CN113194105A - Network security protection method and device for vehicle-mounted equipment, electronic equipment and medium - Google Patents
Network security protection method and device for vehicle-mounted equipment, electronic equipment and medium Download PDFInfo
- Publication number
- CN113194105A CN113194105A CN202110742399.0A CN202110742399A CN113194105A CN 113194105 A CN113194105 A CN 113194105A CN 202110742399 A CN202110742399 A CN 202110742399A CN 113194105 A CN113194105 A CN 113194105A
- Authority
- CN
- China
- Prior art keywords
- network security
- security policy
- vehicle
- current moment
- daemon process
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/84—Vehicles
Abstract
The invention provides a network security protection method and device for vehicle-mounted equipment, electronic equipment and a medium, wherein the method comprises the following steps: establishing a daemon process in the initialization process of the vehicle-mounted equipment operating system; the daemon process has root authority of the vehicle-mounted equipment operating system; determining a network security policy of the vehicle-mounted equipment at the current moment; and acquiring the network security policy at the current moment, and calling the daemon process to analyze and execute the network security policy. The network security protection method provided by the invention does not need root processing on the system, ensures the integrity and the security of the system, improves the real-time performance of the network security strategy and improves the user experience.
Description
Technical Field
The present invention relates to the field of security protection technologies, and in particular, to a network security protection method and apparatus for a vehicle-mounted device, an electronic device, and a medium.
Background
With the continuous development of electronic technology, the number of electronic components and systems in automobiles is increasing, and meanwhile, higher requirements are put on the safety and real-time performance of vehicle-mounted networks.
In recent years, network attacks frequently occur, and lawless persons perform port vulnerability scanning on the whole network by means of network port scanning and the like to try to attack network devices. The android system of the vehicle-mounted equipment is an operating system based on a linux kernel, inherits the function of an open port of the linux, and enables the network security risk of the vehicle-mounted equipment to be high.
In the prior art, in order to prevent the network security risk, a user operates a specific application program to control whether the android device can be networked. The networking function of the android device is controlled through the application program, and root operation needs to be carried out on an android device operating system. I.e. opening the permissions to all applications in the operating system. This destroys the integrity and security of the system, and poses more security risks to the system.
Disclosure of Invention
The invention provides a network security protection method and device of vehicle-mounted equipment, electronic equipment and a medium, which are used for solving the technical problem that root processing is required to be carried out on a system to bring certain hysteresis and security in the prior art, so that the aims of ensuring the integrity and the security of a vehicle-mounted network and improving the real-time performance of a network security strategy are fulfilled.
In a first aspect, the present invention provides a network security protection method for a vehicle-mounted device, including:
establishing a daemon process in the initialization process of the vehicle-mounted equipment operating system; the daemon process has root authority of the vehicle-mounted equipment operating system;
determining a network security policy of the vehicle-mounted equipment at the current moment;
and acquiring the network security policy at the current moment, and calling the daemon process to analyze and execute the network security policy.
In a second aspect, the present invention further provides a network security protection device for a vehicle-mounted device, including:
the system comprises a creating module, a judging module and a judging module, wherein the creating module is used for creating a daemon process in the initialization process of an operating system of the vehicle-mounted equipment; the daemon process has root authority of the vehicle-mounted equipment operating system;
the determining module is used for determining a network security policy at the current moment for the vehicle-mounted equipment;
and the analysis and execution module is used for acquiring the network security policy at the current moment and calling the daemon process to analyze and execute the network security policy.
In a third aspect, the present invention also provides an electronic device, including:
a processor, a memory, and a bus, wherein,
the processor and the memory are communicated with each other through the bus;
the memory stores program instructions executable by the processor, the processor calling the program instructions to perform a method as claimed in any one of the above.
In a fourth aspect, the invention also provides a non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the method as described in any one of the above.
The invention provides a network security protection method, a device, electronic equipment and a medium for vehicle-mounted equipment, wherein the method comprises the following steps: the method comprises the steps of establishing a daemon process in the initialization process of an operating system of the vehicle-mounted equipment, enabling the daemon process to have root authority of the operating system of the vehicle-mounted equipment, determining a network security policy at the current moment for the vehicle-mounted equipment, obtaining the network security policy at the current moment, and calling the daemon process to analyze and execute the network security policy. The network security protection method provided by the invention does not need root processing on the system, ensures the network security of the vehicle-mounted equipment, improves the real-time performance of the network security strategy and improves the user experience.
Drawings
In order to more clearly illustrate the technical solutions of the present invention or the prior art, the drawings needed for the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a schematic flow chart of a network security protection method for a vehicle-mounted device according to the present invention;
FIG. 2 is a flow chart illustrating a daemon process executing a network security policy according to the present invention;
FIG. 3 is a schematic structural diagram of a network safety protection device of a vehicle-mounted device according to the present invention;
fig. 4 is a schematic structural diagram of an electronic device provided in the present invention.
Detailed Description
In order to more clearly illustrate the technical solutions of the present invention or the prior art, the drawings needed for the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a schematic flow chart of a network security protection method for a vehicle-mounted device according to the present invention. As shown in fig. 1, the network security protection method for the vehicle-mounted device provided by the present invention includes the following steps:
step 101: establishing a daemon process in the initialization process of the vehicle-mounted equipment operating system; the daemon process has root authority of the vehicle-mounted equipment operating system;
step 102: determining a network security policy of the vehicle-mounted equipment at the current moment;
step 103: and acquiring the network security policy at the current moment, and calling the daemon process to analyze and execute the network security policy.
In particular, daemons (daemons) are a type of special process that runs in the background for performing specific system tasks.
Initialization refers to a process of setting a series of parameters and starting a process on software and hardware of equipment when a system is powered on.
In step 101, when an operating system of a vehicle-mounted device is initialized, a system service creates a daemon process, and the created daemon process has a root right of the operating system of the vehicle-mounted device, that is, when an application program needs to acquire the system root right, the method interacts with the daemon process to achieve the purpose that the application executes operations with the root right, and does not need to open the right of all application programs in the operating system, wherein the system service is created according to the actual needs of a terminal of the vehicle-mounted device, and can be used for creating the daemon process, monitoring startup broadcasting, determining a network security policy and the like.
In step 102, the system service may also determine a network security policy at the current time for the vehicle-mounted device, for example, the system service may use the latest version of the network security policy obtained from the server side as the network security policy at the current time.
In step 103, when the network security policy at the current time is obtained, the daemon process needs to be called to analyze and execute the network security policy, and the daemon process is used to analyze the network security policy and obtain specific information included in the network security policy, such as port information, application information, security behavior information, and the like.
In the embodiment of the invention, a daemon process is established in the initialization process of the operating system of the vehicle-mounted equipment through system service, the daemon process has the root authority of the operating system of the vehicle-mounted equipment, the network security strategy of the current moment is determined for the vehicle-mounted equipment in real time, and the daemon process is called to analyze and execute the network security strategy, so that the network security protection of the vehicle-mounted equipment is realized. According to the network security protection method provided by the invention, root processing is not required to be carried out on the system, authority control on a certain application program is realized through a daemon process, the integrity and the security of the system are ensured, meanwhile, the instantaneity of a network security strategy is improved, and the user experience is improved.
In another embodiment of the present invention, the acquiring the network security policy at the current time and invoking the daemon process to analyze and execute the network security policy includes:
monitoring and acquiring the network security policy at the current moment;
and transmitting the network security policy at the current moment to the daemon process, and analyzing and executing the network security policy at the current moment by the daemon process.
Specifically, the network security policy at the current time refers to a network security policy obtained according to the actual situation of the application or the port connection at the current time.
In the embodiment of the invention, when the network security policy at the current moment is monitored, the network security policy at the current moment is downloaded to the local, meanwhile, the system service transmits the network security policy at the current moment to the daemon process, and the daemon process analyzes and executes the network security policy at the current moment.
For example, when the system service monitors a network security policy of 11 o' clock, the network security policy is downloaded and stored, the stored network security policy is transmitted to the daemon process, the daemon process analyzes the network security policy, analyzes the network security policy to obtain information that the first port is attacked by a malicious program and the first port is forbidden at the moment, and the daemon process executes forbidden operation on the first port according to the analyzed information.
In the embodiment of the invention, the system service monitors and acquires the network security policy at the current moment in real time and transmits the network security policy to the daemon process, and the daemon process analyzes and executes the network security policy at the current moment.
In another embodiment of the present invention, as shown in fig. 2, the monitoring and acquiring the network security policy at the current time includes:
step 201: setting the value of the preset system attribute of the vehicle-mounted equipment operating system as a download path of the network security policy at the current moment;
step 202: and monitoring the value of the preset system attribute, and when the value of the preset system attribute changes, acquiring the network security policy at the current moment according to the changed value of the preset system attribute.
Specifically, the system attribute refers to a set formed by calling parameters of multiple files, and the system attribute changes correspondingly according to the change of the parameters of each file.
In the embodiment of the present invention, a value of a preset system attribute of an operating system of a vehicle-mounted device is set as a download path of a network security policy at a current time, that is, a config _ security _ path value is set as a download path of a network security policy at a current time, for example, the download path of the network security policy at a current time is: and D/security policy/16 th 6/2021, when the change of the value of the system attribute is monitored, the change is D/security policy/17 th 6/2021, and the network security policy at the current moment is obtained according to the changed value of the preset system attribute. It should be noted that the network security policy at the current time is a network security policy that changes with time.
In the embodiment of the invention, the network security policy at the current moment is obtained by monitoring the change of the value of the system attribute, so that the integrity and the security of the system are ensured, and the real-time performance of the network security policy is improved.
In an embodiment of the present invention, the monitoring and acquiring the network security policy at the current time includes:
informing the daemon process that the network security policy is updated in a communication mode among socket processes;
and when a communication message containing the network security policy at the current moment is obtained in the communication mode among the socket processes, obtaining the network security policy at the current moment from the communication message.
In particular, socket, commonly referred to as a "socket," is used to describe an IP address and port, which is a handle to a communication chain.
In the embodiment of the invention, the mode of obtaining the network security policy at the current moment is adopted, the determining module can obtain the message with the updated security policy in a socket inter-process communication mode, and the path of the network security policy at the current moment is obtained from the communication message. According to the embodiment, the network security policy at the current moment can be obtained in a socket inter-process communication mode, the acquisition channel of the network security policy is expanded, and the real-time performance and the accuracy of the network security policy are improved.
In another embodiment of the present invention, the monitoring and acquiring the network security policy at the current time includes:
monitoring a configuration file of the operating system of the vehicle-mounted equipment;
and when the content of the configuration file is changed, acquiring the network security policy at the current moment from the changed configuration file.
Specifically, a Configuration File (Configuration File) is a computer File that can configure parameters and initial settings for some computer programs.
In the embodiment of the present invention, the manner of obtaining the network security policy at the current time may be specifically configured to obtain the network security policy at the current time from the changed configuration file when the content of the configuration file changes by monitoring the state of the configuration file of the operating system of the vehicle-mounted device. The embodiment of the invention can obtain the network security policy at the current moment by monitoring the change of the configuration file, expands the acquisition channel of the network security policy and is beneficial to improving the real-time performance and the accuracy of the network security policy.
In an embodiment of the present invention, the determining a network security policy of a current time for a vehicle-mounted device includes:
sending a request for acquiring a network security policy to a server;
inquiring whether the server has issued the network security policy of the latest version or not in a timing polling mode;
and when the server is inquired to send the network security policy of the latest version, taking the network security policy of the latest version as the network security policy at the current moment.
Specifically, Polling (Polling) is a way for the CPU to decide how to provide peripheral services, also known as Programmed input/output (Programmed I/O).
In the embodiment of the invention, the system service monitors the startup broadcast, pulls up the request policy module after the vehicle-mounted device completes startup, sends a request for acquiring the latest security policy to the server, and queries whether the server issues the latest version of the network security policy in a timed polling manner, wherein in the embodiment, the timed polling is set to be one time of 12-hour polling. When the server is inquired to send the network security policy of the latest version, the system service determines the latest security policy as the network security policy at the current moment. The time of the timed polling may be set according to actual needs, and is not particularly limited herein.
In the embodiment of the invention, the network security policy of the latest version is acquired by actively requesting, so that the security of the system is ensured and the user experience is improved.
In another embodiment of the present invention, the determining a network security policy of the vehicle-mounted device at the current time further includes:
and when the server is inquired that the latest version of the network security policy is not issued, taking the existing network security policy or the prefabricated network security policy as the network security policy at the current moment.
Specifically, the pre-established network security policy refers to a network security policy established by the vehicle-mounted terminal according to the actual situation of the vehicle-mounted terminal, and the network security policy can be pre-stored in the vehicle-mounted terminal for the user to use as needed,
in the embodiment of the invention, if the server is inquired that the latest version of the network security policy is not issued, or the internet or the server fails to access, the existing network security policy or the prefabricated network security policy is adopted as the network security policy at the current moment. The arrangement mode ensures the safety of the vehicle-mounted equipment in networking application.
In another embodiment of the present invention, the determining a network security policy of the vehicle-mounted device at the current time includes:
and under the condition that the network security problem occurs, receiving a network security policy set by the server according to the network security problem, and taking the network security policy as the network security policy at the current moment.
In particular, network Security (Cyber Security) refers to that hardware, software and data in the system of the network system are protected and are not damaged, changed and leaked due to accidental or malicious reasons, the system can continuously, reliably and normally operate, and network service is not interrupted.
In the embodiment of the invention, the server actively issues the network security policy of the latest version. When the network security problem occurs, the management personnel sets a security policy at the background and issues the network security policy as the network security policy at the current moment to all the vehicle-mounted devices in real time, and the vehicle-mounted devices execute the network security policy at the current moment in real time to ensure the network security.
In the embodiment of the invention, the server actively issues the network security policy according to the network security problem, so that the network security policy can be issued in time when the vehicle-mounted equipment has the network security problem, the occurrence of serious harm events caused by the network security problem is avoided, and the security of the vehicle-mounted equipment is protected.
In another embodiment of the present invention, the network security policy at the current time comprises a port disabling policy and/or an application networking restriction policy;
correspondingly, the invoking the daemon process to analyze and execute the network security policy includes:
calling the daemon process to analyze the port forbidden strategy to obtain the information of the forbidden port; according to the information of the disabled port, executing disabling operation on the disabled port through root authority of the vehicle-mounted equipment operating system;
and/or the presence of a gas in the gas,
calling the daemon process to analyze the application networking limiting strategy to obtain information of the application which is limited to be networked; and according to the information of the networking-restricted application, executing networking-restricted operation on the networking-restricted application through the root authority of the vehicle-mounted device operating system.
Specifically, the port disabling policy refers to a policy that the port disables the application; applying a networking restriction policy refers to a policy in which an application prohibits networking.
In the embodiment of the invention, the network security policy comprises a port disabling policy and/or an application networking limiting policy, and the system service realizes the analysis and execution operation of the network security policy by calling a daemon process.
For example, the daemon process analyzes the port disabling strategy to obtain the information that the first port and the fourth port are prohibited from being applied by being attacked by the malicious program at the moment, the daemon process has the root authority of the vehicle-mounted device operating system, the daemon process executes the disabling operation on the first port and the fourth port, the authority does not need to be opened on other ports, and the network security of other ports is guaranteed.
In the embodiment of the invention, the analysis and execution of the network security policy are realized by calling the daemon process, the integrity and the security of the system are ensured, and the user experience is improved.
Fig. 3 is a network security protection device for a vehicle-mounted device, as shown in fig. 3, the network security protection device provided by the present invention includes:
the creating module 301 is configured to create a daemon process in an initialization process of the vehicle-mounted device operating system; the daemon process has root authority of the vehicle-mounted equipment operating system;
a determining module 302, configured to determine a network security policy at a current time for the vehicle-mounted device;
and the analysis and execution module 303 is configured to obtain the network security policy at the current time, and invoke the daemon process to analyze and execute the network security policy.
Specifically, the root authority is similar to an administeror in a Windows system, and is a super Administrator user account in a Linux system, and the super Administrator user account has the highest authority of the whole system, so that components of the system can be deleted or changed conveniently.
In the network security protection device for the vehicle-mounted equipment, the creation module is used for creating a daemon process in the initialization process of an operating system of the vehicle-mounted equipment, and the determination module is used for determining a network security policy at the current moment for the vehicle-mounted equipment; the analysis and execution module is used for acquiring the network security policy at the current moment and calling a daemon process to analyze and execute the network security policy. The device provided by the invention does not need root processing on the system, thereby protecting the integrity and the safety of the system, improving the real-time performance of the network security strategy and simultaneously improving the user experience.
Since the principle of the apparatus according to the embodiment of the present invention is the same as that of the method according to the above embodiment, further details are not described herein for further explanation.
Fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, and as shown in fig. 4, the present invention provides an electronic device, including: a processor (processor)401, a memory (memory)402, and a bus 403;
the processor 401 and the memory 402 complete communication with each other through the bus 403;
The present embodiments provide a non-transitory computer-readable storage medium storing computer instructions that cause the computer to perform the methods provided by the above method embodiments, for example, including: establishing a daemon process in the initialization process of the vehicle-mounted equipment operating system; the daemon process has root authority of the vehicle-mounted equipment operating system; determining a network security policy of the vehicle-mounted equipment at the current moment; and acquiring the network security policy at the current moment, and calling the daemon process to analyze and execute the network security policy.
Those of ordinary skill in the art will understand that: all or part of the steps for implementing the method embodiments may be implemented by hardware related to program instructions, and the program may be stored in a computer readable storage medium, and when executed, the program performs the steps including the method embodiments; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. A network security protection method of vehicle-mounted equipment is characterized by comprising the following steps:
establishing a daemon process in the initialization process of the vehicle-mounted equipment operating system; the daemon process has root authority of the vehicle-mounted equipment operating system;
determining a network security policy of the vehicle-mounted equipment at the current moment;
and acquiring the network security policy at the current moment, and calling the daemon process to analyze and execute the network security policy.
2. The network security protection method of the vehicle-mounted device according to claim 1, wherein the obtaining the network security policy at the current time and invoking the daemon process to analyze and execute the network security policy comprises:
monitoring and acquiring the network security policy at the current moment;
and transmitting the network security policy at the current moment to the daemon process, and analyzing and executing the network security policy at the current moment by the daemon process.
3. The network security protection method of the vehicle-mounted device according to claim 2, wherein the monitoring and obtaining the network security policy at the current time comprises:
setting the value of the preset system attribute of the vehicle-mounted equipment operating system as a download path of the network security policy at the current moment;
monitoring the value of the preset system attribute, and when the value of the preset system attribute changes, acquiring the network security policy at the current moment according to the changed value of the preset system attribute;
or the like, or, alternatively,
informing the daemon process that the network security policy is updated in a communication mode among socket processes;
when a communication message containing the network security policy at the current moment is obtained in a communication mode among socket processes, the network security policy at the current moment is obtained from the communication message;
or the like, or, alternatively,
monitoring a configuration file of the operating system of the vehicle-mounted equipment;
and when the content of the configuration file is changed, acquiring the network security policy at the current moment from the changed configuration file.
4. The network security protection method of the vehicle-mounted device according to claim 1, wherein the determining the network security policy of the vehicle-mounted device at the current moment comprises:
sending a request for acquiring a network security policy to a server;
inquiring whether the server has issued the network security policy of the latest version or not in a timing polling mode;
and when the server is inquired to send the network security policy of the latest version, taking the network security policy of the latest version as the network security policy at the current moment.
5. The network security protection method for the vehicle-mounted device according to claim 4, wherein the determining the network security policy of the vehicle-mounted device at the current moment further comprises:
and when the server is inquired that the latest version of the network security policy is not issued, taking the existing network security policy or the prefabricated network security policy as the network security policy at the current moment.
6. The network security protection method of the vehicle-mounted device according to claim 1, wherein the determining the network security policy of the vehicle-mounted device at the current moment comprises:
and under the condition that the network security problem occurs, receiving a network security policy set by the server according to the network security problem, and taking the network security policy as the network security policy at the current moment.
7. The network security protection method for the vehicle-mounted device according to claim 1, wherein the network security policy at the current moment comprises a port disabling policy and/or an application networking limiting policy;
correspondingly, the invoking the daemon process to analyze and execute the network security policy includes:
calling the daemon process to analyze the port forbidden strategy to obtain the information of the forbidden port; according to the information of the disabled port, executing disabling operation on the disabled port through root authority of the vehicle-mounted equipment operating system;
and/or the presence of a gas in the gas,
calling the daemon process to analyze the application networking limiting strategy to obtain information of the application which is limited to be networked; and according to the information of the networking-restricted application, executing networking-restricted operation on the networking-restricted application through the root authority of the vehicle-mounted device operating system.
8. A network safety protection device of vehicle-mounted equipment is characterized by comprising:
the system comprises a creating module, a judging module and a judging module, wherein the creating module is used for creating a daemon process in the initialization process of an operating system of the vehicle-mounted equipment; the daemon process has root authority of the vehicle-mounted equipment operating system;
the determining module is used for determining a network security policy at the current moment for the vehicle-mounted equipment;
and the analysis and execution module is used for acquiring the network security policy at the current moment and calling the daemon process to analyze and execute the network security policy.
9. An electronic device, comprising:
a processor, a memory, and a bus, wherein,
the processor and the memory are communicated with each other through the bus;
the memory stores program instructions executable by the processor, the processor invoking the program instructions to perform the method of any of claims 1 to 7.
10. A non-transitory computer-readable storage medium storing computer instructions that cause a computer to perform the method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110742399.0A CN113194105B (en) | 2021-07-01 | 2021-07-01 | Network security protection method and device for vehicle-mounted equipment, electronic equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110742399.0A CN113194105B (en) | 2021-07-01 | 2021-07-01 | Network security protection method and device for vehicle-mounted equipment, electronic equipment and medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113194105A true CN113194105A (en) | 2021-07-30 |
| CN113194105B CN113194105B (en) | 2021-10-29 |
Family
ID=76976827
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110742399.0A Active CN113194105B (en) | 2021-07-01 | 2021-07-01 | Network security protection method and device for vehicle-mounted equipment, electronic equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113194105B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102542200A (en) * | 2011-12-21 | 2012-07-04 | 北京握奇数据系统有限公司 | Method and device for processing digital authentication terminal |
| US20170187750A1 (en) * | 2015-12-29 | 2017-06-29 | Fortinet, Inc. | Security configuration file conversion with security policy optimization |
| US20180190146A1 (en) * | 2016-12-30 | 2018-07-05 | Fortinet, Inc. | Proactive network security assesment based on benign variants of known threats |
| CN109005198A (en) * | 2018-09-12 | 2018-12-14 | 杭州和利时自动化有限公司 | A kind of controller attack protection security strategy generation method and system |
| US10735430B1 (en) * | 2019-04-22 | 2020-08-04 | Cyberark Software Ltd. | Systems and methods for dynamically enrolling virtualized execution instances and managing secure communications between virtualized execution instances and clients |
| CN112799641A (en) * | 2020-12-31 | 2021-05-14 | 苏州科达科技股份有限公司 | Method and device for expanding software development kit, electronic equipment and storage medium |
| US20210173919A1 (en) * | 2017-05-16 | 2021-06-10 | Beyondtrust Software, Inc. | Systems and methods for controlling privileged operations |
-
2021
- 2021-07-01 CN CN202110742399.0A patent/CN113194105B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102542200A (en) * | 2011-12-21 | 2012-07-04 | 北京握奇数据系统有限公司 | Method and device for processing digital authentication terminal |
| US20170187750A1 (en) * | 2015-12-29 | 2017-06-29 | Fortinet, Inc. | Security configuration file conversion with security policy optimization |
| US20180190146A1 (en) * | 2016-12-30 | 2018-07-05 | Fortinet, Inc. | Proactive network security assesment based on benign variants of known threats |
| US20210173919A1 (en) * | 2017-05-16 | 2021-06-10 | Beyondtrust Software, Inc. | Systems and methods for controlling privileged operations |
| CN109005198A (en) * | 2018-09-12 | 2018-12-14 | 杭州和利时自动化有限公司 | A kind of controller attack protection security strategy generation method and system |
| US10735430B1 (en) * | 2019-04-22 | 2020-08-04 | Cyberark Software Ltd. | Systems and methods for dynamically enrolling virtualized execution instances and managing secure communications between virtualized execution instances and clients |
| CN112799641A (en) * | 2020-12-31 | 2021-05-14 | 苏州科达科技股份有限公司 | Method and device for expanding software development kit, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113194105B (en) | 2021-10-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10666686B1 (en) | Virtualized exploit detection system | |
| EP4027604A1 (en) | Security vulnerability defense method and device | |
| CN108369625B (en) | Dual memory introspection for protecting multiple network endpoints | |
| JP4914052B2 (en) | Method and system for distributing security policies | |
| EP3095224B1 (en) | Dynamic filtering for sdn api calls across a security boundary | |
| US8245274B2 (en) | Method for communication security and apparatus therefore | |
| KR20060041865A (en) | Network security device and method for protecting a computing device in a networked environment | |
| AU2012360047A1 (en) | Method, device, system and computer readable storage medium for ensuring authenticity of web content served by a web host | |
| CA2485062A1 (en) | Security-related programming interface | |
| CN113014571B (en) | Method, device and storage medium for processing access request | |
| KR100875997B1 (en) | Network Fuzzing Using Windows Sockets Application Program Hooking | |
| CN113194105B (en) | Network security protection method and device for vehicle-mounted equipment, electronic equipment and medium | |
| US10205738B2 (en) | Advanced persistent threat mitigation | |
| CN110809004A (en) | Safety protection method and device, electronic equipment and storage medium | |
| CN114861168A (en) | Anti-escape attack behavior deception honeypot construction method | |
| KR101992985B1 (en) | An access control system of controlling hard-coded passwords and commands for enhancing security of the servers | |
| US10904279B1 (en) | Policy generation in airborne systems | |
| CN111314131A (en) | Task issuing method and device, storage medium and electronic device | |
| CA3144110A1 (en) | System and method for protection of an ics network by an hmi server therein | |
| KR102370848B1 (en) | Computer device including divided security module and method for updating security module | |
| CN116760622A (en) | Application access method and device, electronic equipment and storage medium | |
| CN114722397A (en) | Process behavior identification method, process behavior identification device, electronic device, storage medium, and program | |
| CN117424744A (en) | Web application protection method, device, system, WAF equipment and medium | |
| CN113765859A (en) | Network security filtering method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |