123 results about "Defence system" patented technology

The invention discloses a timestamp-based API replay attack defence system and a method, and aims to provide the defense system and the method capable of improving system security. The defense systemcomprises a client and a system server. The client is used as an API request initiator, and the client initiates API access to the system server according to service requirements; assembling interfacerequest parameters according to an established communication protocol, processing a result fed back by the server, and driving the trend of a business process; the client comprises a timestamp synchronization module, a random number generation module and a data signature and encryption module; the system server is used for receiving an API access request from a client and providing an open service; for replay attack defense, intercepting all API requests, judging whether to replay attacks according to request parameters and system records, and recording related request information to form anaudit log module; and the system server comprises a replay attack judgment module, a request record maintenance module and an audit log module.

The invention belongs to the technical field of network security, and particularly relates to a network threat cooperative defense system and method based on information sharing. The method comprisesthe steps: deploying a central server and a plurality of safety mechanisms which train an intrusion detection model based on respective local threat information databases; after the model updating parameters are encrypted, uploading the ciphertext to a central server; and employing the central server for aggregating the received ciphertext to obtain global model updating parameters through decryption and broadcasting the global model updating parameters to all security mechanisms so as to update the local intrusion detection model of each security mechanism. Based on the federated learning framework, multiple security mechanisms can be helped to jointly establish a system defense model, the method can be suitable for multiple machine learning models, multiple collusion attack scenes can beresisted, the applicability is high, and the anti-attack performance of the network is improved.

The invention relates to biological home defense systems for use by populations at risk of widespread biological attack via biological weapons of mass destruction, especially biological weapons involving aerosol attacks. The present invention is also related to methods for using such biological home defense systems wherein meteorological data is used to issue advisories with regard to the use of such biological home defense systems to a population at risk of exposure to biological weapons of mass destruction.

The invention relates to a power grid Web application mimicry defense system. A heterogeneous virtual Web server pool which is equivalent in function, diversified and dynamic is constructed, technologies such as redundancy voting, dynamic executor scheduling and database instruction isomerization are adopted, an attack chain is blocked, the utilization difficulty of vulnerabilities or backdoors isincreased, and the availability and safety of Web services are guaranteed. A dynamic environment is realized through active change of software and hardware elements of different layers such as a network, a platform, a system, software and an application, and therefore, the dependency condition of the network attack on the determinacy and continuity of the operating environment is destroyed, controllable active defense is realized in the toxic bacteria-carrying software and hardware element environment with the vulnerability and the backdoor, the unknown attack defense problem by using the unknown vulnerability and the unknown backdoor is solved, and the network security of the key Web application system in the power industry is effectively enhanced.

The invention discloses a security analysis method for a mimicry defense architecture. The method comprises the following steps: defining the dynamic transformation period of an executor in a securityanalysis model, the time required for successful attack implementation, the probability that the executor shows difference after being attacked, and the probability that an attacker successfully transfers the attack; analyzing the security of the single redundancy defense architecture; obtaining the probability of invading the input proxy component, the probability that the attack continues to stay in the input agent component, the probability that the attack invades into the heterogeneous execution body set from the input agent component, the probability that the attack continues to stay inthe heterogeneous execution body set, the probability that the attack invades into the voter component from the heterogeneous execution body set and the probability that an attacker successfully invades into the voter component from the input agent component are set; and analyzing the security of the n redundancy defense architecture to obtain general values corresponding to the six probability values. According to the method, different parameters are used for analyzing the security defense effectiveness of the mimicry defense system, and a theoretical analysis basis is provided for the security of the mimicry defense model.

The invention discloses an intrusion defense system having an active defense capability and a method thereof to actively defend security threats in a network. The method comprises the following steps: after receiving a data stream, setting a processing operation for an event in the data stream; setting an initial defense level for an event set consisting of multiple events based on the current network condition and the defense level requirements; matching the event in the event set based on the initial defense level, and obtaining a dynamic identification result with respect to network security situation based on a network flow and a matching result; determining the current defense level of the event set based on the initial defense level and the dynamic identification result; determiningthe current defense level of the event set based on the dynamic identification result; and automatically adjusting the processing operation of each event in the event set based on the current defenselevel, and responding to each event. The defense level can be automatically adjusted so as to actively prevent the further generation of attacks by using the various implementation manners of the invention.

The invention discloses a cyberspace security situation awareness detection and analysis system and method. The invention discloses a cyberspace security situation awareness detection and analysis system and method, and relates to the field of network detection, the cyberspace security situation awareness detection and analysis system comprises a defense system, a detection and analysis system, adata acquisition module and an output module, and the detection and analysis system comprises a storage module, an early warning module, a system data setting module, a central processor, a data analysis module, a display module and a microprocessor. According to the invention, the defense system, the data analysis module, the display module, the visualization unit and the data calculation unit are arranged; the problems that an existing cyberspace security situation awareness detection and analysis system is poor in cyberspace security continuous monitoring capability; and when various attackthreats and anomalies are found, the threat investigation, analysis and visualization capabilities, and the capability of quickly judging the influence range, attack path, purpose and means related to the threats need to be further developed.

The invention discloses an industrial control network active defense system based on a honeynet and a method thereof. The system comprises an information collection assembly, a flow analysis assemblyand a knowledge management assembly. The information collection assembly comprises an industrial control system honeynet, a web crawler and a flow mirror image; the flow analysis assembly comprises aflow processing module, a flow modeling module and a flow evaluation module; the knowledge management component manages all information of an industrial control system network through a knowledge graph, and is divided into an internal network knowledge graph and an external network knowledge graph which are stored in a graph database. The honeynet-based industrial control network active defense system and the method thereof provided by the invention not only can accurately detect the abnormal condition in the network flow of the industrial control system, but also can evaluate the threat degree of the industrial control system and find the attack organization associated with the industrial control system.

A defence system for a land area, intended as an alternative to land mines. The system includes sensors for detecting intrusions in the area, a weapon having multiple barrels and multiple projectiles ready for firing, and a controller that receives signals from the sensors to fire the weapon. The controller preferably requires intervention of an operator in order to trigger the weapon. The weapon may contain a range of projectiles for different purposes.

The invention discloses an industrial control security defense system which comprises a potential threat exclusion layer, an industrial control security audit system, a monitoring center, a field monitoring layer, a control layer and a physical layer. The potential threat elimination layer comprises a deep protocol analysis mechanism and a white list mechanism; the field monitoring layer performs data exchange and behavior control on the control layer and the physical layer through an industrial Ethernet; the industrial control security auditing system can analyze and identify illegal operation, abnormal events and external attacks in an industrial control network from multiple angles and give an alarm in real time; identity recognition is carried out through multiple means, system operation authority can be limited, override operation and malicious operation are avoided, it is avoided that external equipment carries viruses to affect system safety, meanwhile, exclusive detection can be carried out on common attack means, and the operation resource occupancy is small. The alarm response time of the whole system can be prolonged through unified monitoring management of the monitoring center, and the accident handling speed is increased.

The invention discloses a network security dynamic defense system and method based on big data. The system comprises a big data module, a dynamic defense module, a backup module and a monitoring module, the big data module and the dynamic defense module are both bidirectionally connected with the monitoring module; and the backup module is used for all data and attack behavior data in the data module, the dynamic defense module and the monitoring module. Abnormal behaviors in a data packet are positioned and analyzed through a big data module, active defense and passive defense are matched, a dynamic defense model with attacking and defending view angles is established, an attacker is actively spoofed, the sight of the attacker is disturbed, and the attacker is decoy to carry out attack by setting a honeypot, so that the attack time is prolonged and the attack efficiency is improved. The opportunity is provided for the defense model to implement the defense scheme, the dynamic, real-time and active defense of the defense system is finally realized, and the defense effect is good.

The invention discloses a farm gate guard defense system, which comprises a vehicle passage and a personnel passage; the outside of a farm is communicated with a farm raising area through the vehiclepassage; the personnel passage leads to a disinfection area; the disinfection area comprises a personnel entry disinfection one-way passage and a material disinfection passage; an exit of the personnel entry disinfection one-way passage and an exit of the material disinfection channel face a quarantine region; the quarantine region is a closed region surrounded by a plurality of houses and enclosing walls; the quarantine area is internally provided with an entry disinfection passage for entry of the farm raising area and a personnel departure one-way passage leading to the personnel passage; the farm gate guard defense system also comprises a kitchen with an access door, and the access door of the kitchen faces the outside of the farm; the wall of the kitchen is provided with at least three meal pick-up ports which are isolated from one another; and the three meal pick-up ports are respectively opened to the raising area, the quarantine region and the outside of the farm. The farm allows the quarantine region and the raising area to be clearly divided, personnel in the areas are isolated from each other without crossing, one-way flow leads to the raising area, dirty and clean areashave a clear boundary, and the biological safety of the whole gate guard defense system is improved and guaranteed.