CN112637240A - Method, system and readable storage medium for preventing protocol message from being tampered under mimicry environment - Google Patents
Method, system and readable storage medium for preventing protocol message from being tampered under mimicry environment Download PDFInfo
- Publication number
- CN112637240A CN112637240A CN202011627537.2A CN202011627537A CN112637240A CN 112637240 A CN112637240 A CN 112637240A CN 202011627537 A CN202011627537 A CN 202011627537A CN 112637240 A CN112637240 A CN 112637240A
- Authority
- CN
- China
- Prior art keywords
- protocol message
- encryption
- protocol
- module
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a method, a system and a readable storage medium for preventing protocol message from being tampered under a mimicry environment, wherein the method for preventing protocol message from being tampered under the mimicry environment comprises the following steps: before sending the protocol message, the on-line executive encrypts the protocol message; and the arbitration output device selects the protocol message ciphertext of one online executive as an arbitration result to perform decryption processing after arbitrating the protocol message ciphertexts of all online executors, and sends the decrypted protocol message to the service front panel port. The invention completes the encryption processing of the protocol message by introducing the message encryption module in the protocol process of the executive body, and simultaneously completes the decryption of the protocol message by introducing the protocol message recombination transmitter at the rear end of the arbitrator, thereby avoiding the tampering of the protocol message of the executive body by an external attacker and reducing the probability of mimicry escape.
Description
Technical Field
The invention relates to message receiving and sending in a mimicry environment, in particular to a method and a system for preventing protocol message from being tampered in the mimicry environment and a readable storage medium.
Background
The mimicry construction system is often composed of an input/output agent, a judgment module, a heterogeneous executive body and a feedback module; in the white box test, the controlled authority of the executive body needs to be opened, and in this case, the mimicry escape can be easily realized under the conditions of N-1 mode and N mode by sending the executive body simulation protocol message. How to prevent an attacker from tampering the protocol message under the condition that the executive body is controlled, and reduce the probability of mimicry escape, has important significance for enhancing the safety of the mimicry construction system.
In order to solve the above problems, people are always seeking an ideal technical solution.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, and provides a method, a system and a readable storage medium for preventing protocol messages from being tampered in a mimicry environment.
In order to achieve the purpose, the invention adopts the technical scheme that: a protocol message tamper-proofing method under a mimicry environment comprises the following steps:
before sending the protocol message, the on-line executive encrypts the protocol message;
and the arbitration output device selects the protocol message ciphertext of one online executive as an arbitration result to perform decryption processing after arbitrating the protocol message ciphertexts of all online executors, and sends the decrypted protocol message to the service front panel port.
Based on the above, the arbitration output means performs strategic encryption verification on the arbitration result before performing decryption processing on the arbitration result, and performs decryption processing on the arbitration result if the strategic encryption verification passes, otherwise, discards the arbitration result.
Based on the above, the same online executive body has multiple protocol processes, and each protocol process correspondingly processes one type of protocol packet.
Based on the above, the encryption processing includes a local encryption strategy, a whole encryption strategy or a mixed encryption strategy, and the plurality of online executors perform encryption processing by using the same encryption strategy.
The invention provides a system for preventing protocol message from being tampered under a mimicry environment, which comprises a plurality of online executors and an arbitration output device,
the online executive body comprises a protocol message processing module and an encryption module, wherein the protocol message processing module is used for executing a protocol process to analyze a protocol message; the encryption module is connected with the protocol message processing module and is used for encrypting the protocol message processed by the protocol message processing module and sending the encrypted protocol message to the arbitration output device;
the arbitration output device comprises an arbitrator and a protocol message recombination transmitter, wherein the arbitrator is respectively connected with the plurality of online executives and is used for receiving the protocol message ciphertexts output by the plurality of online executives and arbitrating and outputting the protocol message ciphertexts; and the protocol message recombination transmitter is used for receiving the protocol message ciphertext output by the arbitrator, decrypting the protocol message ciphertext and transmitting the decrypted protocol message ciphertext to a service front panel port.
Based on the above, the protocol message recombination transmitter comprises an encryption verification module, a decryption module and a transmission module,
the encryption verification module is respectively connected with the arbitrator and the decryption module and is used for performing strategic encryption verification on the protocol message ciphertext after receiving the protocol message ciphertext and sending the protocol message ciphertext to the decryption module after the strategic encryption verification is passed;
the decryption module is used for decrypting the protocol message ciphertext;
and the sending module is used for sending the protocol message obtained after decryption processing to a service front panel port.
Based on the above, the online execution body includes a plurality of protocol packet processing modules, each protocol packet processing module is configured to execute one protocol process, and different protocol packet processing modules correspond to different protocol processes.
Based on the above, the encryption module includes a local encryption unit and/or a whole encryption unit, where the local encryption unit is used to extract a key field in a protocol message for encryption processing; the whole encryption unit is used for encrypting the whole protocol message.
Based on the above, the encryption modules of the plurality of online executives have the same encryption policy.
The invention also provides a computer-readable storage medium, wherein the computer-readable storage medium stores computer-executable instructions, and when the computer-executable instructions are executed by a processor, the protocol message tamper-proofing method under the mimicry environment is provided.
Compared with the prior art, the method has outstanding substantive characteristics and remarkable progress, and particularly, the method has the advantages that a 'message encryption module' is introduced into the protocol process of the execution body to complete the encryption processing of the protocol message, meanwhile, a 'protocol message recombination transmitter' is introduced into the rear end of the arbitrator to complete the decryption of the protocol message, and then the protocol message is sent to the port of the service front panel, so that the tampering of the protocol message of the execution body by an external attacker is avoided, the probability of mimicry escape is reduced, and the method has important significance for enhancing the safety of the mimicry construction system.
Drawings
FIG. 1 is a schematic flow chart of example 1 of the present invention.
Fig. 2 is a schematic block diagram of embodiment 2 of the present invention.
Detailed Description
The technical solution of the present invention is further described in detail by the following embodiments.
Example 1
As shown in fig. 1, this embodiment provides a method for preventing a protocol packet from being tampered in a mimicry environment, which includes the following steps:
before sending the protocol message, the on-line executive encrypts the protocol message;
and the arbitration output device selects the protocol message ciphertext of one online executive as an arbitration result to perform decryption processing after arbitrating the protocol message ciphertexts of all online executors, and sends the decrypted protocol message to the service front panel port.
In the embodiment, the 'message encryption module' is introduced into the protocol process of the executive body to complete the encryption processing of the protocol message, meanwhile, the 'protocol message recombination transmitter' is introduced into the rear end of the arbitrator to complete the decryption of the protocol message, and then the protocol message is sent to the service front panel port, so that the tampering of the protocol message of the executive body by an external attacker is avoided, the probability of mimicry escape is reduced, and the method has important significance for enhancing the safety of the mimicry construction system.
In a specific implementation process, the arbitration output device performs strategic encryption verification on the arbitration result before performing decryption processing on the arbitration result, and performs decryption processing on the arbitration result if the strategic encryption verification passes, otherwise, discards the arbitration result. The strategic encryption verification can determine whether the encrypted data message is encrypted according to some characteristics of the encrypted data message, such as data length, data arrangement mode, or some specific positions of the message. For example, with DES encryption, the length of the encrypted data packet is 64 bits, and if the length of the received data packet is less than 64 bits, it is obvious that there is no encrypted data.
It can be understood that, in the present application, since the decrypted protocol packet is provided to the front panel port of the external service, the attacker cannot know that the encryption processing still exists in the online executor; therefore, when an attacker attacks, the online executive sends out a normal protocol message which can only be not encrypted; if the attacker differential mode attacks the executive body, if only one executive body is attacked, the arbitrator can easily identify the attacked executive body according to the arbitration strategy; if the attacker has N-1 mode and N mode attacks, the output judgment result after judgment is sent to the protocol message recombination sender, and the protocol message recombination sender firstly carries out strategic encryption verification on the message and finds that the message does not have a strategic encryption condition, so that the message is discarded, and the probability of mimicry escape is reduced.
In a specific implementation process, the encryption processing includes a local encryption strategy, a whole encryption strategy or a mixed encryption strategy, and a plurality of online executors perform encryption processing by using the same encryption strategy.
The local encryption strategy is as follows: extracting key fields (protocol version number, protocol type, protocol identifier and payload) in the protocol message, and selecting an encryption range; for example, for an STP protocol message, the BPDU data in the protocol message is encrypted; for OSPF message, encrypting TYPE field in message;
the encryption algorithm may employ an asymmetric encryption algorithm or a custom encryption algorithm.
The method for partially encrypting the message by adopting the local encryption strategy can quickly finish the encryption processing of the message and cannot completely hide the attribute of the message.
The whole encryption strategy is as follows: the whole protocol message is used as a whole to be encrypted, and the encrypted data is sent to the arbitrator in a UDP (user datagram protocol) form;
the encryption algorithm may employ an asymmetric encryption algorithm or a custom encryption algorithm.
The method for integrally encrypting the message by adopting the integral encryption strategy completely hides the attribute of the message, and simultaneously, as the method for processing the whole number is adopted, the performance of the system can be influenced when the number of the protocol messages is large.
The hybrid encryption strategy is as follows: the protocol messages are classified, a local encryption method is adopted for some messages, and a global encryption method is adopted for some messages.
For example, an OSPF protocol message (1: a Hello message, 2: a DD message, 3: an LSR message, 4: an LSU message, and 5: an LSAck message) is processed by adopting a local encryption method, and other types of messages are processed by adopting a complete encryption method.
In order to ensure the consistency of the protocol message output of each online executive, each online executive should adopt the same encryption strategy to process the protocol message. Similarly, the protocol message reassembly transmitter performs decryption processing by using the same encryption strategy.
Before use, the various on-line executive protocols and protocol packet reassembly transmitters may be informed by the scheduler of what encryption strategy to employ.
Example 2
The embodiment provides a system for preventing protocol message from being tampered in a mimicry environment, which comprises a plurality of online executors and an arbitration output device, wherein each online executer comprises a protocol message processing module and an encryption module, and the protocol message processing module is used for executing a protocol process to analyze a protocol message; preferably, specifically, the online execution body includes a plurality of protocol packet processing modules, each protocol packet processing module is configured to execute one protocol process, and different protocol packet processing modules correspond to different protocol processes.
The encryption module is connected with the protocol message processing module and is used for encrypting the protocol message processed by the protocol message processing module and sending the encrypted protocol message to the arbitration output device; preferably, the encryption module includes a local encryption unit and/or a whole encryption unit, and the local encryption unit is configured to extract a key field in the protocol message for encryption processing; the whole encryption unit is used for encrypting the whole protocol message; and the encryption modules of the multiple online executives have the same encryption policy.
In a specific implementation process, the encryption processing includes a local encryption strategy, a whole encryption strategy or a mixed encryption strategy, and a plurality of online executors perform encryption processing by using the same encryption strategy.
The local encryption strategy is as follows: extracting key fields (protocol version number, protocol type, protocol identifier and payload) in the protocol message, and selecting an encryption range; for example, for an STP protocol message, the BPDU data in the protocol message is encrypted; for OSPF message, encrypting TYPE field in message;
the encryption algorithm may employ an asymmetric encryption algorithm or a custom encryption algorithm.
The method for partially encrypting the message by adopting the local encryption strategy can quickly finish the encryption processing of the message and cannot completely hide the attribute of the message.
The whole encryption strategy is as follows: the whole protocol message is used as a whole to be encrypted, and the encrypted data is sent to the arbitrator in a UDP (user datagram protocol) form;
the encryption algorithm may employ an asymmetric encryption algorithm or a custom encryption algorithm.
The method for integrally encrypting the message by adopting the integral encryption strategy completely hides the attribute of the message, and simultaneously, as the method for processing the whole number is adopted, the performance of the system can be influenced when the number of the protocol messages is large.
The hybrid encryption strategy is as follows: the protocol messages are classified, a local encryption method is adopted for some messages, and a global encryption method is adopted for some messages.
For example, an OSPF protocol message (1: a Hello message, 2: a DD message, 3: an LSR message, 4: an LSU message, and 5: an LSAck message) is processed by adopting a local encryption method, and other types of messages are processed by adopting a complete encryption method.
The arbitration output device comprises an arbitrator and a protocol message recombination transmitter, wherein the arbitrator is respectively connected with the plurality of online executives and is used for receiving the protocol message ciphertexts output by the plurality of online executives and arbitrating and outputting the protocol message ciphertexts; and the protocol message recombination transmitter is used for receiving the protocol message ciphertext output by the arbitrator, decrypting the protocol message ciphertext and transmitting the decrypted protocol message ciphertext to a service front panel port.
In order to ensure the consistency of the protocol message output of each online executive, each online executive should adopt the same encryption strategy to process the protocol message.
Specifically, the protocol message recombination transmitter comprises an encryption verification module, a decryption module and a transmission module,
the encryption verification module is respectively connected with the arbitrator and the decryption module and is used for performing strategic encryption verification on the protocol message ciphertext after receiving the protocol message ciphertext and sending the protocol message ciphertext to the decryption module after the strategic encryption verification is passed;
the decryption module is used for decrypting the protocol message ciphertext; similarly, the decryption module performs decryption processing by using the same encryption strategy as the encryption module.
And the sending module is used for sending the protocol message obtained after decryption processing to a service front panel port.
In the traditional white box test, the controlled authority of an executive body needs to be opened, and in this case, the mimicry escape can be easily realized under the conditions of an N-1 model and an N model by sending an executive body simulation protocol message. In the application, because the decrypted protocol message is provided for the front panel port of the external service, an attacker cannot know that the encryption processing step still exists in the online executive body; therefore, when an attacker attacks, the online executive sends out a normal protocol message which can only be not encrypted; if the attacker differential mode attacks the executive body, if only one executive body is attacked, the arbitrator can easily identify the attacked executive body according to the arbitration strategy; if the attacker has N-1 mode and N mode attacks, the output judgment result after judgment is sent to the protocol message recombination sender, and the protocol message recombination sender firstly carries out strategic encryption verification on the message and finds that the message does not have a strategic encryption condition, so that the message is discarded, and the probability of mimicry escape is reduced.
Example 3
The embodiment also provides a computer-readable storage medium, where computer-executable instructions are stored in the computer-readable storage medium, and when the computer-executable instructions are executed by a processor, the method for preventing the protocol packet from being tampered in the mimicry environment according to embodiment 1 is executed.
Those of ordinary skill in the art will appreciate that the various illustrative elements and method steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
Each functional unit in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated modules may also be stored in a computer-readable storage medium if implemented in the form of software functional units and sold or used as separate products. Based on such understanding, all or part of the flow in the method of the embodiments described above may be implemented by a computer program, which may be stored in a computer-readable storage medium and can implement the steps of the embodiments of the methods described above when the computer program is executed by a processor. The computer program includes computer program code, and the computer program code may be in a source code form, an object code form, an executable file or some intermediate form.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (10)
1. A protocol message tamper-proofing method under a mimicry environment is characterized by comprising the following steps:
before sending the protocol message, the on-line executive carries out encryption processing on the protocol message;
and the arbitration output device selects the protocol message ciphertext of one online executive as an arbitration result to perform decryption processing after arbitrating the protocol message ciphertexts of all online executors, and sends the decrypted protocol message to the service front panel port.
2. The method for preventing the protocol message from being tampered under the mimicry environment according to claim 1, wherein: and the judgment output device carries out strategic encryption verification on the judgment result before carrying out decryption processing on the judgment result, carries out decryption processing on the judgment result if the strategic encryption verification is passed, and discards the judgment result if the strategic encryption verification is not passed.
3. The method for preventing the protocol message from being tampered under the mimicry environment according to claim 1, wherein: the same online executive body is provided with a plurality of protocol processes, and each protocol process correspondingly processes one type of protocol message.
4. The method for preventing the protocol message from being tampered under the mimicry environment according to claim 1, wherein: the encryption processing comprises a local encryption strategy, an overall encryption strategy or a mixed encryption strategy, and a plurality of online executors adopt the same encryption strategy for encryption processing.
5. A protocol message tamper-proofing system under a mimicry environment is characterized in that: comprises a plurality of online executives and a resolution output device,
the online executive body comprises a protocol message processing module and an encryption module, wherein the protocol message processing module is used for executing a protocol process to analyze a protocol message; the encryption module is connected with the protocol message processing module and is used for encrypting the protocol message processed by the protocol message processing module and sending the encrypted protocol message to the arbitration output device;
the arbitration output device comprises an arbitrator and a protocol message recombination transmitter, wherein the arbitrator is respectively connected with the plurality of online executives and is used for receiving the protocol message ciphertexts output by the plurality of online executives and arbitrating and outputting the protocol message ciphertexts; and the protocol message recombination transmitter is used for receiving the protocol message ciphertext output by the arbitrator, decrypting the protocol message ciphertext and transmitting the decrypted protocol message ciphertext to a service front panel port.
6. The system according to claim 5, wherein the protocol message is tamper-proof under the mimicry environment, and comprises: the protocol message recombination transmitter comprises an encryption verification module, a decryption module and a transmission module,
the encryption verification module is respectively connected with the arbitrator and the decryption module and is used for performing strategic encryption verification on the protocol message ciphertext after receiving the protocol message ciphertext and sending the protocol message ciphertext to the decryption module after the strategic encryption verification is passed;
the decryption module is used for decrypting the protocol message ciphertext;
and the sending module is used for sending the protocol message obtained after decryption processing to a service front panel port.
7. The system according to claim 5, wherein the protocol message is tamper-proof under the mimicry environment, and comprises: the online executive body comprises a plurality of protocol message processing modules, each protocol message processing module is used for executing one protocol process, and different protocol message processing modules correspond to different protocol processes.
8. The system according to claim 5, wherein the protocol message is tamper-proof under the mimicry environment, and comprises: the encryption module comprises a local encryption unit and/or a whole encryption unit, and the local encryption unit is used for extracting key fields in the protocol message to carry out encryption processing; the whole encryption unit is used for encrypting the whole protocol message.
9. The system according to claim 5, wherein the protocol message is tamper-proof under the mimicry environment, and comprises: the encryption modules of multiple online executives have the same encryption policy.
10. A computer-readable storage medium having computer-executable instructions stored therein, the computer-readable storage medium characterized in that: the computer-executable instructions, when executed by a processor, implement the protocol message tamper-proofing method under the mimicry environment of any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011627537.2A CN112637240B (en) | 2020-12-31 | 2020-12-31 | Protocol message tamper-proof method and system under mimicry environment and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011627537.2A CN112637240B (en) | 2020-12-31 | 2020-12-31 | Protocol message tamper-proof method and system under mimicry environment and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112637240A true CN112637240A (en) | 2021-04-09 |
| CN112637240B CN112637240B (en) | 2023-09-12 |
Family
ID=75290241
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011627537.2A Active CN112637240B (en) | 2020-12-31 | 2020-12-31 | Protocol message tamper-proof method and system under mimicry environment and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112637240B (en) |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040117620A1 (en) * | 2002-12-12 | 2004-06-17 | Rothrock Lewis V. | Method of defending software from debugger attacks |
| CN1954538A (en) * | 2004-05-12 | 2007-04-25 | 艾利森电话股份有限公司 | Key management messages for secure broadcast |
| CN101106451A (en) * | 2007-08-17 | 2008-01-16 | 杭州华三通信技术有限公司 | A data transmission method and device |
| CN101299665A (en) * | 2008-05-19 | 2008-11-05 | 华为技术有限公司 | Message processing method, system and apparatus |
| CN102316108A (en) * | 2011-09-09 | 2012-01-11 | 周伯生 | Device for establishing network isolated channel and method thereof |
| CN106874755A (en) * | 2017-01-22 | 2017-06-20 | 中国人民解放军信息工程大学 | The consistent escape error processing apparatus of majority and its method based on mimicry Prevention-Security zero-day attacks |
| CN107294933A (en) * | 2016-04-11 | 2017-10-24 | 范浪波 | Wearable telecommunication equipment and system independent of Server Security |
| CN109936576A (en) * | 2019-03-12 | 2019-06-25 | 国网新疆电力有限公司电力科学研究院 | A kind of vulnerability mining device |
| WO2019137554A1 (en) * | 2018-01-15 | 2019-07-18 | 中兴通讯股份有限公司 | Method and device for ensuring operation security of ring network protocol |
| CN110177080A (en) * | 2019-04-18 | 2019-08-27 | 中国人民解放军战略支援部队信息工程大学 | Mimicry interchanger, the network equipment and system |
| CN110750802A (en) * | 2019-10-14 | 2020-02-04 | 创元网络技术股份有限公司 | Framework for protecting key data based on mimicry defense |
| CN110995409A (en) * | 2020-02-27 | 2020-04-10 | 南京红阵网络安全技术研究院有限公司 | Mimicry defense arbitration method and system based on partial homomorphic encryption algorithm |
| CN111310245A (en) * | 2020-03-05 | 2020-06-19 | 之江实验室 | Data encryption storage method for mimicry defense system |
| CN111475831A (en) * | 2020-06-22 | 2020-07-31 | 南京红阵网络安全技术研究院有限公司 | Data access control method and system based on mimicry defense |
-
2020
- 2020-12-31 CN CN202011627537.2A patent/CN112637240B/en active Active
Patent Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040117620A1 (en) * | 2002-12-12 | 2004-06-17 | Rothrock Lewis V. | Method of defending software from debugger attacks |
| CN1954538A (en) * | 2004-05-12 | 2007-04-25 | 艾利森电话股份有限公司 | Key management messages for secure broadcast |
| CN101106451A (en) * | 2007-08-17 | 2008-01-16 | 杭州华三通信技术有限公司 | A data transmission method and device |
| CN101299665A (en) * | 2008-05-19 | 2008-11-05 | 华为技术有限公司 | Message processing method, system and apparatus |
| CN102316108A (en) * | 2011-09-09 | 2012-01-11 | 周伯生 | Device for establishing network isolated channel and method thereof |
| CN107294933A (en) * | 2016-04-11 | 2017-10-24 | 范浪波 | Wearable telecommunication equipment and system independent of Server Security |
| CN106874755A (en) * | 2017-01-22 | 2017-06-20 | 中国人民解放军信息工程大学 | The consistent escape error processing apparatus of majority and its method based on mimicry Prevention-Security zero-day attacks |
| WO2019137554A1 (en) * | 2018-01-15 | 2019-07-18 | 中兴通讯股份有限公司 | Method and device for ensuring operation security of ring network protocol |
| CN110048986A (en) * | 2018-01-15 | 2019-07-23 | 中兴通讯股份有限公司 | A kind of method and device guaranteeing looped network agreement operational safety |
| CN109936576A (en) * | 2019-03-12 | 2019-06-25 | 国网新疆电力有限公司电力科学研究院 | A kind of vulnerability mining device |
| CN110177080A (en) * | 2019-04-18 | 2019-08-27 | 中国人民解放军战略支援部队信息工程大学 | Mimicry interchanger, the network equipment and system |
| CN110750802A (en) * | 2019-10-14 | 2020-02-04 | 创元网络技术股份有限公司 | Framework for protecting key data based on mimicry defense |
| CN110995409A (en) * | 2020-02-27 | 2020-04-10 | 南京红阵网络安全技术研究院有限公司 | Mimicry defense arbitration method and system based on partial homomorphic encryption algorithm |
| CN111310245A (en) * | 2020-03-05 | 2020-06-19 | 之江实验室 | Data encryption storage method for mimicry defense system |
| CN111475831A (en) * | 2020-06-22 | 2020-07-31 | 南京红阵网络安全技术研究院有限公司 | Data access control method and system based on mimicry defense |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112637240B (en) | 2023-09-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Fan et al. | Spabox: Safeguarding privacy during deep packet inspection at a middlebox | |
| CN110719159A (en) | Multi-party privacy set intersection method for resisting malicious enemies | |
| JP2014204444A (en) | Method and device for detecting manipulation of sensor and/or sensor data of the sensor | |
| Coretti et al. | Constructing confidential channels from authenticated channels—public-key encryption revisited | |
| WO2018017566A1 (en) | Hash-chain based sender identification scheme | |
| KR101608815B1 (en) | Method and system for providing service encryption in closed type network | |
| Lauser et al. | Security analysis of automotive protocols | |
| Woodage et al. | An analysis of NIST SP 800-90A | |
| CN103428204A (en) | Data security implementation method capable of resisting timing attacks and devices | |
| Okello et al. | A survey of the current state of lightweight cryptography for the Internet of things | |
| CN114124364B (en) | Key security processing method, device, equipment and computer readable storage medium | |
| Maimut et al. | Authenticated encryption: Toward next-generation algorithms | |
| Mewada et al. | Exploration of efficient symmetric algorithms | |
| Kornaros et al. | Trustnet: ensuring normal-world and trusted-world can-bus networking | |
| Paterson et al. | Plaintext-dependent decryption: A formal security treatment of SSH-CTR | |
| Mohamed | New Frontiers in Cryptography: Quantum, Blockchain, Lightweight, Chaotic and DNA | |
| Yoshikawa et al. | Secure in-vehicle systems against Trojan attacks | |
| CN112637240B (en) | Protocol message tamper-proof method and system under mimicry environment and readable storage medium | |
| CN115396228A (en) | Heterogeneous message transmission method, device, equipment and storage medium | |
| Gagné et al. | Automated security proofs for almost-universal hash for mac verification | |
| Sabt et al. | Cryptanalysis of globalplatform secure channel protocols | |
| Baldanzi et al. | Analysis of cybersecurity weakness in automotive in-vehicle networking and hardware accelerators for real-time cryptography | |
| Jiang et al. | Practical algorithm substitution attacks on real-world public-key cryptosystems | |
| CN112765686A (en) | Power consumption attack prevention framework and method for algorithm key in chip | |
| KR20220018113A (en) | In-vehicle communication system based on edge computing using attribute-based access control and method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |