CN107493303A - Network security protection system, network safety protection method and storage medium - Google Patents

Network security protection system, network safety protection method and storage medium Download PDF

Info

Publication number
CN107493303A
CN107493303A CN201710901519.0A CN201710901519A CN107493303A CN 107493303 A CN107493303 A CN 107493303A CN 201710901519 A CN201710901519 A CN 201710901519A CN 107493303 A CN107493303 A CN 107493303A
Authority
CN
China
Prior art keywords
operation system
network
access
access request
security protection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710901519.0A
Other languages
Chinese (zh)
Inventor
谢鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Yun Qu Technology Co Ltd
Original Assignee
Beijing Yun Qu Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Yun Qu Technology Co Ltd filed Critical Beijing Yun Qu Technology Co Ltd
Priority to CN201710901519.0A priority Critical patent/CN107493303A/en
Publication of CN107493303A publication Critical patent/CN107493303A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)

Abstract

Disclose a kind of network security protection system, network safety protection method and storage medium, wherein described network security protection system includes the safety bridge for being arranged on the front end of the first operation system, for monitoring the access request for the first operation system, and by the access request failure to the safe side cloud with intrusion risk;It is deployed with the secure cloud of the second operation system, for corresponding access request, and record various access behaviors and analyze, wherein the first operation system can be actual production system, second operation system can be artificial service system, and the first operation system and the second operation system are essentially identical.The present invention can mitigate the network attack pressure of the first operation system, the security of strengthening system;The security performance of the first operation system can be really assessed, and network attack is analyzed;Upgrading can be automatically provided to suggest, promote the self-perfection of the first operation system.

Description

Network security protection system, network safety protection method and storage medium
Technical field
The present invention relates in terms of network security, particularly, it is related to a kind of network security protection system, network safety prevention side Method and storage medium, it can attract and reduce the network attack for operation system, and provide upgrading to operation system and suggest.
Background technology
With the development of " internet+", increasing business is transferred on line under line, and operation system also carries more More requirements for access.At the same time, network security also becomes the problem of extremely important.A variety of network attacks can be directed to The various leaks of business platform in itself, network attack is carried out to internet service platform, or carry out network and steal secret information, above-mentioned one Cut all so that the normal operation of business is affected.And the ways and means of network attack can be over time development, evolution Go out different mode and means.Untill up to now, unsuitable ways and means prevents network attack.Although industry Business platform can carry out network attack test before reaching the standard grade, but this test can not really simulate in actual operating environment by The various attacks arrived, and if recognizing the presence of this attack in operation, may be also due to attack load be too big and leads The collapse of cause system, in addition, being also not easy to the system of suspending operation and being recovered.In addition, for network attack, in the prior art Mainly Temporarily Closed service port, refusal attack, for how more preferably to upgrade and update, it is necessary to third-party analysis, it is impossible to Rapidly present one's view.
Therefore, service operation platform real network attack data in operation how are obtained, share network attack pressure, And network upgrade suggestion is further proposed, turn into the technical problem of prior art urgent need to resolve.
The content of the invention
In view of this, the purpose of the embodiment of the present invention is to propose the basic phase of the first operation system with real work The network security protection system of the second same operation system, setting up one has the second operation system, and this can not only share network Attack pressure, additionally it is possible to propose network upgrade suggestion.
The embodiment of the present invention provides a kind of network security protection system, including:
Safety bridge, the front end of the first operation system is arranged on, for monitoring the access request for the first operation system, The access request is redirected to secure cloud when detecting that access request has intrusion risk;
Secure cloud, the second operation system is deployed with, for being configured as based on second operation system to the access Request is responded, and records various access behaviors, according to the leak and need of the access operation system of behavioural analysis second of record The control to be upgraded, wherein, first operation system and the second operation system are essentially identical operation systems.
Preferably, the security server is additionally provided with security monitoring unit, and the security monitoring unit, which is used to record, visits Ask behavior.
Preferably, the security monitoring unit is additionally configured to by the embedded tracked information in the response to access request To follow the trail of invader.
Preferably, the network security protection system also includes big data platform, for storing the security monitoring unit Each item data of record, and for analyzing.
Preferably, the secure cloud builds the second operation system and security monitoring unit by the way of virtual.
Preferably, the first operation system is actual production system, and the second operation system is artificial service system.Further , the invention also discloses a kind of network safety protection method, including:
Monitor the access request for the first operation system;
Redirected for the access request with intrusion risk;
Receive the access request being redirected;
The access request is responded based on the second operation system, records various access behaviors;According to the visit of record Ask the control that the leak of the operation system of behavioural analysis second and needs upgrade;
Wherein, second operation system and the first operation system for carrying practical business are essentially identical.
Preferably, tracked information is embedded in the response to access request to follow the trail of invader.
Preferably, carry out big data storage for the every access behavior recorded, and various other data and divide Analysis.
The embodiment of the present invention further discloses a kind of storage medium, for storing computer executable instructions,
The computer executable instructions perform above-mentioned network safety protection method when being executed by processor.
The embodiment of the present invention is based on virtual container technology, is asked using safety bridge test access, and will detect have The access request of intrusion risk is transferred to secure cloud, and secure cloud is provided with the second operation system, relative to prior art, the present invention Have the following advantages that:
1. the first operation system of real work can be mitigated, i.e. the network attack pressure of production system, strengthening system Security;
2. the security performance of the first operation system of real work can be assessed really, and network attack is divided Analysis;
3. upgrading can be automatically provided to suggest, promote the self-perfection and reparation of the first operation system of real work.
Brief description of the drawings
By the description to the embodiment of the present invention referring to the drawings, above-mentioned and other purpose of the invention, feature and Advantage will be apparent from, in the accompanying drawings:
Fig. 1 is the schematic diagram according to the network security protection system of the specific embodiment of the invention;
Fig. 2 is the function structure chart according to the secure cloud of the specific embodiment of the invention;
Fig. 3 is the flow chart according to the network safety protection method of the specific embodiment of the invention.
1st, the first operation system;2nd, safety bridge;3rd, secure cloud;4th, big data platform;31st, the second operation system;32nd, pacify Full monitoring unit.
Embodiment
Below based on embodiment, present invention is described, but the present invention is not restricted to these embodiments.
These processes, flow, logical block, function etc., it is generally considered to be the step of reaching ideal or expected result Or the self-consistent sequence of instruction.Step generally comprises the physical manipulation of physical quantity.Under normal circumstances, although being not necessarily, these numbers Amount often takes the forms such as electricity, magnetic, optics or quantum signal, and they can be stored, and transfers the possession of, and merges, compares, and otherwise Controlled by computer or data handling system.It fact proved, for convenience's sake sometimes, in view of the reason for sharing, this A little signals are referred to as the similar title such as position, ripple, waveform, stream, value, element, symbol, letter, term, numeral, in computer journey It is referred to as code (being probably object code, source code or binary code) in sequence or software.
In order to obtain service operation platform real network attack data in operation, network attack pressure is shared, The present invention is there is provided the second essentially identical operation system of the first operation system 1 with actually runing, by the first operation system The access request with intrusion risk run into is oriented to second operation system, on the one hand can attract to attack, record reality In various attack meanses, share the pressure of the first operation system, still further aspect can be according to the second operation system by true Situation about attacking in fact, obtains corresponding system vulnerability and upgrade requirement, and the system vulnerability and upgrade requirement can be used in second The upgrading of operation system and the first operation system.
Referring to Fig. 1, the schematic diagram of the network security protection system according to the specific embodiment of the invention, network peace are shown Full protection system includes
Safety bridge 2, the front end of the first operation system 1 is arranged on, the access for monitoring for the first operation system 1 please Ask, the access request is redirected to secure cloud 3 when detecting that access request has intrusion risk;
Secure cloud 3, the second operation system 31 is deployed with, for being configured as based on second operation system to the visit Ask that request is responded, record various access behaviors, according to record access the operation system of behavioural analysis second leak and The control upgraded is needed, wherein, first operation system and the second operation system are essentially identical operation systems.
Wherein described safety bridge 2 and secure cloud 3 are attached by network, by safety bridge 2 will can be detected The access behavior with risk arrived, such as invasion or attack, are directed in secure cloud, reduce the first operation system 1 Invasion pressure, reduce to the first operation system 1 work influence.
It can be carried out for the guide for accessing behavior by way of redirection, for example, by the target of network attack bag It is revised as the destination address of secure cloud 3 in location.
Because secure cloud 3 has second operation system essentially identical with the first operation system 1, and it is arranged on network On, the access behavior with risk that safety bridge transfer comes can not only be received, additionally it is possible to attract net to a certain extent Other attacks present on network, so as to reduce the pressure of the first operation system 1, secondly as the second operation system and first Operation system is essentially identical, for its analysis and research to network attack, can really obtain the net of the first operation system Network security situation, upgrading and the good suggestion of offer of regenerating hence for system.
The attack information that secure cloud 3 is recorded, including network attack type, network attack target source, network attack end Mouthful.
Because this network security protection system neither influences the work of the first operation system, and true to nature simulate the industry The network attack that business system receives, the assessment to the network attack especially have value.
First operation system 1 is arranged in network computer room or private clound, and safety bridge 2 is in the form of hardware or software Form exist, can detect by the access behavior of internet or internal network for the first operation system.
It is further preferred that there is the second operation system 31 and the (safety of security monitoring unit 32 in the secure cloud 3 Agent), the security monitoring unit 32 is used to record all access behaviors, and follows the trail of invader.
The security monitoring unit be configured as by the response to access request embedded tracked information with follow the trail of into The person of invading.
It is further preferred that also there is big data flat 4, each item number recorded for storing the security monitoring unit 32 According to, and for analyzing.
The secure cloud can obtain system vulnerability according to the every data analysis recorded and need the space upgraded Type.
The secure cloud 3 can also provide upgrading automatically and suggest, the upgrading is suggested including the space that needs are upgraded, Need the upgraded version of the software and suggestion configured.The upgrading suggestion can be supplied to the first and second operation systems, with In the self-perfection and raising of system.
It is further preferred that the secure cloud 3 builds the second operation system 31 and security monitoring list by the way of virtual Member 32, it is quick, simple, convenient to build, and can adapt to a variety of operation systems, expands network security protection system fortune The scope of battalion, and reduce construction cost.
That is, the first operation system is actual production system, the second operation system is artificial service system.
Exemplary, secure cloud can use KVM+DOCKER technologies to combine.Referring to Fig. 2, safety of the invention is shown The structure example of cloud 3, builds KVM on the basis of server hardware, and KVM effect is to realize that cloud is disposed, on the server with Different resources supports multiple operating systems to run simultaneously.Docker is used for dry run environment, due to Docker characteristic, fortune Mirror image can be formed after row environment and system deployment integrally to reappear, convenient configuration.Installation and operation is distinguished on the basis of Docker Second operation system 31 and security monitoring unit 32.
Referring to Fig. 3, the present invention further also discloses a kind of network protection method, comprised the following steps:
Monitor the access request for the first operation system;
Redirected for the access request with intrusion risk;
Receive the access request being redirected;
The access request is responded based on the second operation system, records various access behaviors;According to the visit of record Ask the control that the leak of the operation system of behavioural analysis second and needs upgrade;
Wherein, second operation system and the first operation system for carrying practical business are essentially identical.
Therefore, the network protection method set up the second operation system to enter to the access request with risk detected Row is corresponding, so as to obtain various leakages by record access behavioural analysis in the case where not influenceing the work of the first operation system Hole and upgrading control.Although leak and control are to be directed to the second operation system, due to the first operation system and the second business system Unite essentially identical, above-mentioned leak and upgrading control also can be used in the first operation system.
Further, tracked information can be embedded in the response to access request to follow the trail of invader.
Also, carry out big data storage and analysis for the every access behavior recorded, and various other data.
The network safety protection method goes for above-mentioned network security protection system.
The present invention further discloses a kind of storage medium, for storing computer executable instructions,
The computer executable instructions perform above-mentioned method when being executed by processor.
Therefore, safety bridge of the present invention by the access behavior with risk detected to be transferred to secure cloud, secure cloud The second operation system is provided with, relative to prior art, the invention has the advantages that:
1. the network attack pressure of the first operation system, the security of strengthening system can be mitigated;
2. the security performance of the first operation system can be assessed really, and network attack is analyzed;
3. upgrading can be automatically provided to suggest, promote the self-perfection of the first operation system.
As skilled in the art will be aware of, various aspects of the invention may be implemented as system, method or meter Calculation machine program product.Therefore, various aspects of the invention can take following form:Complete hardware embodiment, complete software Embodiment (including firmware, resident software, microcode etc.) or herein generally can referred to as " circuit ", " module " or The embodiment that software aspects are combined with hardware aspect of " system ".In addition, the aspect of the present invention can take following shape Formula:The computer program product realized in one or more computer-readable mediums, computer-readable medium have thereon The computer readable program code of realization.
Any combination of one or more computer-readable mediums can be utilized.Computer-readable medium can be computer Readable signal medium or computer-readable recording medium.Computer-readable recording medium can be such as (but not limited to) electronics, Magnetic, optical, electromagnetism, infrared or semiconductor system, device, or foregoing any appropriate combination.Meter The more specifically example (exhaustive to enumerate) of calculation machine readable storage medium storing program for executing will include the following:With one or more electric wire Electrical connection, portable computer diskette, hard disk, random access memory (RAM), read-only storage (ROM), erasable compile Journey read-only storage (EPROM or flash memory), optical fiber, portable optic disk read-only storage (CD-ROM), light storage device, Magnetic memory apparatus or foregoing any appropriate combination.In the context of this document, computer-readable recording medium can be It can include or store the program used by instruction execution system, device or combined command execution system, equipment or dress Put any tangible medium of the program used.
Computer-readable signal media can include the data-signal propagated, and the data-signal of the propagation has wherein Such as the computer readable program code of the part realization in a base band or as carrier wave.The signal of such propagation can use Any form in diversified forms, include but is not limited to:Electromagnetism, optical or its any appropriate combination.It is computer-readable Signal media can be following any computer-readable medium:It is not computer-readable recording medium, and can be to by instructing The program that execution system, device use or combined command execution system, device use is communicated, propagated Or transmission.
Including but not limited to wireless, wired, fiber optic cables, RF etc. or foregoing can be used any appropriately combined any Suitable medium transmits the program code realized on a computer-readable medium.
Computer program code for performing for the operation of each side of the present invention can be with one or more programming languages Any combination of speech is write, and the programming language includes:The programming language of object-oriented such as Java, Smalltalk, C++ etc.; And conventional process programming language such as " C " programming language or similar programming language.Program code can be used as independent software package Fully on the user computer, partly perform on the user computer;Partly exist on the user computer and partly Performed on remote computer;Or fully perform on remote computer or server.In the latter case, can be by far Journey computer by any type of network connection including LAN (LAN) or wide area network (WAN) to subscriber computer, or It can be attached with outer computer (such as internet by using ISP).
The flow chart legend and/or frame of the methods of embodiments of the present invention, equipment (system) and computer program product Figure describes various aspects of the invention.It will be appreciated that each block and flow chart figure of flow chart legend and/or block diagram The combination of example and/or the block in block diagram can be realized by computer program instructions.These computer program instructions can be carried The processor of all-purpose computer, special-purpose computer or other programmable data processing devices is supplied to, to produce machine so that (warp By the computing device of computer or other programmable data processing devices) instruction created for implementation process figure and/or frame The device for the function/action specified in segment or block.
These computer program instructions can also be stored in can instruct computer, other programmable data processing devices Or in the computer-readable medium that runs in a specific way of other devices so that the instruction production stored in computer-readable medium It is raw to include realizing the product of the instruction for the function/action specified in flow chart and/or block diagram or block.
Computer program instructions can also be loaded on computer, other programmable data processing devices or other devices On, so as to perform a series of operable steps on computer, other programmable devices or other devices to produce computer reality Existing process so that the instruction performed on computer or other programmable devices is provided for realizing in flow chart and/or frame The process for the function/action specified in segment or block.
The preferred embodiments of the present invention are the foregoing is only, are not intended to limit the invention, for those skilled in the art For, the present invention can have various changes and change.All any modifications made within spirit and principles of the present invention, it is equal Replace, improve etc., it should be included in the scope of the protection.

Claims (10)

  1. A kind of 1. network security protection system, it is characterised in that including:
    Safety bridge (2), the front end of the first operation system (1) is arranged on, for monitoring the access for the first operation system (1) Request, secure cloud (3) is redirected to when detecting that access request has intrusion risk by the access request;
    Secure cloud (3), the second operation system (31) is deployed with, for being configured as based on second operation system to the visit Ask that request is responded, record various access behaviors, according to record access the operation system of behavioural analysis second leak and The control upgraded is needed, wherein, first operation system and the second operation system are essentially identical operation systems.
  2. 2. network security protection system according to claim 1, it is characterised in that:
    The security server is additionally provided with security monitoring unit (32), and the security monitoring unit (32) is used for record access row For.
  3. 3. network security protection system according to claim 2, it is characterised in that:
    The security monitoring unit (32) is additionally configured to by being embedded in tracked information in the response to access request to follow the trail of Invader.
  4. 4. network security protection system according to claim 2, it is characterised in that the network security protection system also wraps Include:
    Big data platform (4), for storing each item data of security monitoring unit (32) record, and for analyzing.
  5. 5. network security protection system according to claim 4, it is characterised in that:
    The secure cloud builds the second operation system (31) and security monitoring unit (32) by the way of virtual.
  6. 6. network security protection system according to claim 4, it is characterised in that:
    First operation system is actual production system, and the second operation system is artificial service system.
  7. 7. a kind of network safety protection method, including:
    Monitor the access request for the first operation system;
    Redirected for the access request with intrusion risk;
    Receive the access request being redirected;
    The access request is responded based on the second operation system, records various access behaviors;According to the access row of record To analyze the control that the leak of the second operation system and needs upgrade;
    Wherein, second operation system and the first operation system for carrying practical business are essentially identical.
  8. 8. network safety protection method according to claim 7, it is characterised in that methods described also includes:
    Tracked information is embedded in the response to access request to follow the trail of invader.
  9. 9. network safety protection method according to claim 7, it is characterised in that
    Big data storage and analysis are carried out for the every access behavior recorded, and various other data.
  10. 10. a kind of storage medium, for storing computer executable instructions,
    The computer executable instructions perform method as claimed in any one of claims 7-9 when being executed by processor.
CN201710901519.0A 2017-09-28 2017-09-28 Network security protection system, network safety protection method and storage medium Pending CN107493303A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710901519.0A CN107493303A (en) 2017-09-28 2017-09-28 Network security protection system, network safety protection method and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710901519.0A CN107493303A (en) 2017-09-28 2017-09-28 Network security protection system, network safety protection method and storage medium

Publications (1)

Publication Number Publication Date
CN107493303A true CN107493303A (en) 2017-12-19

Family

ID=60653988

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710901519.0A Pending CN107493303A (en) 2017-09-28 2017-09-28 Network security protection system, network safety protection method and storage medium

Country Status (1)

Country Link
CN (1) CN107493303A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110321698A (en) * 2019-05-22 2019-10-11 北京瀚海思创科技有限公司 A kind of system and method for the protection service security in cloud environment
CN110336784A (en) * 2019-05-22 2019-10-15 北京瀚海思创科技有限公司 Network attack identification prediction system, method and storage medium based on big data
CN112134837A (en) * 2020-08-06 2020-12-25 瑞数信息技术(上海)有限公司 Method and system for detecting Web attack behavior
CN113347166A (en) * 2021-05-24 2021-09-03 广西电网有限责任公司 Method, device and system for preventing safety risk of optical transmission equipment of power grid

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090328213A1 (en) * 2002-12-31 2009-12-31 Blake Kenneth W Method and system for morphing honeypot
CN102254111A (en) * 2010-05-17 2011-11-23 北京知道创宇信息技术有限公司 Malicious site detection method and device
CN104410617A (en) * 2014-11-21 2015-03-11 西安邮电大学 Information safety attack and defense system structure of cloud platform
CN104967628A (en) * 2015-07-16 2015-10-07 浙江大学 Deceiving method of protecting web application safety
CN106209839A (en) * 2016-07-08 2016-12-07 杭州迪普科技有限公司 The means of defence of invasion message and device
CN106209919A (en) * 2016-09-18 2016-12-07 深圳市深信服电子科技有限公司 A kind of network safety protection method and network security protection system
CN106850690A (en) * 2017-03-30 2017-06-13 国家电网公司 A kind of honey jar building method and system
CN106961442A (en) * 2017-04-20 2017-07-18 中国电子技术标准化研究院 A kind of network method for entrapping based on honey jar

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090328213A1 (en) * 2002-12-31 2009-12-31 Blake Kenneth W Method and system for morphing honeypot
CN102254111A (en) * 2010-05-17 2011-11-23 北京知道创宇信息技术有限公司 Malicious site detection method and device
CN104410617A (en) * 2014-11-21 2015-03-11 西安邮电大学 Information safety attack and defense system structure of cloud platform
CN104967628A (en) * 2015-07-16 2015-10-07 浙江大学 Deceiving method of protecting web application safety
CN106209839A (en) * 2016-07-08 2016-12-07 杭州迪普科技有限公司 The means of defence of invasion message and device
CN106209919A (en) * 2016-09-18 2016-12-07 深圳市深信服电子科技有限公司 A kind of network safety protection method and network security protection system
CN106850690A (en) * 2017-03-30 2017-06-13 国家电网公司 A kind of honey jar building method and system
CN106961442A (en) * 2017-04-20 2017-07-18 中国电子技术标准化研究院 A kind of network method for entrapping based on honey jar

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110321698A (en) * 2019-05-22 2019-10-11 北京瀚海思创科技有限公司 A kind of system and method for the protection service security in cloud environment
CN110336784A (en) * 2019-05-22 2019-10-15 北京瀚海思创科技有限公司 Network attack identification prediction system, method and storage medium based on big data
CN112134837A (en) * 2020-08-06 2020-12-25 瑞数信息技术(上海)有限公司 Method and system for detecting Web attack behavior
CN113347166A (en) * 2021-05-24 2021-09-03 广西电网有限责任公司 Method, device and system for preventing safety risk of optical transmission equipment of power grid
CN113347166B (en) * 2021-05-24 2023-05-16 广西电网有限责任公司 Method, device and system for preventing safety risk of power grid optical transmission equipment

Similar Documents

Publication Publication Date Title
CN107493303A (en) Network security protection system, network safety protection method and storage medium
US11494490B2 (en) Endpoint detection and response utilizing machine learning
CN110336784A (en) Network attack identification prediction system, method and storage medium based on big data
CN102651061B (en) System and method of protecting computing device from malicious objects using complex infection schemes
US10789118B2 (en) Information processing device and error detection method
US9846775B2 (en) Systems and methods for malware evasion management
US20160239798A1 (en) Autonomous delivery of items
US9401922B1 (en) Systems and methods for analysis of abnormal conditions in computing machines
CN106415584B (en) The pre-installation detection system and method for mobile device Malware
CN109155774B (en) System and method for detecting security threats
US20130074187A1 (en) Hacker virus security-integrated control device
JP2020160611A (en) Test scenario generation device and test scenario generation method and test scenario generation program
CN104268476B (en) A kind of method for running application program
EP3611643B1 (en) Malware detection based on user interactions
US20160340055A1 (en) Systems and methods for detecting a security breach in an aircraft network
CN109845227A (en) Method and system for network security
CN109997138A (en) For detecting the system and method for calculating the malicious process in equipment
US10075456B1 (en) Systems and methods for detecting exploit-kit landing pages
US9552481B1 (en) Systems and methods for monitoring programs
US10628188B2 (en) Disabling just-in-time translation for application functions
US10885191B1 (en) Detonate targeted malware using environment context information
CN104573496B (en) The method and apparatus that a kind of No starting item starts
CN109347876A (en) A kind of safety defense method and relevant apparatus
CN106462704B (en) Dynamic reads in code analysis device and dynamic reads in code analysis methods
US9881155B2 (en) System and method for automatic use-after-free exploit detection

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20171219

RJ01 Rejection of invention patent application after publication