CN111447167A - Safety protection method and device for vehicle-mounted system - Google Patents
Safety protection method and device for vehicle-mounted system Download PDFInfo
- Publication number
- CN111447167A CN111447167A CN201811639374.2A CN201811639374A CN111447167A CN 111447167 A CN111447167 A CN 111447167A CN 201811639374 A CN201811639374 A CN 201811639374A CN 111447167 A CN111447167 A CN 111447167A
- Authority
- CN
- China
- Prior art keywords
- vehicle
- vulnerability
- defense
- terminal
- rules
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 55
- 230000007123 defense Effects 0.000 claims abstract description 180
- 238000001514 detection method Methods 0.000 claims abstract description 48
- 230000004044 response Effects 0.000 claims abstract description 19
- 230000000903 blocking effect Effects 0.000 claims description 48
- 238000012544 monitoring process Methods 0.000 claims description 36
- 238000011835 investigation Methods 0.000 claims description 31
- 230000008439 repair process Effects 0.000 claims description 29
- 238000004891 communication Methods 0.000 claims description 22
- 238000013024 troubleshooting Methods 0.000 claims description 12
- 238000002955 isolation Methods 0.000 claims description 10
- 230000002787 reinforcement Effects 0.000 claims description 9
- 230000000694 effects Effects 0.000 abstract description 5
- 230000006399 behavior Effects 0.000 description 10
- 230000008569 process Effects 0.000 description 9
- 238000010586 diagram Methods 0.000 description 4
- 230000003014 reinforcing effect Effects 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 230000006855 networking Effects 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 230000002349 favourable effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000008014 freezing Effects 0.000 description 1
- 238000007710 freezing Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011022 operating instruction Methods 0.000 description 1
- 230000035515 penetration Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Abstract
The invention discloses a safety protection method and device for a vehicle-mounted system. The method comprises the following steps: s1, generating a corresponding vehicle defense rule according to the acquired vulnerability information and a defense strategy corresponding to the acquired vulnerability information; s2, issuing the vehicle defense rule to the vehicle terminal so that the vehicle terminal can defend the vulnerability according to the vehicle defense rule; s3, acquiring vulnerability information fed back by the vehicle terminal through self attack detection, and generating a defense strategy corresponding to the fed vulnerability information; and further performs step S1. According to the scheme, vulnerability prediction, defense for predicted vulnerabilities, terminal attack detection and quick response to terminal attack detection can be achieved, vulnerability prediction is provided for another terminal according to a terminal vulnerability detection result and a response result, circulation is conducted in sequence, and a complete protection ecological cycle for a vehicle-mounted system is formed, so that safety protection for the vehicle-mounted system can be achieved in a multi-directional integrated mode, and an excellent protection effect is achieved.
Description
Technical Field
The invention relates to the technical field of vehicle safety, in particular to a safety protection method and device for a vehicle-mounted system.
Background
With the continuous development of science and technology and society, the emergence of various intelligent and automatic vehicles greatly facilitates the work and life of people, but also promotes a plurality of security threats aiming at vehicles. For example, programmable or remotely programmable on-board systems in vehicles provide new intrusion channels for illegal intruders, thereby posing a great threat to the property and life safety of people.
In order to ensure the normal operation of the vehicle-mounted system, in the prior art, the vehicle-mounted system is generally protected by hot patches and the like. However, at present, the safety protection for the vehicle-mounted system is often a single-point protection mode, that is, a certain defense mode is uniformly adopted for leaks existing in the system, for example, a hot patch repairing mode which has a large influence on the stability of the vehicle is adopted for all leaks in the vehicle-mounted system. Therefore, the single-point protection mode is poor in protection effect, and the stability of the vehicle is further reduced.
Disclosure of Invention
In view of the above, the present invention is proposed to provide an on-board system safety protection method and apparatus that overcomes or at least partially solves the above mentioned problems.
According to one aspect of the invention, a safety protection method for a vehicle-mounted system is provided, which comprises the following steps:
s1, generating a corresponding vehicle defense rule according to the acquired vulnerability information and a defense strategy corresponding to the acquired vulnerability information;
s2, issuing the vehicle defense rule to a vehicle terminal for the vehicle terminal to defend the vulnerability according to the vehicle defense rule;
s3, acquiring vulnerability information fed back by the vehicle terminal through self attack detection, and generating a defense strategy corresponding to the fed vulnerability information; and further performs step S1.
According to another aspect of the present invention, there is provided an in-vehicle system safety device, comprising:
the defense rule generating module is suitable for generating a corresponding vehicle-mounted defense rule according to the acquired vulnerability information and a defense strategy corresponding to the acquired vulnerability information;
the issuing module is suitable for issuing the vehicle-mounted defense rule to a vehicle-mounted terminal so that the vehicle-mounted terminal can defend the vulnerability according to the vehicle-mounted defense rule;
the response module is suitable for acquiring vulnerability information fed back by the vehicle-mounted terminal through self attack detection and generating a defense strategy corresponding to the fed-back vulnerability information; and further executing a defense rule generating module.
According to yet another aspect of the present invention, there is provided a computing device comprising: the system comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete mutual communication through the communication bus;
the memory is used for storing at least one executable instruction, and the executable instruction enables the processor to execute the operation corresponding to the vehicle-mounted system safety protection method.
According to still another aspect of the present invention, a computer storage medium is provided, where at least one executable instruction is stored in the storage medium, and the executable instruction causes a processor to perform operations corresponding to the above vehicle-mounted system security protection method.
According to the vehicle-mounted system safety protection method and device provided by the invention, the corresponding vehicle-mounted machine defense rule is generated according to the acquired vulnerability information and the defense strategy corresponding to the acquired vulnerability information; the vehicle machine defense rules are issued to the vehicle machine terminal, so that the vehicle machine terminal can defend the loopholes according to the vehicle machine defense rules; and acquiring vulnerability information fed back by the vehicle-mounted terminal through self attack detection, and generating a defense strategy corresponding to the fed-back vulnerability information. According to the scheme, vulnerability prediction, defense for predicted vulnerabilities, terminal attack detection and quick response to terminal attack detection can be achieved, vulnerability prediction is provided for another terminal according to a terminal vulnerability detection result and a response result, circulation is conducted in sequence, and a complete protection ecological cycle for a vehicle-mounted system is formed, so that safety protection for the vehicle-mounted system can be achieved in a multi-directional integrated mode, and an excellent protection effect is achieved.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
FIG. 1 is a flow chart illustrating a method for securing a vehicle-mounted system according to an embodiment of the invention;
FIG. 2 is a flow chart illustrating a method for vehicle-mounted system safety protection according to another embodiment of the invention;
FIG. 3 is a schematic structural diagram of an in-vehicle system safety protection device according to an embodiment of the invention;
fig. 4 is a schematic structural diagram of a computing device according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
Extent of operation
Fig. 1 is a flowchart illustrating a safety protection method for an in-vehicle system according to an embodiment of the present invention.
The Vehicle-mounted system In this embodiment may be a Vehicle-mounted T-box (telematics box) system, a Vehicle-mounted Infotainment system (IVI), and/or a Head up display system (HUD), and so on. The present embodiment does not limit the specific type of the in-vehicle system and the like. The present embodiment may be specifically executed on the server side. As shown in fig. 1, the method includes:
and S110, generating a corresponding vehicle-mounted defense rule according to the acquired vulnerability information and a defense strategy corresponding to the acquired vulnerability information.
In a specific implementation process, vulnerability information fed back from at least one vehicle-mounted terminal in the vehicle-mounted network and/or vulnerability information obtained from a security forum or a website can be analyzed, and a security vulnerability possibly existing in the vehicle-mounted terminal in the vehicle-mounted network is determined according to an analysis result. And further combining the defense strategy corresponding to the acquired vulnerability information to generate a corresponding vehicle machine defense rule so as to realize the prediction of the vulnerability in the vehicle networking.
In an optional implementation manner, corresponding vehicle-mounted defense rules can be formulated for vehicle-mounted terminals of different categories according to vehicle categories corresponding to different vulnerabilities, so that customized vulnerability defense for vehicle-mounted systems in the vehicle-mounted terminals is achieved. For example, if a bug1 is an attack for a type a vehicle, the vehicle defense rules formulated for each vehicle terminal of the type a vehicle include the defense rules of the bug 1.
And step S120, issuing the vehicle defense rule to the vehicle terminal so that the vehicle terminal can defend the vulnerability according to the vehicle defense rule.
And after generating the corresponding vehicle machine defense rules, further issuing the vehicle machine defense rules to the vehicle machine terminal. Optionally, if the corresponding car machine defense rules are formulated for the car machine terminals of different categories in step S110, the car machine defense rules may be issued to the car machine terminals corresponding to the car machine defense rules in this step, so that the customized security defense for the vehicle-mounted system in the car machine terminal is realized, and the system resources are saved.
And after receiving the issued vehicle defense rule, the vehicle terminal defends the vulnerability according to the issued vehicle defense rule, so that the purpose of defending the predicted vulnerability is achieved.
Step S130, vulnerability information fed back by the vehicle-mounted terminal through self attack detection is obtained, and a defense strategy corresponding to the fed-back vulnerability information is generated.
The vehicle-mounted terminal can defend the predicted vulnerability according to the vehicle-mounted defense rule and further attack and detect the vehicle-mounted terminal according to the corresponding attack and detection means. When the vehicle-mounted system in the vehicle-mounted terminal is determined to be attacked through self attack detection, the vehicle-mounted terminal can feed back vulnerability information corresponding to the attack.
And further, vulnerability information fed back by the vehicle-mounted terminal through self attack detection can be obtained, the vulnerability information fed back by the vehicle-mounted terminal is quickly responded, a defense strategy corresponding to the fed-back vulnerability information is generated and sent to the vehicle-mounted terminal, and the vehicle-mounted terminal can carry out attack blocking or vulnerability repair according to the defense strategy corresponding to the fed-back vulnerability information.
The vulnerability information fed back by the vehicle-mounted terminal and the generated vulnerability information with the feedback information can further provide a basis for generating the vehicle-mounted defense rule in the step S110. Thus, after the step is executed, step S110 is further executed, so as to form a complete protection ecological cycle for the vehicle-mounted system.
The following describes the implementation process of the present embodiment in detail by using a specific example:
after analyzing the vulnerability information fed back by the vehicle terminal 1 and the vehicle terminal 2 and the vulnerability information obtained from the preset security forum, determining that a vulnerability bug1 may exist in the vehicle terminal out of the vehicle networking, and further generating a corresponding vehicle defense rule according to defense strategies corresponding to the vulnerability bugs 1 and 1 (corresponding to step S110); the generated vehicle machine defense rules are further issued to other vehicle machine terminals in the vehicle network, and the vehicle machine terminal 3 in the vehicle network defends the bug1 in the vehicle machine terminal 3 according to the issued vehicle machine defense rules; in addition, the in-vehicle terminal 3 may also detect whether the current vehicle-mounted system is attacked by using a corresponding attack detection method, and if so, feed back vulnerability information bug2 corresponding to the detected attack (corresponding to step S120); the vulnerability information fed back by the car terminal can be quickly responded, a defense strategy aiming at the vulnerability bug2 is generated, and the defense strategy is quickly fed back to the car terminal 3, so that the car terminal 3 can carry out attack blocking or repairing on the bug2 (corresponding to step S130); moreover, the bug2 and the defense strategy thereof may further provide a basis for generating new on-board defense rules (corresponding to step S110).
Therefore, according to the embodiment, the corresponding vehicle-mounted defense rules are generated according to the acquired vulnerability information and the defense strategy corresponding to the acquired vulnerability information, so that vulnerabilities possibly existing in the vehicle-mounted terminals in the internet of vehicles are predicted; the vehicle defense rule is further issued to the vehicle terminal, so that the vehicle terminal defends the predicted loophole according to the vehicle defense rule; and the vehicle-mounted terminal can also carry out attack detection on the vehicle-mounted terminal and feed back vulnerability information corresponding to the received attack, so that a defense strategy corresponding to the fed vulnerability information can be quickly generated, the vehicle-mounted terminal can block and repair the current attack, vulnerability prediction can be provided for another terminal according to the self attack detection and response result of the terminal, and the point-to-point and surface safety protection can be realized. Therefore, by adopting the scheme, the vulnerability prediction, defense against the predicted vulnerability, self-attack detection of the terminal and quick response to the self-attack detection of the terminal can be realized, so that a complete protection ecological cycle aiming at the vehicle-mounted system is formed, and further the safety protection of the vehicle-mounted system can be realized in a multi-aspect integrated manner; in addition, the scheme can realize multi-point protection on the vehicle-mounted system, and is favorable for further improving the safety and stability of the vehicle-mounted system.
Fig. 2 is a flowchart illustrating an on-board system safeguard method according to another embodiment of the present invention. As shown in fig. 2, the method includes:
step S210, generating a corresponding vehicle defense rule according to the acquired first type vulnerability information and/or second type vulnerability information and a defense strategy corresponding to the first type vulnerability information and/or the second type vulnerability information.
In the embodiment, at least one type of vulnerability information is specifically acquired in the process of predicting the vulnerability and generating the vehicle defense rule. The vulnerability information comprises first type vulnerability information and second type vulnerability information. The first type of vulnerability information is vulnerability information fed back by the vehicle terminal, and the second type of vulnerability information is vulnerability information obtained from a preset vulnerability database. The preset vulnerability database can be a preset website containing vulnerability information, a preset forum, a preset communication platform and the like; the vulnerability information can also be acquired from a preset website, a preset forum, a preset communication platform and the like and then is stored in a preset information base in a centralized manner, wherein the information base is a preset vulnerability base.
And further, generating a corresponding vehicle defense rule according to the acquired first type of vulnerability information and/or second type of vulnerability information and a defense strategy corresponding to the first type of vulnerability information and/or the second type of vulnerability information.
The vehicle defense rules at least comprise reinforced isolation rules, vulnerability troubleshooting rules and/or vulnerability blocking and repairing rules. The reinforcement isolation rule is used for reinforcing and reinforcing a vehicle-mounted system in the vehicle-mounted terminal so as to improve the overall anti-attack capability of the vehicle-mounted system; the vulnerability investigation rule is used for carrying out vulnerability investigation on the vehicle-mounted system and determining whether a predicted vulnerability exists in the vehicle-mounted system; and the bug blocking and repairing rule is used for blocking and repairing the detected bugs.
In an optional implementation manner, the corresponding vulnerability to be defended can be determined by analyzing the acquired first-type vulnerability information and/or second-type vulnerability information. The vulnerability to be defended is a vulnerability possibly existing in a vehicle-mounted system in the vehicle networking, namely a predicted vulnerability existing in the vehicle-mounted system. In order to facilitate quick and accurate troubleshooting of the bug by the vehicle-mounted terminal, the vehicle-mounted defense rule generated in the step also comprises priority information of the bug to be defended and/or position information of the bug to be defended. Defining corresponding danger levels such as high-risk vulnerabilities, general vulnerabilities, low-risk vulnerabilities and the like for the vulnerabilities to be defended; and/or determining the level (such as an application layer, a framework layer and/or a kernel layer and the like) and the specific module and the like of vulnerability to be protected.
Step S220, the vehicle-mounted defense rules are issued to the vehicle-mounted terminals, so that the vehicle-mounted terminals can conduct vulnerability investigation according to vulnerability investigation rules in the vehicle-mounted defense rules; and blocking and repairing the searched bugs by using bug blocking and repairing rules in the vehicle defense rules.
Specifically, the generated vehicle defense rules can be issued to the vehicle terminal, so that the vehicle terminal can perform security defense according to the issued vehicle defense rules. Here, it should be understood by those skilled in the art that the reinforcing isolation rule, the bug screening rule, and/or the bug blocking and repairing rule included in the vehicle-mounted defense rule in the embodiment may be issued to the vehicle-mounted terminal at one time, or issued in multiple times. For example, after the bug troubleshooting rule is issued, bug blocking and repairing can be issued according to the feedback of the vehicle-mounted terminal, so that bandwidth resources are saved, the cost is reduced, and timely protection of a vehicle-mounted system is facilitated.
In an optional implementation manner, the vehicle-mounted terminal can perform system reinforcement and system isolation on a vehicle-mounted system in the vehicle-mounted terminal according to a reinforcement isolation rule in the vehicle-mounted defense rule. For example, the system can be reinforced by corresponding program reinforcement modes, security configuration modification modes and the like; and the Internet of vehicles and the mobile phone network can be isolated. The concrete reinforcing and isolating mode of the system is not limited in the embodiment, and a person skilled in the art can set the system according to the actual situation.
In another optional implementation manner, the in-vehicle terminal may first perform vulnerability investigation on the in-vehicle terminal by using vulnerability investigation rules in the in-vehicle defense rules, and determine whether a vulnerability to be defended included in the vulnerability investigation rules exists in the in-vehicle terminal according to an investigation result. Specifically, whether the vulnerability to be defended exists in the vehicle terminal can be quickly determined according to the position information of the vulnerability to be defended. Optionally, the vulnerability discovery rules include file monitoring rules and/or intrusion monitoring rules. In a specific vulnerability investigation process, vulnerability investigation can be performed on the vehicle terminal according to the file monitoring rule and/or the intrusion monitoring rule. In addition, a preset penetration testing method can be adopted to perform vulnerability investigation on the vehicle terminal.
When it is determined that the to-be-defended bug exists in the vehicle-mounted terminal, a bug blocking and repairing rule corresponding to the to-be-defended bug existing in the vehicle-mounted terminal is further issued, so that the vehicle-mounted terminal blocks and repairs the to-be-defended bug existing in the vehicle-mounted terminal by using the bug blocking and repairing rule in the vehicle-mounted defense rule. Specifically, the to-be-defended vulnerability can be blocked and repaired by adopting a corresponding vulnerability blocking and repairing rule according to the category and/or priority of the to-be-defended vulnerability existing in the vehicle-mounted terminal. Moreover, file blocking rules, intrusion blocking rules and/or hot patch repairing rules contained in the vulnerability blocking repairing rules can be adopted to block and repair the vulnerability to be defended.
Optionally, in the process of troubleshooting and blocking repair of the vulnerability to be defended, a graded defense mode is adopted for ensuring the safety and stability of the vehicle-mounted system. Specifically, vulnerability to be defended is checked in a file monitoring mode which is low in accuracy and has small influence on a system, and vulnerability blocking is performed in a file freezing or deleting mode when the vulnerability to be defended is determined to exist. The file monitoring can be specifically payload file monitoring, the specific file monitoring mode is not limited in the embodiment, and vulnerability to be defended can be checked in modes such as malicious attack file monitoring, file feature string matching and/or file call sequence matching; furthermore, the vulnerability to be defended is checked in an intrusion detection mode with high detection precision and small influence on the vehicle-mounted system, for example, the vulnerability to be defended can be checked in an interface parameter malicious data monitoring mode, a Root privilege-giving mode monitoring mode and other modes, and the vulnerability to be defended is blocked in a corresponding path blocking mode and other modes. Similarly, the embodiment does not limit the specific intrusion detection method; finally, hot patch repair can be performed on certain specific loopholes to be defended, so that the effect of enabling the vehicle-mounted system to immunize the loopholes is achieved.
Step S230, obtaining vulnerability information fed back by the in-vehicle terminal through self attack detection, and generating a defense strategy corresponding to the fed-back vulnerability information.
The vehicle-mounted terminal can defend the predicted vulnerability according to the vehicle-mounted defense rule and further conduct attack detection on the vehicle-mounted terminal according to the corresponding attack detection means, so that the current attack on the vehicle-mounted system in the vehicle-mounted terminal is determined.
Specifically, the attack detection of the vehicle terminal can be performed in a file monitoring and/or behavior monitoring mode. The embodiment does not limit the specific document monitoring and/or behavior monitoring manner. For example, feature-matched static file monitoring may be utilized as well as monitoring of dynamic malicious behavior that implements means of monitoring malicious attack data or exploits.
Optionally, in order to further improve the security of the vehicle-mounted system and reduce the false alarm rate of attack detection, the attack detection may be performed for at least one level in the vehicle-mounted system in this embodiment. For example, attack detection can be performed on an application layer, a framework layer and a kernel layer in a vehicle-mounted system, so that the coverage of the attack detection can be greatly improved, and the missing report rate of the attack detection can be reduced. Further optionally, in order to improve the attack detection effect, the embodiment may adopt corresponding attack detection modes for different levels. For example, in the kernel layer, the attack behavior on the kernel layer is detected by a point burying method, and in the framework layer, the attack behavior can be determined by a point burying method and a cloud intelligent judgment method.
After the vehicle-mounted terminal detects the attack by itself, the vehicle-mounted terminal can feed back corresponding vulnerability information according to the detected attack behavior. In this step, after receiving the vulnerability information fed back by the car terminal, a quick response can be performed, so as to make a defense strategy corresponding to the fed-back vulnerability information. Therefore, the bug which is detected by the attack of the vehicle terminal can be repaired and blocked.
In addition, the vulnerability information and the response information fed back by the in-vehicle terminal can be used as the first type of vulnerability information for the step S210 to issue a new in-vehicle defense rule.
Therefore, according to the embodiment, the corresponding vehicle-mounted defense rules are generated according to the acquired vulnerability information and the defense strategy corresponding to the acquired vulnerability information, so that vulnerabilities possibly existing in the vehicle-mounted terminals in the internet of vehicles are predicted; the vehicle defense rule is further issued to the vehicle terminal, so that the vehicle terminal defends the predicted loophole according to the vehicle defense rule; and the vehicle-mounted terminal can also carry out attack detection on the vehicle-mounted terminal and feed back vulnerability information corresponding to the received attack, so that a defense strategy corresponding to the fed vulnerability information can be quickly generated, the vehicle-mounted terminal can block and repair the current attack, vulnerability prediction can be provided for another terminal according to the self attack detection and response result of the terminal, and the point-to-point and surface safety protection can be realized. Therefore, by adopting the scheme, the vulnerability prediction, defense against the predicted vulnerability, self-attack detection of the terminal and quick response to the self-attack detection of the terminal can be realized, so that a complete protection ecological cycle aiming at the vehicle-mounted system is formed, and further the safety protection of the vehicle-mounted system can be realized in a multi-aspect integrated manner; in addition, the scheme can realize multi-point protection on the vehicle-mounted system, and is beneficial to further improving the safety and stability of the vehicle-mounted system; in addition, the embodiment adopts a graded defense mode in the defense process of the vehicle terminal, so that the safety of the vehicle-mounted system can be improved, and the stability of the vehicle-mounted system can be further improved.
Fig. 3 is a schematic structural diagram illustrating an on-board system safety protection device according to an embodiment of the present invention. As shown in fig. 3, the apparatus includes: a defense rule generating module 31 issuing module 32 and a response module 33.
The defense rule generating module 31 is adapted to generate a corresponding vehicle defense rule according to the acquired vulnerability information and a defense strategy corresponding to the acquired vulnerability information;
the issuing module 32 is suitable for issuing the vehicle defense rule to a vehicle terminal so that the vehicle terminal can defend the vulnerability according to the vehicle defense rule;
the response module 33 is adapted to obtain vulnerability information fed back by the vehicle-mounted terminal through self attack detection, and generate a defense strategy corresponding to the fed-back vulnerability information; and further executing a defense rule generating module.
Optionally, the defense rule generating module 31 is further adapted to: generating a corresponding vehicle-mounted defense rule according to the acquired first-type vulnerability information and/or second-type vulnerability information and a defense strategy corresponding to the first-type vulnerability information and/or the second-type vulnerability information;
the first type of vulnerability information is vulnerability information fed back by the vehicle terminal; the second type of vulnerability information is vulnerability information obtained from a preset vulnerability database.
Optionally, the car defense rule includes: reinforcement isolation rules, vulnerability troubleshooting rules, and/or vulnerability blocking repair rules.
Optionally, the in-vehicle defense rule further includes priority information of the vulnerability to be defended and/or location information of the vulnerability to be defended.
Optionally, the vulnerability discovery rule includes: file monitoring rules and/or intrusion monitoring rules;
the bug blocking and repairing rule comprises the following steps: file blocking rules, intrusion blocking rules, and/or hot patch repair rules.
Optionally, the issuing module 32 is further adapted to: the vehicle-mounted defense rules are issued to the vehicle-mounted terminals, so that the vehicle-mounted terminals can perform vulnerability investigation on the vehicle-mounted terminals according to vulnerability investigation rules in the vehicle-mounted defense rules, and whether to-be-defended vulnerabilities contained in the vulnerability investigation rules exist in the vehicle-mounted terminals is judged according to investigation results; if so, the vehicle-mounted terminal blocks and repairs the to-be-defensive loopholes existing in the vehicle-mounted terminal by using a loophole blocking and repairing rule in the vehicle-mounted defense rule.
Optionally, the issuing module 32 is further adapted to: and issuing the vehicle-mounted defense rules to a vehicle-mounted terminal so that the vehicle-mounted terminal can adopt corresponding bug blocking and repairing rules to block and repair the to-be-defended bugs according to the categories and/or priorities of the to-be-defended bugs existing in the vehicle-mounted terminal.
Optionally, the response module 33 is further adapted to: and acquiring vulnerability information fed back by the vehicle terminal through file monitoring and/or behavior monitoring.
The specific implementation process of each module in the safety protection device for a vehicle-mounted system provided in this embodiment may refer to the description of corresponding steps in the embodiment shown in fig. 1 and/or fig. 2, which is not described herein again.
Therefore, according to the embodiment, the corresponding vehicle-mounted defense rules are generated according to the acquired vulnerability information and the defense strategy corresponding to the acquired vulnerability information, so that vulnerabilities possibly existing in the vehicle-mounted terminals in the internet of vehicles are predicted; the vehicle defense rule is further issued to the vehicle terminal, so that the vehicle terminal defends the predicted loophole according to the vehicle defense rule; and the vehicle-mounted terminal can also carry out attack detection on the vehicle-mounted terminal and feed back vulnerability information corresponding to the received attack, so that a defense strategy corresponding to the fed vulnerability information can be quickly generated, the vehicle-mounted terminal can block and repair the current attack, vulnerability prediction can be provided for another terminal according to the self attack detection and response result of the terminal, and the point-to-point and surface safety protection can be realized. Therefore, by adopting the scheme, the vulnerability prediction, defense against the predicted vulnerability, self-attack detection of the terminal and quick response to the self-attack detection of the terminal can be realized, so that a complete protection ecological cycle aiming at the vehicle-mounted system is formed, and further the safety protection of the vehicle-mounted system can be realized in a multi-aspect integrated manner; in addition, the scheme can realize multi-point protection on the vehicle-mounted system, and is favorable for further improving the safety and stability of the vehicle-mounted system.
According to an embodiment of the present invention, a non-volatile computer storage medium is provided, where at least one executable instruction is stored in the computer storage medium, and the computer executable instruction may execute the vehicle system security protection method in any of the above method embodiments.
Fig. 4 is a schematic structural diagram of a computing device according to an embodiment of the present invention, and the specific embodiment of the present invention does not limit the specific implementation of the computing device.
As shown in fig. 4, the computing device may include: a processor (processor)402, a Communications Interface 404, a memory 406, and a Communications bus 408.
Wherein:
the processor 402, communication interface 404, and memory 406 communicate with each other via a communication bus 408.
A communication interface 404 for communicating with network elements of other devices, such as clients or other servers.
The processor 402 is configured to execute the program 410, and may specifically execute relevant steps in the above-described vehicle-mounted system security protection method embodiment.
In particular, program 410 may include program code comprising computer operating instructions.
The processor 402 may be a central processing unit CPU, or an application specific Integrated circuit asic, or one or more Integrated circuits configured to implement an embodiment of the present invention. The computing device includes one or more processors, which may be the same type of processor, such as one or more CPUs; or may be different types of processors such as one or more CPUs and one or more ASICs.
And a memory 406 for storing a program 410. Memory 406 may comprise high-speed RAM memory, and may also include non-volatile memory (non-volatile memory), such as at least one disk memory.
The program 410 may specifically be configured to cause the processor 402 to perform the following operations:
s1, generating a corresponding vehicle defense rule according to the acquired vulnerability information and a defense strategy corresponding to the acquired vulnerability information;
s2, issuing the vehicle defense rule to a vehicle terminal for the vehicle terminal to defend the vulnerability according to the vehicle defense rule;
s3, acquiring vulnerability information fed back by the vehicle terminal through self attack detection, and generating a defense strategy corresponding to the fed vulnerability information; and further performs step S1.
In an alternative embodiment, the program 410 may be specifically configured to cause the processor 402 to perform the following operations:
generating a corresponding vehicle-mounted defense rule according to the acquired first-type vulnerability information and/or second-type vulnerability information and a defense strategy corresponding to the first-type vulnerability information and/or the second-type vulnerability information;
the first type of vulnerability information is vulnerability information fed back by the vehicle terminal; the second type of vulnerability information is vulnerability information obtained from a preset vulnerability database.
In an optional implementation manner, the in-vehicle defense rule includes: reinforcement isolation rules, vulnerability troubleshooting rules, and/or vulnerability blocking repair rules.
In an optional implementation manner, the in-vehicle defense rule further includes priority information of the vulnerability to be defended and/or location information of the vulnerability to be defended.
In an optional embodiment, the vulnerability discovery rule includes: file monitoring rules and/or intrusion monitoring rules;
the bug blocking and repairing rule comprises the following steps: file blocking rules, intrusion blocking rules, and/or hot patch repair rules.
In an alternative embodiment, the program 410 may be specifically configured to cause the processor 402 to perform the following operations:
the vehicle-mounted terminal carries out vulnerability investigation on the vehicle-mounted terminal according to vulnerability investigation rules in the vehicle-mounted defense rules, and judges whether vulnerabilities to be defended contained in the vulnerability investigation rules exist in the vehicle-mounted terminal or not according to investigation results;
if so, the vehicle-mounted terminal blocks and repairs the to-be-defensive loopholes existing in the vehicle-mounted terminal by using a loophole blocking and repairing rule in the vehicle-mounted defense rule.
In an alternative embodiment, the program 410 may be specifically configured to cause the processor 402 to perform the following operations:
and adopting a corresponding bug blocking and repairing rule to block and repair the to-be-defended bug according to the category and/or priority of the to-be-defended bug existing in the vehicle terminal.
In an alternative embodiment, the program 410 may be specifically configured to cause the processor 402 to perform the following operations:
and acquiring vulnerability information fed back by the vehicle terminal through file monitoring and/or behavior monitoring.
The algorithms and displays presented herein are not inherently related to any particular computer, virtual machine, or other apparatus. Various general purpose systems may also be used with the teachings herein. The required structure for constructing such a system will be apparent from the description above. Moreover, the present invention is not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the claims, any of the claimed embodiments may be used in any combination.
The various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functions of some or all of the components in an in-vehicle system safety guard in accordance with embodiments of the present invention. The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present invention may be stored on computer-readable media or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
The invention discloses: A1. a safety protection method for an on-board system comprises the following steps:
s1, generating a corresponding vehicle defense rule according to the acquired vulnerability information and a defense strategy corresponding to the acquired vulnerability information;
s2, issuing the vehicle defense rule to a vehicle terminal for the vehicle terminal to defend the vulnerability according to the vehicle defense rule;
s3, acquiring vulnerability information fed back by the vehicle terminal through self attack detection, and generating a defense strategy corresponding to the fed vulnerability information; and further performs step S1.
A2. The method according to a1, wherein the generating a corresponding in-vehicle defense rule according to the acquired vulnerability information and a defense policy corresponding to the acquired vulnerability information further includes:
generating a corresponding vehicle-mounted defense rule according to the acquired first-type vulnerability information and/or second-type vulnerability information and a defense strategy corresponding to the first-type vulnerability information and/or the second-type vulnerability information;
the first type of vulnerability information is vulnerability information fed back by the vehicle terminal; the second type of vulnerability information is vulnerability information obtained from a preset vulnerability database.
A3. The method of A1 or A2, wherein the car defense rules include: reinforcement isolation rules, vulnerability troubleshooting rules, and/or vulnerability blocking repair rules.
A4. The method according to A3, wherein the in-vehicle defense rules further include priority information of the vulnerability to be defended and/or location information of the vulnerability to be defended.
A5. The method according to A4, wherein the vulnerability troubleshooting rules include: file monitoring rules and/or intrusion monitoring rules;
the bug blocking and repairing rule comprises the following steps: file blocking rules, intrusion blocking rules, and/or hot patch repair rules.
A6. The method according to A5, wherein the performing vulnerability defense by the in-vehicle terminal according to the in-vehicle defense rule further comprises:
the vehicle-mounted terminal carries out vulnerability investigation on the vehicle-mounted terminal according to vulnerability investigation rules in the vehicle-mounted defense rules, and judges whether vulnerabilities to be defended contained in the vulnerability investigation rules exist in the vehicle-mounted terminal or not according to investigation results;
if so, the vehicle-mounted terminal blocks and repairs the to-be-defensive loopholes existing in the vehicle-mounted terminal by using a loophole blocking and repairing rule in the vehicle-mounted defense rule.
A7. The method according to a6, wherein the repairing the vulnerability to be defended existing in the car terminal by using the vulnerability repair rule in the car terminal defense rule further comprises:
and adopting a corresponding bug blocking and repairing rule to block and repair the to-be-defended bug according to the category and/or priority of the to-be-defended bug existing in the vehicle terminal.
A8. The method according to any one of A1-A7, wherein the obtaining vulnerability information fed back by the vehicle terminal through self attack detection further comprises:
and acquiring vulnerability information fed back by the vehicle terminal through file monitoring and/or behavior monitoring.
The invention also discloses: B9. an on-board system safety shield, comprising:
the defense rule generating module is suitable for generating a corresponding vehicle-mounted defense rule according to the acquired vulnerability information and a defense strategy corresponding to the acquired vulnerability information;
the issuing module is suitable for issuing the vehicle-mounted defense rule to a vehicle-mounted terminal so that the vehicle-mounted terminal can defend the vulnerability according to the vehicle-mounted defense rule;
the response module is suitable for acquiring vulnerability information fed back by the vehicle-mounted terminal through self attack detection and generating a defense strategy corresponding to the fed-back vulnerability information; and further executing a defense rule generating module.
B10. The apparatus of B9, wherein the defense rule generation module is further adapted to: generating a corresponding vehicle-mounted defense rule according to the acquired first-type vulnerability information and/or second-type vulnerability information and a defense strategy corresponding to the first-type vulnerability information and/or the second-type vulnerability information;
the first type of vulnerability information is vulnerability information fed back by the vehicle terminal; the second type of vulnerability information is vulnerability information obtained from a preset vulnerability database.
B11. The apparatus of B9 or B10, wherein the car defense rules include: reinforcement isolation rules, vulnerability troubleshooting rules, and/or vulnerability blocking repair rules.
B12. The device according to B11, wherein the in-vehicle defense rules further include priority information of the vulnerability to be defended and/or location information of the vulnerability to be defended.
B13. The apparatus of B11, wherein the vulnerability troubleshooting rules include: file monitoring rules and/or intrusion monitoring rules;
the bug blocking and repairing rule comprises the following steps: file blocking rules, intrusion blocking rules, and/or hot patch repair rules.
B14. The apparatus of B13, wherein the down-sending module is further adapted to:
the vehicle-mounted defense rules are issued to the vehicle-mounted terminals, so that the vehicle-mounted terminals can perform vulnerability investigation on the vehicle-mounted terminals according to vulnerability investigation rules in the vehicle-mounted defense rules, and whether to-be-defended vulnerabilities contained in the vulnerability investigation rules exist in the vehicle-mounted terminals is judged according to investigation results; if so, the vehicle-mounted terminal blocks and repairs the to-be-defensive loopholes existing in the vehicle-mounted terminal by using a loophole blocking and repairing rule in the vehicle-mounted defense rule.
B15. The apparatus of B14, wherein the down-sending module is further adapted to:
and issuing the vehicle-mounted defense rules to a vehicle-mounted terminal so that the vehicle-mounted terminal can adopt corresponding bug blocking and repairing rules to block and repair the to-be-defended bugs according to the categories and/or priorities of the to-be-defended bugs existing in the vehicle-mounted terminal.
B16. The apparatus of any one of B9-B15, wherein the response module is further adapted to: and acquiring vulnerability information fed back by the vehicle terminal through file monitoring and/or behavior monitoring.
The invention also discloses: C17. a computing device, comprising: the system comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete mutual communication through the communication bus;
the memory is used for storing at least one executable instruction, and the executable instruction causes the processor to execute the operation corresponding to the vehicle-mounted system safety protection method in any one of A1-A8.
The invention also discloses: D18. a computer storage medium having at least one executable instruction stored therein, the executable instruction causing a processor to perform operations corresponding to the vehicle system safeguard method according to any one of a 1-A8.
Claims (10)
1. A safety protection method for an on-board system comprises the following steps:
s1, generating a corresponding vehicle defense rule according to the acquired vulnerability information and a defense strategy corresponding to the acquired vulnerability information;
s2, issuing the vehicle defense rule to a vehicle terminal for the vehicle terminal to defend the vulnerability according to the vehicle defense rule;
s3, acquiring vulnerability information fed back by the vehicle terminal through self attack detection, and generating a defense strategy corresponding to the fed vulnerability information; and further performs step S1.
2. The method of claim 1, wherein generating the corresponding in-vehicle defense rule according to the obtained vulnerability information and a defense policy corresponding to the obtained vulnerability information further comprises:
generating a corresponding vehicle-mounted defense rule according to the acquired first-type vulnerability information and/or second-type vulnerability information and a defense strategy corresponding to the first-type vulnerability information and/or the second-type vulnerability information;
the first type of vulnerability information is vulnerability information fed back by the vehicle terminal; the second type of vulnerability information is vulnerability information obtained from a preset vulnerability database.
3. The method of claim 1 or 2, wherein the car defense rules include: reinforcement isolation rules, vulnerability troubleshooting rules, and/or vulnerability blocking repair rules.
4. The method according to claim 3, wherein the in-vehicle defense rules further include priority information of vulnerabilities to be defended and/or location information of vulnerabilities to be defended.
5. The method of claim 4, wherein the vulnerability troubleshooting rules include: file monitoring rules and/or intrusion monitoring rules;
the bug blocking and repairing rule comprises the following steps: file blocking rules, intrusion blocking rules, and/or hot patch repair rules.
6. The method of claim 5, wherein the in-vehicle terminal defending against vulnerabilities according to the in-vehicle defense rules further comprises:
the vehicle-mounted terminal carries out vulnerability investigation on the vehicle-mounted terminal according to vulnerability investigation rules in the vehicle-mounted defense rules, and judges whether vulnerabilities to be defended contained in the vulnerability investigation rules exist in the vehicle-mounted terminal or not according to investigation results;
if so, the vehicle-mounted terminal blocks and repairs the to-be-defensive loopholes existing in the vehicle-mounted terminal by using a loophole blocking and repairing rule in the vehicle-mounted defense rule.
7. The method of claim 6, wherein the repairing the vulnerability to be defended existing in the car machine terminal by using the vulnerability repairing rule in the car machine defense rule further comprises:
and adopting a corresponding bug blocking and repairing rule to block and repair the to-be-defended bug according to the category and/or priority of the to-be-defended bug existing in the vehicle terminal.
8. An on-board system safety shield, comprising:
the defense rule generating module is suitable for generating a corresponding vehicle-mounted defense rule according to the acquired vulnerability information and a defense strategy corresponding to the acquired vulnerability information;
the issuing module is suitable for issuing the vehicle-mounted defense rule to a vehicle-mounted terminal so that the vehicle-mounted terminal can defend the vulnerability according to the vehicle-mounted defense rule;
the response module is suitable for acquiring vulnerability information fed back by the vehicle-mounted terminal through self attack detection and generating a defense strategy corresponding to the fed-back vulnerability information; and further executing a defense rule generating module.
9. A computing device, comprising: the system comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete mutual communication through the communication bus;
the memory is used for storing at least one executable instruction, and the executable instruction causes the processor to execute the operation corresponding to the vehicle-mounted system safety protection method according to any one of claims 1-7.
10. A computer storage medium having at least one executable instruction stored therein, the executable instruction causing a processor to perform operations corresponding to the in-vehicle system safeguard method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811639374.2A CN111447167B (en) | 2018-12-29 | 2018-12-29 | Safety protection method and device for vehicle-mounted system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811639374.2A CN111447167B (en) | 2018-12-29 | 2018-12-29 | Safety protection method and device for vehicle-mounted system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111447167A true CN111447167A (en) | 2020-07-24 |
| CN111447167B CN111447167B (en) | 2024-04-02 |
Family
ID=71652280
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811639374.2A Active CN111447167B (en) | 2018-12-29 | 2018-12-29 | Safety protection method and device for vehicle-mounted system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111447167B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114157471A (en) * | 2021-11-29 | 2022-03-08 | 阿波罗智联(北京)科技有限公司 | Vehicle abnormity processing method and device, electronic equipment and medium |
| CN115001815A (en) * | 2022-05-31 | 2022-09-02 | 重庆长安汽车股份有限公司 | Vehicle-mounted system attack event monitoring method, system, medium and electronic equipment |
| CN115296860A (en) * | 2022-07-15 | 2022-11-04 | 智己汽车科技有限公司 | Vehicle safety operation and maintenance operation system based on central computing platform and vehicle |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016055730A1 (en) * | 2014-10-08 | 2016-04-14 | Renault S.A.S. | On-board vehicle network system and method for detecting intrusions on the on-board network |
| US20160134653A1 (en) * | 2014-11-11 | 2016-05-12 | Goldman, Sachs & Co. | Synthetic Cyber-Risk Model For Vulnerability Determination |
| CN106685968A (en) * | 2016-12-29 | 2017-05-17 | 北京安天网络安全技术有限公司 | Automatic vulnerability defense system and method for industrial control equipment |
| CN106982194A (en) * | 2016-01-19 | 2017-07-25 | 中国移动通信集团河北有限公司 | Vulnerability scanning method and device |
| CN108965254A (en) * | 2018-06-11 | 2018-12-07 | 武汉般若互动科技有限公司 | One kind being used for government website security protection scheme |
-
2018
- 2018-12-29 CN CN201811639374.2A patent/CN111447167B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016055730A1 (en) * | 2014-10-08 | 2016-04-14 | Renault S.A.S. | On-board vehicle network system and method for detecting intrusions on the on-board network |
| US20160134653A1 (en) * | 2014-11-11 | 2016-05-12 | Goldman, Sachs & Co. | Synthetic Cyber-Risk Model For Vulnerability Determination |
| CN106982194A (en) * | 2016-01-19 | 2017-07-25 | 中国移动通信集团河北有限公司 | Vulnerability scanning method and device |
| CN106685968A (en) * | 2016-12-29 | 2017-05-17 | 北京安天网络安全技术有限公司 | Automatic vulnerability defense system and method for industrial control equipment |
| CN108965254A (en) * | 2018-06-11 | 2018-12-07 | 武汉般若互动科技有限公司 | One kind being used for government website security protection scheme |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114157471A (en) * | 2021-11-29 | 2022-03-08 | 阿波罗智联(北京)科技有限公司 | Vehicle abnormity processing method and device, electronic equipment and medium |
| CN115001815A (en) * | 2022-05-31 | 2022-09-02 | 重庆长安汽车股份有限公司 | Vehicle-mounted system attack event monitoring method, system, medium and electronic equipment |
| CN115296860A (en) * | 2022-07-15 | 2022-11-04 | 智己汽车科技有限公司 | Vehicle safety operation and maintenance operation system based on central computing platform and vehicle |
| CN115296860B (en) * | 2022-07-15 | 2023-08-15 | 智己汽车科技有限公司 | Vehicle safety operation and maintenance operation system based on central computing platform and vehicle |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111447167B (en) | 2024-04-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109067815B (en) | Attack event tracing analysis method, system, user equipment and storage medium | |
| US20210168175A1 (en) | Ai-driven defensive cybersecurity strategy analysis and recommendation system | |
| US20220210200A1 (en) | Ai-driven defensive cybersecurity strategy analysis and recommendation system | |
| Kong et al. | Security risk assessment framework for smart car using the attack tree analysis | |
| US20220201042A1 (en) | Ai-driven defensive penetration test analysis and recommendation system | |
| CN107634959B (en) | Protection method, device and system based on automobile | |
| US8839440B2 (en) | Apparatus and method for forecasting security threat level of network | |
| CN106828362B (en) | Safety testing method and device for automobile information | |
| CN111447167B (en) | Safety protection method and device for vehicle-mounted system | |
| CN112685682B (en) | Method, device, equipment and medium for identifying forbidden object of attack event | |
| CN111447166B (en) | Vehicle attack detection method and device | |
| CN110059007B (en) | System vulnerability scanning method and device, computer equipment and storage medium | |
| CN109144023A (en) | A kind of safety detection method and equipment of industrial control system | |
| US10356109B2 (en) | Security indicator linkage determination | |
| CN111444511A (en) | Safety protection method and system for vehicle-mounted system | |
| CN104038488A (en) | System network safety protection method and device | |
| CN109120626A (en) | Security threat processing method, system, safety perception server and storage medium | |
| CN112989335A (en) | Automobile protection method, automobile client, cloud server and system | |
| CN112600839A (en) | Method and device for constructing security threat association view based on Internet of vehicles platform | |
| CN106302347A (en) | A kind of network attack treating method and apparatus | |
| CN116680699A (en) | Vulnerability priority ordering system, vulnerability priority ordering method, computer equipment and storage medium | |
| CN106407815A (en) | Vulnerability detection method and device | |
| US20220182260A1 (en) | Detecting anomalies on a controller area network bus | |
| CN113518055B (en) | Data security protection processing method and device, storage medium and terminal | |
| CN113872959A (en) | Risk asset grade judgment and dynamic degradation method, device and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20231113 Address after: 1739, 17th Floor, 15th Floor, Building 3, No.10 Jiuxianqiao Road, Chaoyang District, Beijing, 100000 Applicant after: Anxinxing (Beijing) Technology Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Applicant before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |