CN112637240B - Protocol message tamper-proof method and system under mimicry environment and readable storage medium - Google Patents
Protocol message tamper-proof method and system under mimicry environment and readable storage medium Download PDFInfo
- Publication number
- CN112637240B CN112637240B CN202011627537.2A CN202011627537A CN112637240B CN 112637240 B CN112637240 B CN 112637240B CN 202011627537 A CN202011627537 A CN 202011627537A CN 112637240 B CN112637240 B CN 112637240B
- Authority
- CN
- China
- Prior art keywords
- protocol message
- encryption
- protocol
- message
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a protocol message tamper-proof method and system under a mimicry environment and a readable storage medium, wherein the protocol message tamper-proof method under the mimicry environment comprises the following steps: the on-line executive body encrypts the protocol message before sending the protocol message; and after judging the protocol message ciphertext of all the online executors, the judging output device selects one online executor as a judging result to decrypt and send the decrypted protocol message to the front panel port of the service. According to the application, the encryption processing of the protocol message is finished by introducing the message encryption module into the protocol process of the executive body, and meanwhile, the decryption of the protocol message is finished by introducing the protocol message reorganization transmitter into the rear end of the arbitrator, so that the falsification of the executive body protocol message by an external attacker is avoided, and the probability of the occurrence of mimicry escape is reduced.
Description
Technical Field
The application relates to message receiving and transmitting in a mimicry environment, in particular to a protocol message tamper-proof method, a system and a readable storage medium in the mimicry environment.
Background
The mimicry construction system is often composed of an input/output agent, an arbitration module, a heterogeneous execution body and a feedback module; in the white box test, the controlled authority of the executive body needs to be opened, in this case, the simulation escape is easily realized under the conditions of N-1 mode and N mode by sending the executive body simulation protocol message. How to prevent an attacker from tampering with a protocol message under the condition that an executing body is controlled, reduces the probability of the occurrence of mimicry escape, and has important significance for enhancing the security of a mimicry construction system.
In order to solve the above problems, an ideal technical solution is always sought.
Disclosure of Invention
The application aims at overcoming the defects of the prior art, and provides a protocol message tamper-proof method, a system and a readable storage medium under a mimicry environment.
In order to achieve the above purpose, the technical scheme adopted by the application is as follows: a protocol message tamper-proof method under a mimicry environment comprises the following steps:
the on-line executive body encrypts the protocol message before sending the protocol message;
and after judging the protocol message ciphertext of all the online executors, the judging output device selects one online executor as a judging result to decrypt and send the decrypted protocol message to the front panel port of the service.
Based on the above, the arbitration output device performs strategic encryption verification on the arbitration result before performing decryption processing on the arbitration result, if the strategic encryption verification is passed, the decryption processing is performed on the arbitration result, otherwise, the arbitration result is discarded.
Based on the above, the same online executive has a plurality of protocol processes, and each protocol process correspondingly processes one type of protocol message.
Based on the above, the encryption process includes a local encryption policy, a global encryption policy, or a hybrid encryption policy, and multiple online executors use the same encryption policy to perform the encryption process.
The application provides a protocol message tamper-proof system under a mimicry environment, which comprises a plurality of online executors and a arbitration output device,
the online execution body comprises a protocol message processing module and an encryption module, wherein the protocol message processing module is used for executing a protocol process to analyze a protocol message; the encryption module is connected with the protocol message processing module, and is used for carrying out encryption processing on the protocol message processed by the protocol message processing module and sending the encrypted message to the arbitration output device;
the arbitrating output device comprises an arbitrator and a protocol message reorganizing transmitter, and the arbitrator is respectively connected with the plurality of on-line executors and is used for receiving the protocol message ciphertext output by the plurality of on-line executors for arbitrating and outputting; the protocol message reorganizing transmitter is configured to receive the protocol message Wen Miwen outputted by the arbitrator, decrypt the protocol message ciphertext, and send the decrypted protocol message ciphertext to a service front panel port.
Based on the above, the protocol message reorganizing transmitter comprises an encryption verification module, a decryption module and a transmitting module,
the encryption verification module is respectively connected with the arbiter and the decryption module and is used for carrying out strategic encryption verification on the protocol message ciphertext after receiving the protocol message ciphertext and sending the protocol message ciphertext to the decryption module after the strategic encryption verification is passed;
the decryption module is used for decrypting the protocol message ciphertext;
the sending module is used for sending the protocol message obtained after decryption processing to the service front panel port.
Based on the above, the online executive body includes a plurality of protocol message processing modules, each protocol message processing module is used for executing one protocol process, and different protocol message processing modules correspond to different protocol processes.
Based on the above, the encryption module includes a local encryption unit and/or a global encryption unit, where the local encryption unit is configured to extract key fields in a protocol packet to perform encryption processing; the whole encryption unit is used for encrypting the whole protocol message.
Based on the above, the encryption modules of the multiple online executives have the same encryption policy.
The application also provides a computer readable storage medium, wherein the computer readable storage medium stores computer executable instructions, and when the computer executable instructions are executed by a processor, the protocol message tamper-proof method under the mimicry environment is provided.
Compared with the prior art, the application has outstanding substantive characteristics and remarkable progress, in particular, the application finishes the encryption processing of the protocol message by introducing a message encryption module in the protocol process of an executive body, simultaneously finishes the decryption of the protocol message by introducing a protocol message reorganization transmitter at the rear end of a arbitrator, and then sends the protocol message to a service front panel port, thereby avoiding the falsification of the executive body protocol message by an external attacker, reducing the probability of the occurrence of mimicry escape and having great significance for enhancing the security of a mimicry construction system.
Drawings
Fig. 1 is a schematic flow chart of embodiment 1 of the present application.
Fig. 2 is a schematic block diagram of embodiment 2 of the present application.
Detailed Description
The technical scheme of the application is further described in detail through the following specific embodiments.
Example 1
As shown in fig. 1, the embodiment provides a protocol message tamper-proof method in a mimicry environment, which includes the following steps:
the on-line executive body encrypts the protocol message before sending the protocol message;
and after judging the protocol message ciphertext of all the online executors, the judging output device selects one online executor as a judging result to decrypt and send the decrypted protocol message to the front panel port of the service.
According to the embodiment, the encryption processing of the protocol message is finished by introducing the message encryption module into the protocol process of the executive body, meanwhile, the decryption of the protocol message is finished by introducing the protocol message reorganizing transmitter into the rear end of the arbitrator, and then the protocol message is transmitted to the port of the service front panel, so that the falsification of the executive body protocol message by an external attacker is avoided, the probability of the occurrence of mimicry escape is reduced, and the method has an important meaning for enhancing the security of a mimicry construction system.
In the implementation process, before decrypting the arbitration result, the arbitration output device performs strategic encryption verification on the arbitration result, if the strategic encryption verification is passed, the arbitration result is decrypted, otherwise, the arbitration result is abandoned. The strategic encryption verification can determine whether the encrypted data message is encrypted according to some characteristics of the encrypted data message, such as data length, data arrangement mode or some specific positions of the message. For example, with DES encryption, the encrypted data message is 64 bits long, and if the received data message is less than 64 bits long, it is obvious that the encrypted data is not available.
It can be understood that in the present application, since the decrypted protocol message is provided to the front panel port of the outbound service, the attacker cannot know that the encryption processing exists in the online executive body; when an attacker attacks, the online executive body sends out a normal protocol message which can only be not encrypted; if an attacker differentially attacks an executable, for example, only attacks one executable, the arbitrator can easily identify the attacked executable according to the arbitrating strategy; if the attacker has N-1 mode and N mode attack, the arbitrated result output after the arbitration is sent to the protocol message reorganization sender, and the protocol message reorganization sender carries out strategic encryption verification on the message first, and discovers that the message does not have the strategic encryption condition, so that the message is discarded, and the probability of mimicry escape is reduced.
In a specific implementation process, the encryption processing comprises a local encryption strategy, a whole encryption strategy or a mixed encryption strategy, and a plurality of online executors adopt the same encryption strategy to carry out the encryption processing.
The partial encryption policy: extracting key fields (protocol version number, protocol type, protocol identification and payload) in the protocol message, and selecting an encryption range; for example, for STP protocol message, encrypting the BPDU data in the protocol message; for an OSPF message, encrypting a TYPE field in the message;
the encryption algorithm may employ an asymmetric encryption algorithm or a custom encryption algorithm.
The method for carrying out local encryption on the message by adopting the local encryption strategy can quickly complete the encryption processing of the message and can not completely hide the attribute of the message.
The overall encryption policy: the whole protocol message is used as a whole to be encrypted, and encrypted data is sent to a resolver in a UDP mode;
the encryption algorithm may employ an asymmetric encryption algorithm or a custom encryption algorithm.
The method for carrying out integral encryption on the message by adopting the integral encryption strategy completely conceals the attribute of the message, and meanwhile, when the number of protocol messages is large, the performance of the system is affected by adopting the full processing method.
The hybrid encryption strategy: the protocol messages are classified, local encryption is adopted for some messages, and global encryption is adopted for some messages.
For example, OSPF protocol message (1:Hello message; 2:DD message; 3:LSR message; 4:LSU message; 5:LSAck message) is processed by adopting local encryption method to Hello and DD messages, and other types of messages are processed by adopting total encryption method.
In order to ensure the consistency of the protocol message output of each online executive body, each online executive body should adopt the same encryption strategy to process the protocol message. And similarly, the protocol message reorganizing transmitter adopts the same encryption strategy to carry out decryption processing.
Before use, each online executive body protocol and what encryption policy the protocol message reorganization sender employs can be notified by the scheduler.
Example 2
The embodiment provides a protocol message tamper-proof system under a mimicry environment, which comprises a plurality of online executors and a judging output device, wherein each online executor comprises a protocol message processing module and an encryption module, and the protocol message processing module is used for executing a protocol process to analyze a protocol message; preferably, the online execution body includes a plurality of protocol message processing modules, each protocol message processing module is configured to execute one protocol process, and different protocol message processing modules correspond to different protocol processes.
The encryption module is connected with the protocol message processing module, and is used for carrying out encryption processing on the protocol message processed by the protocol message processing module and sending the encrypted message to the arbitration output device; preferably, the encryption module comprises a local encryption unit and/or a global encryption unit, and the local encryption unit is used for extracting key fields in the protocol message to carry out encryption processing; the whole encryption unit is used for encrypting the whole protocol message; and the encryption modules of the online executives have the same encryption strategy.
In a specific implementation process, the encryption processing comprises a local encryption strategy, a whole encryption strategy or a mixed encryption strategy, and a plurality of online executors adopt the same encryption strategy to carry out the encryption processing.
The partial encryption policy: extracting key fields (protocol version number, protocol type, protocol identification and payload) in the protocol message, and selecting an encryption range; for example, for STP protocol message, encrypting the BPDU data in the protocol message; for an OSPF message, encrypting a TYPE field in the message;
the encryption algorithm may employ an asymmetric encryption algorithm or a custom encryption algorithm.
The method for carrying out local encryption on the message by adopting the local encryption strategy can quickly complete the encryption processing of the message and can not completely hide the attribute of the message.
The overall encryption policy: the whole protocol message is used as a whole to be encrypted, and encrypted data is sent to a resolver in a UDP mode;
the encryption algorithm may employ an asymmetric encryption algorithm or a custom encryption algorithm.
The method for carrying out integral encryption on the message by adopting the integral encryption strategy completely conceals the attribute of the message, and meanwhile, when the number of protocol messages is large, the performance of the system is affected by adopting the full processing method.
The hybrid encryption strategy: the protocol messages are classified, local encryption is adopted for some messages, and global encryption is adopted for some messages.
For example, OSPF protocol message (1:Hello message; 2:DD message; 3:LSR message; 4:LSU message; 5:LSAck message) is processed by adopting local encryption method to Hello and DD messages, and other types of messages are processed by adopting total encryption method.
The arbitrating output device comprises an arbitrator and a protocol message reorganizing transmitter, and the arbitrator is respectively connected with the plurality of on-line executors and is used for receiving the protocol message ciphertext output by the plurality of on-line executors for arbitrating and outputting; the protocol message reorganizing transmitter is configured to receive the protocol message Wen Miwen outputted by the arbitrator, decrypt the protocol message ciphertext, and send the decrypted protocol message ciphertext to a service front panel port.
In order to ensure the consistency of the protocol message output of each online executive body, each online executive body should adopt the same encryption strategy to process the protocol message.
Specifically, the protocol message reorganizing transmitter comprises an encryption verification module, a decryption module and a transmitting module,
the encryption verification module is respectively connected with the arbiter and the decryption module and is used for carrying out strategic encryption verification on the protocol message ciphertext after receiving the protocol message ciphertext and sending the protocol message ciphertext to the decryption module after the strategic encryption verification is passed;
the decryption module is used for decrypting the protocol message ciphertext; and similarly, the decryption module adopts the same encryption strategy as the encryption module to carry out decryption processing.
The sending module is used for sending the protocol message obtained after decryption processing to the service front panel port.
In the conventional white box test, the controlled authority of the executing body needs to be opened, in this case, by sending the executing body simulation protocol message, the mimicry escape is easily realized under the conditions of the N-1 mode and the N mode. In the application, because the decrypted protocol message is provided for the front panel port of the outward service, an attacker cannot know the encryption processing step in the online executive body; when an attacker attacks, the online executive body sends out a normal protocol message which can only be not encrypted; if an attacker differentially attacks an executable, for example, only attacks one executable, the arbitrator can easily identify the attacked executable according to the arbitrating strategy; if the attacker has N-1 mode and N mode attack, the arbitrated result output after the arbitration is sent to the protocol message reorganization sender, and the protocol message reorganization sender carries out strategic encryption verification on the message first, and discovers that the message does not have the strategic encryption condition, so that the message is discarded, and the probability of mimicry escape is reduced.
Example 3
The present embodiment further provides a computer readable storage medium, where computer executable instructions are stored, where when the computer executable instructions are executed by a processor, the method for tamper-proofing a protocol packet in a mimicry environment described in embodiment 1 is executed.
Those of ordinary skill in the art will appreciate that the elements and method steps of the examples described in connection with the embodiments disclosed herein can be implemented as electronic hardware, or as a combination of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The functional units in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated modules described above may also be stored in a computer readable storage medium if implemented in the form of software functional units and sold or used as a stand alone product. Based on such understanding, the present application may implement all or part of the flow of the method of the above embodiment, or may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and when the computer program is executed by a processor, the steps of each method embodiment may be implemented. The computer program comprises computer program code, and the computer program code can be in a source code form, an object code form, an executable file or some intermediate form and the like.
The foregoing is merely illustrative of the present application, and the present application is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (7)
1. The protocol message tamper-proof method under the mimicry environment is characterized by comprising the following steps:
the on-line executive body encrypts the protocol message before sending the protocol message;
after judging the protocol message ciphertext of all online executors, the judging output device selects one online executor as a judging result to decrypt and send the decrypted protocol message to a service front panel port;
before decrypting the arbitration result, the arbitration output device performs strategic encryption verification on the arbitration result, if the strategic encryption verification is passed, the arbitration result is decrypted, otherwise, the arbitration result is abandoned;
strategic encryption verification refers to judging whether the message is encrypted or not according to the data length and the data arrangement mode of the protocol message ciphertext; the plurality of online executors adopt the same encryption strategy to carry out encryption processing.
2. The method for preventing protocol message tampering in a mimicry environment according to claim 1, wherein the method comprises the steps of: the same online executive body is provided with a plurality of protocol processes, and each protocol process correspondingly processes one type of protocol message.
3. The method for preventing protocol message tampering in a mimicry environment according to claim 1, wherein the method comprises the steps of: the encryption process includes a partial encryption policy, a global encryption policy, or a hybrid encryption policy.
4. A protocol message tamper-proof system under a mimicry environment is characterized in that: comprises a plurality of online executors and an arbitration output device,
the online execution body comprises a protocol message processing module and an encryption module, wherein the protocol message processing module is used for executing a protocol process to analyze a protocol message; the encryption module is connected with the protocol message processing module, and is used for carrying out encryption processing on the protocol message processed by the protocol message processing module and sending the encrypted message to the arbitration output device; the encryption modules of the online executors have the same encryption strategy;
the arbitrating output device comprises an arbitrator and a protocol message reorganizing transmitter, and the arbitrator is respectively connected with the plurality of on-line executors and is used for receiving the protocol message ciphertext output by the plurality of on-line executors for arbitrating and outputting; the protocol message reorganizing transmitter is configured to receive a protocol message Wen Miwen outputted by the arbitrator, decrypt the protocol message ciphertext, and send the decrypted protocol message ciphertext to a service front panel port;
the protocol message reorganization transmitter comprises an encryption verification module, a decryption module and a transmission module,
the encryption verification module is respectively connected with the arbitrator and the decryption module and is used for carrying out strategic encryption verification on the protocol message ciphertext after receiving the protocol message ciphertext output by the arbitrator, and sending the protocol message ciphertext to the decryption module after the strategic encryption verification is passed; strategic encryption verification refers to judging whether the message is encrypted or not according to the data length and the data arrangement mode of the protocol message ciphertext;
the decryption module is used for decrypting the protocol message ciphertext;
the sending module is used for sending the protocol message obtained after decryption processing to the service front panel port.
5. The system for tamper-proofing a protocol message in a mimicry environment according to claim 4, wherein: the online execution body comprises a plurality of protocol message processing modules, each protocol message processing module is used for executing one protocol process, and different protocol message processing modules correspond to different protocol processes.
6. The system for tamper-proofing a protocol message in a mimicry environment according to claim 4, wherein: the encryption module comprises a local encryption unit and/or a whole encryption unit, wherein the local encryption unit is used for extracting key fields in a protocol message to carry out encryption processing; the whole encryption unit is used for encrypting the whole protocol message.
7. A computer-readable storage medium having stored therein computer-executable instructions, characterized in that: the computer-executable instructions, when executed by a processor, implement the protocol message tamper-resistant method in a mimicry environment as claimed in any one of claims 1 to 3.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011627537.2A CN112637240B (en) | 2020-12-31 | 2020-12-31 | Protocol message tamper-proof method and system under mimicry environment and readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011627537.2A CN112637240B (en) | 2020-12-31 | 2020-12-31 | Protocol message tamper-proof method and system under mimicry environment and readable storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112637240A CN112637240A (en) | 2021-04-09 |
CN112637240B true CN112637240B (en) | 2023-09-12 |
Family
ID=75290241
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011627537.2A Active CN112637240B (en) | 2020-12-31 | 2020-12-31 | Protocol message tamper-proof method and system under mimicry environment and readable storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112637240B (en) |
Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1954538A (en) * | 2004-05-12 | 2007-04-25 | 艾利森电话股份有限公司 | Key management messages for secure broadcast |
CN101106451A (en) * | 2007-08-17 | 2008-01-16 | 杭州华三通信技术有限公司 | A data transmission method and device |
CN101299665A (en) * | 2008-05-19 | 2008-11-05 | 华为技术有限公司 | Message processing method, system and apparatus |
CN102316108A (en) * | 2011-09-09 | 2012-01-11 | 周伯生 | Device for establishing network isolated channel and method thereof |
CN106874755A (en) * | 2017-01-22 | 2017-06-20 | 中国人民解放军信息工程大学 | The consistent escape error processing apparatus of majority and its method based on mimicry Prevention-Security zero-day attacks |
CN107294933A (en) * | 2016-04-11 | 2017-10-24 | 范浪波 | Wearable telecommunication equipment and system independent of Server Security |
CN109936576A (en) * | 2019-03-12 | 2019-06-25 | 国网新疆电力有限公司电力科学研究院 | A kind of vulnerability mining device |
WO2019137554A1 (en) * | 2018-01-15 | 2019-07-18 | 中兴通讯股份有限公司 | Method and device for ensuring operation security of ring network protocol |
CN110177080A (en) * | 2019-04-18 | 2019-08-27 | 中国人民解放军战略支援部队信息工程大学 | Mimicry interchanger, the network equipment and system |
CN110750802A (en) * | 2019-10-14 | 2020-02-04 | 创元网络技术股份有限公司 | Framework for protecting key data based on mimicry defense |
CN110995409A (en) * | 2020-02-27 | 2020-04-10 | 南京红阵网络安全技术研究院有限公司 | Mimicry defense arbitration method and system based on partial homomorphic encryption algorithm |
CN111310245A (en) * | 2020-03-05 | 2020-06-19 | 之江实验室 | Data encryption storage method for mimicry defense system |
CN111475831A (en) * | 2020-06-22 | 2020-07-31 | 南京红阵网络安全技术研究院有限公司 | Data access control method and system based on mimicry defense |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7149900B2 (en) * | 2002-12-12 | 2006-12-12 | Intel Corporation | Method of defending software from debugger attacks |
-
2020
- 2020-12-31 CN CN202011627537.2A patent/CN112637240B/en active Active
Patent Citations (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1954538A (en) * | 2004-05-12 | 2007-04-25 | 艾利森电话股份有限公司 | Key management messages for secure broadcast |
CN101106451A (en) * | 2007-08-17 | 2008-01-16 | 杭州华三通信技术有限公司 | A data transmission method and device |
CN101299665A (en) * | 2008-05-19 | 2008-11-05 | 华为技术有限公司 | Message processing method, system and apparatus |
CN102316108A (en) * | 2011-09-09 | 2012-01-11 | 周伯生 | Device for establishing network isolated channel and method thereof |
CN107294933A (en) * | 2016-04-11 | 2017-10-24 | 范浪波 | Wearable telecommunication equipment and system independent of Server Security |
CN106874755A (en) * | 2017-01-22 | 2017-06-20 | 中国人民解放军信息工程大学 | The consistent escape error processing apparatus of majority and its method based on mimicry Prevention-Security zero-day attacks |
CN110048986A (en) * | 2018-01-15 | 2019-07-23 | 中兴通讯股份有限公司 | A kind of method and device guaranteeing looped network agreement operational safety |
WO2019137554A1 (en) * | 2018-01-15 | 2019-07-18 | 中兴通讯股份有限公司 | Method and device for ensuring operation security of ring network protocol |
CN109936576A (en) * | 2019-03-12 | 2019-06-25 | 国网新疆电力有限公司电力科学研究院 | A kind of vulnerability mining device |
CN110177080A (en) * | 2019-04-18 | 2019-08-27 | 中国人民解放军战略支援部队信息工程大学 | Mimicry interchanger, the network equipment and system |
CN110750802A (en) * | 2019-10-14 | 2020-02-04 | 创元网络技术股份有限公司 | Framework for protecting key data based on mimicry defense |
CN110995409A (en) * | 2020-02-27 | 2020-04-10 | 南京红阵网络安全技术研究院有限公司 | Mimicry defense arbitration method and system based on partial homomorphic encryption algorithm |
CN111310245A (en) * | 2020-03-05 | 2020-06-19 | 之江实验室 | Data encryption storage method for mimicry defense system |
CN111475831A (en) * | 2020-06-22 | 2020-07-31 | 南京红阵网络安全技术研究院有限公司 | Data access control method and system based on mimicry defense |
Also Published As
Publication number | Publication date |
---|---|
CN112637240A (en) | 2021-04-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2019111065A1 (en) | End-to-end communication security | |
WO2021103802A1 (en) | Methods and apparatuses for encrypting and decrypting data, storage medium and encrypted file | |
AU2022100184A4 (en) | System for and method of authenticating a component of an electronic device | |
US20170012774A1 (en) | Method and system for improving the data security during a communication process | |
CN105610837B (en) | For identity authentication method and system between SCADA system main website and slave station | |
KR101608815B1 (en) | Method and system for providing service encryption in closed type network | |
CN103428204A (en) | Data security implementation method capable of resisting timing attacks and devices | |
CN113542253A (en) | Network flow detection method, device, equipment and medium | |
Woodage et al. | An analysis of NIST SP 800-90A | |
US11687478B2 (en) | System and a method for secure data transfer using air gapping hardware protocol | |
CN114124364B (en) | Key security processing method, device, equipment and computer readable storage medium | |
CN112054896B (en) | White box encryption method, white box encryption device, terminal and storage medium | |
CN112910641B (en) | Verification method and device for cross-link transaction supervision, relay link node and medium | |
Kornaros et al. | Trustnet: ensuring normal-world and trusted-world can-bus networking | |
CN112637240B (en) | Protocol message tamper-proof method and system under mimicry environment and readable storage medium | |
CN115396228A (en) | Heterogeneous message transmission method, device, equipment and storage medium | |
CN104376277A (en) | Computing device, method and system | |
Guillen et al. | Crypto-Bootloader–Secure in-field firmware updates for ultra-low power MCUs | |
CN106411964A (en) | Traceable and encrypted data transmission method and device | |
CN112765686A (en) | Power consumption attack prevention framework and method for algorithm key in chip | |
Alrammahi et al. | Development of Advanced Encryption Standard (AES) Cryptography Algorithm for Wi-Fi Security Protocol | |
CN110855628A (en) | Data transmission method and system | |
CN111294199A (en) | Encryption/decryption system, encryption device, decryption device, and encryption/decryption method | |
Horvat et al. | Protection of CAN communication on embedded platform using symmetric encryption | |
CN114374519A (en) | Data transmission method, system and equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |