CN108512699B - Block chain service server data anomaly detection method and equipment and block chain system - Google Patents

Block chain service server data anomaly detection method and equipment and block chain system Download PDF

Info

Publication number
CN108512699B
CN108512699B CN201810215188.XA CN201810215188A CN108512699B CN 108512699 B CN108512699 B CN 108512699B CN 201810215188 A CN201810215188 A CN 201810215188A CN 108512699 B CN108512699 B CN 108512699B
Authority
CN
China
Prior art keywords
block chain
service
sdn
blockchain
router
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810215188.XA
Other languages
Chinese (zh)
Other versions
CN108512699A (en
Inventor
马田丰
唐雄燕
赫罡
高功应
谭蓓
石乐
邢向晖
***
童俊杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
China Information Technology Designing and Consulting Institute Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
China Information Technology Designing and Consulting Institute Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd, China Information Technology Designing and Consulting Institute Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN201810215188.XA priority Critical patent/CN108512699B/en
Publication of CN108512699A publication Critical patent/CN108512699A/en
Application granted granted Critical
Publication of CN108512699B publication Critical patent/CN108512699B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0813Configuration setting characterised by the conditions triggering a change of settings
    • H04L41/0816Configuration setting characterised by the conditions triggering a change of settings the condition being an adaptation, e.g. in response to network events
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0823Errors, e.g. transmission errors
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Environmental & Geological Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention provides a method and equipment for detecting data exception of a block chain service server and a block chain system, relates to the field of block chains, and can enable the block chain system to perform self-detection on various faults and take corresponding measures. The method comprises the following steps: the method comprises the steps that a block chain core server obtains block chain service data generated by at least one block chain service server; then the block chain core server can judge whether the block chain service server in the at least one block chain service server has data abnormity according to a preset algorithm according to the block chain service data generated by the at least one block chain service server; when the target block chain service server is determined to have data abnormality, sending a processing instruction corresponding to the data abnormality to the SDN controller, so that the SDN controller generates corresponding router configuration parameters according to the processing instruction and sends the router configuration parameters to a service SDN router connected with the target block chain service server, and the SDN controller updates self configuration according to the router configuration parameters.

Description

Block chain service server data anomaly detection method and equipment and block chain system
Technical Field
The present invention relates to the field of blockchain technologies, and in particular, to a method, a device, and a blockchain system for detecting data anomalies in a blockchain service server.
Background
The core of the block chain technology is a distributed account book technology, and the block chain technology is a technical scheme for maintaining a reliable database collectively in a decentralized and trust-removing mode. At present, the block chain technology is evolved from 1.0 version which takes bitcoin as a main part to 2.0 version of an intelligent contract, and becomes a new technology which has great potential to be applied to various industries. The block chain has the technical characteristics of strong two-sidedness: the characteristics of openness, consensus, decentralization and distrust enable the blockchain to have strong robustness and open transparency, but because each server node in the original blockchain system stores transaction information and property information of all users in the blockchain system, and because data change in the blockchain system cannot be tracked when the information of the blockchain users in the same time zone is kept secret, once the whole system of the blockchain encounters network attack and network lassitude, the blockchain system cannot guarantee property recovery and criminal location. For example, a Bitfinex transaction platform constructed based on the blockchain technology is stolen by 12 ten thousand of megabits in 2016, but the transaction platform cannot trace the source and the hacker due to the defects of the blockchain technology, and the loss can only be leveled by the user.
Disclosure of Invention
Embodiments of the present invention provide a method, an apparatus, and a system for detecting data exception of a block chain service server, which can establish a block chain system capable of detecting a failure of the block chain service server, thereby avoiding a loss of a block chain user.
In order to achieve the above purpose, the embodiment of the invention adopts the following technical scheme:
in a first aspect, a method for detecting data anomaly of a blockchain service in a blockchain system is provided, including:
the block chain core server acquires at least one block chain service data through a core SDN router connected with the block chain core server, wherein the at least one block chain service data is generated by the at least one block chain service server and is sent to an SDN router corresponding to address data in the at least one block chain service data and a core SDN router connected with the block chain core server through service SDN routers connected with the block chain core server;
the block chain core server judges whether a block chain service server in at least one block chain service server has data abnormality according to all the acquired block chain service data and a preset algorithm;
when the block chain core server determines that the target block chain service server has data abnormality, sending a processing instruction corresponding to the data abnormality to an SDN controller through a core SDN router connected with the block chain core server and a control SDN router connected with an SDN controller; the target block chain service server is any one of the at least one block chain service server;
after receiving the processing instruction, the SDN controller generates router configuration parameters corresponding to the processing instruction, and sends the router configuration parameters to a service SDN router connected with a target block chain service server through a control SDN router connected with the SDN controller;
and the service SDN router connected with the target block chain service server updates the self configuration according to the router configuration parameters.
Optionally, before sending the blockchain service data, the service SDN router connected to any blockchain service server further includes: and a service SDN router connected with any block chain service server sets a preset label for the block chain service data so that the service SDN router or the core SDN router receiving the block chain service data identifies and acquires the block chain service data.
Optionally, the data exception of the target blockchain service server at least includes: the target block chain service server is attacked, so that the block chain service function and the preset of the target block chain service server are inconsistent, the target block chain service server issues illegal information, and the number of block chain service data generated by the target block chain service server exceeds a preset standard;
the processing instruction is at least one of the following: a first processing instruction, a second processing instruction, and a third processing instruction; the target block chain service server is attacked, so that the block chain service function and the preset condition of the target block chain service server do not correspond to the first processing instruction, the target block chain service server issues illegal information corresponding to the second processing instruction, and the number of the block chain service data of the target block chain service server exceeds the preset standard corresponding to the third processing instruction.
Optionally, the step of generating, by the SDN controller, a router configuration parameter corresponding to the processing instruction after receiving the processing instruction, and sending, by the SDN router connected to the SDN controller, the router configuration parameter to the service SDN router connected to the target block chaining service server includes:
when the SDN controller receives the first processing instruction, generating router firewall configuration parameters, and sending the router firewall configuration parameters to a service SDN router connected with a target block chain service server through a control SDN router connected with the SDN controller;
when the SDN controller receives the second processing instruction, generating a router port configuration parameter, and sending the router port configuration parameter to a service SDN router connected with a target block chain service server through a control SDN router connected with the SDN controller;
and when the SDN controller receives the third processing instruction, generating a router bandwidth configuration parameter, and sending the router bandwidth configuration parameter to a service SDN router connected with the target block chain service server through a control SDN router connected with the SDN controller.
Further optionally, the updating, by the service SDN router connected to the target block chain service server according to the router configuration parameter, of the configuration of the service SDN router itself includes: a service SDN router connected with a target block chain service server updates the firewall configuration of the service SDN router according to the firewall configuration parameters of the router; a service SDN router connected with a target block chain service server closes a port for issuing illegal information according to a router port configuration parameter; and the service SDN router connected with the target block chain service server adjusts the available bandwidth for data transmission according to the router bandwidth configuration parameter.
Optionally, when a new blockchain service server joins the blockchain system, the method further includes: the SDN controller receives a docking instruction sent by a new block chain service server through a service SDN router connected with the SDN controller through a control SDN router connected with the SDN controller so as to complete docking, and the docking instruction carries address data of the new block chain service server;
the block chain core server sends block chain service data and address data of all block chain service servers in a block chain system stored by the block chain core server to a new block chain service server through a core SDN router connected with the block chain core server and a service SDN router connected with the new block chain service server;
after the service SDN router connected with the new block chain service server is in butt joint with the SDN controller, the block chain core server acquires block chain service data generated by the new block chain service server and sent by the service SDN router connected with the block chain core server through the core SDN router connected with the block chain core server.
In a second aspect, there is provided a blockchain core server, including: the device comprises an acquisition module, a processing module and a sending module;
the acquiring module is used for acquiring at least one block chain service data sent by a core SDN router connected with a block chain core server, wherein the at least one block chain service data is generated by the at least one block chain service server and is sent to the core SDN router connected with the block chain core server through the service SDN router connected with the block chain service server;
the processing module is used for judging whether the block chain service server in at least one block chain service server has data abnormity according to all the block chain service data received by the acquisition module and a preset algorithm;
the sending module is used for sending a processing instruction corresponding to the data exception to a core SDN router connected with the block chain core server when the processing module determines that the target block chain service server has the data exception.
Specifically, the data exception existing in the target blockchain service server includes: the target block chain service server is attacked, so that the block chain service function and the preset of the target block chain service server are inconsistent, the target block chain service server issues illegal information, and the quantity of block chain service data generated by the target block chain service server exceeds a preset standard.
Optionally, the blockchain core server further includes a storage module; the storage module is used for storing all the blockchain service data acquired by the acquisition module and the address data of all the blockchain service servers;
when a new blockchain service server is added into a blockchain system where a blockchain core server is located, the sending module is further configured to send all blockchain service data and address data of all blockchain service servers stored in the storage module to a service SDN router connected to the new blockchain service server, so that the new blockchain service server obtains all blockchain service data and address data of all blockchain service servers through the service SDN router connected to the new blockchain service server;
the obtaining module is further configured to obtain blockchain service data of a new blockchain service server, where the blockchain service data of the new blockchain service server is sent by a core SDN router connected to the blockchain core server, and the blockchain service data of the new blockchain service server is generated by the new blockchain service server and is sent to the core SDN router connected to the blockchain core server through a service SDN router connected to the new blockchain service server.
In a third aspect, an SDN controller is provided, including: the device comprises a receiving module, a sending module and a processing module;
the receiving module is used for receiving a processing instruction which is connected with the SDN controller and sent by a control SDN router, and the processing instruction is generated by a block chain core server and sent to the control SDN router connected with the SDN controller through the core SDN router connected with the processing instruction;
the processing module is used for generating router configuration parameters according to the processing instruction received by the receiving module;
the sending module is used for sending the router configuration parameters generated by the processing module to a control SDN router connected with the SDN controller.
Specifically, the processing instruction is at least one of the following items: a first processing instruction, a second processing instruction, and a third processing instruction; the data exception of the target process corresponding to the first processing instruction is that the target block chain service server is attacked to cause that the block chain service function and the preset of the target process are inconsistent, the data exception of the target process corresponding to the second processing instruction is that the target block chain service server issues illegal information, and the data exception of the target process corresponding to the third processing instruction is that the number of the block chain service data of the target block chain service server exceeds the preset standard;
the processing module is specifically configured to: generating a router firewall configuration parameter according to the first processing instruction; generating a router port configuration parameter according to the second processing instruction; and generating a router bandwidth configuration parameter according to the third processing instruction.
Optionally, when a new blockchain service server joins the blockchain system where the SDN controller is located, the receiving module is further configured to receive a docking instruction sent by the SDN router connected to the SDN controller, where the docking instruction is sent to the control SDN router connected to the SDN controller by the service SDN router connected to the new blockchain service server of the new blockchain service server, and the docking instruction carries address data of the service SDN router connected to the new blockchain service server of the new blockchain service server.
In a fourth aspect, a service SDN router is provided, including: the device comprises a receiving module, a sending module and a processing module;
the receiving module is used for receiving block chain service data generated by a block chain service server connected with a service SDN router;
the sending module is used for sending the block chain service data received by the receiving module to a core SDN router connected with a block chain core server and a service SDN router corresponding to address data in the block chain service data;
when data abnormality exists in a block chain service server connected with the service SDN router, the receiving module is further used for receiving router configuration parameters generated by the SDN controller and sent by the SDN controller through the control SDN router connected with the receiving module;
the processing module is used for changing the configuration of the service SDN router according to the router configuration parameters.
Optionally, the processing module is further configured to set a preset tag for the blockchain service data received by the receiving module before the sending module sends the blockchain service data, so that a core SDN router connected to the blockchain core server and a service SDN router corresponding to address data in the blockchain service data obtain and identify the blockchain service data.
Optionally, when the router configuration parameter is a router firewall configuration parameter, the processing module is configured to change a current firewall configuration of the SDN router according to the router firewall configuration parameter;
when the router configuration parameter is a router port configuration parameter, the processing module is used for changing the current port configuration of the SDN router according to the router port configuration parameter;
when the router configuration parameter is the router bandwidth configuration parameter, the processing module is used for changing the current available bandwidth of the SDN router according to the router bandwidth configuration parameter.
In a fifth aspect, a blockchain system is provided, which includes the blockchain core server provided in the second aspect, the SDN controller provided in the third aspect, and the SDN router provided in the fourth aspect.
The block chain core server obtains at least one block chain service data through a core SDN router connected with the block chain core server, wherein the at least one block chain service data is generated by the at least one block chain service server and is sent to an SDN router corresponding to address data in the at least one block chain service data and the core SDN router connected with the block chain core server through service SDN routers respectively connected with the at least one block chain service server; the block chain core server judges whether a block chain service server in at least one block chain service server has data abnormality according to all the acquired block chain service data and a preset algorithm; when the block chain core server determines that the target block chain service server has data abnormality, sending a processing instruction corresponding to the data abnormality to an SDN controller through a core SDN router connected with the block chain core server and a control SDN router connected with an SDN controller; the target block chain service server is any one of the at least one block chain service server; after receiving the processing instruction, the SDN controller generates router configuration parameters corresponding to the processing instruction, and sends the router configuration parameters to a service SDN router connected with a target block chain service server through a control SDN router connected with the SDN controller; and the service SDN router connected with the target block chain service server updates the self configuration according to the router configuration parameters. Therefore, in the use process of the blockchain system, the blockchain core server can obtain blockchain service data sent by the SDN router connected with at least one blockchain service server; then, the block chain core server can judge whether the block chain service server in all the block chain service servers has data abnormality according to a preset algorithm according to the block chain service data sent by the service SDN router connected with all the block chain service servers; when the target block chain service server is determined to have data abnormality, sending a processing instruction connected with the data abnormality to the SDN controller, so that the SDN controller generates corresponding router configuration parameters according to the processing instruction and sends the router configuration parameters to a service SDN router connected with the target block chain service server, and the SDN controller updates self configuration according to the router configuration parameters. Therefore, the blockchain system provided by the embodiment of the invention can timely perform corresponding control on the blockchain system when the blockchain service server in the blockchain system is attacked or fails by the outside through the participation of the SDN technology, thereby avoiding the loss of users.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flowchart of a data anomaly detection method for a blockchain service server in a blockchain system according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a data anomaly detection method for a blockchain service server in another blockchain system according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating a new method for adding a blockchain service server according to an embodiment of the present invention;
fig. 4 is a block chain system structure diagram according to an embodiment of the present invention;
fig. 5 is a block chain core server according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an SDN controller according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a service SDN router according to an embodiment of the present invention;
fig. 8 is a schematic diagram of an actual structure of a block chain system according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that, in the embodiments of the present invention, words such as "exemplary" or "for example" are used to indicate examples, illustrations or explanations. Any embodiment or design described as "exemplary" or "e.g.," an embodiment of the present invention is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, use of the word "exemplary" or "such as" is intended to present concepts related in a concrete fashion.
It should be noted that, in the embodiments of the present invention, "of", "corresponding" and "corresponding" may be sometimes used in combination, and it should be noted that, when the difference is not emphasized, the intended meaning is consistent.
For the convenience of clearly describing the technical solutions of the embodiments of the present invention, in the embodiments of the present invention, the words "first", "second", and the like are used for distinguishing the same items or similar items with basically the same functions and actions, and those skilled in the art can understand that the words "first", "second", and the like are not limited in number or execution order.
The block chain structure in the existing block chain technology has the characteristics of strong robustness and disclosure transparency due to the characteristics of openness, consensus, decentralization and distrust, but because transaction information and property information of all users in the block chain system are stored in each server node in the original block chain system, and because data change in the block chain system cannot be tracked in a secret way when the user information of the block chain in the same time zone can not be modified, once the whole system of the block chain is subjected to network attack and network lasso, the block chain system cannot guarantee property security of the users.
In view of the above problem, referring to fig. 1, an embodiment of the present invention provides a method for detecting data anomaly of a blockchain service in a blockchain system, including:
101. the block chain core server obtains at least one block chain service data through a core SDN (software defined Network) router connected with the block chain core server.
The at least one block chain service data is generated by at least one block chain service server and is sent to a service SDN router corresponding to address data in the at least one block chain service data and a core SDN router connected with the block chain core server through service SDN routers connected with the at least one block chain service server; in practice, since there is more than one blockchain core server in the blockchain system, the blockchain service servers of the whole system are generally divided into several parts to be managed by different blockchain core servers, and of course, all the blockchain service servers can be managed by one blockchain core server, which is not limited herein.
In addition, because it is necessary to distinguish the network of the blockchain system from the public network, when the service SDN router sends the blockchain service data generated by the blockchain service server, a label that can only be identified by the service SDN router or the core router in the blockchain system is added to the blockchain service data, so that the following options are available: before sending the blockchain service data, the SDN router connected to any blockchain service server further includes: a service SDN router connected with any block chain service server sets a preset label for block chain service data so that a service SDN router or a core SDN router receiving the block chain service data identifies and acquires the block chain service data;
it should be noted that, data transmission among the core SDN router, the service SDN router, and the control SDN router is performed, as long as the transmitted data is usage data belonging to a blockchain system, the SDN router that correspondingly sends the data sets a preset tag for the sent data, and here, only one of the cases is schematically selected for description;
specifically, the SDN router encapsulates forwarding packets in the blockchain system to some extent by using a tunneling technique (e.g., MPLS (Multi-Protocol Label Switching), Vxlan (virtual extensible LAN, virtual extensible local area network, or other techniques)) in a normal data forwarding function technique of a three-layer forwarding device in a communication network, so that SDN routers in the whole blockchain system can recognize each other to form a private network dedicated to a blockchain service server connected to each SDN router.
102. And the block chain core server judges whether the block chain service server has data abnormality or not according to all the acquired block chain service data and a preset algorithm.
In practice, the block chain service server with data abnormality is judged according to data through a preset algorithm, and the data can be displayed to a specific professional manager for judgment; the block chain core server not only needs to judge which block chain service servers have data abnormality, but also determines which data abnormality occurs; in addition, in a special case, when the blockchain core server itself also performs the service activity of the blockchain service server, the blockchain core server itself may also have data abnormality, and at this time, the blockchain core server is also a special blockchain service server, and at this time, the data abnormality of the blockchain core server is also determined by itself, and the processing procedure is the same as that of the normal blockchain service server.
103. When the blockchain core server determines that the target blockchain service server has data abnormality, a processing instruction corresponding to the data abnormality is sent to the SDN controller through a core SDN router connected with the blockchain core server and a control SDN router connected with the SDN controller.
The target block chain service server is any one of the at least one block chain service server;
in practice, the processing instruction carries a preliminary processing policy (for example, temporarily isolating the blockchain service server and adjusting the available network bandwidth of the blockchain service server) that is determined by the blockchain core server according to the specific data exception category of the blockchain service server with data exception.
104. And after receiving the processing instruction, the SDN controller generates router configuration parameters corresponding to the processing instruction, and sends the router configuration parameters to a service SDN router connected with a target block chain service server through a control SDN router connected with the SDN controller.
Illustratively, the data exception of the target blockchain service server at least comprises: the target block chain service server is attacked, so that the block chain service function and the preset of the target block chain service server are inconsistent, the target block chain service server issues illegal information, and the number of block chain service data generated by the target block chain service server exceeds a preset standard; the processing instruction is at least one of the following: a first processing instruction, a second processing instruction, and a third processing instruction; the target block chain service server is attacked, so that the block chain service function of the target block chain service server is inconsistent with the preset first processing instruction, the target block chain service server issues illegal information corresponding to the second processing instruction, and the number of the block chain service data of the target block chain service server exceeds the preset standard corresponding to the third processing instruction;
illustratively, the step 104 shown in fig. 2 specifically includes:
1041. and when the SDN controller receives the first processing instruction, generating router firewall configuration parameters, and sending the router firewall configuration parameters to a service SDN router connected with a target block chain service server through a control SDN router connected with the SDN controller.
1042. And when the SDN controller receives the second processing instruction, generating a router port configuration parameter, and sending the router port configuration parameter to a service SDN router connected with the target block chain service server through a control SDN router connected with the SDN controller.
1043. And when the SDN controller receives the third processing instruction, generating a router bandwidth configuration parameter, and sending the router bandwidth configuration parameter to a service SDN router connected with the target block chain service server through a control SDN router connected with the SDN controller.
105. And the service SDN router connected with the target block chain service server updates the self configuration according to the router configuration parameters.
Specifically, referring to fig. 2, the step 105 specifically includes:
1051. and the service SDN router connected with the target block chain service server updates the firewall configuration of the service SDN router according to the firewall configuration parameters of the router.
1052. And the service SDN router connected with the target block chain service server closes the port for issuing illegal information according to the configuration parameters of the router port.
1053. And the service SDN router connected with the target block chain service server adjusts the available bandwidth for data transmission according to the router bandwidth configuration parameter.
Since in practice, a new user will join the blockchain system at any time, and thus a new blockchain service server will be generated, optionally, referring to fig. 3, when a new blockchain service server joins the blockchain system where the SDN controller is located, the method further includes:
and S1, the SDN controller receives a docking instruction sent by the new blockchain service server through the service SDN router connected with the SDN controller through the SDN controller to complete docking, and the docking instruction carries address data of the new blockchain service server.
Specifically, the address data of the new blockchain service server should include the address of the service SDN router connected thereto, and is finally forwarded to the new blockchain service server through the service SDN router.
And S2, the blockchain core server sends the blockchain service data and the address data of all blockchain service servers in the blockchain system stored by the blockchain core server to the new blockchain service server through the core SDN router connected with the blockchain core server and the service SDN router connected with the new blockchain service server.
Specifically, since the blockchain system requires that each blockchain service server has all the service information generated by the blockchain system and the addresses of other blockchain service servers that can be contacted by service, S2 exists.
And S3, after the service SDN router connected with the new blockchain service server is in butt joint with the SDN controller, the blockchain core server acquires blockchain service data generated by the new blockchain service server and sent by the service SDN router connected with the blockchain core server through the core SDN router connected with the blockchain core server.
The block chain core server obtains at least one block chain service data through a core SDN router connected with the block chain core server, wherein the at least one block chain service data is generated by the at least one block chain service server and is sent to an SDN router corresponding to address data in the at least one block chain service data and the core SDN router connected with the block chain core server through service SDN routers respectively connected with the at least one block chain service server; the block chain core server judges whether a block chain service server in at least one block chain service server has data abnormality according to all the acquired block chain service data and a preset algorithm; when the block chain core server determines that the target block chain service server has data abnormality, sending a processing instruction corresponding to the data abnormality to an SDN controller through a core SDN router connected with the block chain core server and a control SDN router connected with an SDN controller; the target block chain service server is any one of the at least one block chain service server; after receiving the processing instruction, the SDN controller generates router configuration parameters corresponding to the processing instruction, and sends the router configuration parameters to a service SDN router connected with a target block chain service server through a control SDN router connected with the SDN controller; and the service SDN router connected with the target block chain service server updates the self configuration according to the router configuration parameters. Therefore, in the use process of the blockchain system, the blockchain core server can obtain blockchain service data sent by the SDN router connected with at least one blockchain service server; then, the block chain core server can judge whether the block chain service server in all the block chain service servers has data abnormality according to a preset algorithm according to the block chain service data sent by the service SDN router connected with all the block chain service servers; when the target block chain service server is determined to have data abnormality, sending a processing instruction connected with the data abnormality to the SDN controller, so that the SDN controller generates corresponding router configuration parameters according to the processing instruction and sends the router configuration parameters to a service SDN router connected with the target block chain service server, and the SDN controller updates self configuration according to the router configuration parameters. Therefore, the blockchain system provided by the embodiment of the invention can timely perform corresponding control on the blockchain system when the blockchain service server in the blockchain system is attacked or fails by the outside through the participation of the SDN technology, thereby avoiding the loss of users.
Referring to fig. 4, an embodiment of the present invention provides a blockchain system, which includes a blockchain core server 41, an SDN controller 42, and a service SDN router 43(43-1,43-2, 43-3); the blockchain system further comprises a core SDN router 44 and a control SDN router 45 having the same functionality as the service SDN router 43 and at least one blockchain service server 46(46-1,46-2, 46-3); the block chain system can complete the block chain service server data anomaly detection method in the block chain system provided in the embodiment; in practice, the block chain system structure is shown in fig. 8.
In addition, in the blockchain system provided by the embodiment of the present invention, information interaction between the components needs to conform to a protocol shown in table 1 below:
Figure BDA0001598397030000121
Figure BDA0001598397030000131
TABLE 1
Specifically, the SDN routers in table 1 include the core SDN router, the service SDN router, and the core SDN router in the foregoing embodiments.
Referring to fig. 5, an embodiment of the present invention provides a blockchain core server 41 in a blockchain system, including: an acquisition module 411, a processing module 412 and a sending module 413;
the obtaining module 411 is configured to obtain at least one blockchain service data sent by a core SDN router 44 connected to the blockchain core server 41, where the at least one blockchain service data is generated by the at least one blockchain service server and is sent to the core SDN router 44 connected to the blockchain core server 41 through a service SDN router connected to the at least one blockchain service server;
the processing module 412 is configured to determine, according to all the block chain service data received by the obtaining module 411 and according to a preset algorithm, whether a block chain service server in at least one block chain service server has data abnormality;
the sending module 413 is configured to send a processing instruction corresponding to the data exception to the core SDN router 44 connected to the blockchain core server 41 when the processing module 412 determines that the target blockchain service server has the data exception.
Specifically, the data exception existing in the target blockchain service server includes: the target block chain service server is attacked, so that the block chain service function and the preset of the target block chain service server are inconsistent, the target block chain service server issues illegal information, and the quantity of block chain service data generated by the target block chain service server exceeds a preset standard.
Optionally, the blockchain core server 41 further includes a storage module; the storage module is configured to store all the blockchain service data and address data of all the blockchain service servers acquired by the acquisition module 411;
when a new blockchain service server joins the blockchain system where the blockchain core server 41 is located, the sending module 413 is further configured to send all blockchain service data and address data of all blockchain service servers stored in the storage module to the service SDN router 43-4 connected to the new blockchain service server, so that the new blockchain service server obtains all blockchain service data and address data of all blockchain service servers through the service SDN router connected to the new blockchain service server;
the obtaining module 411 is further configured to obtain blockchain service data of a new blockchain service server, which is sent by the core SDN router 44 connected to the blockchain core server 41, and the blockchain service data of the new blockchain service server is generated by the new blockchain service server and is sent to the core SDN router 44 connected to the blockchain core server 41 through the service SDN router 43-4 connected to itself.
In practice, in the blockchain system, the blockchain core server is formed by adding a blockchain analysis management system on the basis that a certain blockchain server has all blockchain business functions (for example, in a bitcoin system, a fully functional blockchain server needs to have routing, mining, full blockchain system data, wallet functions, and the like), and the blockchain analysis management system can analyze the running conditions of all servers in the blockchain system based on the blockchain business data acquired by the blockchain core server; in the technical solution provided in the embodiment of the present invention, the blockchain core server only refers to an analysis management system in the blockchain core server, and a part implementing a service function is listed as one member of the blockchain service server; in practice, the blockchain service server is a blockchain server having a part or all of the service functions in the blockchain system.
Referring to fig. 6, an embodiment of the present invention provides an SDN controller 42 in a blockchain system, including: a receiving module 421, a transmitting module 422 and a processing module 423;
the receiving module 421 is configured to receive a processing instruction sent by a control SDN router 45 connected to the SDN controller 42, where the processing instruction is sent to the control SDN router connected to the SDN controller by a core SDN router connected to a blockchain core server;
the processing module 423 is configured to generate a router configuration parameter according to the processing instruction received by the receiving module 421;
the sending module 422 is configured to send the router configuration parameters generated by the processing module 423 to a controlling SDN router 45 connected to the SDN controller 42.
Specifically, the processing instruction is at least one of the following items: a first processing instruction, a second processing instruction, and a third processing instruction; the data exception of the target process corresponding to the first processing instruction is that the target block chain service server is attacked to cause that the block chain service function and the preset of the target process are inconsistent, the data exception of the target process corresponding to the second processing instruction is that the target block chain service server issues illegal information, and the data exception of the target process corresponding to the third processing instruction is that the number of the block chain service data of the target block chain service server exceeds the preset standard;
the processing module 423 is specifically configured to: generating a router firewall configuration parameter according to the first processing instruction; generating a router port configuration parameter according to the second processing instruction; and generating a router bandwidth configuration parameter according to the third processing instruction.
Optionally, when a new blockchain service server joins the blockchain system where the SDN controller 42 is located, the receiving module 421 is further configured to receive a docking instruction sent by the SDN router 45 connected to the SDN controller 42, where the docking instruction is sent to the SDN router connected to the SDN controller by the service SDN router connected to the new blockchain service server of the new blockchain service server, and the docking instruction carries address data of the SDN router connected to the new blockchain service server of the new blockchain service server.
Referring to fig. 7, an embodiment of the present invention provides a service SDN router 43-1 in a block chain system (only 43-1 is taken as an example and is not taken as a limitation in fig. 7), including: a receiving module 431, a transmitting module 432 and a processing module 433;
the receiving module 431 is configured to receive blockchain service data generated by the blockchain service server 46-1 connected to the service SDN router 43-1;
the sending module 432 is configured to send the blockchain service data received by the receiving module 431 to a core SDN router 44 connected to the blockchain core server and a service SDN router 43-2 corresponding to address data in the blockchain service data (only 43-2 is taken as an example in fig. 7, and is not taken as a limiting condition);
when there is data anomaly in the blockchain service server connected to the service SDN router 43, the receiving module 431 is further configured to receive a router configuration parameter generated by the SDN controller and sent by the control SDN router 45 connected to the SDN controller;
the processing module 433 is configured to change the configuration of the service SDN router 43 according to the router configuration parameter.
Optionally, the processing module 433 is further configured to set a preset tag to the blockchain service data received by the receiving module 431 before the sending module 432 sends the blockchain service data, so that the core SDN router 44 connected to the blockchain core server and the service SDN router 43-2 corresponding to the address data in the blockchain service data acquire and identify the blockchain service data.
Optionally, when the router configuration parameter is a router firewall configuration parameter, the processing module 433 is configured to change a current firewall configuration of the SDN router 43-1 according to the router firewall configuration parameter;
when the router configuration parameter is a router port configuration parameter, the processing module 433 is configured to change the current port configuration of the SDN router 43-1 according to the router port configuration parameter;
when the router configuration parameter is a router bandwidth configuration parameter, the processing module 433 is configured to change a current available bandwidth of the service SDN router 43-1 according to the router bandwidth configuration parameter.
In summary, the method, device and system for detecting data abnormality of a blockchain service server provided by the embodiments of the present invention include that, when data abnormality occurs in the blockchain service server, a blockchain core server obtains at least one blockchain service data through a core SDN router connected to the blockchain core server, where the at least one blockchain service data is generated by the at least one blockchain service server and sent to an SDN router corresponding to address data in the at least one blockchain service data and a core SDN router connected to the blockchain core server through the service SDN routers connected to the blockchain core server; the block chain core server judges whether a block chain service server in at least one block chain service server has data abnormality according to all the acquired block chain service data and a preset algorithm; when the block chain core server determines that the target block chain service server has data abnormality, sending a processing instruction corresponding to the data abnormality to an SDN controller through a core SDN router connected with the block chain core server and a control SDN router connected with an SDN controller; the target block chain service server is any one of the at least one block chain service server; after receiving the processing instruction, the SDN controller generates router configuration parameters corresponding to the processing instruction, and sends the router configuration parameters to a service SDN router connected with a target block chain service server through a control SDN router connected with the SDN controller; and the service SDN router connected with the target block chain service server updates the self configuration according to the router configuration parameters. Therefore, in the use process of the blockchain system, the blockchain core server can obtain blockchain service data sent by the SDN router connected with at least one blockchain service server; then, the block chain core server can judge whether the block chain service server in all the block chain service servers has data abnormality according to a preset algorithm according to the block chain service data sent by the service SDN router connected with all the block chain service servers; when the target block chain service server is determined to have data abnormality, sending a processing instruction connected with the data abnormality to the SDN controller, so that the SDN controller generates corresponding router configuration parameters according to the processing instruction and sends the router configuration parameters to a service SDN router connected with the target block chain service server, and the SDN controller updates self configuration according to the router configuration parameters. Therefore, the blockchain system provided by the embodiment of the invention can timely perform corresponding control on the blockchain system when the blockchain service server in the blockchain system is attacked or fails by the outside through the participation of the SDN technology, thereby avoiding the loss of users.
The above description is only for the specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (16)

1. A data anomaly detection method for block chain service in a block chain system comprises the following steps:
the block chain core server acquires at least one block chain service data through a core SDN router connected with the block chain core server, wherein the at least one block chain service data is generated by the at least one block chain service server and is sent to an SDN router corresponding to address data in the at least one block chain service data and the core SDN router connected with the block chain core server through service SDN routers connected with the block chain core server;
the block chain core server judges whether a block chain service server in at least one block chain service server has data abnormality according to all the acquired block chain service data and a preset algorithm;
when the blockchain core server determines that data abnormality exists in a target blockchain service server, sending a processing instruction corresponding to the data abnormality to an SDN controller through a core SDN router connected with the blockchain core server and a control SDN router connected with an SDN controller; the target block chain service server is any one of the at least one block chain service server;
the SDN controller generates router configuration parameters corresponding to the processing instruction after receiving the processing instruction, and sends the router configuration parameters to a service SDN router connected with the target block chain service server through a control SDN router connected with the SDN controller;
and the service SDN router connected with the target block chain service server updates the self configuration according to the router configuration parameters.
2. The method of claim 1, wherein before sending blockchain service data, the service SDN router connected to any blockchain service server further comprises:
and a service SDN router connected with any block chain service server sets a preset label for the block chain service data so that a service SDN router or a core SDN router receiving the block chain service data identifies and acquires the block chain service data.
3. The method of claim 1, wherein the data exception of the target blockchain service server at least comprises: the target block chain service server is attacked, so that the block chain service function and the preset of the target block chain service server are inconsistent, the target block chain service server issues illegal information, and the quantity of block chain service data generated by the target block chain service server exceeds a preset standard;
the processing instruction is at least one of: a first processing instruction, a second processing instruction, and a third processing instruction; the target block chain service server is attacked, so that block chain service functions and preset inconsistency of the target block chain service server correspond to the first processing instruction, the target block chain service server issues illegal information corresponding to the second processing instruction, and the number of block chain service data of the target block chain service server exceeds a preset standard and corresponds to the third processing instruction.
4. The method of claim 3, wherein the SDN controller generates router configuration parameters corresponding to the processing instructions after receiving the processing instructions, and sends the router configuration parameters to a service SDN router connected to the target blockchain service server through a control SDN router connected to the SDN controller comprises:
when the SDN controller receives a first processing instruction, generating router firewall configuration parameters, and sending the router firewall configuration parameters to a service SDN router connected with the target block chain service server through a control SDN router connected with the SDN controller;
when the SDN controller receives a second processing instruction, generating router port configuration parameters, and sending the router port configuration parameters to a service SDN router connected with the target block chaining service server through a control SDN router connected with the SDN controller;
and when the SDN controller receives a third processing instruction, generating router bandwidth configuration parameters, and sending the router bandwidth configuration parameters to a service SDN router connected with the target block chain service server through a control SDN router connected with the SDN controller.
5. The method of claim 4, wherein updating the self-configuration of the target blockchain service server connected service SDN router according to the router configuration parameters comprises:
a service SDN router connected with the target block chain service server updates the firewall configuration of the service SDN router according to the firewall configuration parameters of the router;
a service SDN router connected with the target block chain service server closes a port for releasing the illegal information according to the configuration parameters of the router port;
and the service SDN router connected with the target block chain service server adjusts the available bandwidth for data transmission according to the router bandwidth configuration parameter.
6. The method of claim 1, wherein when a new blockchain service server joins the blockchain system, further comprising:
the SDN controller receives a docking instruction sent by the new blockchain service server through a service SDN router connected with the SDN controller through a control SDN router connected with the SDN controller so as to complete docking, wherein the docking instruction carries address data of the new blockchain service server;
the blockchain core server sends blockchain service data and address data of all blockchain service servers in the blockchain system, which are stored by the blockchain core server, to the new blockchain service server through a core SDN router connected with the blockchain core server and a service SDN router connected with the new blockchain service server;
and after the service SDN router connected with the new blockchain service server is in butt joint with the SDN controller, the blockchain core server acquires blockchain service data generated by the new blockchain service server and sent by the service SDN router connected with the blockchain core server through the core SDN router connected with the blockchain core server.
7. A blockchain core server, comprising: the device comprises an acquisition module, a processing module and a sending module;
the acquiring module is used for acquiring at least one block chain service data sent by a core SDN router connected with a block chain core server, wherein the at least one block chain service data is generated by the at least one block chain service server and is sent to the core SDN router connected with the block chain core server through a service SDN router connected with the block chain service server;
the processing module is used for judging whether a block chain service server in at least one block chain service server has data abnormity according to all the block chain service data received by the acquisition module and a preset algorithm;
the sending module is used for sending a processing instruction corresponding to the data exception to a core SDN router connected with the block chain core server when the processing module determines that the target block chain service server has the data exception.
8. The blockchain core server of claim 7, wherein the data exception existing for the target blockchain service server includes: the target block chain service server is attacked, so that the block chain service function and the preset of the target block chain service server are inconsistent, the target block chain service server issues illegal information, and the quantity of block chain service data generated by the target block chain service server exceeds a preset standard.
9. The blockchain core server of claim 7, further comprising a storage module;
the storage module is used for storing all the blockchain service data acquired by the acquisition module and the address data of all the blockchain service servers;
when a new blockchain service server joins the blockchain system where the blockchain core server is located, the sending module is further configured to send all blockchain service data stored in the storage module and address data of all blockchain service servers to a service SDN router connected to the new blockchain service server, so that the new blockchain service server obtains all blockchain service data and address data of all blockchain service servers through the service SDN router connected to the new blockchain service server;
the obtaining module is further configured to obtain blockchain service data of the new blockchain service server, which is sent by a core SDN router connected to the blockchain core server, where the blockchain service data of the new blockchain service server is generated by the new blockchain service server and is sent to the core SDN router connected to the blockchain core server through a service SDN router connected to the new blockchain service server.
10. An SDN controller, comprising: the device comprises a receiving module, a sending module and a processing module;
the receiving module is used for receiving processing instructions sent by a control SDN router connected with the SDN controller, and the processing instructions are generated by a block chain core server and sent to the control SDN router connected with the SDN controller through a core SDN router connected with the block chain core server;
the processing module is used for generating router configuration parameters according to the processing instruction received by the receiving module;
the sending module is configured to send the router configuration parameters generated by the processing module to a controlling SDN router connected to the SDN controller.
11. The SDN controller of claim 10, wherein the processing instructions are at least one of: a first processing instruction, a second processing instruction, and a third processing instruction; the data exception of the target process corresponding to the first processing instruction is that the target block chain service server is attacked to cause that the block chain service function of the target process is inconsistent with the preset value, the data exception of the target process corresponding to the second processing instruction is that the target block chain service server issues illegal information, and the data exception of the target process corresponding to the third processing instruction is that the number of the block chain service data of the target block chain service server exceeds the preset standard;
the processing module is specifically configured to: generating a router firewall configuration parameter according to the first processing instruction; generating a router port configuration parameter according to the second processing instruction; and generating a router bandwidth configuration parameter according to the third processing instruction.
12. The SDN controller of claim 10, wherein when a new blockchain service server joins a blockchain system in which the SDN controller is located,
the receiving module is further configured to receive a docking instruction sent by an SDN router connected to the SDN controller, where the docking instruction is sent to a control SDN router connected to the SDN controller by a service SDN router connected to a new blockchain service server of the new blockchain service server, and the docking instruction carries address data of the service SDN router connected to the new blockchain service server of the new blockchain service server.
13. A service SDN router, comprising: the device comprises a receiving module, a sending module and a processing module;
the receiving module is used for receiving blockchain service data generated by a blockchain service server connected with the service SDN router;
the sending module is used for sending the blockchain service data received by the receiving module to a core SDN router connected with a blockchain core server and a service SDN router corresponding to address data in the blockchain service data;
when data abnormality exists in a blockchain service server connected with the service SDN router, the receiving module is further configured to receive router configuration parameters generated by the SDN controller and sent by a control SDN router connected with the receiving module;
the processing module is used for changing the configuration of the service SDN router according to the router configuration parameters.
14. The service SDN router of claim 13, wherein the processing module is further configured to set a preset tag to the blockchain service data received by the receiving module before the sending module sends the blockchain service data, so that a core SDN router connected to the blockchain core server and a service SDN router corresponding to address data in the blockchain service data acquire and identify the blockchain service data.
15. The service SDN router of claim 13,
when the router configuration parameter is a router firewall configuration parameter, the processing module is configured to change the current firewall configuration of the SDN router according to the router firewall configuration parameter;
when the router configuration parameter is a router port configuration parameter, the processing module is configured to change the current port configuration of the service SDN router according to the router port configuration parameter;
when the router configuration parameter is a router bandwidth configuration parameter, the processing module is configured to change a current available bandwidth of the service SDN router according to the router bandwidth configuration parameter.
16. A blockchain system comprising a blockchain core server according to any of claims 7 to 9, an SDN controller according to any of claims 10 to 12, a service SDN router according to any of claims 13 to 15.
CN201810215188.XA 2018-03-15 2018-03-15 Block chain service server data anomaly detection method and equipment and block chain system Active CN108512699B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810215188.XA CN108512699B (en) 2018-03-15 2018-03-15 Block chain service server data anomaly detection method and equipment and block chain system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810215188.XA CN108512699B (en) 2018-03-15 2018-03-15 Block chain service server data anomaly detection method and equipment and block chain system

Publications (2)

Publication Number Publication Date
CN108512699A CN108512699A (en) 2018-09-07
CN108512699B true CN108512699B (en) 2020-08-14

Family

ID=63376570

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810215188.XA Active CN108512699B (en) 2018-03-15 2018-03-15 Block chain service server data anomaly detection method and equipment and block chain system

Country Status (1)

Country Link
CN (1) CN108512699B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109525397B (en) * 2018-10-12 2021-05-28 南京邮电大学 Block chain and method for SDN network flow rule security guarantee
CN111162970B (en) * 2019-12-30 2021-05-25 支付宝(杭州)信息技术有限公司 Method and device for testing decentralized application server in block chain system
CN111614480B (en) * 2020-03-31 2024-01-05 视联动力信息技术股份有限公司 Service detection method, device and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102857363A (en) * 2012-05-04 2013-01-02 运软网络科技(上海)有限公司 Automatic computing system and method for virtual networking
CN103795805A (en) * 2014-02-27 2014-05-14 中国科学技术大学苏州研究院 Distributed server load balancing method based on SDN
CN104967528A (en) * 2015-05-12 2015-10-07 中国联合网络通信集团有限公司 Bandwidth adjusting method and system based on SDN controller
CN106875165A (en) * 2017-02-22 2017-06-20 中山大学 A kind of common recognition algorithm of utilization software defined network optimization
CN107181720A (en) * 2016-03-11 2017-09-19 中兴通讯股份有限公司 A kind of method and device of software definition networking SDN secure communications
CN107222478A (en) * 2017-05-27 2017-09-29 暨南大学 Software defined network key-course security mechanism construction method based on block chain
CN107360115A (en) * 2016-05-09 2017-11-17 中兴通讯股份有限公司 A kind of SDN means of defence and device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102857363A (en) * 2012-05-04 2013-01-02 运软网络科技(上海)有限公司 Automatic computing system and method for virtual networking
CN103795805A (en) * 2014-02-27 2014-05-14 中国科学技术大学苏州研究院 Distributed server load balancing method based on SDN
CN104967528A (en) * 2015-05-12 2015-10-07 中国联合网络通信集团有限公司 Bandwidth adjusting method and system based on SDN controller
CN107181720A (en) * 2016-03-11 2017-09-19 中兴通讯股份有限公司 A kind of method and device of software definition networking SDN secure communications
CN107360115A (en) * 2016-05-09 2017-11-17 中兴通讯股份有限公司 A kind of SDN means of defence and device
CN106875165A (en) * 2017-02-22 2017-06-20 中山大学 A kind of common recognition algorithm of utilization software defined network optimization
CN107222478A (en) * 2017-05-27 2017-09-29 暨南大学 Software defined network key-course security mechanism construction method based on block chain

Also Published As

Publication number Publication date
CN108512699A (en) 2018-09-07

Similar Documents

Publication Publication Date Title
JP7108674B2 (en) Failure root cause determination method and device, and computer storage medium
US10084825B1 (en) Reducing redundant operations performed by members of a cooperative security fabric
CN106130761B (en) The recognition methods of the failed network device of data center and device
US7978595B2 (en) Method for processing multiple active devices in stacking system and stacking member device
US9225624B2 (en) Systems and methods for topology discovery and application in a border gateway protocol based data center
US8270306B2 (en) Fault management apparatus and method for identifying cause of fault in communication network
US8352590B2 (en) Method and system for network management using wire tapping
CN108512699B (en) Block chain service server data anomaly detection method and equipment and block chain system
US7463593B2 (en) Network host isolation tool
US10680893B2 (en) Communication device, system, and method
KR101266592B1 (en) Intrusion detection for virtual layer-2 services
CN105684391A (en) Automated generation of label-based access control rules
WO2019037738A1 (en) Method and apparatus for detecting network fault
JP7416919B2 (en) Data processing methods and devices and computer storage media
CN112291075B (en) Network fault positioning method and device, computer equipment and storage medium
US20140247751A1 (en) Network management service system, control apparatus, method, and program
CN104113443A (en) Network equipment detection method, device and cloud detection system
Cuppens et al. Handling stateful firewall anomalies
CN112929200B (en) SDN multi-controller oriented anomaly detection method
CN106452915B (en) Method and device for discovering MPLS VPN network topology
CN105553809A (en) STUN tunnel management method and device
CN1980232A (en) Telnet session maitenance method, telnet proxy and computer network system
CN107634971B (en) Method and device for detecting flood attack
CN108881315A (en) A kind of method and system of the double LSA attack ospf protocols of detection and recovery based on NFV
CN105407095B (en) Secure communication device and its communication means between heterogeneous networks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant