch platform to be communicated as transfer, realize: using a variety of channels will emulate vehicle device be placed in various environment while, by It is therefore to emulate vehicle device with first network channel isolation and do not return the vehicle to the garage and knock off directly in the channel of trapping node and emulation trapping platform Flexibility, the safety of setting has can be improved, so as to more advantageously obtain in the control of attacker in the Internet services platform Comprehensive emulation car machine information is obtained, the influence to normal vehicle device is reduced.
Pass through analytical attack information, it will be appreciated that tool and method used in attacker, thus it is speculated that attack intension and motivation, Protector can be allowed clearly to understand the security threat that they are faced, and real system is enhanced by technology and management means Security protection ability.
In this specification embodiment, the first network channel is external network cannels, and second network channel is Internal network channels.
In a kind of embodiment wherein, the vehicle device information includes:
At least one of in the interactive information of the behavioural information for emulating vehicle device, status information and environment.
In a kind of embodiment wherein, sent out by first network channel to car networking service platform in the trapping node Before sending emulation car machine information, further includes:
The trapping node obtains the vehicle device by the emulation vehicle device for establishing decoupling communication connection with the trapping node Information.
In a kind of embodiment wherein, the trapping node is built by the second network channel and emulation trapping backstage Vertical communication connection makes emulation trapping backstage control institute according to emulator command or the received attack information of the trapping node The behavior of emulation vehicle device is stated, and vehicle device information is obtained according to the behavior of the emulation vehicle device;
The trapping node obtains the vehicle device by the emulation vehicle device for establishing decoupling communication connection with the trapping node Information, comprising:
The trapping node obtains the vehicle device from the virtualization vehicle device service of simulation backstage by the second network channel Information.
In a kind of embodiment wherein, which is characterized in that the M trapping node by the second network channel with it is described Communication connection is established on emulation trapping backstage, and the attack information for making emulation trapping backstage trap node forwarding according to M controls Each behavior for traping the corresponding emulation vehicle device of node, and vehicle device information, M > 2 are obtained according to the behavior of the emulation vehicle device.
In a kind of embodiment wherein, emulation trapping backstage is virtualization vehicle device service of simulation backstage.
In a kind of embodiment wherein, which is characterized in that the first network channel includes radio network information channel, described Second network channel is wire channel.
It should be understood that in Fig. 2 embodiment method, can with discuss Fig. 1 in system when embodiment in method It combines, is not repeating to illustrate herein.
It will be understood by those skilled in the art that realizing that all or part of the steps of above-described embodiment is implemented as by computer The program (computer program) that data processing equipment executes.It is performed in the computer program, offer of the present invention is provided The above method.Moreover, the computer program can store in computer readable storage medium, which can be with It is the readable storage medium storing program for executing such as disk, CD, ROM, RAM, is also possible to the storage array of multiple storage medium compositions, such as disk Or tape storage array.The storage medium is not limited to centralised storage, is also possible to distributed storage, such as based on cloud The cloud storage of calculating.
Based on the same inventive concept, this specification embodiment also provides a kind of device of car networking protecting information safety.
The device of the invention embodiment is described below, which can be used for executing embodiment of the method for the invention.For Details described in apparatus of the present invention embodiment should be regarded as the supplement for above method embodiment;For in apparatus of the present invention Undisclosed details in embodiment is referred to above method embodiment to realize.
Fig. 5 is a kind of structural schematic diagram of the device for car networking protecting information safety that this specification embodiment provides, should Device may include:
First network channel communication module 501 passes through first network channel to car networking service platform for traping node Emulation car machine information is sent, the attack information from the first network channel is received;
Second network channel communication module 502, for the attack information to be sent to vehicle connection by the second network channel Net protective platform makes the car networking protective platform carry out security protection, second network channel according to the attack information For the network channel being isolated with the first network channel.
In a kind of embodiment wherein, which is characterized in that the second network channel communication module, it is logical in the trapping node Cross first network channel to car networking service platform send emulation car machine information before, be also used to:
The trapping node is set to obtain the vehicle by the emulation vehicle device for establishing decoupling communication connection with the trapping node Machine information.
In a kind of embodiment wherein, the trapping node is built by the second network channel and emulation trapping backstage Vertical communication connection makes emulation trapping backstage control institute according to emulator command or the received attack information of the trapping node The behavior of emulation vehicle device is stated, and vehicle device information is obtained according to the behavior of the emulation vehicle device;
The trapping node obtains the vehicle device by the emulation vehicle device for establishing decoupling communication connection with the trapping node Information, comprising:
The trapping node obtains the vehicle device from the virtualization vehicle device service of simulation backstage by the second network channel Information.
In a kind of embodiment wherein, after the M trapping node is by the second network channel and emulation trapping Platform establishes communication connection, and the attack information for making emulation trapping backstage trap node forwarding according to M controls each trapping node The behavior of corresponding emulation vehicle device, and vehicle device information, M > 2 are obtained according to the behavior of the emulation vehicle device.
It should be appreciated that device shown in fig. 5 can be used for executing the above-mentioned each reality recorded in this specification embodiment Apply the method in example.
It will be understood by those skilled in the art that each module in above-mentioned apparatus embodiment can be distributed in device according to description In, corresponding change can also be carried out, is distributed in one or more devices different from above-described embodiment.The mould of above-described embodiment Block can be merged into a module, can also be further split into multiple submodule.
Based on the same inventive concept, this specification embodiment also provides a kind of electronic equipment.
Electronic equipment embodiment of the invention is described below, which can be considered as the method for aforementioned present invention With the specific entity embodiment of Installation practice.For details described in electronic equipment embodiment of the present invention, should be regarded as pair In the above method or the supplement of Installation practice;For undisclosed details, Ke Yican in electronic equipment embodiment of the present invention It is realized according to the above method or Installation practice.
Fig. 6 is the structural schematic diagram for a kind of electronic equipment that this specification embodiment provides.Root is described referring to Fig. 6 According to the electronic equipment 600 of this embodiment of the invention.The electronic equipment 600 that Fig. 6 is shown is only an example, should not be to the present invention The function and use scope of embodiment bring any restrictions.
As shown in fig. 6, electronic equipment 600 is showed in the form of universal computing device.The component of electronic equipment 600 can wrap It includes but is not limited to: at least one processing unit 610, at least one storage unit 620, (including the storage of the different system components of connection Unit 620 and processing unit 610) bus 630, display unit 640 etc..
Wherein, the storage unit is stored with program code, and said program code can be held by the processing unit 610 Row, so that the processing unit 610 executes described in this specification above-mentioned electronic prescription circulation processing method part according to this The step of inventing various illustrative embodiments.For example, the processing unit 610 can execute step as shown in Figure 1.
The storage unit 620 may include the readable medium of volatile memory cell form, such as random access memory Unit (RAM) 6201 and/or cache memory unit 6202 can further include read-only memory unit (ROM) 6203.
The storage unit 620 can also include program/practical work with one group of (at least one) program module 6205 Tool 6204, such program module 6205 includes but is not limited to: operating system, one or more application program, other programs It may include the realization of network environment in module and program data, each of these examples or certain combination.
Bus 630 can be to indicate one of a few class bus structures or a variety of, including storage unit bus or storage Cell controller, peripheral bus, graphics acceleration port, processing unit use any bus structures in a variety of bus structures Local bus.
Electronic equipment 600 can also be with one or more external equipments 700 (such as keyboard, sensing equipment, bluetooth equipment Deng) communication, can also be enabled a user to one or more equipment interact with the electronic equipment 600 communicate, and/or with make Any equipment (such as the router, modulation /demodulation that the electronic equipment 600 can be communicated with one or more of the other calculating equipment Device etc.) communication.This communication can be carried out by input/output (I/O) interface 650.Also, electronic equipment 600 can be with By network adapter 660 and one or more network (such as local area network (LAN), wide area network (WAN) and/or public network, Such as internet) communication.Network adapter 660 can be communicated by bus 630 with other modules of electronic equipment 600.It should Understand, although being not shown in Fig. 6, other hardware and/or software module can be used in conjunction with electronic equipment 600, including unlimited In: microcode, device driver, redundant processing unit, external disk drive array, RAID system, tape drive and number According to backup storage system etc..
Through the above description of the embodiments, those skilled in the art it can be readily appreciated that the present invention describe it is exemplary Embodiment can also be realized by software realization in such a way that software is in conjunction with necessary hardware.Therefore, according to this hair The technical solution of bright embodiment can be embodied in the form of software products, which can store calculates at one In the readable storage medium of machine (can be CD-ROM, USB flash disk, mobile hard disk etc.) or on network, including some instructions are so that one Platform calculates equipment (can be personal computer, server or network equipment etc.) and executes according to the above method of the present invention.When When the computer program is executed by a data processing equipment so that the computer-readable medium can be realized it is of the invention upper State method, it may be assumed that method as shown in Figure 1.
Fig. 7 is a kind of schematic illustration for computer-readable medium that this specification embodiment provides.
The computer program can store on one or more computer-readable mediums.Computer-readable medium can be with It is readable signal medium or readable storage medium storing program for executing.Readable storage medium storing program for executing for example can be but be not limited to electricity, magnetic, optical, electromagnetic, red The system of outside line or semiconductor, device or device, or any above combination.The more specific example of readable storage medium storing program for executing (non exhaustive list) includes: the electrical connection with one or more conducting wires, portable disc, hard disk, random access memory (RAM), read-only memory (ROM), erasable programmable read only memory (EPROM or flash memory), optical fiber, portable compact disc Read memory (CD-ROM), light storage device, magnetic memory device or above-mentioned any appropriate combination.
The computer readable storage medium may include in a base band or the data as the propagation of carrier wave a part are believed Number, wherein carrying readable program code.The data-signal of this propagation can take various forms, including but not limited to electromagnetism Signal, optical signal or above-mentioned any appropriate combination.Readable storage medium storing program for executing can also be any other than readable storage medium storing program for executing Readable medium, the readable medium can send, propagate or transmit for by instruction execution system, device or device use or Person's program in connection.The program code for including on readable storage medium storing program for executing can transmit with any suitable medium, packet Include but be not limited to wireless, wired, optical cable, RF etc. or above-mentioned any appropriate combination.
The program for executing operation of the present invention can be write with any combination of one or more programming languages Code, described program design language include object oriented program language-Java, C++ etc., further include conventional Procedural programming language-such as " C " language or similar programming language.Program code can be fully in user It calculates and executes in equipment, partly executes on a user device, being executed as an independent software package, partially in user's calculating Upper side point is executed on a remote computing or is executed in remote computing device or server completely.It is being related to far Journey calculates in the situation of equipment, and remote computing device can pass through the network of any kind, including local area network (LAN) or wide area network (WAN), it is connected to user calculating equipment, or, it may be connected to external computing device (such as utilize ISP To be connected by internet).
In conclusion the present invention can be implemented in hardware, or the software to run on one or more processors Module is realized, or is implemented in a combination thereof.It will be understood by those of skill in the art that micro process can be used in practice The communications data processing units such as device or digital signal processor (DSP) come realize according to embodiments of the present invention in it is some or The some or all functions of whole components.The present invention is also implemented as a part for executing method as described herein Or whole device or device program (for example, computer program and computer program product).Such realization present invention Program can store on a computer-readable medium, or may be in the form of one or more signals.Such letter It number can be downloaded from an internet website to obtain, be perhaps provided on the carrier signal or be provided in any other form.
Particular embodiments described above has carried out further in detail the purpose of the present invention, technical scheme and beneficial effects It describes in detail bright, it should be understood that the present invention is not inherently related to any certain computer, virtual bench or electronic equipment, various The present invention also may be implemented in fexible unit.The above is only a specific embodiment of the present invention, is not limited to this hair Bright, all within the spirits and principles of the present invention, any modification, equivalent substitution, improvement and etc. done should be included in the present invention Protection scope within.

Claims (16)

1. a kind of method of car networking protecting information safety, comprising:
It traps node and emulation car machine information is sent to car networking service platform by first network channel;
Receive the attack information from the first network channel;
The attack information is sent to car networking protective platform by the second network channel, makes the car networking protective platform root Security protection is carried out according to the attack information, second network channel is that the network being isolated with the first network channel is believed Road.
2. according to the method described in claim 1, the first network channel is external network cannels, second network channel For internal network channels.
3. the method according to claim 1, which is characterized in that the vehicle device information includes:
At least one of in the interactive information of the behavioural information for emulating vehicle device, status information and environment.
4. the method according to claim 1, wherein passing through first network channel to Che Lian in the trapping node Net service platform is sent before emulation car machine information, further includes:
The trapping node obtains the vehicle device information by the emulation vehicle device for establishing decoupling communication connection with the trapping node.
5. according to the method described in claim 4, the trapping node passes through the second network channel and emulation trapping backstage Communication connection is established, controls emulation trapping backstage according to emulator command or the received attack information of the trapping node The behavior of the emulation vehicle device, and vehicle device information is obtained according to the behavior of the emulation vehicle device;
The trapping node obtains the vehicle device information by the emulation vehicle device for establishing decoupling communication connection with the trapping node, Include:
The trapping node obtains the vehicle device information from the virtualization vehicle device service of simulation backstage by the second network channel.
6. according to the method described in claim 5, it is characterized in that, the M trapping node passes through the second network channel and institute It states emulation trapping backstage and establishes communication connection, emulation trapping backstage is made to trap the attack information control of node forwarding according to M The behavior of the corresponding emulation vehicle device of each trapping node is made, and vehicle device information, M > 2 are obtained according to the behavior of the emulation vehicle device.
7. according to the method described in claim 3, emulation trapping backstage is virtualization vehicle device service of simulation backstage.
8. according to the method described in claim 2, it is characterized in that, the first network channel includes radio network information channel, institute Stating the second network channel is wire channel.
9. a kind of device of car networking protecting information safety, comprising:
First network channel communication module is imitated for sending trapping node to car networking service platform by first network channel True vehicle device information, for receiving the attack information from the first network channel;
Second network channel communication module, it is flat for the attack information to be sent to car networking protection by the second network channel Platform, make the car networking protective platform according to the attack information carry out security protection, second network channel be with it is described The network channel that first network channel is isolated.
10. device according to claim 9, which is characterized in that the second network channel communication module, in the trapping node Before sending emulation car machine information to car networking service platform by first network channel, it is also used to:
Make the trapping node obtain the vehicle device by the emulation vehicle device for establishing decoupling communication connection with the trapping node to believe Breath.
11. device according to claim 10, after the trapping node is by the second network channel and emulation trapping Platform establishes communication connection, makes emulation trapping backstage according to emulator command or the received attack information control of the trapping node The behavior of the emulation vehicle device is made, and vehicle device information is obtained according to the behavior of the emulation vehicle device;
The trapping node obtains the vehicle device information by the emulation vehicle device for establishing decoupling communication connection with the trapping node, Include:
The trapping node obtains the vehicle device information from the virtualization vehicle device service of simulation backstage by the second network channel.
12. device according to claim 11, which is characterized in that the M trapping node by the second network channel with Communication connection is established on emulation trapping backstage, and emulation trapping backstage is made to trap the attack information of node forwarding according to M The behavior of the corresponding emulation vehicle device of each trapping node is controlled, and vehicle device information, M > 2 are obtained according to the behavior of the emulation vehicle device.
13. a kind of system of car networking protecting information safety, comprising: trapping node, emulation trapping backstage emulate vehicle device and Che Lian Net protective platform;
Emulation trapping backstage is established with the emulation vehicle device to be communicated to connect, and sends behavior command to the emulation vehicle device, and Acquire the emulation car machine information of the emulation vehicle device;
The trapping node is established and is communicated to connect by the second network channel and emulation trapping backstage, to obtain the emulation Vehicle device information;
The trapping node is established by first network channel and car networking service platform and is communicated to connect, and first network channel is passed through Emulation car machine information is sent to car networking service platform, and receives the attack information from the first network channel, described the Two network channels are the network channel being isolated with the first network channel;
The trapping node also passes through the second network channel and the car networking protective platform is established and communicated to connect, by the attack Information is sent to car networking protective platform by the second network channel.
14. system according to claim 10, which is characterized in that the list including at least one M trapping node having Plate, M emulation vehicle device, M > 2;
The trapping node also passes through the second network channel and the car networking protective platform is established and communicated to connect, further includes:
M trapping node is established and is communicated to connect by the second network channel and emulation trapping backstage, and the emulation is traped The attack information that node forwarding is traped according to M in backstage controls the behavior of the corresponding emulation vehicle device of each trapping node.
15. a kind of electronic equipment, wherein the electronic equipment includes:
Processor;And
The memory of computer executable instructions is stored, the executable instruction makes the processor execute basis when executed Method of any of claims 1-8.
16. a kind of computer readable storage medium, wherein the computer-readable recording medium storage one or more program, One or more of programs when being executed by a processor, realize method of any of claims 1-8.
CN201910684559.3A 2019-07-26 2019-07-26 Method, device and system for protecting information security of Internet of vehicles and electronic equipment Active CN110475227B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910684559.3A CN110475227B (en) 2019-07-26 2019-07-26 Method, device and system for protecting information security of Internet of vehicles and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910684559.3A CN110475227B (en) 2019-07-26 2019-07-26 Method, device and system for protecting information security of Internet of vehicles and electronic equipment

Publications (2)

Publication Number Publication Date
CN110475227A true CN110475227A (en) 2019-11-19
CN110475227B CN110475227B (en) 2022-03-22

Family

ID=68508372

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910684559.3A Active CN110475227B (en) 2019-07-26 2019-07-26 Method, device and system for protecting information security of Internet of vehicles and electronic equipment

Country Status (1)

Country Link
CN (1) CN110475227B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113485158A (en) * 2021-07-19 2021-10-08 泰安北航科技园信息科技有限公司 Dynamic simulation drilling method based on Internet of vehicles information security

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030159064A1 (en) * 2002-02-15 2003-08-21 Kabushiki Kaisha Toshiba Computer virus generation detection apparatus and method
CN1614941A (en) * 2004-12-02 2005-05-11 上海交通大学 Method for establishing complex network running environmental analog stimulative platform
CN102685147A (en) * 2012-05-31 2012-09-19 东南大学 Mobile communication honeypot capturing system and implementation method thereof
CN104410617A (en) * 2014-11-21 2015-03-11 西安邮电大学 Information safety attack and defense system structure of cloud platform
CN104506507A (en) * 2014-12-15 2015-04-08 蓝盾信息安全技术股份有限公司 Honey net safeguard system and honey net safeguard method for SDN (self-defending network)
CN105471875A (en) * 2015-11-25 2016-04-06 西安科技大学 Computer network monitoring system
EP3144840A1 (en) * 2015-09-16 2017-03-22 Mastercard International Incorporated Computer security system
CN108521423A (en) * 2018-04-10 2018-09-11 江苏亨通工控安全研究院有限公司 HWIL simulation industry control network target range system
CN109818985A (en) * 2019-04-11 2019-05-28 江苏亨通工控安全研究院有限公司 A kind of industrial control system loophole trend analysis and method for early warning and system
CN109831443A (en) * 2019-02-26 2019-05-31 武汉科技大学 Industrial control network attacking and defending experiment porch and Hardware In The Loop Simulation Method

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030159064A1 (en) * 2002-02-15 2003-08-21 Kabushiki Kaisha Toshiba Computer virus generation detection apparatus and method
CN1614941A (en) * 2004-12-02 2005-05-11 上海交通大学 Method for establishing complex network running environmental analog stimulative platform
CN102685147A (en) * 2012-05-31 2012-09-19 东南大学 Mobile communication honeypot capturing system and implementation method thereof
CN104410617A (en) * 2014-11-21 2015-03-11 西安邮电大学 Information safety attack and defense system structure of cloud platform
CN104506507A (en) * 2014-12-15 2015-04-08 蓝盾信息安全技术股份有限公司 Honey net safeguard system and honey net safeguard method for SDN (self-defending network)
EP3144840A1 (en) * 2015-09-16 2017-03-22 Mastercard International Incorporated Computer security system
CN105471875A (en) * 2015-11-25 2016-04-06 西安科技大学 Computer network monitoring system
CN108521423A (en) * 2018-04-10 2018-09-11 江苏亨通工控安全研究院有限公司 HWIL simulation industry control network target range system
CN109831443A (en) * 2019-02-26 2019-05-31 武汉科技大学 Industrial control network attacking and defending experiment porch and Hardware In The Loop Simulation Method
CN109818985A (en) * 2019-04-11 2019-05-28 江苏亨通工控安全研究院有限公司 A kind of industrial control system loophole trend analysis and method for early warning and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘文懋等: "基于软件定义安全的企业内网威胁诱捕机制", 《信息技术与网络安全》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113485158A (en) * 2021-07-19 2021-10-08 泰安北航科技园信息科技有限公司 Dynamic simulation drilling method based on Internet of vehicles information security

Also Published As

Publication number Publication date
CN110475227B (en) 2022-03-22

Similar Documents

Publication Publication Date Title
CN111565199A (en) Network attack information processing method and device, electronic equipment and storage medium
US11277430B2 (en) System and method for securing a network
CN110336811A (en) A kind of Cyberthreat analysis method, device and electronic equipment based on honey pot system
CN109617878A (en) A kind of construction method and system, computer readable storage medium of honey net
Pal et al. IoT technical challenges and solutions
CN105844146B (en) Method and device for protecting driver and electronic equipment
US11061792B2 (en) Test system for testing a computer of a computer system in a test network
CN110417768B (en) Botnet tracking method and device
CN108605264A (en) Network management
CN108809975B (en) Internal and external network isolation system and method for realizing internal and external network isolation
CN114826663B (en) Honeypot identification method, device, equipment and storage medium
RU2761542C1 (en) System and method for forming a system of trap resources
CN110365637A (en) Internetbank login detecting method, device, electronic equipment and storage medium
Zhang et al. ScanMe mobile: a cloud-based Android malware analysis service
Chandra et al. Design of cyber warfare testbed
CN108183884B (en) Network attack determination method and device
CN110475227A (en) The method, apparatus of car networking protecting information safety, system, electronic equipment
Mashima et al. On design and enhancement of smart grid honeypot system for practical collection of threat intelligence
Wang et al. SMS Observer: A dynamic mechanism to analyze the behavior of SMS-based malware
Tay et al. Taxonomy of fingerprinting techniques for evaluation of smart grid honeypot realism
CN107172038A (en) A kind of information processing method and safety service platform for being used to provide security service
Cagalaban et al. Improving SCADA control systems security with software vulnerability analysis
CN114448731B (en) Honeypot deployment method, device, equipment and computer readable medium
WO2020057156A1 (en) Safety management method and safety management device
Sarraute et al. Simulation of computer network attacks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant