KR101639428B1 - System for uni direction protocol control on board - Google Patents
System for uni direction protocol control on board Download PDFInfo
- Publication number
- KR101639428B1 KR101639428B1 KR1020150060847A KR20150060847A KR101639428B1 KR 101639428 B1 KR101639428 B1 KR 101639428B1 KR 1020150060847 A KR1020150060847 A KR 1020150060847A KR 20150060847 A KR20150060847 A KR 20150060847A KR 101639428 B1 KR101639428 B1 KR 101639428B1
- Authority
- KR
- South Korea
- Prior art keywords
- packet
- control module
- hacked
- data
- receiving
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/22—Arrangements for preventing the taking of data from a data transmission channel without authorisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/18—Protocol analysers
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
The present invention relates to a board-based unidirectional communication control system, and more particularly, to a board-based unidirectional communication control system which is installed between a server and a client, receives packets transmitted from the server and the client, And a unidirectional communication control module for disturbing the data block and the data size of the packet when it is judged that there is a hack, thereby blocking information flowing from the outside. Therefore, it is possible to prevent malicious Based unidirectional communication control system capable of blocking access and preventing internal data deception.
In the past, attack techniques such as worms and viruses were aimed at infringing the system, but recently attacks are mainly aimed at the use and leakage of system information.
A backdoor is a typical tool to infiltrate a target host and leak system information out of the administrator's surveillance.
BACKGROUND OF THE INVENTION A backdoor of a computer system refers to a method of passing general authentication, ensuring remote access, and gaining access to plain text and acquiring data without undetected behavior.
The types of back doors include logic bombs, worms, and trojan horses, but in addition to being maliciously constructed as such, there are a number of backdoor A backdoor can also exist.
The backdoor may take the form of an installed program, or it may be a variation of an existing program or hardware.
Backdoor threats surfaced as multi-user and network operating systems became widely accepted. Systems using proprietary software without source code are also exposed to backdoors frequently. It is also possible to create a back door without modifying the source code, or even to modify it after compilation, mainly by rewriting the compiler and inserting a back door into a specific part when compiling the source code.
In order to leak system information through such a back door, a communication channel must exist between the attacker and the target host. This characteristic is used as an important element for detecting the back door.
On the other hand, OSI (Open System Interconnection) 7Layer standard classifies layers by physical, data link, IP, TCP, etc., and constructs an information delivery system. In order to transmit and receive data, a forwarder and a receiver always transmit a message Exchange.
However, the media removal method which restricts the transmission / reception channel for the purpose of protecting information in the past is to remove any one of the transmission media (TX) / reception (RX) communication media according to the communication direction purpose and transmit / The agent has provided a response signal in place of the receiving-side message. In this case, although the physical connection of the communication is disconnected, there is a problem that the transmission / reception is recognized as normal from the protocol viewpoint.
SUMMARY OF THE INVENTION The present invention has been made to solve the above-mentioned problems occurring in the prior art, and it is an object of the present invention to provide a method and apparatus for receiving a packet transmitted from a server and a client, determining whether the packet is hacked through TCP / IP protocol analysis, And a unidirectional communication control module for interrupting information incoming from the outside by distorting the data block and the data size of the packet when judged, thereby blocking malicious access for the purpose of virus installation or information hacking from the outside, Based one-way communication control system capable of preventing unauthorized use of the board-based one-way communication control system.
According to an aspect of the present invention, there is provided a board-based unidirectional communication control system, which is installed between a server and a client, receives a packet transmitted from the server and the client, And a unidirectional communication control module for judging whether or not there is a hack, and for disturbing a data block and a data size of the packet to block information flowing from the outside.
The present invention has a technical effect of preventing malicious access for the purpose of virus installation or information hacking from the outside and preventing internal data deception.
FIG. 1 schematically shows a main configuration of a board-based unidirectional communication control system according to the present invention installed between a server and a client.
2A is a detailed block diagram of a transmission module in a configuration of a board-based unidirectional communication control system according to the present invention.
FIG. 2B is a detailed block diagram of a receiving module in the configuration of a board-based unidirectional communication control system according to the present invention.
FIG. 2C is a detailed block diagram of the control module of the board-based unidirectional communication control system according to the present invention.
3A shows a packet structure of an Ethernet frame according to the present invention.
3B shows an IP packet structure according to the present invention.
3C shows a TCP packet structure according to the present invention.
Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.
FIG. 1 schematically shows a main configuration of a board-based unidirectional communication control system according to the present invention installed between a server and a client. FIGS. 2A to 2C show configurations of a transmission module, a reception module and a control module, 3A to 3C show a packet structure, an IP packet structure, and a TCP packet structure of an Ethernet frame according to the present invention.
1, a board-based unidirectional
2A, the
2B, the
2C, the
Since the
The
The
In addition, when a virus check program for preventing hacking is interlocked, the
The
In more detail, the
Next, the packet ID is analyzed by analyzing the second packet transmitted from the
In addition, the access control list (ACL) can be excluded only for a specific IP address. For example, if an access control list (ACL) is set to a high-risk IP or a designated IP only, A source block or a method of removing a data block for an arbitrary IP can be used.
As a result, the
The
The
While the present invention has been described in connection with what is presently considered to be the most practical and preferred embodiment, it is to be understood that the invention is not limited to the disclosed embodiments. It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit of the invention.
100: Board-based unidirectional communication control system
110: Transmission module
120: receiving module
130: control module
131: cache memory unit
132:
133: Protocol Analysis Section
134:
135: Security Policy Department
136:
Claims (5)
Wherein the unidirectional communication control module comprises:
A transmission module for receiving a first packet transmitted from the server and transmitting the first packet to the control module;
A receiving module for receiving a second packet transmitted from the client and transmitting the second packet to the control module; And
The first packet and the second packet, and determines whether the first packet or the second packet is hacked through the TCP / IP protocol analysis. If the first packet or the second packet is determined to be hacked, And a control module for interrupting information input from the outside by distorting a data block and a data size of the data block,
The control module includes:
Receiving the first packet and the second packet to determine whether an IP listed on the TCP / IP protocol corresponds to an IP in a black list or a front flooding prohibited matter, and whether the first packet or the second A protocol analyzer for determining whether a packet is hacked;
When the protocol analyzing unit determines that the IP is an address in a black list, a front flow-out prohibited item, or that there is a hack in the first packet or the second packet, the data of the first packet or the second packet A packet manipulation unit for distorting blocks and data sizes to block information flowing from the outside; And a control unit for controlling the protocol analyzing unit and the packet manipulating unit,
The packet manipulation unit,
Sets the length of the IP payload data to '0', holds the packet ID, deletes the data block, and outputs a response signal including the processed result information To the receiving module, and transmits the received board-based unidirectional communication control signal to the receiving module.
Further comprising a security policy unit for checking whether a packet is hacked and performing a countermeasure against hacking according to a previously defined security criterion.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150060847A KR101639428B1 (en) | 2015-04-29 | 2015-04-29 | System for uni direction protocol control on board |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150060847A KR101639428B1 (en) | 2015-04-29 | 2015-04-29 | System for uni direction protocol control on board |
Publications (1)
Publication Number | Publication Date |
---|---|
KR101639428B1 true KR101639428B1 (en) | 2016-07-13 |
Family
ID=56505800
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150060847A KR101639428B1 (en) | 2015-04-29 | 2015-04-29 | System for uni direction protocol control on board |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101639428B1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2559431A (en) * | 2017-06-01 | 2018-08-08 | Garrison Tech Ltd | Web server security |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20000054538A (en) * | 2000-06-10 | 2000-09-05 | 김주영 | System and method for intrusion detection in network and it's readable record medium by computer |
KR20100073153A (en) * | 2008-12-22 | 2010-07-01 | 한국전자통신연구원 | Packet processing method and toe hardware using the same |
KR101463873B1 (en) | 2011-09-30 | 2014-11-20 | 주식회사 엔피코어 | Method and apparatus for preventing data loss |
-
2015
- 2015-04-29 KR KR1020150060847A patent/KR101639428B1/en active IP Right Grant
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20000054538A (en) * | 2000-06-10 | 2000-09-05 | 김주영 | System and method for intrusion detection in network and it's readable record medium by computer |
KR20100073153A (en) * | 2008-12-22 | 2010-07-01 | 한국전자통신연구원 | Packet processing method and toe hardware using the same |
KR101463873B1 (en) | 2011-09-30 | 2014-11-20 | 주식회사 엔피코어 | Method and apparatus for preventing data loss |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2559431A (en) * | 2017-06-01 | 2018-08-08 | Garrison Tech Ltd | Web server security |
GB2559431B (en) * | 2017-06-01 | 2020-09-02 | Garrison Tech Ltd | Web server security |
US11444958B2 (en) | 2017-06-01 | 2022-09-13 | Garrison Technology Ltd | Web server security |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10757134B1 (en) | System and method for detecting and remediating a cybersecurity attack | |
US7725936B2 (en) | Host-based network intrusion detection systems | |
EP1895738B1 (en) | Intelligent network interface controller | |
US9954873B2 (en) | Mobile device-based intrusion prevention system | |
EP3014813B1 (en) | Rootkit detection by using hardware resources to detect inconsistencies in network traffic | |
US9306974B1 (en) | System, apparatus and method for automatically verifying exploits within suspect objects and highlighting the display information associated with the verified exploits | |
US11122061B2 (en) | Method and server for determining malicious files in network traffic | |
US7137145B2 (en) | System and method for detecting an infective element in a network environment | |
US20190281071A1 (en) | Secure Notification on Networked Devices | |
US8079030B1 (en) | Detecting stealth network communications | |
US20090241196A1 (en) | Method and system for protection against information stealing software | |
US8533778B1 (en) | System, method and computer program product for detecting unwanted effects utilizing a virtual machine | |
US8763121B2 (en) | Mitigating multiple advanced evasion technique attacks | |
US20050086512A1 (en) | Worm blocking system and method using hardware-based pattern matching | |
KR101639428B1 (en) | System for uni direction protocol control on board | |
JP2005134972A (en) | Firewall device | |
US20170346844A1 (en) | Mitigating Multiple Advanced Evasion Technique Attacks | |
KR101663935B1 (en) | System and method for protecting against phishing and pharming | |
Ponomarev | Intrusion Detection System of industrial control networks using network telemetry | |
US11451584B2 (en) | Detecting a remote exploitation attack | |
CN115208596B (en) | Network intrusion prevention method, device and storage medium | |
KR101196366B1 (en) | Security NIC system | |
Singh et al. | COMPARATIVE ANALYSIS OF DATA SECURITY TECHNIQUES IN NETWORK ENVIRONMENT | |
REDDY et al. | A Review on Security Issues Related to Computer Networks | |
Batra et al. | Network and Information Security Issues |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant | ||
FPAY | Annual fee payment |
Payment date: 20190709 Year of fee payment: 4 |