CN112491897A - Remote anti-brute force cracking method based on database security - Google Patents
Remote anti-brute force cracking method based on database security Download PDFInfo
- Publication number
- CN112491897A CN112491897A CN202011374132.2A CN202011374132A CN112491897A CN 112491897 A CN112491897 A CN 112491897A CN 202011374132 A CN202011374132 A CN 202011374132A CN 112491897 A CN112491897 A CN 112491897A
- Authority
- CN
- China
- Prior art keywords
- account
- database
- remote
- address
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000005336 cracking Methods 0.000 title claims abstract description 12
- 230000002265 prevention Effects 0.000 claims abstract description 11
- 238000012795 verification Methods 0.000 claims abstract description 6
- 230000006399 behavior Effects 0.000 claims description 3
- 238000005516 engineering process Methods 0.000 abstract description 7
- 238000004891 communication Methods 0.000 abstract description 4
- 238000001514 detection method Methods 0.000 abstract 1
- 239000000470 constituent Substances 0.000 description 14
- 230000006870 function Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 8
- 238000004590 computer program Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 4
- 230000014509 gene expression Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000003860 storage Methods 0.000 description 3
- 239000000243 solution Substances 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a remote anti-brute force cracking method based on database security, which comprises the steps of registering to a management center, receiving a database security policy, automatically checking the current database environment, acquiring information such as a database access port, capturing outbound/inbound communication data packets related to account verification between all remote IP and a local database port, analyzing the captured communication data packets, and executing a corresponding security policy according to the captured information. The method allows a database security manager to independently make security policies including account validity detection, account locking time threshold and account locking time, and diversifies account unlocking modes, so that the database account brute force prevention technology is more flexible and applicable. According to the invention, by adding the black and white list function and combining the related security strategies, the database account brute force prevention technology is safer.
Description
Technical Field
The invention relates to the field of internet security, in particular to a remote anti-brute force cracking method based on database security.
Background
With the development of computer internet technology and the advent of big data age, various data information systems are more and more widely applied. The database is used as the basic core of the service platform information technology, bears the analysis and management functions of recording, accessing, interacting and the like of data information, and gradually becomes the most important strategic asset in national public safety units, enterprise organizations and the like. The safe and stable operation of the database also directly determines whether the service system can be normally used. And the database of the platform often stores the information which is extremely important and sensitive. Once the information is tampered or leaked, the economic loss of an enterprise is caused, and the image of the enterprise, even the industry and social security are influenced. It can be seen that the security of the database is of paramount importance.
The security threat of the database mainly relates to two aspects, namely abuse of the authority of the internal staff or the management operation and maintenance staff, insufficient identity authentication, illegal operation and the like. And the second is security threats from the outside, such as platform bugs of a database, communication protocol bugs, SQL injection and the like. When current network illegal hackers steal important data information according to security threats inside and outside a database, the most common method is to adopt a remote brute force attack mode, and violently crack account passwords of the database through account password database pairs or certain rules, so as to acquire authority, steal and modify important data.
Disclosure of Invention
In order to solve the most popular attack mode of brute force cracking under the current network environment, the application provides a remote brute force cracking prevention method based on database security, which is realized by the following technical scheme:
a remote anti-brute force cracking method based on database security comprises the following steps:
s1, acquiring the information of the registered user and receiving the security policy of the system;
s2, detecting the current database environment and acquiring the information of the database access port;
s3, setting a black and white list of the IP address, and capturing an account number verification data packet between the remote IP address and the access port of the database;
and S4, analyzing the captured check data packet, extracting effective data information and executing a security policy, wherein the effective data information comprises an IP address, an account name and a return value.
The method has the advantages that the black-and-white list function is added, the related security strategies are combined, the database account brute force prevention technology is safer, meanwhile, the database security management personnel are allowed to independently make the security strategies, the account unlocking mode is diversified, and the database account brute force prevention technology is more flexible and applicable.
Further, the security policy includes: a database account type, a database account lock threshold, a database account lock time, a database account reset counter count time, and an unlocking mode.
The further scheme has the advantages that a whole set of safety protection processes of automatic statistics, automatic locking, automatic unlocking and automatic resetting from login are established; the integrity of the whole protection process is guaranteed.
Further, the database account types include a legal account and an illegal account, wherein:
the legal account is an account with an account name in the database user list;
an illegal account is an account whose account name is not in the database user list.
The further scheme has the advantages that the concept of the database account type is clearly defined, and legal accounts and illegal accounts are included.
Further, the database account locking threshold is an upper limit of the number of continuous login failures of the legal account or the illegal account within the database account resetting counter time.
The further scheme has the advantages that non-database users are also brought into the account login failure statistical sequence, and the defect that different users can repeatedly try to log in the database is effectively overcome.
Further, the database account locking time is the locking time after the remote IP address triggers the security policy and exceeds the account locking threshold.
The further scheme has the advantages that the precondition for locking the database account is clearly defined, and the safety strategy is started and the locking threshold value is required to be exceeded; while defining a range of lock time periods, from triggering the security policy to be locked until the lock time expires to automatically unlock.
Further, the time of the database reset counter is the time of clearing the number of times of failed login when the remote IP address triggers the security policy and the account locking threshold is not exceeded within the set time.
The beneficial effect of the further scheme is that the reset time and the reset range of the account login failure times are clearly defined.
Further, the unlocking mode includes automatic unlocking and manual unlocking, wherein:
the automatic unlocking is automatic unlocking after the remote IP address locking exceeds the preset locking time of the database;
and manual unlocking refers to uploading the locked IP address to a policy center by a registered user, and manually unlocking.
The further scheme has the advantages that two unlocking modes of automatic expiration unlocking and manual unlocking are provided for users, and the adaptability of products to different service scenes is enhanced.
Further, the check data packet includes an IP address, an account name, and a return value of the current login account.
The further scheme has the advantages that the information acquisition range of the verification data packet is strictly defined, the key factors of account locking are defined in detail from the three layers of the source IP address, the account name and the return value, and the condition of false locking is avoided.
Further, the method for executing the security policy includes:
when the IP address is detected to be in the IP blacklist, the IP address is refused to access the database through the grade firewall; when the IP address is detected to be located in the IP white list, all login failure behaviors of the IP cannot be recorded; when the IP address is not in the black and white list, recording the account name and the return value of the login database;
when the returned value is detected to be login failure, establishing a login failure record for a corresponding account of the remote IP, wherein the login failure record comprises an account name, login failure time and login failure times;
if the login failure times of the account corresponding to the remote IP do not exceed the account locking threshold value within the time range of the reset counter, clearing the login failure time records corresponding to the account;
if the number of times of login failure of the corresponding account of the remote IP exceeds an account locking threshold value within the time range of the reset counter, the client program automatically locks the IP address and refuses the network access of the IP address to the database;
and if the login is successful or the successful IP is unlocked, automatically clearing the login failure counter related to the IP.
The technical scheme has the advantages that the black-and-white list function is added, and the database account brute force prevention technology is safer by combining the related security strategies.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
FIG. 1 is a flow chart of a remote anti-brute force cracking method based on database security according to the present invention.
Detailed Description
Hereinafter, the term "comprising" or "may include" used in various embodiments of the present invention indicates the presence of the invented function, operation or element, and does not limit the addition of one or more functions, operations or elements. Furthermore, as used in various embodiments of the present invention, the terms "comprises," "comprising," "includes," "including," "has," "having" and their derivatives are intended to mean that the specified features, numbers, steps, operations, elements, components, or combinations of the foregoing, are only meant to indicate that a particular feature, number, step, operation, element, component, or combination of the foregoing, and should not be construed as first excluding the existence of, or adding to the possibility of, one or more other features, numbers, steps, operations, elements, components, or combinations of the foregoing.
In various embodiments of the invention, the expression "or" at least one of a or/and B "includes any or all combinations of the words listed simultaneously. For example, the expression "a or B" or "at least one of a or/and B" may include a, may include B, or may include both a and B.
Expressions (such as "first", "second", and the like) used in various embodiments of the present invention may modify various constituent elements in various embodiments, but may not limit the respective constituent elements. For example, the above description does not limit the order and/or importance of the elements described. The foregoing description is for the purpose of distinguishing one element from another. For example, the first user device and the second user device indicate different user devices, although both are user devices. For example, a first element could be termed a second element, and, similarly, a second element could be termed a first element, without departing from the scope of various embodiments of the present invention.
It should be noted that: if it is described that one constituent element is "connected" to another constituent element, the first constituent element may be directly connected to the second constituent element, and a third constituent element may be "connected" between the first constituent element and the second constituent element. In contrast, when one constituent element is "directly connected" to another constituent element, it is understood that there is no third constituent element between the first constituent element and the second constituent element.
The terminology used in the various embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the various embodiments of the invention. As used herein, the singular forms are intended to include the plural forms as well, unless the context clearly indicates otherwise. Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which various embodiments of the present invention belong. The terms (such as those defined in commonly used dictionaries) should be interpreted as having a meaning that is consistent with their contextual meaning in the relevant art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein in various embodiments of the present invention.
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to examples and accompanying drawings, and the exemplary embodiments and descriptions thereof are only used for explaining the present invention and are not meant to limit the present invention.
Example 1
A remote anti-brute force cracking method based on database security is disclosed, as shown in FIG. 1, and comprises the following steps:
s1, acquiring the information of the registered user and receiving the security policy of the system;
the management center formulates a brute force-resistant cracking security strategy and issues the strategy to the client, wherein the strategy content comprises: database account lock threshold, database account lock time, database account reset counter time, unlocking mode, specifically,
database account locking threshold: dividing a database into a legal account and an illegal account, and respectively configuring account locking thresholds for the two accounts;
and (3) legal account: the account name is located in a database user list;
and (3) illegal account: the account name is not in the database user list;
account lock threshold: when the legal account or the illegal account fails to continuously log in for more than a certain number of times within the specified time range of the reset counter, the remote IP address initiating the access is locked, and the database is refused to log in again; this number is the lock threshold;
database lock time: when a certain remote IP address triggers a security policy and the times exceed an account locking threshold, the IP address is locked for a period of time, and the logging in a database is refused within the period of time;
database reset counter time: when a certain remote IP address triggers a security policy, the client automatically records login failure times for the IP, but if the IP login failure does not exceed a locking threshold value within a specified time, the previously recorded login failure times are automatically cleared after the time for resetting the counter is reached;
an unlocking mode: the method is divided into automatic unlocking and manual unlocking,
automatic unlocking: when the locking time of the remote IP exceeds the locking time of the database, the remote IP is automatically unlocked; the IP may attempt login again;
manual unlocking: and uploading the IP to a policy center by the client, and manually unlocking by an administrator of the policy center.
S2, detecting the current database environment and acquiring the information of the database access port;
in this embodiment, after the client is installed, the client registers in the management center, receives the database security policy, automatically checks the current database environment, and obtains information such as a database access port, and the client has the functions of packet capturing and unpacking and a kernel-level firewall and is responsible for executing a locking policy on a remote IP violating an anti-brute force cracking policy.
S3, setting a black and white list of the IP address, and capturing an account number verification data packet between the remote IP address and the access port of the database;
in the embodiment, the black and white IP list includes a black list and a white list,
IP blacklist: the IP addresses in the list are rejected to log in the target database by default;
IP white list: the IP addresses in the list allow the target database to be logged in, and even if the logging fails, the database security strategy is not triggered to be cracked violently.
And the client program analyzes the captured communication data packet and extracts the IP address, the account name and the return value.
And S4, analyzing the captured check data packet, extracting effective data information and executing a security policy, wherein the effective data information comprises an IP address, an account name and a return value.
And executing a security policy by the client through the acquired IP address, the account name and the return value, wherein the specific policy mode comprises the following steps:
when the IP address is detected to be in the IP blacklist, the IP address is refused to access the database through a kernel-level firewall of the IP address;
when the IP address is detected to be located in the IP white list, all login failure behaviors of the IP cannot be recorded;
when the IP address is not in a black and white list, actively recording an account name and a return value of a login database;
when the returned value is detected to be login failure, automatically creating a login failure record for the corresponding account of the remote IP, wherein the login failure record comprises an account name, login failure time and login failure times;
if the login failure times of the account corresponding to the remote IP do not exceed the account locking threshold value within the time range of the reset counter, clearing the login failure time records corresponding to the account;
if the number of times of login failure of the corresponding account of the remote IP exceeds an account locking threshold value within the time range of the reset counter, the client program automatically locks the IP address and refuses the network access of the IP address to the database; if the IP address is automatically unlocked, the IP address cannot be uploaded to a policy center, and the IP address is automatically unlocked after the locking time is up; if the IP address is manually unlocked, the IP address is uploaded to a policy center, and the IP is always in a locked state when the IP address is waited for being manually unlocked by an administrator;
if the IP is successfully logged in or successfully unlocked, automatically clearing a login failure counter related to the IP;
as will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (9)
1. A remote brute force-resistant cracking method based on database security is characterized by comprising the following steps:
s1, acquiring the information of the registered user and receiving the security policy of the system;
s2, detecting the current database environment and acquiring the information of the database access port;
s3, setting a black and white list of the IP address, and capturing an account number verification data packet between the remote IP address and the access port of the database;
and S4, analyzing the captured check data packet, extracting effective data information and executing a security policy, wherein the effective data information comprises an IP address, an account name and a return value.
2. The remote brute force prevention method based on database security according to claim 1, wherein the security policy comprises: a database account type, a database account lock threshold, a database account lock time, a database account reset counter count time, and an unlocking mode.
3. The remote brute force prevention method based on database security as claimed in claim 2, wherein the database account types include legal account and illegal account, wherein:
the legal account is an account which is positioned in the database user list;
an illegal account is an account that is not in the database user list.
4. The remote database security-based brute force prevention method of claim 3, wherein the database account locking threshold is an upper limit of the number of consecutive login failures of the legal account or the illegal account within the database account reset counter time.
5. The remote database security-based brute force prevention method of claim 4, wherein the database account locking time is a locking time after the remote IP address triggers the security policy and exceeds an account locking threshold.
6. The remote database security-based brute force prevention method as claimed in claim 5, wherein the database reset counter time triggers a security policy for the remote IP address and clears the time of the number of failed logins when the account locking threshold is not exceeded within a set time.
7. The remote anti-brute force method based on database security as claimed in claim 6, wherein the unlocking manner includes automatic unlocking and manual unlocking, wherein:
the automatic unlocking is automatic unlocking after the remote IP address locking exceeds the preset locking time of the database;
and manual unlocking refers to uploading the locked IP address to a policy center by a registered user, and manually unlocking.
8. The remote anti-brute force method based on database security as claimed in claim 7, wherein the verification data packet information includes IP address, account name and return value of the current login account.
9. The remote anti-brute force method based on database security as claimed in claim 8, wherein the method for executing security policy is:
when the IP address is detected to be in the IP blacklist, the IP address is refused to access the database through the firewall; when the IP address is detected to be located in the IP white list, all login failure behaviors of the IP cannot be recorded; when the IP address is not in the black and white list, recording the account name and the return value of the login database;
when the returned value is detected to be login failure, establishing a login failure record for a corresponding account of the remote IP, wherein the login failure record comprises an account name, login failure time and login failure times;
if the login failure times of the account corresponding to the remote IP do not exceed the account locking threshold value within the time range of the reset counter, clearing the login failure time records corresponding to the account;
if the number of times of login failure of the corresponding account of the remote IP exceeds an account locking threshold value within the time range of the reset counter, the client program automatically locks the IP address and refuses the network access of the IP address to the database;
and if the login is successful or the successful IP is unlocked, automatically clearing the login failure counter related to the IP.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011374132.2A CN112491897A (en) | 2020-11-30 | 2020-11-30 | Remote anti-brute force cracking method based on database security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011374132.2A CN112491897A (en) | 2020-11-30 | 2020-11-30 | Remote anti-brute force cracking method based on database security |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112491897A true CN112491897A (en) | 2021-03-12 |
Family
ID=74937303
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011374132.2A Pending CN112491897A (en) | 2020-11-30 | 2020-11-30 | Remote anti-brute force cracking method based on database security |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112491897A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104094269A (en) * | 2012-02-01 | 2014-10-08 | 微软公司 | Efficiently throttling user authentication |
| CN104821943A (en) * | 2015-04-27 | 2015-08-05 | 西北工业大学 | Method for enhancing security of access of Linux hosts to network system |
| CN107231346A (en) * | 2017-05-03 | 2017-10-03 | 北京海顿中科技术有限公司 | A kind of method of cloud platform identification |
| CN110012036A (en) * | 2019-05-21 | 2019-07-12 | 唯伊云(武汉)科技有限公司 | A kind of security protection system for industrial internet of things data acquisition layer terminal device |
| CN111125649A (en) * | 2019-10-31 | 2020-05-08 | 苏州浪潮智能科技有限公司 | Protection method and device for brute force cracking of remote desktop login |
| CN111245839A (en) * | 2020-01-13 | 2020-06-05 | 奇安信科技集团股份有限公司 | Violence cracking prevention method and device |
-
2020
- 2020-11-30 CN CN202011374132.2A patent/CN112491897A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104094269A (en) * | 2012-02-01 | 2014-10-08 | 微软公司 | Efficiently throttling user authentication |
| CN104821943A (en) * | 2015-04-27 | 2015-08-05 | 西北工业大学 | Method for enhancing security of access of Linux hosts to network system |
| CN107231346A (en) * | 2017-05-03 | 2017-10-03 | 北京海顿中科技术有限公司 | A kind of method of cloud platform identification |
| CN110012036A (en) * | 2019-05-21 | 2019-07-12 | 唯伊云(武汉)科技有限公司 | A kind of security protection system for industrial internet of things data acquisition layer terminal device |
| CN111125649A (en) * | 2019-10-31 | 2020-05-08 | 苏州浪潮智能科技有限公司 | Protection method and device for brute force cracking of remote desktop login |
| CN111245839A (en) * | 2020-01-13 | 2020-06-05 | 奇安信科技集团股份有限公司 | Violence cracking prevention method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108769073B (en) | Information processing method and device | |
| US7523499B2 (en) | Security attack detection and defense | |
| US8880893B2 (en) | Enterprise information asset protection through insider attack specification, monitoring and mitigation | |
| CN114598540B (en) | Access control system, method, device and storage medium | |
| US7673147B2 (en) | Real-time mitigation of data access insider intrusions | |
| CN111917714B (en) | Zero trust architecture system and use method thereof | |
| CN110233817B (en) | Container safety system based on cloud computing | |
| CN107231346A (en) | A kind of method of cloud platform identification | |
| US7032026B1 (en) | Method and apparatus to facilitate individual and global lockouts to network applications | |
| CN107147627A (en) | A kind of network safety protection method and system based on big data platform | |
| CN116708210A (en) | Operation and maintenance processing method and terminal equipment | |
| US10956543B2 (en) | System and method for protecting online resources against guided username guessing attacks | |
| CN111835782A (en) | Login protection method and device for network equipment, storage medium and processor | |
| CN116894259A (en) | Safety access control system of database | |
| KR101900494B1 (en) | Method and apparatus for detecting the steeling of identifier | |
| CN111125649A (en) | Protection method and device for brute force cracking of remote desktop login | |
| CN105897711A (en) | System for isolating industrial control system and management network | |
| CN112491897A (en) | Remote anti-brute force cracking method based on database security | |
| CN107231365B (en) | Evidence obtaining method, server and firewall | |
| JP2006277063A (en) | Hacking defence device and hacking defence program | |
| CN105912945A (en) | Safety reinforcing device and operation method of operating system | |
| CN113239349B (en) | Network security testing method for power monitoring system | |
| KR101765200B1 (en) | Apparatus and method for system security management | |
| CN111556024B (en) | Reverse access control system and method | |
| KR20100067383A (en) | Server security system and server security method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210312 |
|
| RJ01 | Rejection of invention patent application after publication |