Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

ATT&CK-based spoofing defense system, construction method and full-link defense implementation method

An ATT&CK, defense system technology, applied in transmission systems, electrical components, etc., can solve problems such as difficult to achieve high-performance trapping of attackers, inability to cover attackers, etc.

Active Publication Date: 2019-11-08
北京经纬信安科技有限公司
View PDF4 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, the existing spoofing technology cannot cover the attacker's full-link attack behavior, and it is difficult to achieve high-performance trapping of the attacker

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • ATT&CK-based spoofing defense system, construction method and full-link defense implementation method
  • ATT&CK-based spoofing defense system, construction method and full-link defense implementation method
  • ATT&CK-based spoofing defense system, construction method and full-link defense implementation method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0072] Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with aspects of the present application as recited in the appended claims.

[0073] Explanation of the name: ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a model and knowledge base that reflects the attack behavior of each attack life cycle. ATT&CK helps to understand known attacker behaviors, techniques, tactics, prepare detection measures, verify the effectiveness of defense infrastructure and analysis strategies. In the present invention,...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an ATT&CK-based spoofing defense system, construction method and full-link defense implementation method. Attack technology of each technical point under each tactic in an ATT& CK framework is researched. In the initial database, a spoofing defense technology corresponding to each attack technology is given from tactical and technical levels; all spoofing defense technologies are hierarchically divided according to different action points of the network deception technology; an initial database is constructed from three dimensions of tactics, technology and action points; and in combination with the network asset condition in the current environment. For the behavior of the attacker in each stage during the intrusion period, spoofing defense technology is selectedfrom an initial database in three dimensions of tactics, technology and action point to fuse with the current network asset condition, and constructing an omnibearing spoofing defense system. Spoofing technology runs through the whole life cycle of an attack link, the TTP of an attacker is detected, defended and responded, and active trapping is carried out from the perspective of the attacker.

Description

technical field [0001] The invention belongs to the technical field of computer network security, and in particular relates to a deceptive defense system, a construction method and a full-link defense realization method for realizing honey array trapping by combining deceptive technologies based on the ATT&CK model. Background technique [0002] The issue of network security has become a common challenge faced by mankind in the information age, and domestic network security issues have become increasingly prominent. The specific manifestations are: computer systems are seriously infected and damaged by viruses; computer hacking activities have formed an important threat; information infrastructure is facing challenges in network security; information systems have many weak links in prediction, response, prevention and recovery capabilities. [0003] In the process of dealing with attackers, it is often passive and rigid to wait for the attacker to touch the network security ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/0209H04L63/1491H04L63/20
Inventor 李春强丘国伟邓启晴
Owner 北京经纬信安科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com