30results about How to "Solve the problem of attack" patented technology

The invention discloses a user location personalized differential privacy protection method for location-based service. The method comprises the steps of 1, generating a disturbance location through utilization of an index mechanism; 2, obtaining a posterior probability of an opponent for a location of a user at time t according to a prior probability of the opponent for the location of the user at time t, index mechanism probability distribution and the generated disturbance location; 3, judging whether the posterior probability of the opponent for the location of the user at time t satisfiesa security requirement or not, sending the disturbance location and a query request to a service provider if the posterior probability of the opponent for the location of the user at time t satisfiesthe security requirement, and adding a confusion location if the posterior probability of the opponent for the location of the user at time t does not satisfy the security requirement; 4, adding theconfusion location, and sending a location set composed of the confusion location and the disturbance location to the service provider after the security requirement is satisfied; and 5, screening query results returned by the service provider. According to the method, the problem that user location privacy is leaked due to unreliability of the service provider can be solved, and moreover, a Bayesian attack can be effectively coped with, so security of the user location privacy in the location-based service can be improved.

The invention provides one method, device and anti-attack system of one position IMS network attack source, which comprises the following steps: the anti-attack device tests attacks and sends require to CLF with require content composed of attacker source IP address information, CLF attacker source IP address information and sends the response information to the attack device; anti-attack device gets address information and positions attacker physical position.

The invention provides a communication verification method, electronic equipment and a storage medium, and aims to solve the problems that a network security scheme needs a large amount of boundary equipment and DDOS attacks and APT attacks are difficult to thoroughly prevent. The communication verification method comprises the steps that: a node server receives a service application instruction sent by user equipment; the node server inquires a service type from target equipment according to a target equipment address in the service application instruction; the node server inquires the user equipment whether to receive the service type provided by the target equipment or not according to the inquired service type; after the user equipment selects receiving, the node server generates a pass, wherein the pass is obtained through negotiation between the user equipment and the node server; the user equipment and the target equipment establish indirect connection according to the pass; andthe node server examines communication between the user equipment and the target equipment according to the pass. According to the communication verification method, the security of communication between the user equipment and the target equipment is improved.

The present invention provides a method for accessing big data of a cloud platform. The method comprises the steps as follows: a cloud platform server generates a secret key parameter and selects a security node, a user joins a system through the security node; the security node executes secret key exchange with the user, the security node generates a corresponding private key and a token for the user; the user verifies a message, decryption is performed to obtain the private key, and other nodes in the cloud platform determine whether the user has a legal identity. The method of the present invention can effectively solve the problem that an illegal user makes an attack through a network logical address, can ensure security of the system, and is suitable for a cloud storage system.

The invention discloses a method and an apparatus for processing messages belonging to the communication field. The method comprises: receiving an internet group management protocol (IGMP) request message from a sender; reading a local recording frequency value of sending message from the sender; discarding the internet group management protocol request message when the frequency value is larger than a presetting frequency threshold. The apparatus comprises: a receiving module, a first reading module and a first discarding module. The invention enables an exchange not to have a plurality of IGMP messages by discarding IGMP messages larger than the frequency threshold, improves the anti-attack ability of the exchange, avoids the IGMP messages attack to the exchange, and protects the exchange. Moreover the invention also solves the problem that a multicast client attacks by frequently adding the IGMP messages between different cast groups or sending the IGMP messages when leaving through discarding the IGMP messages larger than the frequency threshold.

The invention provides a big data storage method. The method is applied to a cloud server and comprises the steps of allocating a target identity to a target user based on a network logic address, wherein the identity comprises a public key of the target user; carrying out calculation to generate a private key of the target user through a pre-generated key parameter; generating and distributing akey pair corresponding to the identity of the target user according to the key and the private key, and setting a legal user as a system node; and verifying the user in a callback mode when the targetuser sends a login request, and determining that the user is a legal owner of the address when the current user can receive connection for the network logic address. According to the method, the problem that an illegal user carries out an attack through the network logic address can be effectively solved, the system security is ensured, and the method is applied to a cloud storage system.

The present invention relates to the field of communication technology, and in particular to a vehicle driving control method and device. The method is, when the vehicle is in a fully automatic driving state, respectively monitor the first obstacle data and The data currently detected by the vehicle’s sensor; judge whether the data currently detected by the vehicle’s sensor is correct according to the first obstacle data stored by the node; The data currently detected by the blockchain network and the vehicle's sensor controls the driving state of the vehicle, solves the problem that the vehicle's sensor may be attacked, prevents the sensor's data from being tampered with, and improves the accuracy of the data.

The invention relates to a method for detecting black hole attacks in a clustered self-organizing network. The method includes the following steps: Step 1: Install a monitoring device at a base station; Step 2: All clusters in the self-organizing network within the coverage of the base station The head area is monitored in real time; step 3: judge whether there is an abnormal cluster head area in the monitored area, if there is, enter step 4, otherwise return to step 2; step 4: detect the credit level of the terminal node in the abnormal cluster head area, Find suspicious nodes to form a set of suspicious nodes S1; step 5: detect the flow difference of nodes in S1, and find out black hole attack nodes to form a set S2 of black hole attack nodes; step 6: the monitoring device issues an early warning prompt. This method can not only solve the attack of a single malicious node, but also effectively solve the problem that multiple malicious nodes cooperate with each other to attack, and can issue an alarm, which is conducive to timely defense and processing of black hole attacks.

The invention provides a secure communication method, a terminal, a server and a system. The method comprises the following steps that: the terminal sends a client-side initial message to a first server, wherein the client-side initial message carriers a mark requesting to start the inner-layer / outer-layer key binding mechanism so that the first server responds to the client-side initial message and judges whether to start the inner-layer / outer-layer key binding mechanism; the terminal receives the server-side initial message returned by the first server, and judges whether the server-side initial message carriers the mark requesting to start the inner-layer / outer-layer key binding mechanism; if the server-side initial message carriers the mark, the terminal performs outer-layer authentication protocol negotiation with the first server to obtain an outer-layer authentication protocol key, performs inner-layer authentication protocol negotiation with the second server to obtain an inner-layer authentication protocol key, and generates a master key according to the outer-layer authentication protocol key and the inner-layer authentication protocol key; and the terminal performs secure communication by use of the master key.

The invention provides a big data storage method. The method includes: a cloud server distributes an identification for a user based on a network logic address of the user, exports a public key of the user from the identification of the user, calculates and generates a private key of the user via a pre-generated secret key parameter, generates and distributes a key pair corresponding to the identification for the private key, and sets the legal user as the system middle node; during the login of the user, user verification is realized via the manner of callback, and when the current user can receive a connection of the network logic address, the user is determined to be the legal owner of the address. According to the method, the problem that illegal users carry out attacks via the network logic addresses can be effectively solved, the system security is guaranteed, and the method is applicable to cloud storage systems.

The present invention provides a method for processing a file based on large data, including: cloud platform server generates a secret key parameter, and selects a secured node; a user enters a system through the secured node; the secured node exchanges the secret key with the user; the secured node generates a corresponding private key and token for the user; the cloud platform server generates a password calculation; the calculation includes random numbers with the length of a preset bit; the user cracks the random number through exhaustion, and then obtains the private key by using decoding; and other nodes in the cloud platform determine whether the user has a legal identity. The method of the present invention can effectively solve the problem of attacking by an illegal user through a network logic address, guarantee the security of the system and is adapted to a cloud storage system.

The invention relates to a unified identity authentication platform based on zero trust and confidential computing, which includes four stages, namely: communication establishment stage, user registration stage, function platform registration stage and login and key negotiation stage; wherein, the communication establishment stage It is used for the negotiation of the symmetric key SK to establish reliable communication between the user and the unified identity authentication platform; the user registration stage and the function platform registration stage realize the registration function verified by the unified identity authentication platform and the confidential computing security area, and build an anonymous authentication relationship table The function of obtaining the legal user and the legal function platform; the login and key negotiation stage realizes the function of negotiating the symmetric session key between the legal user and the legal function platform, and the symmetric session key will be used for the encryption of the subsequent transmission of private data . The invention has the beneficial effects of: ensuring the integrity and confidentiality of data in the "running state"; ensuring low overhead and low time delay in the authentication process, and realizing fast authentication.

The present invention discloses an access authentication method for a wireless local area network, comprising: a server receiving access information sent by a first user equipment, the access information carrying the identity information of the first user equipment; the server according to the The access information sends an access request to the second user equipment; if the server receives the confirmation instruction sent by the second user equipment for the access request, the server generates a challenge code, and according to the challenge code Generate a first access password; the server sends the challenge code to the first user equipment, so that the first user equipment generates a second access password according to the challenge code; The first access password completes EAP authentication with the first user equipment. Correspondingly, the invention also discloses a server and an authentication system. The invention can solve the problem of dictionary attack.

The invention discloses a method, a system, a mobile terminal and a smart home device for negotiating a session key; the system includes: a mobile terminal, a smart home device and a cloud server; The device public key of the home device is operated to obtain the second authority key, and the second authority key is used as the session key with the smart home device; the smart home device uses its own device private key to exchange the first The public key is operated to obtain the first authority key, and the first authority key is used as the session key with the mobile terminal; after the session key is negotiated between the mobile terminal and the smart home device, the session key can be used for encrypted communication, which can Solve the problem of smart home devices being attacked by the network, ensure the communication security between mobile terminals and smart home devices, and enhance user experience.

The invention discloses a user location personalized differential privacy protection method for location-based service. The method comprises the steps of 1, generating a disturbance location through utilization of an index mechanism; 2, obtaining a posterior probability of an opponent for a location of a user at time t according to a prior probability of the opponent for the location of the user at time t, index mechanism probability distribution and the generated disturbance location; 3, judging whether the posterior probability of the opponent for the location of the user at time t satisfiesa security requirement or not, sending the disturbance location and a query request to a service provider if the posterior probability of the opponent for the location of the user at time t satisfiesthe security requirement, and adding a confusion location if the posterior probability of the opponent for the location of the user at time t does not satisfy the security requirement; 4, adding theconfusion location, and sending a location set composed of the confusion location and the disturbance location to the service provider after the security requirement is satisfied; and 5, screening query results returned by the service provider. According to the method, the problem that user location privacy is leaked due to unreliability of the service provider can be solved, and moreover, a Bayesian attack can be effectively coped with, so security of the user location privacy in the location-based service can be improved.

The invention discloses a dynamic password authentication method against man-in-the-middle attack, which mainly includes a registration phase and a login phase. The design of the invention is based on the difficult problem of RSA, and can effectively resist man-in-the-middle attacks and offline password guessing attacks. Compared with the existing password The authentication scheme of the present invention: in the authentication process, the number of times of encryption and decryption operations performed by the user and the server is reduced, and the authentication efficiency is improved; The process is more secure; it can effectively resist brute force attacks and man-in-the-middle attacks on passwords, and at the same time, two-way authentication is added to solve the problem of fake server attacks.