TWI284809B - Method preventing illegal intrusion via bus - Google Patents

Method preventing illegal intrusion via bus Download PDF

Info

Publication number
TWI284809B
TWI284809B TW94127081A TW94127081A TWI284809B TW I284809 B TWI284809 B TW I284809B TW 94127081 A TW94127081 A TW 94127081A TW 94127081 A TW94127081 A TW 94127081A TW I284809 B TWI284809 B TW I284809B
Authority
TW
Taiwan
Prior art keywords
signal
identification
transmission
stored
transmission signal
Prior art date
Application number
TW94127081A
Other languages
Chinese (zh)
Other versions
TW200707215A (en
Inventor
Chih-Chiang Lee
Original Assignee
Mitac Int Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mitac Int Corp filed Critical Mitac Int Corp
Priority to TW94127081A priority Critical patent/TWI284809B/en
Publication of TW200707215A publication Critical patent/TW200707215A/en
Application granted granted Critical
Publication of TWI284809B publication Critical patent/TWI284809B/en

Links

Landscapes

  • Storage Device Security (AREA)
  • Small-Scale Networks (AREA)

Abstract

The present invention relates to a method preventing illegal instruction via bus. The method provides an identification module between a bus and a plurality of electronic devices, in which a microprocessor and a storage unit is disposed in the identification module. The storage unit stores a signal mapping table, in which the signal mapping table contains a plurality of storage signals and a plurality of identification codes, and matches each storage signal with an identification code. When the microprocessor receives a transmission signal outputted through a bus, and the identification code in the transmission signal is identical to the matching identification code of a storage signal, the objective of preventing the illegal intrusion of all sorts of data packets through the bus can be achieved even if the transmission signal passes through the identification module.

Description

1284809 五、發明說明(1) 【發明所屬之技術領域】 本發明係有關於可防止自匯流排非法入侵之方法,尤 指一種可對一匯流排所輸出之訊號加以辯識,以防止各種 資料封包經該匯流排入侵者。 【先前技術】 近年來,由於網際網 崛起,使得人們對網路所 的憧景,然而,在享受資 存在許多潛在的安全問題 路安全之問題愈來愈被重 擊之目的與手段不一,有 頁資料為其目的者,亦有 或竄改網頁資料,而採取 擊』(d i s t r i b u t e d d e n i DDoS攻擊),利用分散於 偽造來源地址(spoofed 包’癱瘓受害者所在的網 到1 %以下,導致網路伺服 為因應上述之攻擊與 路設備(如:交換機),以 官之機制,並針對違反網 斷,使網路安全機制得以 牆(Firewal1 )」,係- 路的快速成長,加上電子商務的 可能帶來的商機,存在無限美好 訊科技所帶來的便利性時,卻也 與網路駭客攻擊之威脅,使得網 視,一般而言,網路駭客發動攻 以入侵電腦系統以盜取或竄改網 目的不在於入侵電腦系統以盜取 一種所謂『分散式阻斷服務攻 al of service attacks ,簡稱 不同地方的多部電腦,發送大量 source IP addresses )的封 路伺服器,使其正常之接通率降 器無法提供正常的服務。 烕脅,即有業者開發出許多的網 建立網路流量監控及網路存取控 路政策之異常封包或連線加以阻 建立或被維持,而所謂的「防火 種架设在内部網路1284809 V. INSTRUCTION DESCRIPTION OF THE INVENTION (1) Technical Field of the Invention The present invention relates to a method for preventing illegal intrusion from a busbar, and more particularly to identifying a signal outputted from a busbar to prevent various data. The packet passes through the bus intruder. [Prior Art] In recent years, due to the rise of the Internet, people have been mired in the Internet. However, there are many potential security issues in the enjoyment of funds. The problem of road safety is becoming more and more severely attacked. The page information is for its purpose, and there is also or tampering with the webpage material, and the “distributeddeni DDoS attack” is used to spread the fake source address (spoofed package '瘫痪 the victim’s network is below 1%, resulting in network servoing In response to the aforementioned attacks and road devices (such as: switches), the official mechanism, and the violation of the network break, so that the network security mechanism can be wall (Firewal1), the rapid growth of the system - plus the possible When the business opportunities come from, there is the convenience brought by the unlimited technology, but also the threat of Internet hacking attacks, making the Internet, in general, Internet hackers attack to invade the computer system to steal or The purpose of tampering with the net is not to invade the computer system to steal a so-called "distributed blocking service attack". Multiple computers, sending a large number of source IP addresses) of road closures server, so the normal completion rate drop can not provide normal services.烕 threat, that is, some operators have developed a number of networks to establish network traffic monitoring and network access control policies, abnormal packets or connections to prevent or maintain, and the so-called "fire protection" is built on the internal network.

____

第5頁 1284809Page 5 1284809

(Intranet)及網際網路(internet)間之可監控管理的 緩衝界面(Gateway ),使網路管理人員得以藉由事先所 制定之資料存取機制,把怪異的偽造來源丨p封包過濾掉, 如·· 10. 〇· 0· 0/8、172· 16· 0· 0/12、192· 168· 0· 0/16〜,或 把網路電腦不需要的服務埠(Serv丨ce p〇rt )關掉,同3 時,也可藉由Ip位址、P〇rt及封包傳送方向 資訊封包的傳播。 t刺、,周路 而所謂的「系統管理匯流排(System Bus,簡稱SMBus)」,為一種針對電子元 的雙線(tw〇-wire )匯流排,係設在一南 Bridge chip )與複數個電子元件間(如 Monitor 、Clock Generat〇r),藉由系統 南橋晶片與該等電子元件間即可進行訊號 可取得該等電子元件之資料,如製造廠商 訊、錯誤訊號及狀態等,並使系統可接收 依其本身之狀態所傳送之訊號,以傳送一 電子裝置,而對該等電子裝置進行控制或 惟,相較於一般系統均設有可進行網 路存取控管的安全機制’例如前述防火牆 般系統在系、統管理匯流排方面卻未設有任 使各種資料封包得以輕易通過系統管理匯 ::元:’將導致該等電子元件内之資料 : 件之損壞’甚至連帶影響系統產生 情況’因此,若能針對此_安全漏洞施加(Intranet) and the Internet (Internet) can be monitored and managed by the buffer interface (Gateway), enabling network administrators to filter out the weird forgery source 丨p packets by means of a prior data access mechanism. Such as ··· 10. 〇· 0· 0/8, 172· 16· 0· 0/12, 192· 168· 0· 0/16~, or the service that is not needed for the network computer (Serv丨ce p〇 Rt) is turned off, the same as 3, the transmission of information packets can also be transmitted by Ip address, P〇rt and packet transmission direction. t 刺,,周路, the so-called "System Management Bus (SMBus)", is a two-wire (tw〇-wire) busbar for electronic elements, is set in a South Bridge chip) and plural Electronic components (such as Monitor, Clock Generat〇r), through the system between the South Bridge chip and the electronic components can be used to obtain information about the electronic components, such as manufacturer information, error signals and status, and Having the system receive signals transmitted in its own state for transmitting an electronic device, and controlling the electronic devices, or having a security mechanism for network access control compared to a general system For example, the aforementioned firewall-like system does not have any system management system, so that various data packets can be easily managed through the system:: Yuan: 'will cause the information in the electronic components: the damage of the pieces' even Affect the system's production situation' Therefore, if it can be applied to this _ security hole

Management 件之通訊所發展 橋晶片(South Hardware 管理匯流排,該 的傳輸,使系統 、型號、控制資 到該等電子裝置 控制訊號到該等 調整。 路流量監控及網 之保護措施,一 何的保護措施, 流排傳送到該等 被更改,或該等 不穩定或當機之 防範之安全機The management of the communication device developed the bridge chip (South Hardware management bus, the transmission, so that the system, model, control resources to the electronic device control signals to these adjustments. Road traffic monitoring and network protection measures, what? Protection measures, flow to the safety machine that has been changed, or such unstable or downtime

1284809 五、發明說明(3) 制’將可更完全地確保系統之安全 無虞 【發 各種 人依 累積 力研 匯流 侵之 別模 該儲 括複 明内容】 有鑑於前 資料封包 其多年來 的專業知 究與實驗 排非法入 本發明之 方法,在 組,該識 存單元内 數個儲存 述系統管 得以輕易 從事網路 識,悉心 後,終於 侵之方法 一目的, 理匯w排未有任何安全機制,導致 通過並造成破壞等諸多缺失,發明 設備及系統開發之技術經驗,以及 研究各種解決方案,經過長久的努 開發設計出本發明之一種可防止自 匹配一個識別 之一傳輸訊號 號所匹配之識 組,即可有效 確保系統安全 係提供 與複數 係設有 訊號對 數個識 微處理 該傳輸 ,即使 資料封 種可防止自匯流排非法入 匯流排與複數個電子元件間,係設有一識 別模組内 係儲存一 訊號及複 碼,當該 時,判斷 別碼相同 防止各種 無虞。 一微處理器及一 照表, 別碼, 器接收 訊號中 該傳輸 包經該 該訊號對 各該儲存 到自該匯 之識別碼 訊號通過 匯流排非 儲存單元, 照表内係包 訊號係分別 流排所輸出 與該儲存訊 該識別模 法入侵,以 t本發明之另一目的,係該訊號對照表内尚儲存複數個 >厂馬且各該狀態碼係分別與一個儲存訊號相匹配,當 ^微,理器接收到該傳輸訊號輸入時,即判斷該訊號對照 ς内疋否有與該傳輸訊號相同之該儲存訊號,且該傳輸訊 ^中之識別碼與該儲存訊號所匹配之識別碼是否相同,並1284809 V. Description of invention (3) The system will ensure the security of the system more completely [issuing all kinds of people in accordance with the cumulative force of research and development of the influx of the inclusion of the content of the recovery] In view of the previous data package its professional for many years The research and experimentation are illegally incorporated into the method of the present invention. In the group, several storage system tubes in the identification unit can be easily engaged in network knowledge, and after careful attention, finally invade the method for one purpose, the management w row does not have any The safety mechanism leads to many defects such as passing and causing damage, the technical experience of inventing equipment and system development, and researching various solutions. After long-term development, the invention realizes one of the inventions to prevent self-matching of one of the identification signals. Matching the identification group can effectively ensure that the system security system provides multiple pairs of signals with a plurality of signals to process the transmission, even if the data is sealed to prevent the illegal flow into the busbar and the plurality of electronic components from the busbar. The identification module stores a signal and a complex code. When this is the case, it is judged that the different codes are the same to prevent various types. . a microprocessor and a meter, the code, the signal received by the packet, the signal transmitted to the sink by the signal, and the signal of the identifier stored in the sink through the busbar non-storage unit The output of the flow row and the storage mode are invaded by the identification module. For another purpose of the present invention, a plurality of > factory horses are stored in the signal comparison table, and each of the status codes is respectively matched with a storage signal. When the device receives the transmission signal input, it determines whether the signal has the same storage signal as the transmission signal, and the identification code of the transmission signal matches the storage signal. Whether the identification codes are the same, and

12848091284809

且與該儲存訊號所匹配之狀 輸訊號通過該識別模組,以 非法入侵,並確保系統安全 為便貴審查委員能對 功效,做更進一步之認識與 詳細說明如下: 態碼係為開啟狀態,即使該傳 防止各種資料封包經該匯流排 無虞。 本發明之目的、技術特徵及其 瞭解,茲舉實施例配合圖式, 【實施方式】 本發明係一種可防止自匯流排非法入侵之方法,請參 1圖所示,在一匯流排1與複數個電子元件2間,係設 ,一,別模組3,該識別模組3内係設有一微處理器31及一 =存單兀32,該儲存單元32内係儲存一訊號對照表,該訊 k對照表内係包括複數個儲存訊號及複數個識別碼,各該 儲f訊號係分別匹配一個識別碼,當該微處理器3丨接收到 自為匯流排1所輸出之一傳輸訊號時,若判斷該傳輸訊號 中之硪別碼’與該儲存訊號所匹配之識別碼相同,即使該 傳輪訊號通過該識別模組3,如此,即可防止各種資料封 包經該匯流排1非法入侵,有效確保系統安全無虞。 ^ 為能更了解可防止自匯流排非法入侵之方法,請參閱 第2圖所示,乃依序說明處理步驟: (2 0 1)該微處理器31接收到該匯流排1所輸出之該傳輸 訊號; (2 0 2 )根據該傳輸訊號查找該訊號對照表中,是否有 何該儲存訊號與該傳輸訊號相同,若否,進行步驟And the signal transmitted by the stored signal passes through the identification module to illegally invade, and ensures the security of the system. The reviewer can make further understanding and detailed explanation as follows: The state code is on. Even if the pass prevents all kinds of data packets from passing through the bus. The present invention is directed to a method for preventing illegal intrusion from a busbar, as shown in Fig. 1, in a busbar 1 and A plurality of electronic components 2, a system, and a module 3 are provided. The identification module 3 is provided with a microprocessor 31 and a memory card 32. The storage unit 32 stores a signal comparison table. The k-reference table includes a plurality of storage signals and a plurality of identification codes, each of the stored f-signals respectively matching an identification code, and when the microprocessor 3 receives a transmission signal from the output of the busbar 1 If it is determined that the identification code in the transmission signal is the same as the identification code matched by the stored signal, even if the transmission signal passes through the identification module 3, the various data packets can be prevented from being illegally invaded by the bus 1 To ensure the safety of the system. ^ In order to better understand the method for preventing illegal intrusion from the bus, please refer to FIG. 2, and the processing steps are sequentially described: (2 0 1) The microprocessor 31 receives the transmission outputted by the bus 1. Signal (2 0 2), according to the transmission signal, find out whether the stored signal is the same as the transmission signal in the signal comparison table, and if not, proceed

第8頁 1284809 丑、發明說明(5) (2 0 5 ),若是,繼續進行下列步驟; (2 0 3 )判斷該傳輸訊號内之識別碼是否與該儲存訊號 所匹配之識別碼相同,若否,進行步驟(2 0 5 ),若是,繼 續進行下列步驟; (204)使該傳輸訊號通過該識別模組3 ; ( 205 )截斷該傳輸訊號之傳輸。Page 8 1284809 ugly, invention description (5) (2 0 5), if yes, continue with the following steps; (2 0 3) to determine whether the identification code in the transmission signal is the same as the identification code matched by the stored signal, No, the step (2 0 5) is performed, and if so, the following steps are continued; (204) the transmission signal is passed through the identification module 3; (205) the transmission of the transmission signal is cut off.

在本發明之一實施例中,該儲存單元32内尚儲存一設 定訊號及另一設定訊號,當該微處理器3 1接收到該設定訊 號時,即啟動判斷該傳輸訊號中之識別碼,與該儲存訊號 所匹配之識別碼是否相同之步驟,使得該識別模組3每當 接收到該傳輸訊號時,對該傳輸訊號中之識別碼進行判 斷,以防止各種資料封包經該匯流排1非法入侵,而當該 微處理器31接收到該另一設定訊號時,即停止判斷該傳輸 訊號中之識別碼,與該儲存訊號所匹配之識別碼是否相同 之步驟,使得該識別模組3每當接收到該傳輸訊號時,即 直接將該傳輸訊號輸出到該等電子元件2,藉由本發明之 方法,即可在平時防止該匯流排1被非法入侵,並在系統 進行設定時,可自由進行該傳輸訊號之傳輪。 在該實施例中,各該儲存訊號係分別與一個電子元件 2相匹配,當該傳輸訊號與該儲存訊號相同,且與該儲存 訊號之識別碼相同,該傳輸訊號即可被傳送到與該儲存訊 號相匹配之該電子元件2,藉由該傳輸訊號在該匯流排丨與 該等電子元件2間之傳輸,即可取得該等電子元件2之、In an embodiment of the present invention, a setting signal and another setting signal are stored in the storage unit 32. When the microprocessor 31 receives the setting signal, it starts to determine the identification code in the transmission signal. The step of determining whether the identification code matched by the stored signal is the same, so that the identification module 3 determines the identification code in the transmission signal every time the transmission signal is received, so as to prevent various data packets from passing through the bus 1 If the microprocessor 31 receives the other setting signal, it stops determining whether the identification code in the transmission signal is the same as the identification code matched by the storage signal, so that the identification module 3 is Whenever the transmission signal is received, the transmission signal is directly output to the electronic components 2, and the busbar 1 can be prevented from being illegally invaded by the method of the present invention, and can be illegally set in the system. Freely carry the transmission of the transmission signal. In this embodiment, each of the stored signals is matched with an electronic component 2, and when the transmission signal is the same as the stored signal and is identical to the identification code of the stored signal, the transmission signal can be transmitted to the The electronic component 2 with the matching signal is obtained, and the transmission signal is transmitted between the bus bar and the electronic component 2 to obtain the electronic component 2

第9頁 l284809Page 9 l284809

五、發明說明(6) 並使系統可接收到該等電子裝置依其本身之狀態所傳送之 訊號,使系統得以對該等電子元件2進行設定、控制或調 整。 〇 在本發明之另一實施例中,請參閱第3圖所示,該訊 號對照表内尚包括複數個狀態碼,各該狀態碼係分別與一 個儲存訊號相匹配,當該微處理器31接收到自該匯流排i 所輪出之該傳輸訊號時,即依下列步驟進行處理: (301)根據該傳輸訊號查找該訊號對照表中,是否有 何該儲存訊號與該傳輸訊號相同,若否,進行步驟 (3 〇 5 ),若是,繼續進行下列步驟; (3 0 2 )判斷該傳輸訊號内之識別碼是否與該儲存訊號 所匹配之識別碼相同,若否,進行步驟(3 〇 5 ),若是,繼 續進行下列步驟; ( 30 3 )判斷與該儲存訊號相匹配之狀態碼是否設定為 開啟狀態’右否’進行步驟(3 〇 5 ),若是,繼續進行下列 步驟; (3 0 4 )使該傳輸訊號通過該識別模組3 ; ( 305 )截斷該傳輸訊號之傳輸。 a 在該實施例中,該狀態碼係可由自該匯流排1所輸出 之一狀態訊號進行更改,該狀態訊號係與該訊號對照表内 其中一個該儲存訊號相同,且該狀態訊號内之一狀態設定 值,係可替代與該儲存訊號匹配之狀態碼,例如,當該狀 態訊號為該微處理器31所接收,經判斷與該訊號對照表内 之「Clock Generator」儲存訊號相同,且該狀態訊號内5. Description of the invention (6) and enable the system to receive signals transmitted by the electronic devices in their own state, enabling the system to set, control or adjust the electronic components 2. In another embodiment of the present invention, as shown in FIG. 3, the signal comparison table further includes a plurality of status codes, each of which is matched with a storage signal, respectively. When receiving the transmission signal that is rotated from the bus i, the following steps are performed: (301) Finding, according to the transmission signal, whether the storage signal is the same as the transmission signal in the signal comparison table, if No, proceed to step (3 〇 5), and if yes, continue with the following steps; (3 0 2 ) determine whether the identification code in the transmission signal is the same as the identification code matched by the stored signal, if not, proceed to step (3 〇 5), if yes, continue with the following steps; (30 3) determine whether the status code matching the stored signal is set to the on state 'right no' to perform the step (3 〇 5), and if so, continue with the following steps; 0 4) passing the transmission signal through the identification module 3; (305) truncating the transmission of the transmission signal. In this embodiment, the status code may be changed by a status signal outputted from the bus 1 , the status signal is the same as one of the stored signals in the signal comparison table, and one of the status signals The status setting value is a status code that matches the stored signal. For example, when the status signal is received by the microprocessor 31, it is determined to be the same as the "Clock Generator" storage signal in the signal comparison table, and the Within the status signal

第10頁Page 10

1284809 五、發明說明(Ό 之狀態設定值為「0」,即將與「Clock Generator」儲存 訊號相匹配之狀態碼更改為「〇」,如此,當「C10Ck G e n e r a t 〇 r」訊號傳輸到該識別模組3時,即使與該訊號對 照表内之「Clock Generator」儲存訊號相同,並與 「Clock Generator」儲存訊號之識別碼相同,但因與 「Clock Generator」儲存訊號相匹配之狀態碼係為 「0」’使得傳輸到該辯識模組之該rcl〇ck Generator」 訊號,仍舊無法通過該識別模組3,如此,可對各該儲存1284809 V. Invention Description (Ό The status setting value is “0”, the status code matching the “Clock Generator” storage signal is changed to “〇”, so when the “C10Ck Generat 〇r” signal is transmitted to the identification In module 3, even if it is the same as the "Clock Generator" stored in the signal comparison table and the same as the identification code of the "Clock Generator" storage signal, the status code matching the "Clock Generator" storage signal is "0" 'so that the rcl〇ck Generator signal transmitted to the identification module is still unable to pass the identification module 3, thus, for each of the storages

汛號之狀態碼自由進行設定,並針對重要之該儲存訊號再 加以設定’以提高系統之安全性。 在該實施例中,該訊號對照表係可為使用I2C (In = r-lntegrated Circuit)通訊協定之了位元對照 ,,藉由將該儲存訊號及識別碼儲存在該訊號對照表内, 糸可=制系統與該等電子元件2間訊號的傳輸。 太務=以上所述,僅為本發明最佳之一具體實施例,惟 tm:造特徵並不侷限於此,任何熟悉該項技藝者在 ,可輕易思及之變化或修飾,皆可涵蓋在以 下本案之專利範圍。 #The status code of the nickname is freely set and set for the important storage signal to improve the security of the system. In this embodiment, the signal comparison table may be a bit comparison using an I2C (In = r-lntegrated Circuit) protocol, by storing the storage signal and the identification code in the signal comparison table, The transmission of signals between the system and the electronic components 2 can be performed. Taike=The above is only one of the best embodiments of the present invention, but the tm: the feature is not limited thereto, and any one who is familiar with the art can easily change or modify it. In the following patent scope of this case. #

(D 1284809 圖式簡單說明 【圖式簡單說明】 第1圖係本發明之示意圖; 第2圖係本發明之一實施例之流程圖; 第3圖係本發明之另一實施例之流程圖。 【主要元件符號說明】 匯流排...............1 電子元件............2 識別模組............3 微處理器............31 儲存單元............32BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a schematic view of an embodiment of the present invention; FIG. 3 is a flow chart of another embodiment of the present invention; [Main component symbol description] Busbar...............1 Electronic component............2 Identification module....... .....3 Microprocessor............31 Storage unit............32

第12頁Page 12

Claims (1)

1284809 六、申請專利範圍 1、一種可防止自匯流排非法入侵之方 排與複數個電子元件間,係設有一識別模組一隹= 内係設有一微處理器及一儲存單元,該 。亥硪別模組 -訊號對照表,該訊號對照表内係包括 ::::存 複數個識別碼,各該儲存訊號係分別匹 依照下列步驟進行處理:斤輸出之料訊號時,將 根據該傳輸訊號,若查找到該訊號對 輸訊號相同之該儲存訊號,且判斷該傳輸訊號 過該識別模組; <識別碼相问,即使該傳輸訊號通 之識傳輸Γ號’之識別碼係與該儲存訊號所匹配 之識別馬不同,即截斷該傳輸訊號之傳輸。 薄失2杳并如申請專利範圍第1項所述之方法,其中該微處理 3查找到該訊號對照表中有與該傳輸訊號 訊號,即截斷該傳輸訊號之傳輸。 1儲存 替1、八如申請專利範圍第1項所述之方法,其中各該儲存 Φ 存;,:別與一個電子元件相四配,在該傳輸訊號與該儲 满相=相同,且該傳輸訊號之識別碼與該儲存訊號之識別 :5之狀態下,該傳輸訊號即可被傳送到與該儲存訊 相匹配之該電子元件。 A -肉A _如申请專利範圍第1項所述之方法,其中該儲存單 °儲存一設定訊號,當該微處理器接收到該設定訊號 、,卩啟動判斷該傳輸訊號中之識別碼,與該儲存訊號所1284809 VI. Scope of Application for Patenting 1. A method for preventing illegal intrusion from a busbar and a plurality of electronic components is provided with an identification module. The internal system is provided with a microprocessor and a storage unit. The 硪 硪 module-signal comparison table, the signal comparison table includes:::: storing a plurality of identification codes, each of the stored signals is processed according to the following steps: when the output signal of the jin is output, according to the Transmitting a signal, if it finds the stored signal with the same signal to the signal, and judges that the transmission signal passes the identification module; <identification code, even if the transmission signal is transmitted, the identification code of the identification number is Different from the identification horse matched by the stored signal, the transmission of the transmission signal is cut off. The method of claim 1, wherein the microprocessor 3 finds that the signal has a signal with the transmission signal, that is, the transmission of the transmission signal is cut off. 1 storing the method according to claim 1, wherein each of the storage Φ stores;,: not matched with an electronic component, wherein the transmission signal is the same as the storage phase = and The identification signal of the transmission signal and the identification of the stored signal: 5, the transmission signal can be transmitted to the electronic component matching the storage signal. The method of claim 1, wherein the storage unit stores a setting signal, and when the microprocessor receives the setting signal, the device starts to determine the identification code in the transmission signal. With the storage signal 1284809 六、申請專利範圍 匹配之識別碼是否相同之步驟。 5、 如申請專利範圍第1項所述之方 元内尚儲存另一設定訊號,當該微處理 定訊號時’即停止判斷該傳輸訊號中之 訊號所匹配之識別碼是否相同之步驟。 6、 如申請專利範圍第1項所述之方 照表内尚包括複數個狀態碼’各該狀態 存訊號相匹配,當該微處理器接收到該 下列步驟進行處理: 根據該傳輸訊號查找到該訊號對照 號相同之該儲存訊號,即判斷該傳輸訊 與該儲存訊號所匹配之識別碼相同; 若該傳輸訊號中之識別碼與該儲存 碼相同’且經判斷與該儲存訊號相匹配 開啟狀態’即使該傳輸訊號通過該識別 7、 如申請專利範圍第6項所述之方 設定為關閉狀態,即截斷該傳輸訊號之 8、 如申請專利範圍第6項所述之方 係彳輸出:j態訊號,該狀態訊號係與 中一個忒儲存訊號相號 俏,係玎替代與兮株+ 亥狀 U丨能 值 /、忒儲存訊號匹配之狀態 法,其中 器接收到 識別碼, 該儲存單 該另一設 與該儲存 法,其中該訊號對 碼係分別與一個儲 傳輸訊號時’即依 表中有與 號中之識 該傳輸訊 別碼是否 配之識別 係設定為 訊號所匹 之狀態碼 模組。 法,其中該狀態石馬 傳輸。法,其中 該訊號對 内之一狀 碼0 該匯流排 照表内其 態設定1284809 VI. Application for patent scope The steps for matching the identification codes are the same. 5. If another setting signal is stored in the module mentioned in item 1 of the patent application, when the micro-processing signal is issued, the step of determining whether the identification code matched by the signal in the transmission signal is the same is stopped. 6. If the party number table mentioned in item 1 of the patent application scope further includes a plurality of status codes, each of the status memory signals matches, and the microprocessor receives the following steps for processing: according to the transmission signal, The stored signal having the same control number is the same as the identification code matched by the stored signal; if the identification code in the transmitted signal is the same as the stored code, and it is determined that the stored signal matches The status 'even if the transmission signal passes the identification, and the party described in item 6 of the patent application is set to the off state, that is, the transmission signal is cut off, and the output is as described in item 6 of the patent application scope: The j state signal, the status signal is in phase with the one of the stored signals, and the system replaces the state method with the + + 亥 亥 亥 忒 忒 忒 忒 忒 忒 忒 忒 忒 忒 , , , , , 状态 状态 状态 状态 状态 状态 状态 状态 状态 状态The other setting and the storage method, wherein the signal pair code is respectively associated with a stored transmission signal, that is, whether the transmission code is matched by the number in the table. Do not set the system to match the signal status code module. Law, where the state of the stone horse is transmitted. Method, wherein the signal pair is in the code 0, the bus table is set in the table
TW94127081A 2005-08-10 2005-08-10 Method preventing illegal intrusion via bus TWI284809B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW94127081A TWI284809B (en) 2005-08-10 2005-08-10 Method preventing illegal intrusion via bus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW94127081A TWI284809B (en) 2005-08-10 2005-08-10 Method preventing illegal intrusion via bus

Publications (2)

Publication Number Publication Date
TW200707215A TW200707215A (en) 2007-02-16
TWI284809B true TWI284809B (en) 2007-08-01

Family

ID=39445981

Family Applications (1)

Application Number Title Priority Date Filing Date
TW94127081A TWI284809B (en) 2005-08-10 2005-08-10 Method preventing illegal intrusion via bus

Country Status (1)

Country Link
TW (1) TWI284809B (en)

Also Published As

Publication number Publication date
TW200707215A (en) 2007-02-16

Similar Documents

Publication Publication Date Title
CN109829297B (en) Monitoring device, method and computer storage medium thereof
US8191119B2 (en) Method for protecting against denial of service attacks
US7370354B2 (en) Method of remotely managing a firewall
Zander et al. Covert channels and countermeasures in computer network protocols [reprinted from ieee communications surveys and tutorials]
US7594009B2 (en) Monitoring network activity
WO2021139643A1 (en) Method and apparatus for detecting encrypted network attack traffic, and electronic device
US20030070084A1 (en) Managing a network security application
KR20150090154A (en) System and method for an endpoint hardware assisted network firewall in a security environment
RU2587542C2 (en) Detection and prevention of penetration into network of process plant
US7139679B1 (en) Method and apparatus for cryptographic protection from denial of service attacks
JP5311630B2 (en) Distributed state display intrusion detection for VoIP
JP2005117246A (en) Packet-discriminating apparatus
US20080244716A1 (en) Telecommunication system, telecommunication method, terminal thereof, and remote access server thereof
Chomsiri HTTPS hacking protection
CA2506418C (en) Systems and apparatuses using identification data in network communication
CN114143068A (en) Electric power internet of things gateway equipment container safety protection system and method thereof
JP2009071817A (en) Signature-free intrusion detection
Ovaz Akpinar et al. Development of the ECAT preprocessor with the trust communication approach
CN1176421C (en) Intraconnection network computer and Internet unauthorized connection monitoring system and its method
US20060107055A1 (en) Method and system to detect a data pattern of a packet in a communications network
TWI284809B (en) Method preventing illegal intrusion via bus
EP1987440B1 (en) Method and system for obviating redundant actions in a network
CN112839049B (en) Web application firewall protection method and device, storage medium and electronic equipment
CN115567243A (en) Switch monitoring method based on keywords
JP2023519910A (en) Methods for handling data anomalies, especially in automobiles

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees