WO2019182219A1 - Système de réseau de confiance basé sur une chaîne de blocs - Google Patents

Système de réseau de confiance basé sur une chaîne de blocs Download PDF

Info

Publication number
WO2019182219A1
WO2019182219A1 PCT/KR2018/012531 KR2018012531W WO2019182219A1 WO 2019182219 A1 WO2019182219 A1 WO 2019182219A1 KR 2018012531 W KR2018012531 W KR 2018012531W WO 2019182219 A1 WO2019182219 A1 WO 2019182219A1
Authority
WO
WIPO (PCT)
Prior art keywords
agreement
trust network
result
white
network device
Prior art date
Application number
PCT/KR2018/012531
Other languages
English (en)
Korean (ko)
Inventor
윤대일
Original Assignee
(주)유미테크
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주)유미테크 filed Critical (주)유미테크
Publication of WO2019182219A1 publication Critical patent/WO2019182219A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/04Processing captured monitoring data, e.g. for logfile generation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/40Support for services or applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Definitions

  • a blockchain based trust network system A blockchain based trust network system.
  • wireless communication terminals such as leaking important confidentiality or hacking into the corporate network by using wireless communication terminals that are not authorized by individuals or companies or public institutions, etc., wirelessly increases. Doing.
  • Patent Document 1 Korean Patent Registration No. 10-1637912 (hereinafter, Patent Document 1).
  • Patent Literature 1 prevents security accidents by detecting a wired / wireless router with DNS information tampered with based on white / blacklist based on IP information.
  • IP may be changed to black even if it is registered as white
  • Patent Literature 1 is difficult to determine whether the IP is white / black in real time, and a disguised list may be distributed when the list is hacked, resulting in low network reliability. There is a problem that you can not defend hacking and so on.
  • the present applicant intends to provide a blockchain-based trust network system that can fundamentally control the access of network fraudulent accessors by generating and managing white / blacklists of source information based on the blockchain.
  • An object of the present invention is to store a white / black list in a distributed ledger of a member trust network device for determining whether to connect a trust network device, and to control connection connection and disconnection using the stored white / black list. It is to provide a blockchain-based trust network system that can provide a secured trust environment.
  • the present invention provides a blockchain-based trust network system that can provide a white / black list.
  • a plurality of trust network devices that determine connection or blocking through traffic analysis and fast diagnosis results (white or black) corresponding to connection or blocking by the traffic analysis It may include an infrastructure support system for determining the result of the first agreement of the participating participant trust network device, whether the agreement according to expert judgment and the result of the second agreement according to the agreement of the participating participant trust network device.
  • the plurality of trust network apparatuses may be updated in the distributed ledger upon receiving the first agreement result, and thereafter additionally recording the received second agreement result in the distributed ledger.
  • the log analysis system for analyzing the log generated during the traffic analysis to determine whether the white / black of the unmatched access information and whether the white / black judged by the log analysis system received according to expert judgment It may further include an expert judgment system for determining whether to agree.
  • the infrastructure support system may assign and manage an ID to the trust network device, and transmit the first agreement result and the second agreement result only when the trust network device is assigned an ID.
  • the infrastructure support system may determine a predetermined number of trusted network devices as a consensus participating trust network device by prioritizing the number of connected access terminals or the inflow traffic amount among the plurality of trusted network devices.
  • the infrastructure support system transmits a result of the agreement request packet to the agreement participating trust network device, and the result of the first agreement indicates that the total agreement ratio according to the agreement determination result received is greater than the standard agreement rate. Can be determined.
  • the respective ratios of the expert judgment system and the consensus participating trust network device are set, respectively, and upon receiving an agreement from the expert judgment system according to the expert judgment, the ratio of the total consensus of the expert judgment system and the consensus participating trust network device is based.
  • the result (white or black) larger than the agreed rate can be determined as the result of the second sum.
  • the consensus participation trust network device may determine the white or black through traffic analysis when receiving the agreement request packet required for the agreement determination and respond to the infrastructure support system.
  • the access information may be a source IP, a Mac address and a destination IP, a destination service port, and a trust network device ID connected to the corresponding trust network device, and the log analysis system may access the connection from a log generated during the traffic analysis.
  • a server that extracts information and quick diagnosis results, and judges white or black through a plurality of linked online IP real-time analysis systems, and the linked online IP real-time analysis system collects IPs on a network to determine whether they are harmful or not. Can be
  • the agreement request packet may be an IP address and a Mac address of a destination, an IP address and a service port of a destination, and the white / blacklist may include a flag distinguishing whether the access information is white or black.
  • the blockchain-based trust network system creates and updates a white / black list based on the blockchain to determine the connection / disconnection of the trust network device, and distributes and stores them in the authenticated member trust network device. This can be used to control the connection and disconnection of the trust network device.
  • the white / black list stored in the blockchain-based distributed ledger can not provide hacking and modifying arbitrary information to provide a secure environment with security, and it can reduce costs in terms of decentralized system construction.
  • the connection or blocking is determined through a quick diagnosis (traffic analysis), and the log generated from the quick diagnosis is analyzed to determine whether it is white or black. It can increase the reliability.
  • the distributed ledger is verified by verifying the white / black status determined through quick diagnosis and log analysis through the consensus process, and transmitting the verified final result (white / black status for the connection information to be diagnosed) only to the member trust network device. Updates can be made by adding to the pre-stored white / black list.
  • trusted trust network devices maintain distributed ledgers where the same white / black list is stored.
  • FIG. 1 is a view for explaining a schematic configuration of a blockchain-based trust network system according to an embodiment of the present invention.
  • FIG. 2 is a block diagram showing the configuration of the trust network apparatus of FIG.
  • FIG. 3 is a block diagram showing the configuration of the infrastructure support system of FIG.
  • FIG. 1 is a view for explaining a schematic configuration of a blockchain-based trust network system according to an embodiment of the present invention.
  • FIG. 2 is a block diagram showing the configuration of the trust network apparatus of FIG. 3 is a block diagram showing the configuration of the infrastructure support system of FIG.
  • a blockchain-based distributed ledger (harmfulness (white / black) information of an incoming traffic transmission source) is distributed to each trust network device (100: 100a, 100b).
  • the trust network apparatus 100 may be configured in the form of a trust embedded device 100b and a trust external device 100a.
  • a blockchain-based trust network system may include a plurality of trust network devices 100: 100a and 100b, a log analysis system 200, an expert judgment system 300, and an infrastructure support system 400. Can be.
  • the trust network apparatus 100 may have an additional function for providing a trusted network environment according to an embodiment of the present invention, in addition to the conventional network network function. Accordingly, the trust network device 100 is coupled to the trust embedded device 100b or the conventional network network device 10 according to an embodiment of the present invention having an integrated function (normal network network function and additional functions). And may be provided in the form of a trust enclosure 100a that can provide additional functions.
  • the network apparatus may include an access point (AP), a gateway, a node B, a radio network controller (RNC), an enode B, a base station controller (BSC), a base transceiver station (BTS), a base station (BS), and a transceiver function (TF). ), May include, or be implemented as a Wi-Fi router, radio transceiver, or some other terminology.
  • AP access point
  • gateway a node B
  • RNC radio network controller
  • RNC radio network controller
  • BSC base station controller
  • BTS base transceiver station
  • BS base station
  • TF transceiver function
  • the trust network apparatus 100a or 100b includes a white / blacklist 110, a connection determination unit 120, a quick diagnosis unit 130, a log transmission unit 140, and an agreement unit 150. can do.
  • the trust network apparatus 100a or 100b When the trust network apparatus 100a or 100b is registered through the member manager 310 of the infrastructure support system 400, the trust network apparatus 100a or 100b may be given an ID.
  • the trust network apparatuses 100a and 100b given the ID may store a white black list that is generated and updated based on the block chain.
  • the white / black list 110 generates the first agreement result determined through the first agreement process as a new block and first records the result, and the second agreement result determined through the second agreement process is the final result. Can be updated and recorded.
  • the first agreement process transmits the quick diagnosis result (black or white decision) that is quickly diagnosed through traffic analysis in the quick diagnosis unit 130 to the infrastructure support system 400, and the fast diagnosis in the infrastructure support system 400.
  • the agreement request packet is transmitted to the agreement participating trust network devices 100a and 100b to receive the agreement of each of the participating trust network devices, and the result of the agreement is calculated as a result of the first agreement.
  • the agreement request packet may be packet data including an IP address and a MAC address of a destination (remote destination), an IP address and a service port of a destination.
  • the second agreement process transmits the quick diagnosis log generated during the traffic analysis of the quick diagnosis unit 130 in the log transmission unit 140 to the log analysis system 200, and the big data analysis in the log analysis system 200.
  • the white or black is judged through the judges to transmit the results of the judging to the expert judgment system 400
  • the expert judgment system 300 determines whether to agree on the basis of expert judgment and transmits to the infrastructure support system 400
  • the agreement request packet is transmitted to the agreement participation trust network devices 100a and 100b to receive the agreement of each agreement participation trust network device, and use the same. It can be a process of transmitting the calculated second agreement result to the member trust network device as a final result.
  • the white / black list 110 is recorded in a blockchain manner, and when a block recording instruction (first agreement result and second agreement result) is received from the infrastructure support system 400, the white / black list 110 is previously stored in the distributed ledger. You can update the list by appending to the black list. Accordingly, the member trust network apparatus 100a or 100b may store the same white / blacklist 110.
  • the white / blacklist 110 may store the whitelist and the blacklist separately, and the whitelist and the blacklist may be a destination IP address and a MAC address, a destination IP address and a service port, a trust network device ID, and a flag. Can be stored separately.
  • the flag is information distinguishing whether the connection information is white or black
  • the trust network device ID may be an ID assigned to the member trust network devices 100a and 100b.
  • connection determination unit 120 may connect the traffic inflow of the transmission destination classified as white and block the traffic inflow of the transmission destination classified as black according to the information of the white / black list 110 generated based on the reliability. have.
  • the access information may further include an IP address and MAC address of the destination, an IP address and a service port of the destination, and a trust network device ID (an ID assigned to the member trust network devices 100a and 100b).
  • the connection determination unit 120 may compare the access information included in the corresponding packet header with the pre-stored white / black list 110 when determining the network connection or blocking. In this case, when the connection information of the destination is included in the white list, the network connection is controlled to receive the information according to the traffic flowing into the access terminal 20, and the network blocking is performed when the access information is included in the black list. Blocking control may be such that traffic is not provided to the terminal 20.
  • the connection determination unit 120 determines connection or blocking by using the last updated white / black list 110 based on the traffic inflow time, and may be performed for each network connection device 100a and 100b.
  • connection determination unit 120 may determine the amount of incoming traffic and the number of access terminals at a predetermined cycle and transmit the same to the infrastructure support system 400.
  • a quick diagnosis result Can be done if the access information of the incoming traffic does not match the white / black list, that is, if not included through the traffic analysis (fast diagnosis) of the quick diagnosis unit 130 to determine the connection or blocking.
  • the quick diagnosis unit 130 may analyze the traffic introduced according to a predetermined algorithm and block network connection of the corresponding destination when an abnormal pattern occurs, such as when detecting abnormal data and detecting an inflow of try traffic.
  • a quick diagnosis result may be determined in black.
  • the quick diagnosis unit 130 transmits a quick diagnosis result (black or white determined by the quick diagnosis of the quick diagnosis unit 130) to the infrastructure support system 400, and the fast diagnosis agreement process of the infrastructure support system 400 ( That is, the white / black list 110 may be additionally recorded in the distributed ledger by the quick diagnosis result (black or white) received through the first agreement process.
  • the log transmitter 140 may transmit the logs (system log, quality log, diagnostic log, health check log, and event log, etc.) generated in the trust network device 100a or 100b to the log analysis system 200 at predetermined intervals. have.
  • the log transmitter 140 may transmit a log (fast diagnostic diagram) generated during the traffic analysis of the quick diagnosis unit 130 to the log analysis system 200.
  • the agreement unit 150 operates only when an agreement request packet is received from the infrastructure support system 400.
  • the trust network devices 100a and 100b are adopted as the agreement participating trust network devices to determine white or black information on access information. It is driven when the agreement is required for, and controls the quick diagnosis unit 130 to diagnose whether the requested connection information is white or black using the received agreement request packet, and the diagnostic result of the quick diagnosis unit 130 As a result of agreement or not, it may be transmitted to the infrastructure support system 400.
  • the agreement unit 150 may receive a first agreement result, which is the result of the agreement according to the first agreement of the participating trust network devices, from the infrastructure support system 400, and stores the received first agreement result in white / black.
  • the list 110 may be continuously recorded in the distributed ledger.
  • the consensus unit 150 receives the final result, which is the result of the second agreement according to the second agreement of the participating network of the participating trust network, from the infrastructure support system 400, the consensus unit 150 records the result of the second agreement (final result) in the distributed ledger. can do.
  • the member trust network device (100a, 100b) in the infrastructure support system 400 can be updated to the same white / black list 110 in the distributed ledger. Therefore, hacking and random information modification of the white / black list stored in the blockchain-based distributed ledger are impossible, thereby enhancing security. In particular, it is possible to further increase the reliability by transmitting the agreement result only to the member trust network device.
  • the log analysis system 200 may perform big data analysis by receiving logs from the plurality of trust network devices 100a and 100b. At this time, the log analysis system 200 predicts a failure / failure by using logs (system log, quality log, diagnostic log, health check log, event log, etc.) received at a predetermined cycle, and supports infrastructure when predicting a failure / failure.
  • the trust network device information may be transmitted to the system 400, and the trust network device may be excluded when the agreement is selected.
  • the log analysis system 200 determines the white or black determination result of the quick diagnosis unit 130 for the connection information of the source and the destination traffic from the quick diagnosis log generated during the traffic analysis of the quick diagnosis unit 130 (quick diagnosis). Result) can be extracted.
  • the log analysis system 200 may analyze whether the connection information of the corresponding destination is black or white through a plurality of on-line IP real-time analysis systems linked thereto.
  • the online IP real-time analysis system may be a service server that collects the IP on the network (Internet) and determines whether the collected IP is harmful.
  • the log analysis system 200 may re-determine the white or black determination result (fast diagnosis result) of the quick diagnosis unit 130 and transmit the judgment result to the infrastructure support system 400.
  • the log analysis system 200 judges the result (harm or non-harm) that the IP harmfulness (result of whether the connection information of the sender is black or white) received from a plurality of on-line IP real-time minute systems is equal to or greater than a preset ratio. It can be determined to be a black (hazardous black, non-hazardous white), and transmitted to the expert judgment system 300.
  • the expert judgment system 300 is a highly reliable server participating in the consensus process, and may receive an expert judgment.
  • the expert judgment system 300 may receive and provide a result of the judging of the log analysis system 200, and transmit the expert final judgment thereof to the infrastructure support system 400.
  • the infrastructure support system 400 may request to record the agreed first agreement result in the distributed ledger of the member trust network device by performing the first agreement process upon receiving the quick diagnosis result from the fast diagnosis unit 130.
  • the support system 400 receives a decision on whether or not to agree on the result of the judgment from the expert judgment system 300, the support system 400 performs a second agreement process through the consensus participation trust network device to perform the second agreement process in the member trust network devices 100a and 100b. Combined with the result of the first agreement, it is possible to update to the result of the second agreement finally decided.
  • the infrastructure support system 400 may include a member management unit 310, an agreement participation selection unit 320, and an agreement request and determination unit 330.
  • the infrastructure support system 400 allows the access information to be updated in the white / blacklist 110 through the agreement upon receiving a decision (white or black) on the result of the judgment from the expert judgment system 300. .
  • the infrastructure support system 400 may control to be updated only in the member trust network device (100a, 100b).
  • the member manager 310 may assign IDs (via authentication) of the trust network apparatuses 100a and 100b and register them as members, and manage the trust network apparatuses 100a and 100b using the assigned IDs.
  • the infrastructure support system 400 may transmit an instruction only to the registered trust network apparatuses 100a and 100b by performing authentication through the member manager 310.
  • the agreement participation selecting unit 320 classifies the traffic amount and the number of access terminals received from the trust network apparatuses 100a and 100b in a predetermined cycle by the trust network apparatus ID, and prioritizes the received traffic amount and the number of access terminals.
  • a predetermined number of trust network devices 100a and 100b may be selected as a consensus participating trust network device.
  • a plurality of terminals may be connected to a reliable trust network device, which may generate a large amount of traffic.
  • a reliable trust network device which may generate a large amount of traffic.
  • the traffic amount and the number of access terminals are received from 100 trust network devices at predetermined intervals, and 20 trusts (preset number (rate)) are based on priority.
  • the network devices 100a and 100b may be selected as a consensus participating trust network device.
  • the expert judgment system 300 for verifying the determination result may be configured to participate in the second consensus process regardless of the traffic amount and the number of access terminals.
  • the agreement request and decision unit 330 transmits an agreement request packet to an agreement participating trust network device to perform a first agreement or a second agreement according to the received data (quick diagnosis result or judicial result). The result can be received.
  • the agreement request and decision unit 330 may calculate an agreement result using the agreement determination result received from the agreement participating trust network devices.
  • the first agreement may be performed by the selected consensus participating trust network device (for example, 20 out of 100), and the second agreement may be performed by the infrastructure support system 300 in addition to the selected consensus participating trust network device.
  • Can participate may be performed by the selected consensus participating trust network device (for example, 20 out of 100), and the second agreement may be performed by the infrastructure support system 300 in addition to the selected consensus participating trust network device.
  • the agreement request and decision unit 330 may set the weight ratio (consensus voting rights ratio) and the standard agreement rate of the expert judgment system 300, and may calculate the agreement result according to the agreement policy.
  • the standard agreement rate is a ratio for determining the agreement. For example, if the result of the agreement decision of the participating network is 20% black and 80% white, the standard agreement rate is 60%. White (greater than 60%) can be decided as a result of the settlement.
  • the weight ratio of the expert judgment system 300 is the percentage of voting rights in the agreement. For example, if the weight ratio of the expert judgment system 300 is 80%, the weight ratio of the trust network apparatus participating in the agreement may be 20%. . Thus, if there are 20 consensus participating trust network devices, each consensus participating trust network device has a 1% consensus share.
  • the infrastructure support system 400 may determine that the result of the black and white according to the weight of each agreement is greater than or equal to the standard agreement rate as the agreement result.
  • the overall agreement ratio may depend on the ratio of the agreement of the expert judgment system 300 based on the reliability.
  • the final result can have a high reliability.
  • the agreement request and decision unit 330 may transmit the final result to the member trust network device.
  • the consensus participation selection unit 320 applies a + weighting value to the trust network device that has made a determination corresponding to the result of the second agreement among the consensus participating trust network devices, thereby applying a high reputation to the trust network device to give priority to the consensus selection process. Can provide.
  • the consensus participant selection unit 320 may apply a -weight value to the trust network device that has made a judgment that does not correspond to the result of the second agreement among the consensus participating trust network devices, and may apply a low reputation and exclude it from the consensus selection selection. have. The more you participate in the agreement, the higher your reputation.
  • FIGS. 1-3 are only the main matter of this invention, and as long as various designs are possible within the technical range, this invention is not limited to the structure of FIGS. Is self explanatory.
  • network device 20 access terminal

Abstract

La présente invention concerne un système de réseau de confiance basé sur une chaîne de blocs comprenant : une pluralité de dispositifs de réseau de confiance pour, lorsque le trafic arrive, déterminer une connexion ou un blocage par comparaison d'informations d'accès d'une destination avec une liste blanche/noire pré-stockée dans un registre distribué, lorsque les informations d'accès ne correspondent pas à la liste blanche/noire, la connexion ou le blocage est déterminé par l'intermédiaire d'une analyse de trafic; et un système de support d'infrastructure pour déterminer un premier résultat d'accord d'un dispositif de réseau de confiance de participation à un accord par rapport à un résultat de diagnostic rapide (blanc ou noir) correspondant à la connexion ou au blocage selon l'analyse de trafic, et un second résultat d'accord sur la base de l'accord ou du désaccord en fonction de la détermination d'un expert et de l'accord/désaccord du dispositif de réseau de confiance de participation à un accord, la pluralité de dispositifs de réseau de confiance enregistrant le premier résultat d'accord dans le registre distribué lorsque le premier résultat d'accord est reçu, et enregistrant en outre, dans le registre distribué, le second résultat d'accord reçu à un moment ultérieur, de façon à mettre à jour le registre distribué.
PCT/KR2018/012531 2018-03-21 2018-10-23 Système de réseau de confiance basé sur une chaîne de blocs WO2019182219A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020180032766A KR102020986B1 (ko) 2018-03-21 2018-03-21 블록체인기반의 신뢰 네트워크 시스템
KR10-2018-0032766 2018-03-21

Publications (1)

Publication Number Publication Date
WO2019182219A1 true WO2019182219A1 (fr) 2019-09-26

Family

ID=67986583

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2018/012531 WO2019182219A1 (fr) 2018-03-21 2018-10-23 Système de réseau de confiance basé sur une chaîne de blocs

Country Status (2)

Country Link
KR (1) KR102020986B1 (fr)
WO (1) WO2019182219A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021184975A1 (fr) * 2020-03-18 2021-09-23 支付宝(杭州)信息技术有限公司 Procédé et appareil de calcul de confidentialité hors chaîne pour données en chaîne
US11343313B1 (en) 2021-01-28 2022-05-24 International Business Machines Corporation Fault tolerant periodic leader rotation for blockchain

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008135871A (ja) * 2006-11-27 2008-06-12 Oki Electric Ind Co Ltd ネットワーク監視システム、ネットワーク監視方法及びネットワーク監視プログラム
KR101302751B1 (ko) * 2013-05-10 2013-09-03 (주)유엠로직스 광전화장비의 보안 시스템 및 그 보안 방법
KR101455167B1 (ko) * 2013-09-03 2014-10-27 한국전자통신연구원 화이트리스트 기반의 네트워크 스위치
KR101701131B1 (ko) * 2016-04-28 2017-02-13 주식회사 라피 이종간 블록체인 연결을 이용한 데이터 기록/검증 방법 및 시스템
KR101814368B1 (ko) * 2017-07-27 2018-01-04 김재춘 빅데이터 및 인공지능을 이용한 정보 보안 네트워크 통합 관리 시스템 및 그 방법

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8726379B1 (en) * 2011-07-15 2014-05-13 Norse Corporation Systems and methods for dynamic protection from electronic attacks
KR101637912B1 (ko) 2015-05-20 2016-07-20 주식회사 인프라웨어테크놀러지 Dns ip가 변조된 공유기를 감지하는 방법 및 장치
US20170011460A1 (en) * 2015-07-09 2017-01-12 Ouisa, LLC Systems and methods for trading, clearing and settling securities transactions using blockchain technology
KR101823421B1 (ko) * 2015-10-07 2018-01-31 한국전자통신연구원 화이트리스트 기반의 네트워크 보안 장치 및 방법

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008135871A (ja) * 2006-11-27 2008-06-12 Oki Electric Ind Co Ltd ネットワーク監視システム、ネットワーク監視方法及びネットワーク監視プログラム
KR101302751B1 (ko) * 2013-05-10 2013-09-03 (주)유엠로직스 광전화장비의 보안 시스템 및 그 보안 방법
KR101455167B1 (ko) * 2013-09-03 2014-10-27 한국전자통신연구원 화이트리스트 기반의 네트워크 스위치
KR101701131B1 (ko) * 2016-04-28 2017-02-13 주식회사 라피 이종간 블록체인 연결을 이용한 데이터 기록/검증 방법 및 시스템
KR101814368B1 (ko) * 2017-07-27 2018-01-04 김재춘 빅데이터 및 인공지능을 이용한 정보 보안 네트워크 통합 관리 시스템 및 그 방법

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021184975A1 (fr) * 2020-03-18 2021-09-23 支付宝(杭州)信息技术有限公司 Procédé et appareil de calcul de confidentialité hors chaîne pour données en chaîne
US11343313B1 (en) 2021-01-28 2022-05-24 International Business Machines Corporation Fault tolerant periodic leader rotation for blockchain

Also Published As

Publication number Publication date
KR102020986B1 (ko) 2019-11-04

Similar Documents

Publication Publication Date Title
US7552323B2 (en) System, apparatuses, methods, and computer-readable media using identification data in packet communications
US7194004B1 (en) Method for managing network access
WO2017091047A1 (fr) Procédé de blocage de connexion dans un système de prévention d'intrusion sans fil et dispositif associé
CN114598540B (zh) 访问控制系统、方法、装置及存储介质
WO2013048111A2 (fr) Procédé et appareil de détection d'une intrusion dans un service informatique en nuage
US7733844B2 (en) Packet filtering apparatus, packet filtering method, and computer program product
WO2021182667A1 (fr) Système de prévention d'intrusion sans fil, système de réseau sans fil le comprenant, et procédé pour faire fonctionner un système de réseau sans fil
JP2008508805A (ja) 電子トラフィックを特徴づけ、管理するシステムおよび方法
WO2017034072A1 (fr) Système de sécurité de réseau et procédé de sécurité
US8254882B2 (en) Intrusion prevention system for wireless networks
CN108011873B (zh) 一种基于集合覆盖的非法连接判断方法
WO2013085217A1 (fr) Système de gestion de la sécurité ayant de multiples serveurs de relais, et procédé de gestion de la sécurité
CA2506418C (fr) Systemes et dispositifs utilisant des donnees d'identification lors des communications reseau
WO2020013439A1 (fr) Dispositif et procédé de routage de commande dans un réseau sdn
WO2021187782A1 (fr) Procédé de détection de trafic malveillant et dispositif associé
WO2022235007A1 (fr) Système de commande d'accès au réseau basé sur un dispositif de commande, et son procédé
WO2019182219A1 (fr) Système de réseau de confiance basé sur une chaîne de blocs
WO2017026840A1 (fr) Dispositif de connexion internet, serveur de gestion central, et procédé de connexion internet
WO2022255619A1 (fr) Système de prévention d'intrusion sans fil et son procédé de fonctionnement
WO2012165716A1 (fr) Appareil d'agent d'authentification, et procédé et système d'authentification d'un service en ligne
WO2016190663A1 (fr) Procédé de gestion de sécurité et dispositif de gestion de sécurité dans un système de réseau domestique
CN1874222A (zh) 提供安全通信会话的方法、终端设备和接入点
WO2021020918A1 (fr) Procédé de production d'un réseau interne logique, et terminal mobile et application pour la mise en œuvre d'un tel réseau
WO2020067734A1 (fr) Équipement réseau sans adresse et système de sécurité de communication l'utilisant
WO2024029658A1 (fr) Système de contrôle d'accès dans un réseau et procédé associé

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18911010

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18911010

Country of ref document: EP

Kind code of ref document: A1