CN114650153B - Video network security risk prevention system and method - Google Patents
Video network security risk prevention system and method Download PDFInfo
- Publication number
- CN114650153B CN114650153B CN202011495127.7A CN202011495127A CN114650153B CN 114650153 B CN114650153 B CN 114650153B CN 202011495127 A CN202011495127 A CN 202011495127A CN 114650153 B CN114650153 B CN 114650153B
- Authority
- CN
- China
- Prior art keywords
- video
- honeypot
- security
- honeypots
- video network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000002265 prevention Effects 0.000 title claims abstract description 39
- 238000000034 method Methods 0.000 title claims abstract description 30
- 238000012545 processing Methods 0.000 claims description 7
- 230000008676 import Effects 0.000 claims description 5
- 230000006399 behavior Effects 0.000 abstract description 39
- 235000012907 honey Nutrition 0.000 description 11
- 230000000694 effects Effects 0.000 description 8
- 238000004088 simulation Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 230000000903 blocking effect Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000009545 invasion Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 238000005422 blasting Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 239000006185 dispersion Substances 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000015654 memory Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N5/00—Details of television systems
- H04N5/76—Television signal recording
- H04N5/78—Television signal recording using magnetic recording
- H04N5/781—Television signal recording using magnetic recording on disks or drums
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Multimedia (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a video network security risk prevention system and a prevention method, wherein the video network security risk prevention system comprises video honeypots deployed in various video network devices and advanced security honeypots deployed on a management platform, wherein the video honeypots detect attack behaviors, if the video honeypots can be executed virtually successfully, the video network security risk prevention system sends a return display of the successful virtual execution to an attacker, otherwise, the video network security risk prevention system uploads the attack behaviors which cannot be executed virtually successfully to the advanced security honeypots; the advanced security honeypot receives the attack behavior uploaded by the video honeypot, performs virtual execution, and replies the successful return display of the virtual execution to the video honeypot so that the video honeypot can be sent to an attacker again. The video honeypots are deployed in the video network equipment, so that the video honeypots can be deployed in batches at low cost and large scale, network bottlenecks are avoided, and the large-scale video honeypots and the high-grade safety honeypots form a echelon honeypot system, so that the safety precaution performance is high.
Description
Technical Field
The application belongs to the technical field of network security risk prevention, and particularly relates to a video network security risk prevention system and a video network security risk prevention method.
Background
With the rapid development of video technology, video networks for live and video recording based on video acquisition are widely used. However, because the video acquisition cameras are all arranged outdoors, the number of cameras connected to the video network is huge, the management and maintenance are difficult, and illegal persons can easily attack, control the cameras or the management platform and steal or tamper corresponding key data through the access network. At present, many video networks bear the responsibility of social security, and once the video networks are illegally invaded, the situation that the situation development cannot be observed in real time and cannot be traced back is very likely to happen when traffic jam or social security incident occurs.
The early warning is an important ring for disposing security risks, and in the prior art, a trap is constructed by deploying honeypots on a path which an attacker must have, so that an attack target is confused, intranet invasion behaviors of hackers and interior ghosts are warned in real time, the hackers and the interior ghosts are decoy and isolated to delay the attack, and users are helped to trace and trace, block the attack and secure the security, so that network security is protected.
Honeypots are baits which are deployed on a network, disguised as real networks, hosts and services, and tempte malicious attack behaviors, and are valuable in collecting attack activity information on the network and monitoring, detecting and analyzing the attack activities. In the prior art, special hardware equipment with honey software installed is often deployed at a public network entrance and a network critical path, so that possible intrusion attack behaviors are prevented. However, the honey pot system deployed in this way is not suitable for the networking situation of large-flow and large-scale camera access distribution dispersion under a video network. Moreover, the deployed honeypots easily become bottlenecks of the whole system, and deployment on multiple network critical paths also increases network cost.
Disclosure of Invention
The purpose of the application is to provide a video network security risk prevention system and a video network security risk prevention method, which provide better security protection under the conditions of reducing the cost of deploying honeypots and not forming network bottlenecks.
In order to achieve the above purpose, the technical scheme of the application is as follows:
a video network security risk prevention system, the video network comprising video network devices, the video network security risk prevention system comprising video honeypots deployed in each video network device, and advanced security honeypots deployed in a management platform, wherein:
the video honeypot detects the attack behavior, if the video honeypot can be executed virtually successfully, the video honeypot sends a return display of successful virtual execution to an attacker, otherwise, the attack behavior which cannot be executed virtually successfully is uploaded to the high-level safety honeypot;
and the advanced security honeypot receives the attack behavior uploaded by the video honeypot, performs virtual execution, and replies the successful return display of the virtual execution to the video honeypot so that the video honeypot can be sent to an attacker again.
Further, the video network further comprises a security management server and security access equipment, and if the video honeypot and the advanced security honeypot find high risk, the high risk information is reported to the security management server;
and the security management server issues a command to the security access equipment or the video honeypot to block the high-risk according to the received high-risk information.
Further, when receiving an access request of a non-video network registered user, the video network equipment imports the access request into a video honeypot for processing.
Further, the video honeypot is a virtual honeypot.
Further, the high-level safety honeypot is a high-interaction physical honeypot.
The application also provides a video network security risk prevention method, the video network comprises video network equipment, the video network also comprises video honeypots deployed in the video network equipment and advanced security honeypots deployed on a management platform, and the video network security risk prevention method comprises the following steps:
the video honeypot detects the attack behavior, if the video honeypot can be executed virtually successfully, the video honeypot sends a return display of successful virtual execution to an attacker, otherwise, the attack behavior which cannot be executed virtually successfully is uploaded to the high-level safety honeypot;
and the advanced security honeypot receives the attack behavior uploaded by the video honeypot, performs virtual execution, and replies the successful return display of the virtual execution to the video honeypot so that the video honeypot can be sent to an attacker again.
Further, the video network further comprises a security management server and a security access device, and the video network security risk prevention method further comprises the following steps:
if the video honeypot and the high-level safety honeypot find out high-risk risks, reporting high-risk information to a safety management server;
and the security management server issues a command to the security access equipment or the video honeypot to block the high-risk according to the received high-risk information.
Further, when receiving an access request of a non-video network registered user, the video network equipment imports the access request into a video honeypot for processing.
Further, the video honeypot is a virtual honeypot.
Further, the high-level safety honeypot is a high-interaction physical honeypot.
According to the video network security risk prevention system and the video network security risk prevention method, the video honeypots are deployed in the video network equipment, so that the video honeypots can be deployed in batches at low cost and on a large scale, network bottlenecks cannot be caused, and the simulation degree is very high because the video honeypots are deployed in the real video network equipment. A large-scale video honeypot and an advanced safety honeypot form a echelon honeypot system, so that a honeypot system with high interaction and high simulation is realized, and the safety precaution performance is high.
Drawings
Fig. 1 is a schematic diagram of a network architecture of a video network security risk protection system according to an embodiment of the present application;
FIG. 2 is a schematic diagram of a video honey processing process according to the present application;
FIG. 3 is a schematic diagram of a network architecture of a video network security risk protection system according to another embodiment of the present application;
FIG. 4 is a timing diagram of security risk protection for a video network according to the present application;
FIG. 5 is a flowchart of a video network security risk prevention method according to an embodiment of the present application;
fig. 6 is a flowchart of a video network security risk prevention method according to another embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
In one embodiment of the present application, as shown in fig. 1, the video network includes video network devices, the video network security risk protection system includes video honeypots deployed in the respective video network devices, and advanced security honeypots deployed in a management platform, where:
the video honeypot detects the attack behavior, if the video honeypot can be executed virtually successfully, the video honeypot sends a return display of successful virtual execution to an attacker, otherwise, the attack behavior which cannot be executed virtually successfully is uploaded to the high-level safety honeypot;
and the advanced security honeypot receives the attack behavior uploaded by the video honeypot, performs virtual execution, and replies the successful return display of the virtual execution to the video honeypot so that the video honeypot can be sent to an attacker again.
The video network comprises a front-end device, a storage device, various management servers and the like. The front-end devices include, but are not limited to, various cameras, encoders, and other audio and video acquisition devices, the storage devices may be various memories, network hard disk recorders (NVRs), etc., and the management servers include, but are not limited to, video management servers, streaming media servers, etc. The various video network devices are connected through the network, the storage device and the management server can be located on a management platform of the back end, and the front end devices are distributed in various places covered by the video network, such as stations, buildings, roads and the like.
The safety risk prevention system of the embodiment is divided into two layers to deploy honeypots. The first tier is a video honey deployed on various video network devices, and the second tier is an advanced security honey deployed in the network, typically a management platform deployed at the back end.
The video honeypots deployed on various video network devices can most conveniently prevent common network attack behaviors due to the wide distribution range of various video devices and the large number of devices. The video honeypot of the embodiment generally adopts an SSH/Telnet honeypot formed based on an equipment security shell technology, and belongs to a virtual honeypot tool. Because the video honeypot is deployed on the real equipment of the video network, the simulation effect is higher, and the method can be deployed in batches with low cost and large scale.
The low-interaction virtual honeypot tool can simulate virtual network topology, an operating system and network services, respond to scanning attack behaviors according to the characteristics of the simulated network system, so that the purpose of deception is achieved, some virtual honeypot tools can simulate vulnerabilities existing in the system, and further transmit attack codes after scanning by a deception hacker or worm, so that the purpose of capturing malicious code samples is achieved. The virtual honeypot is convenient to deploy, but has low interaction degree, cannot capture high-interaction network attack activities, is easy to identify by hackers, and is suitable for capturing attack activities launched by automatic attack tools or network worms and the like. Gao Jiaohu the honey pot of the virtual machine refers to a honey pot system in which a plurality of virtual hosts are configured on one host machine, and a real operating system and network services are installed in the virtual hosts. The virtual machine honeypot performs high interaction with an attacker, and completely records all behaviors of the attacker when the attacker attacks a real system; the virtual machine honeypot has the advantages that the host saves resources, one machine can be used as a plurality of machines, centralized management of a host system is convenient, and the state of the system can be quickly recovered. An experienced hacker will likely discover the existence of the honeypot host based on information about the existence of the virtual machine. Therefore, the high-interaction virtual machine honeypot is suitable for tracking the attack activities of hackers such as script children, and has insufficient existence for the technical-advanced hacker population.
The working process of the video honeypot is shown in fig. 2, after an attacker logs in through an SSH or Telnet client, the login is redirected to the video honeypot (for example, a secure shell honeypot program can be imported into an embedded device through a busy box function) for interpretation, the interpretation is not to truly execute a corresponding system command, but is processed and returned according to an interpretation rule built in the video honeypot, and the output of the processed video honeypot is returned to the attacker. That is, the attack behavior command is only successful in virtual execution, the actual video honeypot does not do actual command operation in the system, and the simulation result including ps process or network and the like can be output in a simulation mode. The method and the device can also import the http access request of the non-video management platform source IP into the secure Shell honey processing program of the video equipment, and avoid revealing real video http.
The embodiment is distributed and deployed on various video network devices by utilizing the video honeypots, and can prevent part of common network attack behaviors. And an advanced security honeypot is deployed on a back-end management platform, so that the method is suitable for tracking a few technical-advanced hacking attacks.
The advanced security honeypot of the embodiment is a high-interaction physical honeypot system which uses a real physical host, installs a real operating system and opens a real service. The physical honeypot can provide a high-interaction environment, does not have trace information of a virtual environment, is not easy to be perceived by hackers, and is the most concealed honeypot system. However, the real host honeypot system has high requirements on system resources, and one physical host can only deploy one physical honeypot, so that the physical honeypot is suitable for tracking a few technical-advanced hackers.
It should be noted that, in the present application, preferably, the video honeypot uses a low-interaction virtual honeypot tool, and the advanced secure honeypot uses a high-interaction physical honeypot, so that the security requirement of a large-scale video network can be met, or a public video network with a higher security requirement in a public network can be met. For small video networks or video networks with low requirements on relative safety, a low-interaction virtual honeypot tool can be adopted for the video honeypot, and the high-interaction virtual honeypot is adopted for the advanced safety honeypot for precaution.
In the embodiment, two layers of honeypots are adopted, the first layer adopts a virtual honeypot, and the method is suitable for capturing attack activities launched by automatic attack tools or network worms and the like, and capturing scanning activity information and the like of malicious codes existing on a network aiming at a large-scale network. The second tier employs an advanced secure honeypot, due to the high level of hackers used to track small numbers of technologies. The first layer video honeypot detects the attack behavior, if the first layer video honeypot can be executed virtually successfully, the return display of the successful virtual execution is sent to an attacker, otherwise, the attack behavior which cannot be executed virtually successfully is uploaded to the high-level security honeypot. And the second-layer advanced security honeypot receives the attack behavior uploaded by the video honeypot, performs virtual execution, and replies the successful return display of the virtual execution to the video honeypot so that the video honeypot can be sent to an attacker again. Therefore, the two layers of honeypots are combined, the large-scale video honeypot and the high-grade safety honeypot form a echelon honeypot system, and the high-interaction and high-simulation honeypot system is realized.
It should be noted that, the video honeypot and the advanced secure honeypot form a multi-stage honeypot system, which aims to treat different network attacks in a multi-stage manner, if the network attacks are divided into more layers, the honeypot systems of corresponding layers can be similarly deployed, for example, a low-interaction virtual honeypot can be deployed in video network equipment, a high-interaction virtual honeypot and a high-interaction physical honeypot are deployed on a management platform of the video network, the low-interaction virtual honeypot transmits an attack which cannot be treated to the Gao Jiaohu virtual honeypot, and the high-interaction virtual honeypot transmits an attack which cannot be treated to the high-interaction physical honeypot, which is not repeated herein.
In another embodiment of the present application, as shown in fig. 3, the video network includes a video network device, the video network further includes a security management server and a security access device, and the video network security risk prevention system includes a video honeypot deployed in each video network device, and an advanced security honeypot deployed in a management platform, where:
the video honeypot detects the attack behavior, if the video honeypot can be executed virtually successfully, the video honeypot sends a return display of successful virtual execution to an attacker, otherwise, the attack behavior which cannot be executed virtually successfully is uploaded to the high-level safety honeypot;
the advanced security honeypot receives the attack behavior uploaded by the video honeypot, performs virtual execution, and replies a successful return display of the virtual execution to the video honeypot so that the video honeypot can be sent to an attacker again;
if the video honeypot and the high-level safety honeypot find out high-risk risks, reporting high-risk information to a safety management server;
and the security management server issues a command to the security access equipment or the video honeypot to block the high-risk according to the received high-risk information.
Specifically, if the video honeypot judges that the command of the attacker has high risk such as password blasting and the command wants to log in other video passwords, the high risk information is reported to the security management server, wherein the reported information comprises the source IP, the source port and the high risk behavior type of the attacker.
The high-level security honeypot analyzes and judges that high risk exists in the command or file information reported by the video honeypot, if Trojan virus characteristic behaviors exist after the file is executed, the high risk is reported to the security management server, and the reported information comprises a source IP, a source port, a high risk behavior type and a high risk file characteristic library (file abstract value and file header characteristics) of an intruder.
After receiving the high-risk information, the security management server can perform the following operations to perform security blocking:
and issuing a command to the security access equipment to block an attacker.
Or, issuing a command to the security access equipment, and blocking the high-risk files according to the file feature library.
Or, the issuing configuration notifies the video honey to close or disconnect the attacker from the video honey to avoid video honey risks.
The embodiment is further matched with a safety management server and safety access equipment of the video network on the basis of two layers of honeypots, and timely blocks attack when the honeypots find high risk, so that network safety is further improved. The honeypot, the video safety management server and the safety access equipment are linked to solve the problems of intrusion monitoring, defense and source tracing.
As shown in fig. 4, the video network security risk prevention system of the present embodiment performs the following operations:
an attacker initiates invasion;
after the video honeypot receives the attack behavior, the secure shell honeypot processes the attack behavior, backtracks the source of the attack behavior, and displays the processing result back;
reporting high-risk information to a security management server when the video honeypot finds high-risk;
the video honeypot reports attack behaviors (including unknown commands and files uploaded by invaders) which cannot be virtually executed successfully to the high-level safety honeypot;
the advanced safe honeypot is processed, and the return display result is returned to an attacker through the video honeypot;
reporting high-risk information to a safety management server when the high-risk is found by the high-level safety honeypot;
after receiving the high-risk information, the security management server informs the security access device to block the invader, or informs the security access device to block the high-risk file, or informs the video network device to close the video honeypot or block the invader to avoid further risk.
In one embodiment, when receiving an access request of a non-video network registered user, the video network device imports the access request into a video honeypot for processing.
The registered users in the general video network have the IP addresses recorded in the management server, and the access requests in the source IP non-management server records are imported into the video honeypot for safety and are processed, so that only the registered users can access in principle, and the risk can be further reduced.
Corresponding to the video network security risk prevention system, the application also provides a video network security risk prevention method, and the method is described by a specific embodiment.
In one embodiment, as shown in fig. 5, a video network security risk prevention method, where the video network includes video network devices, the video network further includes video honeypots deployed in the video network devices, and advanced security honeypots deployed in a management platform, the video network security risk prevention method includes:
the video honeypot detects the attack behavior, if the video honeypot can be executed virtually successfully, the video honeypot sends a return display of successful virtual execution to an attacker, otherwise, the attack behavior which cannot be executed virtually successfully is uploaded to the high-level safety honeypot;
and the advanced security honeypot receives the attack behavior uploaded by the video honeypot, performs virtual execution, and replies the successful return display of the virtual execution to the video honeypot so that the video honeypot can be sent to an attacker again.
In another embodiment, as shown in fig. 6, a security risk prevention method for a video network, where the video network includes video network devices, a security management server, and a security access device, the video network further includes a video honeypot deployed in each video network device, and an advanced security honeypot deployed in a management platform, the security risk prevention method for the video network includes:
the video honeypot detects the attack behavior, if the video honeypot can be executed virtually successfully, the video honeypot sends a return display of successful virtual execution to an attacker, otherwise, the attack behavior which cannot be executed virtually successfully is uploaded to the high-level safety honeypot;
the advanced security honeypot receives the attack behavior uploaded by the video honeypot, performs virtual execution, and replies a successful return display of the virtual execution to the video honeypot so that the video honeypot can be sent to an attacker again;
if the video honeypot and the high-level safety honeypot find out high-risk risks, reporting high-risk information to a safety management server;
and the security management server issues a command to the security access equipment or the video honeypot to block the high-risk according to the received high-risk information.
The above examples merely represent a few embodiments of the present application, which are described in more detail and are not to be construed as limiting the scope of the invention. It should be noted that it would be apparent to those skilled in the art that various modifications and improvements could be made without departing from the spirit of the present application, which would be within the scope of the present application. Accordingly, the scope of protection of the present application is to be determined by the claims appended hereto.
Claims (6)
1. A video network security risk prevention system, the video network including video network devices, characterized in that the video network security risk prevention system includes video honeypots deployed in each video network device, the video honeypots are virtual honeypots, and advanced security honeypots deployed at a management platform, the advanced security honeypots are high-interaction physical honeypots, wherein:
the video honeypot detects the attack behavior, if the video honeypot can be executed virtually successfully, the video honeypot sends a return display of successful virtual execution to an attacker, otherwise, the attack behavior which cannot be executed virtually successfully is uploaded to the high-level safety honeypot;
and the advanced security honeypot receives the attack behavior uploaded by the video honeypot, performs virtual execution, and replies the successful return display of the virtual execution to the video honeypot so that the video honeypot can be sent to an attacker again.
2. The video network security risk prevention system of claim 1, wherein the video network further comprises a security management server and a security access device, wherein the video honeypot and the advanced security honeypot report high risk information to the security management server if high risk is found;
and the security management server issues a command to the security access equipment or the video honeypot to block the high-risk according to the received high-risk information.
3. The video network security risk prevention system of claim 1 wherein the video network device, upon receiving an access request from a non-video network registered user, directs the access request to a video honeypot for processing.
4. A video network security risk prevention method, the video network including video network devices, characterized in that the video network further includes video honeypots deployed in each video network device, the video honeypots being virtual honeypots, and advanced security honeypots deployed in a management platform, the advanced security honeypots being high-interaction physical honeypots, the video network security risk prevention method comprising:
the video honeypot detects the attack behavior, if the video honeypot can be executed virtually successfully, the video honeypot sends a return display of successful virtual execution to an attacker, otherwise, the attack behavior which cannot be executed virtually successfully is uploaded to the high-level safety honeypot;
and the advanced security honeypot receives the attack behavior uploaded by the video honeypot, performs virtual execution, and replies the successful return display of the virtual execution to the video honeypot so that the video honeypot can be sent to an attacker again.
5. The video network security risk prevention method of claim 4, wherein the video network further comprises a security management server and a security admission device, the video network security risk prevention method further comprising:
if the video honeypot and the high-level safety honeypot find out high-risk risks, reporting high-risk information to a safety management server;
and the security management server issues a command to the security access equipment or the video honeypot to block the high-risk according to the received high-risk information.
6. The video network security risk prevention method of claim 4, wherein the video network device, upon receiving an access request from a non-video network registered user, imports the access request into a video honeypot for processing.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011495127.7A CN114650153B (en) | 2020-12-17 | 2020-12-17 | Video network security risk prevention system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011495127.7A CN114650153B (en) | 2020-12-17 | 2020-12-17 | Video network security risk prevention system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114650153A CN114650153A (en) | 2022-06-21 |
| CN114650153B true CN114650153B (en) | 2024-04-05 |
Family
ID=81990906
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011495127.7A Active CN114650153B (en) | 2020-12-17 | 2020-12-17 | Video network security risk prevention system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114650153B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101087196A (en) * | 2006-12-27 | 2007-12-12 | 北京大学 | Multi-layer honey network data transmission method and system |
| CN106687974A (en) * | 2014-09-17 | 2017-05-17 | 三菱电机株式会社 | Attack observation device and attack observation method |
| CN106850690A (en) * | 2017-03-30 | 2017-06-13 | 国家电网公司 | A kind of honey jar building method and system |
| CN109495472A (en) * | 2018-11-19 | 2019-03-19 | 南京邮电大学 | A kind of defence method for intranet and extranet camera configuration weak passwurd loophole |
| CN110493238A (en) * | 2019-08-26 | 2019-11-22 | 杭州安恒信息技术股份有限公司 | Defence method, device, honey pot system and honey jar management server based on honey jar |
| CN110912898A (en) * | 2019-11-26 | 2020-03-24 | 成都知道创宇信息技术有限公司 | Method and device for disguising equipment assets, electronic equipment and storage medium |
| CN111385308A (en) * | 2020-03-19 | 2020-07-07 | 上海沪景信息科技有限公司 | Security management method, device, equipment and computer readable storage medium |
-
2020
- 2020-12-17 CN CN202011495127.7A patent/CN114650153B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101087196A (en) * | 2006-12-27 | 2007-12-12 | 北京大学 | Multi-layer honey network data transmission method and system |
| CN106687974A (en) * | 2014-09-17 | 2017-05-17 | 三菱电机株式会社 | Attack observation device and attack observation method |
| CN106850690A (en) * | 2017-03-30 | 2017-06-13 | 国家电网公司 | A kind of honey jar building method and system |
| CN109495472A (en) * | 2018-11-19 | 2019-03-19 | 南京邮电大学 | A kind of defence method for intranet and extranet camera configuration weak passwurd loophole |
| CN110493238A (en) * | 2019-08-26 | 2019-11-22 | 杭州安恒信息技术股份有限公司 | Defence method, device, honey pot system and honey jar management server based on honey jar |
| CN110912898A (en) * | 2019-11-26 | 2020-03-24 | 成都知道创宇信息技术有限公司 | Method and device for disguising equipment assets, electronic equipment and storage medium |
| CN111385308A (en) * | 2020-03-19 | 2020-07-07 | 上海沪景信息科技有限公司 | Security management method, device, equipment and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114650153A (en) | 2022-06-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111385236B (en) | Dynamic defense system based on network spoofing | |
| CN112087413B (en) | Network attack intelligent dynamic protection and trapping system and method based on active detection | |
| WO2017139489A1 (en) | Automated honeypot provisioning system | |
| CN111641620A (en) | Novel cloud honeypot method and framework for detecting evolution DDoS attack | |
| Chen et al. | Intrusion detection | |
| CN104980423A (en) | Advanced persistent threat trapping system and method | |
| Razali et al. | IoT honeypot: A review from researcher's perspective | |
| CN113810423A (en) | Industrial control honey pot | |
| CN115134166A (en) | Attack tracing method based on honey holes | |
| Debashi et al. | Sonification of network traffic for detecting and learning about botnet behavior | |
| WO2021018440A1 (en) | METHODS FOR DETECTING A CYBERATTACK ON AN ELECTRONIC DEVICE, METHOD FOR OBTAINING A SUPERVISED RANDOM FOREST MODEL FOR DETECTING A DDoS ATTACK OR A BRUTE FORCE ATTACK, AND ELECTRONIC DEVICE CONFIGURED TO DETECT A CYBERATTACK ON ITSELF | |
| Haseeb et al. | Iot attacks: Features identification and clustering | |
| Szymczyk | Detecting botnets in computer networks using multi-agent technology | |
| CN115987531A (en) | Intranet safety protection system and method based on dynamic deception parallel network | |
| CN113660222A (en) | Situation awareness defense method and system based on mandatory access control | |
| Abdullah et al. | Preliminary study of host and network-based analysis on P2P Botnet detection | |
| CN111885020A (en) | Network attack behavior real-time capturing and monitoring system with distributed architecture | |
| CN114650153B (en) | Video network security risk prevention system and method | |
| Li-Juan | Honeypot-based defense system research and design | |
| Diebold et al. | A honeypot architecture for detecting and analyzing unknown network attacks | |
| Vokorokos et al. | Sophisticated honeypot mechanism-the autonomous hybrid solution for enhancing computer system security | |
| Singh et al. | A review on intrusion detection system | |
| Sable et al. | A Review-Botnet Detection and Suppression in Clouds | |
| CN112637217B (en) | Active defense method and device of cloud computing system based on bait generation | |
| Shukhratovich | Specific Features Of The Structure And Operation Of Network Attack Detection Systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |