CN107493303A - Network security protection system, network safety protection method and storage medium - Google Patents
Network security protection system, network safety protection method and storage medium Download PDFInfo
- Publication number
- CN107493303A CN107493303A CN201710901519.0A CN201710901519A CN107493303A CN 107493303 A CN107493303 A CN 107493303A CN 201710901519 A CN201710901519 A CN 201710901519A CN 107493303 A CN107493303 A CN 107493303A
- Authority
- CN
- China
- Prior art keywords
- operation system
- network
- access
- access request
- security protection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
Disclose a kind of network security protection system, network safety protection method and storage medium, wherein described network security protection system includes the safety bridge for being arranged on the front end of the first operation system, for monitoring the access request for the first operation system, and by the access request failure to the safe side cloud with intrusion risk;It is deployed with the secure cloud of the second operation system, for corresponding access request, and record various access behaviors and analyze, wherein the first operation system can be actual production system, second operation system can be artificial service system, and the first operation system and the second operation system are essentially identical.The present invention can mitigate the network attack pressure of the first operation system, the security of strengthening system;The security performance of the first operation system can be really assessed, and network attack is analyzed;Upgrading can be automatically provided to suggest, promote the self-perfection of the first operation system.
Description
Technical field
The present invention relates in terms of network security, particularly, it is related to a kind of network security protection system, network safety prevention side
Method and storage medium, it can attract and reduce the network attack for operation system, and provide upgrading to operation system and suggest.
Background technology
With the development of " internet+", increasing business is transferred on line under line, and operation system also carries more
More requirements for access.At the same time, network security also becomes the problem of extremely important.A variety of network attacks can be directed to
The various leaks of business platform in itself, network attack is carried out to internet service platform, or carry out network and steal secret information, above-mentioned one
Cut all so that the normal operation of business is affected.And the ways and means of network attack can be over time development, evolution
Go out different mode and means.Untill up to now, unsuitable ways and means prevents network attack.Although industry
Business platform can carry out network attack test before reaching the standard grade, but this test can not really simulate in actual operating environment by
The various attacks arrived, and if recognizing the presence of this attack in operation, may be also due to attack load be too big and leads
The collapse of cause system, in addition, being also not easy to the system of suspending operation and being recovered.In addition, for network attack, in the prior art
Mainly Temporarily Closed service port, refusal attack, for how more preferably to upgrade and update, it is necessary to third-party analysis, it is impossible to
Rapidly present one's view.
Therefore, service operation platform real network attack data in operation how are obtained, share network attack pressure,
And network upgrade suggestion is further proposed, turn into the technical problem of prior art urgent need to resolve.
The content of the invention
In view of this, the purpose of the embodiment of the present invention is to propose the basic phase of the first operation system with real work
The network security protection system of the second same operation system, setting up one has the second operation system, and this can not only share network
Attack pressure, additionally it is possible to propose network upgrade suggestion.
The embodiment of the present invention provides a kind of network security protection system, including:
Safety bridge, the front end of the first operation system is arranged on, for monitoring the access request for the first operation system,
The access request is redirected to secure cloud when detecting that access request has intrusion risk;
Secure cloud, the second operation system is deployed with, for being configured as based on second operation system to the access
Request is responded, and records various access behaviors, according to the leak and need of the access operation system of behavioural analysis second of record
The control to be upgraded, wherein, first operation system and the second operation system are essentially identical operation systems.
Preferably, the security server is additionally provided with security monitoring unit, and the security monitoring unit, which is used to record, visits
Ask behavior.
Preferably, the security monitoring unit is additionally configured to by the embedded tracked information in the response to access request
To follow the trail of invader.
Preferably, the network security protection system also includes big data platform, for storing the security monitoring unit
Each item data of record, and for analyzing.
Preferably, the secure cloud builds the second operation system and security monitoring unit by the way of virtual.
Preferably, the first operation system is actual production system, and the second operation system is artificial service system.Further
, the invention also discloses a kind of network safety protection method, including:
Monitor the access request for the first operation system;
Redirected for the access request with intrusion risk;
Receive the access request being redirected;
The access request is responded based on the second operation system, records various access behaviors;According to the visit of record
Ask the control that the leak of the operation system of behavioural analysis second and needs upgrade;
Wherein, second operation system and the first operation system for carrying practical business are essentially identical.
Preferably, tracked information is embedded in the response to access request to follow the trail of invader.
Preferably, carry out big data storage for the every access behavior recorded, and various other data and divide
Analysis.
The embodiment of the present invention further discloses a kind of storage medium, for storing computer executable instructions,
The computer executable instructions perform above-mentioned network safety protection method when being executed by processor.
The embodiment of the present invention is based on virtual container technology, is asked using safety bridge test access, and will detect have
The access request of intrusion risk is transferred to secure cloud, and secure cloud is provided with the second operation system, relative to prior art, the present invention
Have the following advantages that:
1. the first operation system of real work can be mitigated, i.e. the network attack pressure of production system, strengthening system
Security;
2. the security performance of the first operation system of real work can be assessed really, and network attack is divided
Analysis;
3. upgrading can be automatically provided to suggest, promote the self-perfection and reparation of the first operation system of real work.
Brief description of the drawings
By the description to the embodiment of the present invention referring to the drawings, above-mentioned and other purpose of the invention, feature and
Advantage will be apparent from, in the accompanying drawings:
Fig. 1 is the schematic diagram according to the network security protection system of the specific embodiment of the invention;
Fig. 2 is the function structure chart according to the secure cloud of the specific embodiment of the invention;
Fig. 3 is the flow chart according to the network safety protection method of the specific embodiment of the invention.
1st, the first operation system;2nd, safety bridge;3rd, secure cloud;4th, big data platform;31st, the second operation system;32nd, pacify
Full monitoring unit.
Embodiment
Below based on embodiment, present invention is described, but the present invention is not restricted to these embodiments.
These processes, flow, logical block, function etc., it is generally considered to be the step of reaching ideal or expected result
Or the self-consistent sequence of instruction.Step generally comprises the physical manipulation of physical quantity.Under normal circumstances, although being not necessarily, these numbers
Amount often takes the forms such as electricity, magnetic, optics or quantum signal, and they can be stored, and transfers the possession of, and merges, compares, and otherwise
Controlled by computer or data handling system.It fact proved, for convenience's sake sometimes, in view of the reason for sharing, this
A little signals are referred to as the similar title such as position, ripple, waveform, stream, value, element, symbol, letter, term, numeral, in computer journey
It is referred to as code (being probably object code, source code or binary code) in sequence or software.
In order to obtain service operation platform real network attack data in operation, network attack pressure is shared,
The present invention is there is provided the second essentially identical operation system of the first operation system 1 with actually runing, by the first operation system
The access request with intrusion risk run into is oriented to second operation system, on the one hand can attract to attack, record reality
In various attack meanses, share the pressure of the first operation system, still further aspect can be according to the second operation system by true
Situation about attacking in fact, obtains corresponding system vulnerability and upgrade requirement, and the system vulnerability and upgrade requirement can be used in second
The upgrading of operation system and the first operation system.
Referring to Fig. 1, the schematic diagram of the network security protection system according to the specific embodiment of the invention, network peace are shown
Full protection system includes
Safety bridge 2, the front end of the first operation system 1 is arranged on, the access for monitoring for the first operation system 1 please
Ask, the access request is redirected to secure cloud 3 when detecting that access request has intrusion risk;
Secure cloud 3, the second operation system 31 is deployed with, for being configured as based on second operation system to the visit
Ask that request is responded, record various access behaviors, according to record access the operation system of behavioural analysis second leak and
The control upgraded is needed, wherein, first operation system and the second operation system are essentially identical operation systems.
Wherein described safety bridge 2 and secure cloud 3 are attached by network, by safety bridge 2 will can be detected
The access behavior with risk arrived, such as invasion or attack, are directed in secure cloud, reduce the first operation system 1
Invasion pressure, reduce to the first operation system 1 work influence.
It can be carried out for the guide for accessing behavior by way of redirection, for example, by the target of network attack bag
It is revised as the destination address of secure cloud 3 in location.
Because secure cloud 3 has second operation system essentially identical with the first operation system 1, and it is arranged on network
On, the access behavior with risk that safety bridge transfer comes can not only be received, additionally it is possible to attract net to a certain extent
Other attacks present on network, so as to reduce the pressure of the first operation system 1, secondly as the second operation system and first
Operation system is essentially identical, for its analysis and research to network attack, can really obtain the net of the first operation system
Network security situation, upgrading and the good suggestion of offer of regenerating hence for system.
The attack information that secure cloud 3 is recorded, including network attack type, network attack target source, network attack end
Mouthful.
Because this network security protection system neither influences the work of the first operation system, and true to nature simulate the industry
The network attack that business system receives, the assessment to the network attack especially have value.
First operation system 1 is arranged in network computer room or private clound, and safety bridge 2 is in the form of hardware or software
Form exist, can detect by the access behavior of internet or internal network for the first operation system.
It is further preferred that there is the second operation system 31 and the (safety of security monitoring unit 32 in the secure cloud 3
Agent), the security monitoring unit 32 is used to record all access behaviors, and follows the trail of invader.
The security monitoring unit be configured as by the response to access request embedded tracked information with follow the trail of into
The person of invading.
It is further preferred that also there is big data flat 4, each item number recorded for storing the security monitoring unit 32
According to, and for analyzing.
The secure cloud can obtain system vulnerability according to the every data analysis recorded and need the space upgraded
Type.
The secure cloud 3 can also provide upgrading automatically and suggest, the upgrading is suggested including the space that needs are upgraded,
Need the upgraded version of the software and suggestion configured.The upgrading suggestion can be supplied to the first and second operation systems, with
In the self-perfection and raising of system.
It is further preferred that the secure cloud 3 builds the second operation system 31 and security monitoring list by the way of virtual
Member 32, it is quick, simple, convenient to build, and can adapt to a variety of operation systems, expands network security protection system fortune
The scope of battalion, and reduce construction cost.
That is, the first operation system is actual production system, the second operation system is artificial service system.
Exemplary, secure cloud can use KVM+DOCKER technologies to combine.Referring to Fig. 2, safety of the invention is shown
The structure example of cloud 3, builds KVM on the basis of server hardware, and KVM effect is to realize that cloud is disposed, on the server with
Different resources supports multiple operating systems to run simultaneously.Docker is used for dry run environment, due to Docker characteristic, fortune
Mirror image can be formed after row environment and system deployment integrally to reappear, convenient configuration.Installation and operation is distinguished on the basis of Docker
Second operation system 31 and security monitoring unit 32.
Referring to Fig. 3, the present invention further also discloses a kind of network protection method, comprised the following steps:
Monitor the access request for the first operation system;
Redirected for the access request with intrusion risk;
Receive the access request being redirected;
The access request is responded based on the second operation system, records various access behaviors;According to the visit of record
Ask the control that the leak of the operation system of behavioural analysis second and needs upgrade;
Wherein, second operation system and the first operation system for carrying practical business are essentially identical.
Therefore, the network protection method set up the second operation system to enter to the access request with risk detected
Row is corresponding, so as to obtain various leakages by record access behavioural analysis in the case where not influenceing the work of the first operation system
Hole and upgrading control.Although leak and control are to be directed to the second operation system, due to the first operation system and the second business system
Unite essentially identical, above-mentioned leak and upgrading control also can be used in the first operation system.
Further, tracked information can be embedded in the response to access request to follow the trail of invader.
Also, carry out big data storage and analysis for the every access behavior recorded, and various other data.
The network safety protection method goes for above-mentioned network security protection system.
The present invention further discloses a kind of storage medium, for storing computer executable instructions,
The computer executable instructions perform above-mentioned method when being executed by processor.
Therefore, safety bridge of the present invention by the access behavior with risk detected to be transferred to secure cloud, secure cloud
The second operation system is provided with, relative to prior art, the invention has the advantages that:
1. the network attack pressure of the first operation system, the security of strengthening system can be mitigated;
2. the security performance of the first operation system can be assessed really, and network attack is analyzed;
3. upgrading can be automatically provided to suggest, promote the self-perfection of the first operation system.
As skilled in the art will be aware of, various aspects of the invention may be implemented as system, method or meter
Calculation machine program product.Therefore, various aspects of the invention can take following form:Complete hardware embodiment, complete software
Embodiment (including firmware, resident software, microcode etc.) or herein generally can referred to as " circuit ", " module " or
The embodiment that software aspects are combined with hardware aspect of " system ".In addition, the aspect of the present invention can take following shape
Formula:The computer program product realized in one or more computer-readable mediums, computer-readable medium have thereon
The computer readable program code of realization.
Any combination of one or more computer-readable mediums can be utilized.Computer-readable medium can be computer
Readable signal medium or computer-readable recording medium.Computer-readable recording medium can be such as (but not limited to) electronics,
Magnetic, optical, electromagnetism, infrared or semiconductor system, device, or foregoing any appropriate combination.Meter
The more specifically example (exhaustive to enumerate) of calculation machine readable storage medium storing program for executing will include the following:With one or more electric wire
Electrical connection, portable computer diskette, hard disk, random access memory (RAM), read-only storage (ROM), erasable compile
Journey read-only storage (EPROM or flash memory), optical fiber, portable optic disk read-only storage (CD-ROM), light storage device,
Magnetic memory apparatus or foregoing any appropriate combination.In the context of this document, computer-readable recording medium can be
It can include or store the program used by instruction execution system, device or combined command execution system, equipment or dress
Put any tangible medium of the program used.
Computer-readable signal media can include the data-signal propagated, and the data-signal of the propagation has wherein
Such as the computer readable program code of the part realization in a base band or as carrier wave.The signal of such propagation can use
Any form in diversified forms, include but is not limited to:Electromagnetism, optical or its any appropriate combination.It is computer-readable
Signal media can be following any computer-readable medium:It is not computer-readable recording medium, and can be to by instructing
The program that execution system, device use or combined command execution system, device use is communicated, propagated
Or transmission.
Including but not limited to wireless, wired, fiber optic cables, RF etc. or foregoing can be used any appropriately combined any
Suitable medium transmits the program code realized on a computer-readable medium.
Computer program code for performing for the operation of each side of the present invention can be with one or more programming languages
Any combination of speech is write, and the programming language includes:The programming language of object-oriented such as Java, Smalltalk, C++ etc.;
And conventional process programming language such as " C " programming language or similar programming language.Program code can be used as independent software package
Fully on the user computer, partly perform on the user computer;Partly exist on the user computer and partly
Performed on remote computer;Or fully perform on remote computer or server.In the latter case, can be by far
Journey computer by any type of network connection including LAN (LAN) or wide area network (WAN) to subscriber computer, or
It can be attached with outer computer (such as internet by using ISP).
The flow chart legend and/or frame of the methods of embodiments of the present invention, equipment (system) and computer program product
Figure describes various aspects of the invention.It will be appreciated that each block and flow chart figure of flow chart legend and/or block diagram
The combination of example and/or the block in block diagram can be realized by computer program instructions.These computer program instructions can be carried
The processor of all-purpose computer, special-purpose computer or other programmable data processing devices is supplied to, to produce machine so that (warp
By the computing device of computer or other programmable data processing devices) instruction created for implementation process figure and/or frame
The device for the function/action specified in segment or block.
These computer program instructions can also be stored in can instruct computer, other programmable data processing devices
Or in the computer-readable medium that runs in a specific way of other devices so that the instruction production stored in computer-readable medium
It is raw to include realizing the product of the instruction for the function/action specified in flow chart and/or block diagram or block.
Computer program instructions can also be loaded on computer, other programmable data processing devices or other devices
On, so as to perform a series of operable steps on computer, other programmable devices or other devices to produce computer reality
Existing process so that the instruction performed on computer or other programmable devices is provided for realizing in flow chart and/or frame
The process for the function/action specified in segment or block.
The preferred embodiments of the present invention are the foregoing is only, are not intended to limit the invention, for those skilled in the art
For, the present invention can have various changes and change.All any modifications made within spirit and principles of the present invention, it is equal
Replace, improve etc., it should be included in the scope of the protection.
Claims (10)
- A kind of 1. network security protection system, it is characterised in that including:Safety bridge (2), the front end of the first operation system (1) is arranged on, for monitoring the access for the first operation system (1) Request, secure cloud (3) is redirected to when detecting that access request has intrusion risk by the access request;Secure cloud (3), the second operation system (31) is deployed with, for being configured as based on second operation system to the visit Ask that request is responded, record various access behaviors, according to record access the operation system of behavioural analysis second leak and The control upgraded is needed, wherein, first operation system and the second operation system are essentially identical operation systems.
- 2. network security protection system according to claim 1, it is characterised in that:The security server is additionally provided with security monitoring unit (32), and the security monitoring unit (32) is used for record access row For.
- 3. network security protection system according to claim 2, it is characterised in that:The security monitoring unit (32) is additionally configured to by being embedded in tracked information in the response to access request to follow the trail of Invader.
- 4. network security protection system according to claim 2, it is characterised in that the network security protection system also wraps Include:Big data platform (4), for storing each item data of security monitoring unit (32) record, and for analyzing.
- 5. network security protection system according to claim 4, it is characterised in that:The secure cloud builds the second operation system (31) and security monitoring unit (32) by the way of virtual.
- 6. network security protection system according to claim 4, it is characterised in that:First operation system is actual production system, and the second operation system is artificial service system.
- 7. a kind of network safety protection method, including:Monitor the access request for the first operation system;Redirected for the access request with intrusion risk;Receive the access request being redirected;The access request is responded based on the second operation system, records various access behaviors;According to the access row of record To analyze the control that the leak of the second operation system and needs upgrade;Wherein, second operation system and the first operation system for carrying practical business are essentially identical.
- 8. network safety protection method according to claim 7, it is characterised in that methods described also includes:Tracked information is embedded in the response to access request to follow the trail of invader.
- 9. network safety protection method according to claim 7, it is characterised in thatBig data storage and analysis are carried out for the every access behavior recorded, and various other data.
- 10. a kind of storage medium, for storing computer executable instructions,The computer executable instructions perform method as claimed in any one of claims 7-9 when being executed by processor.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710901519.0A CN107493303A (en) | 2017-09-28 | 2017-09-28 | Network security protection system, network safety protection method and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710901519.0A CN107493303A (en) | 2017-09-28 | 2017-09-28 | Network security protection system, network safety protection method and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107493303A true CN107493303A (en) | 2017-12-19 |
Family
ID=60653988
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710901519.0A Pending CN107493303A (en) | 2017-09-28 | 2017-09-28 | Network security protection system, network safety protection method and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107493303A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110321698A (en) * | 2019-05-22 | 2019-10-11 | 北京瀚海思创科技有限公司 | A kind of system and method for the protection service security in cloud environment |
CN110336784A (en) * | 2019-05-22 | 2019-10-15 | 北京瀚海思创科技有限公司 | Network attack identification prediction system, method and storage medium based on big data |
CN112134837A (en) * | 2020-08-06 | 2020-12-25 | 瑞数信息技术(上海)有限公司 | Method and system for detecting Web attack behavior |
CN113347166A (en) * | 2021-05-24 | 2021-09-03 | 广西电网有限责任公司 | Method, device and system for preventing safety risk of optical transmission equipment of power grid |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090328213A1 (en) * | 2002-12-31 | 2009-12-31 | Blake Kenneth W | Method and system for morphing honeypot |
CN102254111A (en) * | 2010-05-17 | 2011-11-23 | 北京知道创宇信息技术有限公司 | Malicious site detection method and device |
CN104410617A (en) * | 2014-11-21 | 2015-03-11 | 西安邮电大学 | Information safety attack and defense system structure of cloud platform |
CN104967628A (en) * | 2015-07-16 | 2015-10-07 | 浙江大学 | Deceiving method of protecting web application safety |
CN106209839A (en) * | 2016-07-08 | 2016-12-07 | 杭州迪普科技有限公司 | The means of defence of invasion message and device |
CN106209919A (en) * | 2016-09-18 | 2016-12-07 | 深圳市深信服电子科技有限公司 | A kind of network safety protection method and network security protection system |
CN106850690A (en) * | 2017-03-30 | 2017-06-13 | 国家电网公司 | A kind of honey jar building method and system |
CN106961442A (en) * | 2017-04-20 | 2017-07-18 | 中国电子技术标准化研究院 | A kind of network method for entrapping based on honey jar |
-
2017
- 2017-09-28 CN CN201710901519.0A patent/CN107493303A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090328213A1 (en) * | 2002-12-31 | 2009-12-31 | Blake Kenneth W | Method and system for morphing honeypot |
CN102254111A (en) * | 2010-05-17 | 2011-11-23 | 北京知道创宇信息技术有限公司 | Malicious site detection method and device |
CN104410617A (en) * | 2014-11-21 | 2015-03-11 | 西安邮电大学 | Information safety attack and defense system structure of cloud platform |
CN104967628A (en) * | 2015-07-16 | 2015-10-07 | 浙江大学 | Deceiving method of protecting web application safety |
CN106209839A (en) * | 2016-07-08 | 2016-12-07 | 杭州迪普科技有限公司 | The means of defence of invasion message and device |
CN106209919A (en) * | 2016-09-18 | 2016-12-07 | 深圳市深信服电子科技有限公司 | A kind of network safety protection method and network security protection system |
CN106850690A (en) * | 2017-03-30 | 2017-06-13 | 国家电网公司 | A kind of honey jar building method and system |
CN106961442A (en) * | 2017-04-20 | 2017-07-18 | 中国电子技术标准化研究院 | A kind of network method for entrapping based on honey jar |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110321698A (en) * | 2019-05-22 | 2019-10-11 | 北京瀚海思创科技有限公司 | A kind of system and method for the protection service security in cloud environment |
CN110336784A (en) * | 2019-05-22 | 2019-10-15 | 北京瀚海思创科技有限公司 | Network attack identification prediction system, method and storage medium based on big data |
CN112134837A (en) * | 2020-08-06 | 2020-12-25 | 瑞数信息技术(上海)有限公司 | Method and system for detecting Web attack behavior |
CN113347166A (en) * | 2021-05-24 | 2021-09-03 | 广西电网有限责任公司 | Method, device and system for preventing safety risk of optical transmission equipment of power grid |
CN113347166B (en) * | 2021-05-24 | 2023-05-16 | 广西电网有限责任公司 | Method, device and system for preventing safety risk of power grid optical transmission equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107493303A (en) | Network security protection system, network safety protection method and storage medium | |
US11494490B2 (en) | Endpoint detection and response utilizing machine learning | |
CN110336784A (en) | Network attack identification prediction system, method and storage medium based on big data | |
CN102651061B (en) | System and method of protecting computing device from malicious objects using complex infection schemes | |
US10789118B2 (en) | Information processing device and error detection method | |
US9846775B2 (en) | Systems and methods for malware evasion management | |
US20160239798A1 (en) | Autonomous delivery of items | |
US9401922B1 (en) | Systems and methods for analysis of abnormal conditions in computing machines | |
CN106415584B (en) | The pre-installation detection system and method for mobile device Malware | |
CN109155774B (en) | System and method for detecting security threats | |
US20130074187A1 (en) | Hacker virus security-integrated control device | |
JP2020160611A (en) | Test scenario generation device and test scenario generation method and test scenario generation program | |
CN104268476B (en) | A kind of method for running application program | |
EP3611643B1 (en) | Malware detection based on user interactions | |
US20160340055A1 (en) | Systems and methods for detecting a security breach in an aircraft network | |
CN109845227A (en) | Method and system for network security | |
CN109997138A (en) | For detecting the system and method for calculating the malicious process in equipment | |
US10075456B1 (en) | Systems and methods for detecting exploit-kit landing pages | |
US9552481B1 (en) | Systems and methods for monitoring programs | |
US10628188B2 (en) | Disabling just-in-time translation for application functions | |
US10885191B1 (en) | Detonate targeted malware using environment context information | |
CN104573496B (en) | The method and apparatus that a kind of No starting item starts | |
CN109347876A (en) | A kind of safety defense method and relevant apparatus | |
CN106462704B (en) | Dynamic reads in code analysis device and dynamic reads in code analysis methods | |
US9881155B2 (en) | System and method for automatic use-after-free exploit detection |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171219 |
|
RJ01 | Rejection of invention patent application after publication |