CN114448711A - Mimicry defense system - Google Patents
Mimicry defense system Download PDFInfo
- Publication number
- CN114448711A CN114448711A CN202210148789.XA CN202210148789A CN114448711A CN 114448711 A CN114448711 A CN 114448711A CN 202210148789 A CN202210148789 A CN 202210148789A CN 114448711 A CN114448711 A CN 114448711A
- Authority
- CN
- China
- Prior art keywords
- web service
- user access
- access request
- database
- web
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000007123 defense Effects 0.000 title claims abstract description 29
- 230000004044 response Effects 0.000 claims abstract description 19
- 238000006317 isomerization reaction Methods 0.000 claims abstract description 12
- 230000002159 abnormal effect Effects 0.000 claims description 7
- 230000003044 adaptive effect Effects 0.000 claims description 7
- 238000011084 recovery Methods 0.000 claims description 5
- 238000013500 data storage Methods 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 11
- 230000006870 function Effects 0.000 description 10
- 238000012545 processing Methods 0.000 description 7
- 238000000034 method Methods 0.000 description 5
- 238000004088 simulation Methods 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 3
- 230000003068 static effect Effects 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 230000008260 defense mechanism Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000005315 distribution function Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 238000002513 implantation Methods 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/12—Avoiding congestion; Recovering from congestion
- H04L47/125—Avoiding congestion; Recovering from congestion by balancing the load, e.g. traffic engineering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Abstract
The embodiment of the invention discloses a mimicry defense system, which comprises: the request distribution balancing module is used for dynamically distributing the user access request to the heterogeneous redundant Web service execution body; the response redundancy voter is used for performing cross judgment on the responses of a plurality of Web service executors of the same user access request; the dynamic executive scheduler is used for controlling and switching the online/offline state of the Web service executive according to the judgment result, and the Web service executive with the state switched to be online becomes a heterogeneous redundant Web service executive; the non-similar Web virtual machine pool comprises a plurality of non-similar Web virtual machine sub-pools, and each non-similar Web virtual machine sub-pool comprises a plurality of Web service executors; and the database instruction isomerization module is used for receiving the user access request processed by the heterogeneous redundant Web service execution body, detecting and eliminating the illegal user access request. The embodiment of the invention can effectively resist external attacks.
Description
Technical Field
The invention relates to the technical field of computers, in particular to a mimicry defense system.
Background
Web servers are a major target of cyber attacks due to the tangible losses due to the documents stored therein, the supported traffic, and to victims. As the most important internet service carrying and providing way at present, the Web server is a virtual representation of the government, the enterprise and the individual on the internet, such as a Web portal of the government, the enterprise, a personal homepage and the like. Are all virtual representations of real entities on the internet. Web services are increasingly complex, the quality of Web application is high, most of network attacks use a Web server as an attack initiation point, and the security and the availability of the Web server become the focus problems in the field of network security.
Disclosure of Invention
The present invention is directed to solving at least one of the problems of the prior art. Therefore, the invention provides a mimicry defense system which can effectively resist external attacks.
A mimicry defense system according to an embodiment of the present invention includes: the request distribution balancing module is used for dynamically distributing the user access request to a heterogeneous redundant Web service executive in the dissimilar Web virtual machine pool; the response redundancy voter is used for carrying out cross judgment on the responses of the plurality of Web service executors of the same user access request to obtain a judgment result and transmitting the judgment result to the dynamic executor scheduler; the dynamic executive scheduler is used for controlling and switching the online/offline state of the Web service executive according to the judgment result, and the Web service executive with the state switched to be online becomes a heterogeneous redundant Web service executive; the non-similar Web virtual machine pool comprises a plurality of non-similar Web virtual machine sub-pools, and each non-similar Web virtual machine sub-pool comprises a plurality of Web service executors; and the database instruction isomerization module is used for receiving the user access request processed by the heterogeneous redundant Web service execution body, detecting and eliminating the illegal user access request.
According to some embodiments of the present invention, the request distribution balancing module is configured to dynamically distribute the user access request to a plurality of mutually independent and isolated Web service executors in the non-similar Web virtual machine pool according to a resource heterogeneity maximization policy; wherein the resource heterogeneity maximization policy comprises distributing the user access request to at least 3 Web service executives.
According to some embodiments of the present invention, the response redundancy voter is configured to perform a cross-decision on a plurality of heterogeneous Web service executors of the same user access request by using a same/asynchronous adaptive majority vote algorithm according to the security level; the safety level is divided according to indexes, and the indexes comprise the safety level of the data storage environment and the number of the attacks.
According to some embodiments of the present invention, the cross-deciding multiple heterogeneous Web service executors responses of the same user access request by using the same/asynchronous adaptive majority decision algorithm comprises: and if the execution results of more than half of the heterogeneous Web service executors are the same, determining that the execution results are normal.
According to some embodiments of the present invention, the performing a cross-decision on multiple heterogeneous Web service executors responding to the same user access request by using a same/asynchronous adaptive majority decision algorithm further comprises: when the execution result is normal, timing by a timer; and if the execution result of the cross judgment is normal when the preset time period is exceeded, adjusting the arbitration time period and carrying out time-sharing asynchronous arbitration.
According to some embodiments of the invention, the crossing decision comprises: and dividing the heterogeneous Web service execution bodies into a main execution body and a standby execution body, and taking the execution result of the main execution body as a judgment basis.
According to some embodiments of the present invention, the database instruction isomerization module is configured to filter the database read-write operation instruction according to the fingerprint feature information, and remove an access request of an illegal user.
According to some embodiments of the present invention, the fingerprint feature information is a string of characters for adding to the database read-write operation instruction.
According to some embodiments of the present invention, the database instruction isomerization module is configured to determine an operation result through a database instruction result voter, and perform voting recovery on a database with different operation results according to the operation result.
According to some embodiments of the present invention, the voting recovery of the database with different operation results according to the operation results includes: acquiring storage information of a plurality of databases, determining the number of the databases with consistent storage information, determining the database corresponding to the largest number in the number as a database with normal operation, and determining the rest databases as databases with abnormal operation; and restoring the storage information of the database with abnormal operation to be consistent with the storage information of the database with normal operation.
The mimicry defense system provided by the embodiment of the invention at least has the following beneficial effects:
the invention provides a Web server system with a mimicry architecture, which utilizes a mimicry defense principle to access a data layer externally, performs mimicry processing on a request command, sends a result with correct judgment to a client, and the client accesses a database according to the information; if the arbitration is wrong, a background software processing mechanism is triggered to clean or perform other operations on the externally requested data.
The invention solves the problem that the security is lost because a single and static Web server is easily attacked by an external network, carries out the simulation processing on the access command of the Web server and the database operation command, and introduces a simulation defense mechanism in an access data layer and a data operation layer, thereby effectively resisting the external attack.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a block diagram of the modules of a system according to an embodiment of the invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention.
In the description of the present invention, the meaning of a plurality of means is one or more, the meaning of a plurality of means is two or more, and more than, less than, more than, etc. are understood as excluding the present number, and more than, less than, etc. are understood as including the present number. If the first and second are described for the purpose of distinguishing technical features, they are not to be understood as indicating or implying relative importance or implicitly indicating the number of technical features indicated or implicitly indicating the precedence of the technical features indicated.
The design idea of the mimicry Web server is as follows: according to a mimicry defense principle, a functionally equivalent, diversified and dynamic non-similar Web virtual machine pool is constructed, technologies such as redundancy voting, dynamic executive scheduling and database instruction isomerization are adopted, an attack chain is blocked, the utilization difficulty of a vulnerability backdoor or a virus Trojan horse is increased, and the availability and the credibility of a Web server are ensured.
The mimicry defense principle of the invention is a mimicry defense model based on a dynamic heterogeneous redundancy structure. The model reduces the success probability of single-step attack, disturbs the feedback information of the attack and increases the uncertainty of the system by realizing the multi-level heterogeneity and the dynamic property, thereby achieving the purposes of increasing the attack difficulty and improving the system security. On the basis, a Web server based on a mimicry defense model is designed, and a multi-level dynamic heterogeneous redundancy structure is realized. In all simulated attack tests including scanning detection, Web application type attack, system breakthrough, system damage, backdoor implantation, backdoor triggering and the like, the mimicry defense Web server can effectively defend without obviously reducing the system performance. Compared with the existing defense technology, the simulated defense Web server can effectively improve the defense capability of the system on the premise of not obviously reducing the system performance.
Dynamic Heterogeneous Redundancy (DHR) architecture is the fundamental principle of mimicry defense, and the functions of a computer system can be summarized as "input-processing-output". The dynamic heterogeneous redundant structure uses a heterogeneous executive body set to process in a 'processing' link, the same input is copied into n parts through an input agent and is distributed to n heterogeneous executive bodies in the executive body set to process, a processing result is collected to a voter to vote, and the only relatively correct output is obtained. Heterogeneous elements form heterogeneous components, and the heterogeneous components are selected by a dynamic selection algorithm to form an online execution body set. Based on the feedback information at runtime, the dynamic selection algorithm will generate a new set of executables to replace the current set.
Referring to fig. 1, a system of an embodiment of the present invention includes: the system comprises a request distribution balancing module, a response redundancy voter, a dynamic execution body scheduler, a non-similar Web virtual machine pool and a database instruction isomerization module.
The request distribution balancing module is used for dynamically distributing the user access request to the heterogeneous redundant Web service executors in the dissimilar Web virtual machine pool. The request distribution balancing module of this embodiment is a real entry of a user request, and can dynamically distribute a user access request to a plurality of mutually independent and isolated Web service executors in a non-similar Web virtual machine pool according to a resource heterogeneity maximization policy, thereby implementing the dynamic, heterogeneous and diverse execution entities.
The resource heterogeneity maximization strategy is to use WEB servers with different architectures as many as possible as execution bodies, at least 3 architectures and more than 3 architectures are used, and a few of the architectures are selected according to the number of the types of the CPU architectures. For example, distribute user access requests to at least 3 Web service executives.
The request distribution balancing module of this embodiment distributes data through the unit device having the local exchange function or the copy distribution function, for example, all the receiving modules may be connected to the exchange chip, one data port of the exchange chip receives data, and then distributes data to other data ports.
And the response redundancy voter is used for performing cross judgment on the responses of the plurality of Web service executors of the same user access request to obtain a judgment result and transmitting the judgment result to the dynamic executor scheduler. The response redundancy voter is a real outlet of server response, and adopts a same/asynchronous self-adaptive majority vote algorithm to carry out cross judgment on a plurality of heterogeneous executive responses of the same request according to the security level requirement, so as to eliminate inconsistent information, ensure the consistency of output results, and transmit the judgment result to the dynamic executive scheduler, thereby being a key component for constructing Web service in a mimicry way. The security level in this embodiment may be divided by local setting or remote setting. The security level can be divided according to the security level of the data storage environment, the number of times of attack and other indexes, if the requirement of the indexes is high, the safety level is divided into high security levels, and functions such as the mimicry dynamic change frequency are correspondingly increased.
The implementation manner of the synchronous/asynchronous adaptive majority vote algorithm in this embodiment is as follows: and if more than half of execution bodies have the same execution result, the execution result can be considered to have no problem. If the long time voting algorithm is normal, the arbitration time period can be adjusted, and time-sharing asynchronous arbitration is carried out to reduce the overhead of the processor.
In the cross judgment of this embodiment, a plurality of executors are divided into a main executor and a standby executor, and the execution result of the main executor is used as a judgment basis, so that the main and standby executors can be dynamically switched after a period of operation, and the judgment basis is changed. The cross decision of the embodiment can improve the correctness of the decision and improve the dynamic change frequency at the same time so as to enhance the dynamic defense function.
And the dynamic executive body scheduler is used for controlling and switching the online/offline state of the Web service executive body according to the judgment result, and the Web service executive body with the state switched to be online becomes a heterogeneous redundant Web service executive body.
And the non-similar Web virtual machine pool comprises a plurality of non-similar Web virtual machine sub-pools, and each non-similar Web virtual machine sub-pool comprises a plurality of Web service executors.
And the database instruction isomerization module is used for receiving the user access request processed by the heterogeneous redundant Web service execution body, detecting and eliminating the illegal user access request.
It can be understood that the database instruction isomerization module is used for filtering the database read-write operation instruction according to the fingerprint characteristic information and rejecting the access request of the illegal user. Fingerprint characteristic information is unique information added by a designer, and through screening of the characteristic information, the instructions can be found to be executable instructions and externally leaked instructions. The fingerprint characteristic information is a string of special characters added into the read-write command, and is similar to encryption.
The database instruction isomerization module of this embodiment determines an operation result through the database instruction result voter, and performs voting recovery on databases with different operation results according to the operation result. Similar to the majority table mechanism, if most databases operate normally and few databases operate abnormally, the abnormal databases are recovered. For example, if there are three databases, and the information stored in the two databases is consistent, the third database is considered to be abnormal, and the abnormal database is recovered to the same data information as the other two databases.
The invention provides a Web server system with a mimicry architecture, which utilizes a mimicry defense principle to access a data layer externally, performs mimicry processing on a request command, sends a result with correct judgment to a client, and the client accesses a database according to the information; if the arbitration is wrong, a background software processing mechanism is triggered to clean or perform other operations on the externally requested data.
The invention solves the problem that the security is lost because a single and static Web server is easily attacked by an external network, carries out the simulation processing on the access command of the Web server and the database operation command, and introduces a simulation defense mechanism in an access data layer and a data operation layer, thereby effectively resisting the external attack.
Although specific embodiments have been described herein, those of ordinary skill in the art will recognize that many other modifications or alternative embodiments are equally within the scope of this disclosure. For example, any of the functions and/or processing capabilities described in connection with a particular device or component may be performed by any other device or component. In addition, while various illustrative implementations and architectures have been described in accordance with embodiments of the present disclosure, those of ordinary skill in the art will recognize that many other modifications of the illustrative implementations and architectures described herein are also within the scope of the present disclosure.
Certain aspects of the present disclosure are described above with reference to block diagrams and flowchart illustrations of systems, methods, systems, and/or computer program products according to example embodiments. It will be understood that one or more blocks of the block diagrams and flowchart illustrations, and combinations of blocks in the block diagrams and flowchart illustrations, respectively, can be implemented by executing computer-executable program instructions. Also, according to some embodiments, some blocks of the block diagrams and flow diagrams may not necessarily be performed in the order shown, or may not necessarily be performed in their entirety. In addition, additional components and/or operations beyond those shown in the block diagrams and flow diagrams may be present in certain embodiments.
Accordingly, blocks of the block diagrams and flowchart illustrations support combinations of means for performing the specified functions, combinations of elements or steps for performing the specified functions and program instruction means for performing the specified functions. It will also be understood that each block of the block diagrams and flowchart illustrations, and combinations of blocks in the block diagrams and flowchart illustrations, can be implemented by special purpose hardware-based computer systems that perform the specified functions, elements or steps, or combinations of special purpose hardware and computer instructions.
Program modules, applications, etc. described herein may include one or more software components, including, for example, software objects, methods, data structures, etc. Each such software component may include computer-executable instructions that, in response to execution, cause at least a portion of the functionality described herein (e.g., one or more operations of the illustrative methods described herein) to be performed.
The software components may be encoded in any of a variety of programming languages. An illustrative programming language may be a low-level programming language, such as assembly language associated with a particular hardware architecture and/or operating system platform. Software components that include assembly language instructions may need to be converted by an assembler program into executable machine code prior to execution by a hardware architecture and/or platform. Another exemplary programming language may be a higher level programming language, which may be portable across a variety of architectures. Software components that include higher level programming languages may need to be converted to an intermediate representation by an interpreter or compiler before execution. Other examples of programming languages include, but are not limited to, a macro language, a shell or command language, a job control language, a scripting language, a database query or search language, or a report writing language. In one or more exemplary embodiments, a software component containing instructions of one of the above programming language examples may be executed directly by an operating system or other software component without first being converted to another form.
The software components may be stored as files or other data storage constructs. Software components of similar types or related functionality may be stored together, such as in a particular directory, folder, or library. Software components may be static (e.g., preset or fixed) or dynamic (e.g., created or modified at execution time).
The embodiments of the present invention have been described in detail with reference to the accompanying drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the gist of the present invention.
Claims (10)
1. A mimicry defense system, comprising:
the request distribution balancing module is used for dynamically distributing the user access request to a heterogeneous redundant Web service executive in the dissimilar Web virtual machine pool;
the response redundancy voter is used for carrying out cross judgment on the responses of the plurality of Web service executors of the same user access request to obtain a judgment result and transmitting the judgment result to the dynamic executor scheduler;
the dynamic executive scheduler is used for controlling and switching the online/offline state of the Web service executive according to the judgment result, and the Web service executive with the state switched to be online becomes a heterogeneous redundant Web service executive;
the non-similar Web virtual machine pool comprises a plurality of non-similar Web virtual machine sub-pools, and each non-similar Web virtual machine sub-pool comprises a plurality of Web service executors;
and the database instruction isomerization module is used for receiving the user access request processed by the heterogeneous redundant Web service execution body, detecting and eliminating the illegal user access request.
2. The mimicry defense system according to claim 1, wherein the request distribution balancing module is configured to dynamically distribute a user access request to a plurality of independent and isolated Web service executors in the non-similar Web virtual machine pool according to a resource heterogeneity maximization policy;
wherein the resource heterogeneity maximization policy comprises distributing the user access request to at least 3 Web service executives.
3. The mimicry defense system of claim 1, wherein the response redundancy voter is configured to perform a cross-decision on a plurality of heterogeneous Web service executors responses of the same user access request by using a same/asynchronous adaptive majority vote algorithm according to a security level;
the safety level is divided according to indexes, and the indexes comprise the safety level of the data storage environment and the number of the attacks.
4. The mimicry defense system of claim 3, wherein the cross-decision of multiple heterogeneous Web service executors responses to the same user access request using a same/asynchronous adaptive majority vote algorithm comprises: and if the execution results of more than half of the heterogeneous Web service executors are the same, determining that the execution results are normal.
5. The mimicry defense system of claim 4, wherein the cross-deciding multiple heterogeneous Web service executors responses of the same user access request using the same/asynchronous adaptive majority vote algorithm further comprises:
when the execution result is normal, timing by a timer; and if the execution result of the cross judgment is normal when the preset time period is exceeded, adjusting the arbitration time period and carrying out time-sharing asynchronous arbitration.
6. The mimicry defense system of claim 1, wherein the crossing decision comprises: and dividing the heterogeneous Web service execution bodies into a main execution body and a standby execution body, and taking the execution result of the main execution body as a judgment basis.
7. The mimicry defense system according to claim 1, wherein the database instruction isomerization module is configured to filter the database read-write operation instructions according to the fingerprint feature information to remove illegal user access requests.
8. The mimicry defense system of claim 7, wherein the fingerprint feature information is a string of characters for adding to the database read-write operation command.
9. The mimicry defense system of claim 1, wherein the database instruction isomerization module is configured to determine an operation result through a database instruction result voter, and perform voting recovery on a database with different operation results according to the operation result.
10. The mimicry defense system of claim 9, wherein the voting recovery of the database with different operation results according to the operation results comprises:
acquiring storage information of a plurality of databases, determining the number of the databases with consistent storage information, determining the database corresponding to the largest number in the number as a database with normal operation, and determining the rest databases as databases with abnormal operation;
and restoring the storage information of the database with abnormal operation to be consistent with the storage information of the database with normal operation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210148789.XA CN114448711A (en) | 2022-02-17 | 2022-02-17 | Mimicry defense system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210148789.XA CN114448711A (en) | 2022-02-17 | 2022-02-17 | Mimicry defense system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114448711A true CN114448711A (en) | 2022-05-06 |
Family
ID=81374533
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210148789.XA Pending CN114448711A (en) | 2022-02-17 | 2022-02-17 | Mimicry defense system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114448711A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116405243A (en) * | 2023-02-16 | 2023-07-07 | 中国南方电网有限责任公司 | Heterogeneous redundant flow detection probe based on mimicry safety technology |
| CN116633694A (en) * | 2023-07-24 | 2023-08-22 | 南京赛宁信息技术有限公司 | WEB defense method and system based on multimode heterogeneous component |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110290100A (en) * | 2019-03-06 | 2019-09-27 | 广东电网有限责任公司信息中心 | A kind of mimicry Web server and user's request processing method based on SDN |
| CN111191229A (en) * | 2019-12-24 | 2020-05-22 | 国网天津市电力公司 | Power Web application mimicry defense system |
| CN111478970A (en) * | 2020-04-13 | 2020-07-31 | 国网福建省电力有限公司 | Power grid Web application mimicry defense system |
| CN112242923A (en) * | 2020-09-15 | 2021-01-19 | 中国人民解放军战略支援部队信息工程大学 | System and method for realizing unified data management network function based on mimicry defense |
-
2022
- 2022-02-17 CN CN202210148789.XA patent/CN114448711A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110290100A (en) * | 2019-03-06 | 2019-09-27 | 广东电网有限责任公司信息中心 | A kind of mimicry Web server and user's request processing method based on SDN |
| CN111191229A (en) * | 2019-12-24 | 2020-05-22 | 国网天津市电力公司 | Power Web application mimicry defense system |
| CN111478970A (en) * | 2020-04-13 | 2020-07-31 | 国网福建省电力有限公司 | Power grid Web application mimicry defense system |
| CN112242923A (en) * | 2020-09-15 | 2021-01-19 | 中国人民解放军战略支援部队信息工程大学 | System and method for realizing unified data management network function based on mimicry defense |
Non-Patent Citations (1)
| Title |
|---|
| 张铮;马博林;邬江兴;: "web服务器拟态防御原理验证系统测试与分析", 信息安全学报 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116405243A (en) * | 2023-02-16 | 2023-07-07 | 中国南方电网有限责任公司 | Heterogeneous redundant flow detection probe based on mimicry safety technology |
| CN116405243B (en) * | 2023-02-16 | 2023-12-26 | 中国南方电网有限责任公司 | Heterogeneous redundant flow detection device based on mimicry safety technology |
| CN116633694A (en) * | 2023-07-24 | 2023-08-22 | 南京赛宁信息技术有限公司 | WEB defense method and system based on multimode heterogeneous component |
| CN116633694B (en) * | 2023-07-24 | 2023-11-10 | 南京赛宁信息技术有限公司 | WEB defense method and system based on multimode heterogeneous component |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Kumari et al. | A survey of fault tolerance in cloud computing | |
| CN109587168B (en) | Network function deployment method based on mimicry defense in software defined network | |
| US10397255B1 (en) | System and method for providing security in a distributed computation system utilizing containers | |
| CN109257334B (en) | Block chain-based data uplink system, method and storage medium | |
| CN109218322B (en) | Mimicry defense method, device and system | |
| CN114448711A (en) | Mimicry defense system | |
| CN110166435B (en) | Mimicry Web gateway system and method for dynamic scheduling by adopting load balancing | |
| CN111191229A (en) | Power Web application mimicry defense system | |
| US20130139262A1 (en) | Taint injection and tracking | |
| CN110166436B (en) | Mimicry Web gateway system and method for dynamic scheduling by random selection | |
| US20150128262A1 (en) | Taint vector locations and granularity | |
| CN111478970A (en) | Power grid Web application mimicry defense system | |
| Binun et al. | Self-stabilizing Byzantine-tolerant distributed replicated state machine | |
| CN108924086A (en) | A kind of host information acquisition method based on TSM Security Agent | |
| Zhu et al. | A security protection framework for cloud computing | |
| Dsouza et al. | Building resilient cloud services using DDDAS and moving target defence | |
| Katsikas et al. | Model for network behaviour under viral attack | |
| CN111368307A (en) | Active defense method and system | |
| Bendahmane et al. | The effectiveness of reputation-based voting for collusion tolerance in large-scale grids | |
| Costa et al. | Chrysaor: Fine-grained, fault-tolerant cloud-of-clouds mapreduce | |
| Wu et al. | Heterogeneous executors scheduling algorithm for mimic defense systems | |
| Bendahmane et al. | Result verification mechanism for MapReduce computation integrity in cloud computing | |
| EP4231168A1 (en) | Mimic storage system and method for data security of industrial control system | |
| CN115174122A (en) | Verification code generation method, verification code verification method, device, equipment and medium | |
| CN114915460A (en) | Heterogeneous dynamic expansion and contraction capacity device and method for container cloud |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20220506 |
|
| RJ01 | Rejection of invention patent application after publication |