CN113992424B - Method and related device for transmitting pcap packet for attack test - Google Patents
Method and related device for transmitting pcap packet for attack test Download PDFInfo
- Publication number
- CN113992424B CN113992424B CN202111314414.8A CN202111314414A CN113992424B CN 113992424 B CN113992424 B CN 113992424B CN 202111314414 A CN202111314414 A CN 202111314414A CN 113992424 B CN113992424 B CN 113992424B
- Authority
- CN
- China
- Prior art keywords
- data stream
- pcap
- packets
- packet
- configuration information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 238000012360 testing method Methods 0.000 title claims abstract description 34
- 238000001914 filtration Methods 0.000 claims abstract description 14
- 230000005540 biological transmission Effects 0.000 claims abstract description 12
- 238000004590 computer program Methods 0.000 claims description 9
- 230000009286 beneficial effect Effects 0.000 abstract description 2
- 238000012795 verification Methods 0.000 description 3
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000002441 reversible effect Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000002716 delivery method Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/32—Flow control; Congestion control by discarding or delaying data units, e.g. packets or frames
Abstract
The application discloses a method for sending a pcap packet for attack test, which comprises the following steps: acquiring network configuration information through a preset path; reading the data streams of all the corresponding pcap packets based on the pcap packet parameters; filtering data stream packets in the data stream based on attribute information of the data stream packets to obtain a data stream to be sent; and transmitting the data stream to be transmitted based on the network configuration information and the protocol information of the data stream to be transmitted. The network configuration information is obtained through a preset path, then the data streams of all the corresponding pcap packets are read based on preset pcap packet parameters, and finally the data streams to be transmitted are transmitted, so that the data streams of the pcap packets are automatically transmitted, the threshold for transmitting the pcap packets is reduced, and the transmission efficiency of the pcap packets is improved. The application also discloses a pcap packet sending device, a server and a computer readable storage medium for attack test, which have the beneficial effects.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a method for transmitting a pcap packet for attack testing, a device for transmitting a pcap packet, a server, and a computer readable storage medium.
Background
With the continuous development of information technology, network security issues are also becoming more and more interesting. Including the need for verification of website security for each large vendor or individual website.
In the related art, various attacks can be sent to verify the security of a product or a website. While the security of a product or web site may be verified by mimicking a hacker's attack on its own product or web site, this method of verification requires some knowledge of the security aspect and is not verifiable for most vendors or individuals because the relevant expertise is not well known. The efficiency of sending attack data packets is extremely low, and a threshold for verifying the security is increased.
Therefore, how to implement the automatic attack testing operation and improve the efficiency of attack testing are important issues for those skilled in the art.
Disclosure of Invention
The invention aims to provide a pcap packet sending method, a pcap packet sending device, a server and a computer readable storage medium for attack test, so as to improve the automation degree of sending the pcap packet and further improve the efficiency of sending the pcap packet.
In order to solve the above technical problems, the present application provides a method for sending a pcap packet for attack testing, including:
acquiring network configuration information through a preset path;
reading the data streams of all the corresponding pcap packets based on the pcap packet parameters;
filtering data stream packets in the data stream based on attribute information of the data stream packets to obtain a data stream to be sent;
and transmitting the data stream to be transmitted based on the network configuration information and the protocol information of the data stream to be transmitted.
Optionally, acquiring the network configuration information through a preset path includes:
inquiring the mac address of the source device and the mac address of the target device;
determining a source IP address and a target IP address based on the mac address of the source device and the mac address of the target device;
and taking the target IP address and the source IP address as the network configuration information.
Optionally, reading the data stream of all the corresponding pcap packets based on the pcap packet parameters includes:
determining the range of all the pcap packs based on the pcap pack parameters;
and reading the corresponding data stream according to the range of all the pcap packets.
Optionally, filtering the data stream packet in the data stream based on attribute information of the data stream packet to obtain a data stream to be sent, including:
acquiring attribute information of each data stream packet;
and deleting the data stream packet with the attribute information being special from the data stream to obtain the data stream to be sent.
Optionally, sending the data stream to be sent based on the network configuration information and the protocol information of the data stream to be sent includes:
identifying protocol information of the data stream to be transmitted based on the parameter information;
and sending the data stream to be sent according to the operation protocol corresponding to the protocol information.
Optionally, the method further comprises:
and initializing the operating environment.
The application also provides a pcap packet sending device for attack test, comprising:
the configuration information acquisition module is used for acquiring network configuration information through a preset path;
the data stream reading module is used for reading the data streams of all the corresponding pcap packets based on the parameters of the pcap packets;
the data stream packet filtering module is used for filtering the data stream packets in the data stream based on the attribute information of the data stream packets to obtain the data stream to be sent;
and the data transmission module is used for transmitting the data stream to be transmitted based on the network configuration information and the protocol information of the data stream to be transmitted.
Optionally, the method further comprises:
and the environment configuration module is used for initializing the operating environment.
The application also provides a server comprising:
a memory for storing a computer program;
and a processor for implementing the steps of the pcap pack transmitting method as described above when executing the computer program.
The present application also provides a computer readable storage medium having stored thereon a computer program which when executed by a processor implements the steps of the pcap pack delivery method as described above.
The method for sending the pcap packet for the attack test comprises the following steps: acquiring network configuration information through a preset path; reading the data streams of all the corresponding pcap packets based on the pcap packet parameters; filtering data stream packets in the data stream based on attribute information of the data stream packets to obtain a data stream to be sent; and transmitting the data stream to be transmitted based on the network configuration information and the protocol information of the data stream to be transmitted.
The network configuration information is obtained through a preset path, then the data streams of all the corresponding pcap packets are read based on preset pcap packet parameters, and finally the data streams to be transmitted are transmitted, so that the data streams of the pcap packets are automatically transmitted, the threshold for transmitting the pcap packets is reduced, and the transmission efficiency of the pcap packets is improved.
The application also provides a pcap packet sending device, a server and a computer readable storage medium for attack test, which have the above beneficial effects and are not described herein.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present application, and that other drawings may be obtained according to the provided drawings without inventive effort to a person skilled in the art.
Fig. 1 is a flowchart of a method for sending a pcap packet for attack testing according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a pcap packet sending device for attack testing according to an embodiment of the present application.
Detailed Description
The core of the application is to provide a method for transmitting the pcap packet for attack test, a device for transmitting the pcap packet, a server and a computer readable storage medium, so as to improve the automation degree of transmitting the pcap packet and further improve the efficiency of transmitting the pcap packet.
For the purposes of making the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
In the related art, various attacks can be sent to verify the security of a product or a website. While the security of a product or web site may be verified by mimicking a hacker's attack on its own product or web site, this method of verification requires some knowledge of the security aspect and is not verifiable for most vendors or individuals because the relevant expertise is not well known. The efficiency of sending attack data packets is extremely low, and a threshold for verifying the security is increased.
Therefore, the application provides a method for sending the pcap packet for attack test, which obtains network configuration information through a preset path, reads the data streams of all corresponding pcap packets based on preset pcap packet parameters, and finally sends the data streams to be sent so as to realize automatic sending of the data streams of the pcap packets, reduce the threshold for sending the pcap packets and improve the sending efficiency of the pcap packets.
The following describes, by way of an embodiment, a method for transmitting a pcap packet for attack testing provided in the present application.
Referring to fig. 1, fig. 1 is a flowchart of a method for transmitting a pcap packet for attack testing according to an embodiment of the present application.
In this embodiment, the method may include:
s101, acquiring network configuration information through a preset path;
it can be seen that this step aims at obtaining the network configuration information through the preset path. Wherein, the network configuration information is the network configuration information for automatically sending the pcap packet. In this embodiment, the pcap pack may be automatically sent to the target device based on the network configuration information, so as to implement attack testing.
The pcap package is a common datagram storage format, which can be understood as a file format, and only the data in the pcap package is stored according to a specific format, so that the data in the pcap package must be obtained and analyzed according to a certain format.
The preset path can be acquired through a network, input by a technician, or a wired mode. It can be seen that the manner of acquiring the network configuration information in this step is not limited in this embodiment.
Further, the step may include:
step 1, inquiring the mac address of a source device and the mac address of a target device;
step 2, determining a source IP address and a target IP address based on the mac address of the source device and the mac address of the target device;
and step 3, taking the target IP address and the source IP address as network configuration information.
It can be seen that this alternative mainly illustrates how the network configuration information is obtained. In this alternative, the mac (Media Access Control Address ) address of the source device and the mac address of the destination device are queried, the source IP address and the destination IP address are determined based on the mac address of the source device and the mac address of the destination device, and the destination IP address and the source IP address are used as network configuration information. That is, in this alternative, mac addresses of the source device and the target device are first obtained, and then IP addresses are obtained based on the mac addresses, and further serve as network configuration information.
S102, reading the data streams of all the corresponding pcap packets based on the parameters of the pcap packets;
on the basis of S101, this step aims at reading the data streams of all the corresponding pcap packets based on the pcap packet parameters. That is, the data stream in the pcap packet is read. The pcap pack in this embodiment is a pcap pack that has been preset for performing an attack test. In this step, a suitable pcap package is selected for reading based on the parameters of the pcap package, so as to obtain the required pcap package.
Further, the step may include:
step 1, determining the range of all the pcap packs based on the parameters of the pcap packs;
and 2, reading the corresponding data stream according to the ranges of all the pcap packets.
It can be seen that this alternative mainly illustrates how the data stream of the pcap packet is obtained. In this alternative, the ranges of all the pcap packages are determined based on the pcap package parameters, and the corresponding data streams are read according to the ranges of all the pcap packages.
S103, filtering the data stream packets in the data stream based on the attribute information of the data stream packets to obtain a data stream to be transmitted;
on the basis of S102, this step aims at filtering the data stream packets in the data stream based on the attribute information of the data stream packets, to obtain the data stream to be transmitted. In this step, the data stream packet is filtered based on the attribute information of the data stream packet, so as to obtain the data stream to be sent. That is, redundant data stream packets in the data stream of the pcap packet are removed. So as to reduce the data volume of the pcap package and improve the efficiency of data transmission.
Further, the step may include:
step 1, obtaining attribute information of each data stream packet;
and 2, deleting the data stream packet with the attribute information being special from the data stream to obtain the data stream to be transmitted.
This alternative mainly describes how to acquire the data stream to be transmitted. In the alternative scheme, the attribute information of each data stream packet is acquired, and the data stream to be transmitted is obtained by deleting the attribute information which is a special data stream packet from the data stream.
And S104, transmitting the data stream to be transmitted based on the network configuration information and the protocol information of the data stream to be transmitted.
On the basis of S103, this step aims at transmitting the pcap packet of the data stream based on the protocol information of the data stream. That is, the data stream to be transmitted is transmitted based on the protocol information in the data stream to be transmitted, so that the data stream is automatically transmitted.
Further, the step may include:
step 1, identifying protocol information of a data stream to be transmitted based on parameter information;
and step 2, transmitting the data stream to be transmitted according to the operation protocol corresponding to the protocol information.
It can be seen that this alternative mainly illustrates how the transmission of the data stream is performed. In this alternative scheme, the protocol information of the data stream to be sent is identified based on the parameter information, and the data stream to be sent is sent according to the operation protocol corresponding to the protocol information.
In summary, the embodiment obtains the network configuration information through the preset path, reads the data streams of all the corresponding pcap packets based on the preset pcap packet parameters, and finally sends the data streams to be sent, so as to realize automatic sending of the data streams of the pcap packets, reduce the threshold for sending the pcap packets, and improve the sending efficiency of the pcap packets.
The following describes a method for transmitting a pcap packet for attack testing according to the present application through a specific embodiment.
This embodiment is based on a Scapy implementation, which is a powerful interactive package operator. It is capable of forging or decoding a large number of protocol data packets, sending them over the network, capturing them, matching requests and responses, etc. Scapy can easily handle most classical tasks like scanning, tracking, probing, unit testing, attacks or network discovery.
On the basis of Scapy, executing the script in the embodiment can implement attack testing on the target by designating the target pcap package and the related source destination ip. Meanwhile, the script can also change the source-destination ip address of the existing pcap file, and is frequently used in daily attack and defense actions. For example: the system corresponding to xxx.pcap to 45.88.167.12 may be sent, which would be compromised if the pcap is a malicious attack. Meanwhile, the source ip can be specified by itself, so that the exposure of the real ip is avoided, and more effective attack test is realized.
Step 1, installing a python environment;
step 2, inquiring the mac addresses of the attack machine and the target as the value of src_mac (source mac address) and the value of dst_mac (target mac address), inquiring the network port of the attack machine, and using a certain network port as a flow outlet and a flow inlet;
step 3, executing a script, and designating pcap packet parameters, wherein two random IPs comprise a source IP and a destination IP;
step 4, the script starts to read the pcap packet, and when the content of the pcap packet is read, all data streams in the packet are read once, and then some special data stream packets (for example, remove rarp (Reverse Address Resolution Protocol, reverse address translation protocol), remove arp (Address Resolution Protocol ), remove igmp (Internet Group Management Protocol, internet group management protocol), remove broadcast and multicast, remove RST (Reset the connection, reset connection) message) are removed;
step 5, the script can continuously identify the use protocol of the data stream, and different protocols use different packet sending modes;
and 6, transmitting the data stream which is already read by reading the mac address of the target and using the designated IP.
If the IP of the test attacker seen from the view angle of the victim is the IP which is randomly designated, the test victim can be prevented from tracing, and the effectiveness of attack test is improved.
Therefore, in this embodiment, the network configuration information is obtained through the preset path, and then the data streams of all the corresponding pcap packets are read based on the preset pcap packet parameters, and finally the data streams to be sent are sent, so that the data streams of the pcap packets are automatically sent, the threshold for sending the pcap packets is reduced, and the sending efficiency of the pcap packets is improved.
The following describes a pcap packet sending device for an attack test provided in the embodiment of the present application, where the pcap packet sending device for an attack test described below and the pcap packet sending method for an attack test described above may be referred to correspondingly with each other.
Referring to fig. 2, fig. 2 is a schematic structural diagram of a pcap packet sending device for attack testing according to an embodiment of the present application.
In this embodiment, the apparatus may include:
a configuration information obtaining module 100, configured to obtain network configuration information through a preset path;
the data stream reading module 200 is configured to read data streams of all the corresponding pcap packets based on the pcap packet parameters;
the data stream packet filtering module 300 is configured to filter a data stream packet in a data stream based on attribute information of the data stream packet, so as to obtain a data stream to be sent;
the data sending module 400 is configured to send the data stream to be sent based on the network configuration information and the protocol information of the data stream to be sent.
Optionally, the configuration information obtaining module 100 is specifically configured to query a mac address of the source device and a mac address of the target device; determining a source IP address and a target IP address based on the mac address of the source device and the mac address of the target device; the target IP address and the source IP address are used as network configuration information.
Optionally, the data flow reading module 200 is specifically configured to determine the range of all the pcap packets based on the pcap packet parameters; and reading the corresponding data stream according to the range of all the pcap packets.
Optionally, the data flow packet filtering module 300 is specifically configured to obtain attribute information of each data flow packet; and deleting the data stream packet with the attribute information being special from the data stream to obtain the data stream to be transmitted.
Optionally, the data sending module 400 is specifically configured to identify protocol information of a data stream to be sent based on the parameter information; and sending the data stream to be sent according to the operation protocol corresponding to the protocol information.
Optionally, the apparatus may further include:
and the initialization module is used for initializing the operating environment.
The embodiment of the application also provides a server, which comprises:
a memory for storing a computer program;
and a processor for implementing the steps of the pcap pack transmission method as described in the above embodiments when executing the computer program.
The present application also provides a computer readable storage medium, on which a computer program is stored, which when executed by a processor implements the steps of the pcap pack sending method according to the above embodiments.
In the description, each embodiment is described in a progressive manner, and each embodiment is mainly described by the differences from other embodiments, so that the same similar parts among the embodiments are mutually referred. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of functionality in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. The software modules may be disposed in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The foregoing describes in detail a method for transmitting a pcap packet for attack testing, a device for transmitting a pcap packet, a server, and a computer-readable storage medium. Specific examples are set forth herein to illustrate the principles and embodiments of the present application, and the description of the examples above is only intended to assist in understanding the methods of the present application and their core ideas. It should be noted that it would be obvious to those skilled in the art that various improvements and modifications can be made to the present application without departing from the principles of the present application, and such improvements and modifications fall within the scope of the claims of the present application.
Claims (10)
1. The method for transmitting the pcap packet for the attack test is characterized by comprising the following steps of:
acquiring network configuration information through a preset path;
reading the data streams of all the corresponding pcap packets based on the pcap packet parameters;
filtering data stream packets in the data stream based on attribute information of the data stream packets to obtain a data stream to be sent;
and transmitting the data stream to be transmitted based on the network configuration information and the protocol information of the data stream to be transmitted.
2. The pcap packet transmission method of claim 1, wherein the acquiring network configuration information through a preset path includes:
inquiring the mac address of the source device and the mac address of the target device;
determining a source IP address and a target IP address based on the mac address of the source device and the mac address of the target device;
and taking the target IP address and the source IP address as the network configuration information.
3. The method for sending a pcap packet according to claim 1, wherein reading the data streams of all the corresponding pcap packets based on the pcap packet parameters includes:
determining the range of all the pcap packs based on the pcap pack parameters;
and reading the corresponding data stream according to the range of all the pcap packets.
4. The pcap packet transmitting method of claim 1 wherein filtering the data stream packets in the data stream based on attribute information of the data stream packets to obtain a data stream to be transmitted comprises:
acquiring attribute information of each data stream packet;
and deleting the data stream packet with the attribute information being special from the data stream to obtain the data stream to be sent.
5. The pcap packet transmission method of claim 1 wherein transmitting the data stream to be transmitted based on the network configuration information and protocol information of the data stream to be transmitted comprises:
identifying protocol information of the data stream to be transmitted based on the parameter information;
and sending the data stream to be sent according to the operation protocol corresponding to the protocol information and the network configuration information.
6. The pcap pack transmission method of claim 1, further comprising:
and initializing the operating environment.
7. A pcap packet transmission device for attack testing, comprising:
the configuration information acquisition module is used for acquiring network configuration information through a preset path;
the data stream reading module is used for reading the data streams of all the corresponding pcap packets based on the parameters of the pcap packets;
the data stream packet filtering module is used for filtering the data stream packets in the data stream based on the attribute information of the data stream packets to obtain the data stream to be sent;
and the data transmission module is used for transmitting the data stream to be transmitted based on the network configuration information and the protocol information of the data stream to be transmitted.
8. The pcap pack transmitting apparatus of claim 7, further comprising:
and the environment configuration module is used for initializing the operating environment.
9. A server, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the pcap pack transmission method according to any of claims 1 to 6 when executing said computer program.
10. A computer readable storage medium, characterized in that the computer readable storage medium has stored thereon a computer program which, when executed by a processor, implements the steps of the pcap packet sending method according to any of the claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111314414.8A CN113992424B (en) | 2021-11-08 | 2021-11-08 | Method and related device for transmitting pcap packet for attack test |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111314414.8A CN113992424B (en) | 2021-11-08 | 2021-11-08 | Method and related device for transmitting pcap packet for attack test |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113992424A CN113992424A (en) | 2022-01-28 |
| CN113992424B true CN113992424B (en) | 2024-02-02 |
Family
ID=79747161
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111314414.8A Active CN113992424B (en) | 2021-11-08 | 2021-11-08 | Method and related device for transmitting pcap packet for attack test |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113992424B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA3088179A1 (en) * | 2019-07-29 | 2021-01-29 | The Toronto-Dominion Bank | Intelligent security automation and continuous verification and response platform |
| CN113422774A (en) * | 2021-06-23 | 2021-09-21 | 安徽工业大学 | Automatic penetration testing method and device based on network protocol and storage medium |
-
2021
- 2021-11-08 CN CN202111314414.8A patent/CN113992424B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA3088179A1 (en) * | 2019-07-29 | 2021-01-29 | The Toronto-Dominion Bank | Intelligent security automation and continuous verification and response platform |
| CN113422774A (en) * | 2021-06-23 | 2021-09-21 | 安徽工业大学 | Automatic penetration testing method and device based on network protocol and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 实时IP反向追踪的研究方法;李强 朱弘恣 鞠九滨;计算机科学;第31卷(第12期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113992424A (en) | 2022-01-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109474575B (en) | DNS tunnel detection method and device | |
| Provos | A Virtual Honeypot Framework. | |
| US20190075049A1 (en) | Determining Direction of Network Sessions | |
| US7440406B2 (en) | Apparatus for displaying network status | |
| US20070297349A1 (en) | Method and System for Collecting Information Relating to a Communication Network | |
| WO2015165296A1 (en) | Method and device for identifying protocol type | |
| US20100309800A1 (en) | Network Monitoring And Intellectual Property Protection Device, System, And Method | |
| US11949697B2 (en) | Hierarchical scanning of internet connected assets | |
| EP1695486B1 (en) | Method and system for collecting information relating to a communication network | |
| CN108737385A (en) | A kind of malice domain name matching method mapping IP based on DNS | |
| CN106411828B (en) | The method, apparatus and system of quantization defence result | |
| AU2019396129A1 (en) | Apparatus and process for monitoring network behaviour of internet-of-things (IoT) devices | |
| CN106453610B (en) | The HTTPS data flow auditing method and system of operatable object quotient's backbone network | |
| Lin et al. | Low-storage capture and loss recovery selective replay of real flows | |
| CN113992424B (en) | Method and related device for transmitting pcap packet for attack test | |
| CN114338120A (en) | Segment scanning attack detection method, device, medium and electronic equipment | |
| KR102211503B1 (en) | Harmful ip determining method | |
| CN112422486A (en) | SDK-based safety protection method and device | |
| JP2010239392A (en) | System, device and program for controlling service disabling attack | |
| CN115776517A (en) | Service request processing method and device, storage medium and electronic equipment | |
| CN111669376B (en) | Method and device for identifying safety risk of intranet | |
| CN116668132A (en) | Local area network vulnerability detection method, system and device | |
| CN115242467A (en) | Network data identification method and system | |
| CN108306888B (en) | Network protection method and device based on SDN and storage medium | |
| Zhang et al. | Delude remote operating system (os) scan by honeyd |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |