32results about How to "Protect against malicious attacks" patented technology

A method and apparatus for identifying an object include encoding physical attributes of an object where the encoded information is utilized as at least one element for composing a digital watermark for the object. In another embodiment the physical attributes of the object are utilized as a key for accessing information included in a digital watermark for the object.

The invention discloses a perceptual hashing-based practical and safe image forensic system and a perceptual hashing-based practical and safe image forensic method. The system comprises a certificate authority (CA), forensics computing platform (FCP) and a forensic center (FC). The method comprises the following steps that: the CA provides a certificate for a user, the FCP and the FC and distributes and manages a control key of a hash function for the FCP and the FC; the FCP calculates a characteristic value and generates a hash value of an image at a registration or forensics stage; the FC manages an image hash value from the FCP and provides retrieval and forensics services; the user submits the image to the FCP, extracts an image retrieval characteristic by using the FCP, calculates the hash value of an image segment by using a key distributed by the CA and submits the hash value to an FC database; and when the user needs an authentication image, the image is also submitted to the FCP, the retrieval characteristic is extracted to retrieve the most coincident original image from the FC, the image is segmented and the hash value is calculated by using the same key and the difference between the image and the hash value is compared so as to determine a position on which content tampering occurs. The system achieves high balanced performance in the aspects of safety, robustness, sensibility, rapid retrieval and the like.

The invention relates to a power grid Web application mimicry defense system. A heterogeneous virtual Web server pool which is equivalent in function, diversified and dynamic is constructed, technologies such as redundancy voting, dynamic executor scheduling and database instruction isomerization are adopted, an attack chain is blocked, the utilization difficulty of vulnerabilities or backdoors isincreased, and the availability and safety of Web services are guaranteed. A dynamic environment is realized through active change of software and hardware elements of different layers such as a network, a platform, a system, software and an application, and therefore, the dependency condition of the network attack on the determinacy and continuity of the operating environment is destroyed, controllable active defense is realized in the toxic bacteria-carrying software and hardware element environment with the vulnerability and the backdoor, the unknown attack defense problem by using the unknown vulnerability and the unknown backdoor is solved, and the network security of the key Web application system in the power industry is effectively enhanced.

The invention discloses a lightweight wireless sensor network safety small data distribution method. The method comprises the following stages that: at a first stage, namely, a system initializing stage, a base station generates a one-way key chain, and adds a key chain commitment value into each sensor node before deploying each sensor node; at a second stage, namely, a data packet preprocessing stage, the base station constructs a legal data packet of specific data items by using a Hash function; at a third stage, namely, a data packet verification stage, each sensor node verifies the received data packet, the data packet is received and the sensor node is updated if the received data packet is a legal data packet, otherwise, the data packet is abandoned directly. Under the consideration of limitation on common sensor node resources, the lightweight wireless sensor network safety small data distribution method has the advantages of resistance to sensor node compromise, high robustness on the aspects of packet loss and data packet transmission out-of-sequence, no need of time synchronism between the base station and each sensor node, and the like. Meanwhile, the lightweight wireless sensor network safety small data distribution method has the excellent characteristics of high efficiency, saving in energy, low storage overhead, resistance to malicious attacks, and the like.

The invention discloses a double-layer wear-leveling method and system, and is suitable for the memory of a phase transition storage. The method specifically comprises the following steps: an outer layer is in charge of mapping the storage area logic address of the whole memory to a middle address, and a secrete key is exchanged before a malicious program detects the integral secret key through the increase of the complexity of the secret key; and an inner layer is in charge of using an independent algebra wear-leveling method in each subarea to realize wear-leveling in the area under a situation of low expenditure. The problem that the safety of a memory system is lowered since the secret key of the wear-leveling algorithm is leaked since the phase transition storage has the time delay difference of a resetting operation and a setting operation can be solved.

The invention provides a blockchain security control method and device based on a software defined network, and a blockchain. According to the invention, the security threat in the SDN environment canbe controlled according to the black and white list, and the node of the block chain is protected from DoS attack and unauthorized access by using the SDN, so that the security of the node in the block chain is ensured.

The invention discloses a two-stage image robust reversible information hiding method based on singular value decomposition, which comprises the steps of embedding a watermark and extracting the watermark, and when the watermark is extracted, the watermark is extracted in different ways according to whether an image is attacked or not. According to the method, the watermark is embedded into the maximum value in the S matrix which is not easy to change even when attacked through singular value decomposition, and compared with a classical robust reversible information hiding algorithm, the method can effectively resist malicious attacks such as JPEG attacks, Gaussian filtering and scaling. In addition, the designed improved quantization watermark algorithm rounds the S value to effectively reduce the auxiliary information embedded in the second stage, and the quantization error and the watermark error in the first stage are used as the auxiliary information embedded in the second stage to improve the feasibility of the reversible embedding amount. The method can be applied to the fields of copyright protection, image protection and the like, and has a wide application prospect.

The invention discloses a method for achieving a white list based on a smart contract based on deep learning, which comprises an evidence storage service system, protected data, a log auditing systemand a log auditing alliance chain scheme; the log auditing system comprises a data collection stage, a data bearing and processing stage and a data distribution stage; the output end of the data collection stage is connected with the input end of the data bearing and processing stage, the output end of the data bearing and processing stage is connected with the input end of the data distribution stage;according to the invention, a blockchain technology and a trusted computing technology are innovatively combined and applied to a financial information systemto ensure the continuity and the security of the user service; In the whole transmission and circulation process of the financial key data, internal and external malicious attacks are effectively resisted, the data cannot be tampered, the reliability and the safety of the financial key data are improved, the field supervision cost and the log tampering possibility are reduced, and the auditing efficiency is improved.

The invention discloses a portable security computer architecture based on encrypted hash tag protection, which is characterized in that a portable security computer realizes security isolation with the Internet based on a data block encrypted hash tag protection mechanism, adopts a security TFTP protocol to realize security exchange of encrypted files with a mobile intelligent terminal, and implements single device function limitation on a USB HID interface to defend against attacks from the interface. According to the portable security computer architecture, the data block encrypted hash tagprotection mechanism, a secure transmission protocol control mechanism, a USB HID interface single equipment function limiting mechanism and the like are adopted, and the security mechanisms providestrict security isolation protection for the operation environment of the portable computer together, thus a safe operation environment can be provided for all processing links related to sensitive files, and meanwhile various possible malicious attacks can be resisted.

The invention discloses a distributed account book data tamper-proofing method and system. A first hardware encryption card obtains a first data segment from an account book and transmits the first data segment to a second hardware encryption card, one first hardware encryption card is deployed in each accounting server, and one second hardware encryption card is deplyed in each consensus server;the second hardware encryption card compares all the received first data segments and judges whether all the received first data segments are consistent or not, and if not, an alarm is given out. According to the data tamper-proofing reinforced security scheme based on a hardware encryption card, even if part of the servers are controlled by attackers, due to the fact that consistency check of theaccount book is implemented in the hardware encryption cards, under the condition that an attacker cannot control all the hardware encryption cards on all the server nodes, malicious attack behaviorexposure caused by data security alarm of the scheme cannot be prevented, malicious attacks are effectively resisted, and data security is protected.