Device and method for specifically and dynamically deploying and capturing malicious samples by using honeypot

A dynamic deployment and targeted technology, applied in electrical components, transmission systems, etc., can solve problems such as high cost of high-interaction honeypots, difficulty in capturing various malicious samples, and inability to deploy vulnerabilities, and achieve the effect of precise diversion

Active Publication Date: 2019-02-19
北京经纬信安科技有限公司
View PDF5 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] First, the existing malicious sample acquisition technology is difficult to simulate a large number of vulnerable services or systems; when multiple PCs spread malicious samples at the same time, there may be a large number of identical or different attack characteristics occurring at the same time, and the existing technology is very difficult. Difficult to capture all kinds of malicious samples attacked at the same time
[0006] Second, in the prior art, malicious samples exploiting vulnerabilities cannot be a...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Device and method for specifically and dynamically deploying and capturing malicious samples by using honeypot
  • Device and method for specifically and dynamically deploying and capturing malicious samples by using honeypot
  • Device and method for specifically and dynamically deploying and capturing malicious samples by using honeypot

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with aspects of the present application as recited in the appended claims.

[0049] figure 1 is a schematic diagram of a device for capturing malicious samples through targeted dynamic deployment of honeypots according to an exemplary embodiment, as shown in figure 1 As shown, the present embodiment provides a device for capturing malicious samples through targeted dynamic deployment of honeypots, the device comprising a virtual honeypot, a central control syste...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The application relates to a device and a method for specifically and dynamically deploying and capturing malicious samples by using a honeypot. The device comprises a virtual honeypot, a central control system and a cloud deployment platform. The method comprises the following steps: capturing attack activities and attack features by using the virtual honeypot; uploading the captured attack features to the central control system by the honeypot; analyzing the uploaded attack features by the central control system; starting a high interaction honeypot of vulnerabilities corresponding to the attack features by the cloud deployment platform; and importing virtual honeypot traffic into the started high interaction honeypot, wherein the corresponding high interaction honeypot is infected. According to the device and the method, a low interaction honeypot cooperates with the high interaction honeypot based on a vulnerability service or system; the malicious samples are detected rapidly by using the low interaction honeypot; the high interaction honeypot based on the vulnerability service or system is deployed rapidly by the cloud deployment platform; and the high interaction honeypot based on the vulnerability service or system cooperates with the low interaction honeypot to realize capturing of the malicious samples.

Description

technical field [0001] The invention belongs to the field of computer network security, and in particular relates to a device and a method for capturing malicious samples through targeted dynamic deployment of honeypots. Background technique [0002] Honeypots refer to computer devices that are carefully designed and deployed to attract intruders to collect information for research and analysis or to prolong the attacker's attack intent. Honeypots are divided into low-interaction honeypots, medium-interaction honeypots, and high-interaction honeypots according to their interaction capabilities. The main feature of the low-interaction honeypot is simulation. The deception technology is implemented by simulating the operating system and services. The attacker has only a small amount of interaction with the honeypot, so the attack information obtained is relatively small, which is more suitable for capturing automatic attack tools or For attacks launched by network worms, low-...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1416H04L63/1433H04L63/1491H04L67/10
Inventor 李春强丘国伟于磊
Owner 北京经纬信安科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap