Nothing Special   »   [go: up one dir, main page]

CN108521426B - A blockchain-based array honeypot collaborative control method - Google Patents

A blockchain-based array honeypot collaborative control method Download PDF

Info

Publication number
CN108521426B
CN108521426B CN201810329244.2A CN201810329244A CN108521426B CN 108521426 B CN108521426 B CN 108521426B CN 201810329244 A CN201810329244 A CN 201810329244A CN 108521426 B CN108521426 B CN 108521426B
Authority
CN
China
Prior art keywords
host
array
honeypot
mining
honeypot system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810329244.2A
Other languages
Chinese (zh)
Other versions
CN108521426A (en
Inventor
石乐义
李阳
刘天旭
李晓雨
刘娜
崔雯迪
刘佳
朱红强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China University of Petroleum East China
Original Assignee
China University of Petroleum East China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China University of Petroleum East China filed Critical China University of Petroleum East China
Priority to CN201810329244.2A priority Critical patent/CN108521426B/en
Publication of CN108521426A publication Critical patent/CN108521426A/en
Application granted granted Critical
Publication of CN108521426B publication Critical patent/CN108521426B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明涉及一种基于区块链的阵列蜜罐协同控制方法,所述方法利用以太坊平台构建私有链,并通过挖矿方式实现蜜罐主机集群的去中心化协同运作思想。从P2P组网模型出发,构建与以太坊平台一致的拓扑结构,并通过web3J实现两者通信。阵列中的各个主机执行挖矿,获取记账权的主机可在某一周期时间内担任蜜罐服务变换任务,通过加密机制发送变换信息,其它主机接收并执行对应变换指令。此外,利用区块链的信息不可篡改性,将外部端口请求访问数据存储于区块链中,用于攻击者实施攻击的数字取证。该方法保证了阵列蜜罐主机集群的协同运作,从而以动态变换的真假服务来诱骗攻击者,实现网络安全主动防御目的。

Figure 201810329244

The invention relates to a blockchain-based array honeypot collaborative control method. The method utilizes the Ethereum platform to construct a private chain, and realizes the idea of decentralized collaborative operation of a honeypot host cluster through a mining method. Starting from the P2P networking model, a topology structure consistent with the Ethereum platform is constructed, and the communication between the two is realized through web3J. Each host in the array performs mining, and the host that obtains the accounting right can serve as the transformation task of the honeypot service within a certain period of time, send transformation information through the encryption mechanism, and other hosts receive and execute the corresponding transformation instructions. In addition, the information of the blockchain cannot be tampered with, and the external port request access data is stored in the blockchain for digital forensics for attackers to carry out attacks. The method ensures the cooperative operation of the array honeypot host cluster, so as to deceive the attacker with the dynamically changing real and fake services, and realize the purpose of active network security defense.

Figure 201810329244

Description

一种基于区块链的阵列蜜罐协同控制方法A blockchain-based array honeypot collaborative control method

技术领域technical field

本发明涉及一种网络主动防御系统的去中心化方法,具体为一种基于区块链的阵列蜜罐协同控制方法,从区块链的P2P组网模型出发,实现阵列诱骗蜜罐主机的分布式协同运作,属于网络安全技术领域。The invention relates to a decentralization method for a network active defense system, in particular to a blockchain-based array honeypot collaborative control method. Starting from the blockchain's P2P networking model, the array deceives the distribution of honeypot hosts. It belongs to the field of network security technology.

背景技术Background technique

在信息时代下的网络攻防对抗中,防御方采取了各种策略对系统实施防护,其中,具有诱骗性质的蜜罐技术相比于传统防御措施更具主动性,通过构建虚假漏洞、服务、资源等引诱攻击者,达到消耗攻击的目的,进而保护真实系统。然而,静态蜜罐极易被敌手察觉,从而使敌手避开该陷阱,攻击被保护系统。因此,增强蜜罐动态性有助于反识别能力的提升。In the network attack and defense confrontation in the information age, the defender has adopted various strategies to protect the system. Among them, the deceptive honeypot technology is more proactive than traditional defense measures. By constructing false vulnerabilities, services, resources Waiting to lure attackers, achieve the purpose of consumption attack, and then protect the real system. However, static honeypots can be easily detected by adversaries, allowing adversaries to avoid the trap and attack the protected system. Therefore, enhancing the dynamics of honeypots helps to improve the anti-recognition ability.

通过构建阵列变换的蜜罐系统,实现动态诱捕攻击,同时动态保护真实服务资源,该系统的动态变换策略提升了对攻击者的迷惑度,使攻击者无法在亦真亦假的阵列系统中区分蜜罐与真实系统,即使在某一时刻t0敌手实现了对蜜罐系统内某一主机的识别,由于动态变换机制(真为假、假成真)的存在,该攻击识别将在下一时刻t1成为蜜罐系统的保护性识别,即攻击者将在t1时刻绕开于t0时刻识别为蜜罐服务的主机,而在此刻主机已变换为真实服务,从而达到保护真实服务的目的。By constructing a honeypot system of array transformation, dynamic trapping attacks are realized, and real service resources are dynamically protected. The system's dynamic transformation strategy improves the degree of confusion for attackers, making it impossible for attackers to distinguish between true and false array systems. Honeypot and real system, even if the adversary realizes the identification of a host in the honeypot system at a certain moment t 0 , due to the existence of the dynamic transformation mechanism (true to false, false to true), the attack identification will be performed at the next moment. t 1 becomes the protective identification of the honeypot system, that is, the attacker will bypass the host identified as the honeypot service at t 0 at time t 1 , and at this moment the host has been transformed into a real service, so as to achieve the purpose of protecting the real service. .

针对阵列蜜罐系统的分布式特征,需保证内部各主机的协同运作,实现自动化运行。然而,传统中心化机制由某个特定主机提供中心控制,决定某一时刻的具体变换方案,其余主机以从属角色接收并执行中心主机变换指令。在这种中心化控制机制下,若特定中心服务器宕机,将导致整个阵列蜜罐系统瘫痪,对防御方造成极大损失。In view of the distributed characteristics of the array honeypot system, it is necessary to ensure the coordinated operation of internal hosts to realize automatic operation. However, in the traditional centralized mechanism, a specific host provides central control to determine the specific transformation plan at a certain moment, and the other hosts receive and execute the central host transformation instructions in subordinate roles. Under this centralized control mechanism, if a specific central server goes down, the entire honeypot system of the array will be paralyzed, causing great losses to the defender.

发明内容SUMMARY OF THE INVENTION

本发明为避免中心控制机制所造成的破坏性后果,以保证系统正常运作,改善系统健壮性,采用基于区块链的去中心化协同控制机制实现阵列蜜罐系统内部各主机的自动化运行,在此机制下,即使某个服务器出现故障也不会影响系统总体运行状态。将区块链中的智能合约部署于由多个阵列主机构成的私有链中,通过链上代码达到符合阵列蜜罐系统业务逻辑的无中心控制的自动化指令执行目标,即阵列主机集群的去中心化协同控制机制。In order to avoid the destructive consequences caused by the central control mechanism, in order to ensure the normal operation of the system and improve the robustness of the system, the present invention adopts the decentralized collaborative control mechanism based on the blockchain to realize the automatic operation of each host in the array honeypot system. Under this mechanism, even if a server fails, it will not affect the overall running state of the system. Deploy the smart contracts in the blockchain in a private chain composed of multiple array hosts, and achieve the goal of automated instruction execution without central control that conforms to the business logic of the array honeypot system through the code on the chain, that is, the decentralization of the array host cluster. Coordinated control mechanism.

为达到上述目的,提出的一种基于区块链的阵列蜜罐协同控制方法,主要包括以下步骤:In order to achieve the above purpose, a blockchain-based array honeypot collaborative control method is proposed, which mainly includes the following steps:

(1)在以太坊平台下,利用创世区块文件搭建由阵列内部蜜罐n台主机构成的私有链,即priChain={host0,host2,…,hostn-1};(1) Under the Ethereum platform, use the genesis block file to build a private chain composed of n hosts within the array, namely priChain={host 0 ,host 2 ,...,host n-1 };

(2)在n台主机内,构建具有主动防御功能的分布式动态阵列蜜罐系统,即honArray={sys0,sys2,…,sysn-1};(2) In n hosts, build a distributed dynamic array honeypot system with active defense function, namely honArray={sys 0 ,sys 2 ,...,sys n-1 };

(3)在priChain上部署符合阵列蜜罐系统去中心化业务逻辑的智能合约;(3) Deploy smart contracts on priChain that conform to the decentralized business logic of the array honeypot system;

(4)创建以太坊账户account={ac0,ac2,…,acn-1},执行挖矿;(4) Create an Ethereum account account={ac 0 ,ac 2 ,...,ac n-1 }, and perform mining;

(5)针对挖矿成功账户aci对应的服务主机hosti,由阵列蜜罐私有链中的其它n-1个主机hostj对其进行真实性验证,其中j≠i;(5) For the service host host i corresponding to the successful mining account ac i , its authenticity is verified by the other n-1 hosts host j in the private chain of the array honeypot, where j≠i;

(6)实际挖矿成功的蜜罐主机hosti通过以太坊平台接口实现与阵列蜜罐系统sysi的信息传输;(6) The honeypot host host i that actually successfully mines realizes the information transmission with the array honeypot system sys i through the Ethereum platform interface;

(7)接收到挖矿成功指令的阵列蜜罐系统主机hosti在未来T时间段内负责变换服务具体信息分配任务;(7) The host i of the array honeypot system that has received the successful mining instruction will be responsible for changing the specific information distribution task of the service in the future T time period;

(8)在T时段之后,新一轮挖矿动作执行,选出不同于主机hosti的具备记账权的其它主机hosti,其中j≠i,执行一次循环,实行阵列蜜罐各主机服务变换分配任务。(8) After T period, a new round of mining operations is performed, and other hosts host i with accounting rights different from host i are selected, where j≠i, execute a cycle, and implement the services of each host of the array honeypot Transform assignments.

本发明的进一步技术方案是,还包括在利用创世文件搭建私有链之前,需要对该JSON类型文件进行数据调整,即修改内部difficulty(难度值)参数,通过对难度值的调整,使挖矿时间间隔T处于一种合理范围之内,从而使阵列蜜罐系统内部服务主机的变换周期处于防御最佳阶段。A further technical solution of the present invention is that before using the creation file to build a private chain, data adjustment needs to be performed on the JSON type file, that is, the internal difficulty (difficulty value) parameter needs to be modified, and the mining is enabled by adjusting the difficulty value. The time interval T is within a reasonable range, so that the change period of the service hosts in the array honeypot system is in the best defense stage.

本发明的进一步技术方案是,还包括在构建分布式阵列蜜罐系统时,建立一种节点之间地位对等的P2P网络架构,该架构保证了阵列内部全部主机的角色平等性,即各个主机既担任通信服务器,也担任通信客户端,与以太坊平台实现拓扑结构对等互通。A further technical solution of the present invention is that, when constructing a distributed array honeypot system, a P2P network architecture with equal status between nodes is established, and the architecture ensures the role equality of all hosts in the array, that is, each host It acts as both a communication server and a communication client, and achieves peer-to-peer interoperability with the Ethereum platform.

本发明的进一步技术方案是,还包括在挖矿成功的蜜罐系统主机中向阵列其它主机发送变换指令中,利用RSA非对称加密机制保证信息隐匿性,指令发送方实施RSA加密,传送加密后的密文数据,指令接收方实施RSA解密,获取具体变换指令可读明文信息,防止通信过程中数据被窃取利用,挖矿成功的蜜罐系统主机还将记录服务访问具体时间、端口等信息,并利用web3J接口将其存储至私有链中,由于链中数据的不可篡改性,可将这些访问记录数据作为攻击者发起攻击的数字取证,提供法律意义上的系统防御保障。A further technical solution of the present invention is that, in the honeypot system host that has successfully mined, sending transformation instructions to other hosts in the array, using RSA asymmetric encryption mechanism to ensure information concealment, the instruction sender implements RSA encryption, and after transmission encryption The ciphertext data, the instruction receiver implements RSA decryption, and obtains the readable plaintext information of the specific transformation instruction, so as to prevent the data from being stolen and used during the communication process. And use the web3J interface to store it in the private chain. Since the data in the chain cannot be tampered with, these access record data can be used as digital evidence for the attacker to launch an attack, providing a legal system defense guarantee.

以上技术方案可以看出,在本发明中,较之传统中心集中控制下的协同机制,利用区块链技术实现阵列蜜罐系统的去中心化运行,各个主机通过链上代码实现合约自动执行,无需中心控制,任意节点的故障无法影响系统正常运行状态。同时,通过对难度值的调整,使变换时长处于一种最佳防御周期,可有效抵御攻击。此外,利用加密技术保证了通信过程敏感数据防窃取。It can be seen from the above technical solutions that in the present invention, compared with the traditional collaborative mechanism under the centralized control of the central center, the blockchain technology is used to realize the decentralized operation of the array honeypot system, and each host realizes the automatic execution of the contract through the code on the chain. Without central control, the failure of any node cannot affect the normal operation of the system. At the same time, by adjusting the difficulty value, the transformation duration is in an optimal defense period, which can effectively resist attacks. In addition, the use of encryption technology ensures that sensitive data is prevented from being stolen during the communication process.

附图说明Description of drawings

为了更清楚地说明本发明实施例中的技术方案,下面结合附图与具体实施方案对本发明做进一步说明:In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the present invention will be further described below in conjunction with the accompanying drawings and specific embodiments:

图1为发明公开的基于区块链的阵列蜜罐协同控制方法阵列蜜罐协同控制原理图;1 is a schematic diagram of an array honeypot collaborative control method based on a blockchain-based array honeypot collaborative control method disclosed by the invention;

图2为发明公开的基于区块链的阵列蜜罐协同控制方法单次指令变换方法流程图。FIG. 2 is a flowchart of a single instruction transformation method of the blockchain-based array honeypot collaborative control method disclosed by the invention.

具体实施方式Detailed ways

为使本发明的目的、技术、优点更清晰,下面结合附图对本发明作进一步详细、完整的描述。In order to make the purpose, technology and advantages of the present invention clearer, the present invention is described in further detail and completeness below with reference to the accompanying drawings.

步骤(1):在以太坊平台下,利用创世区块文件搭建由阵列内部蜜罐n台主机构成的私有链,即priChain={host0,host2,…,hostn-1}。Step (1): Under the Ethereum platform, use the genesis block file to build a private chain composed of n hosts in the honeypot inside the array, that is, priChain={host 0 ,host 2 ,...,host n-1 }.

所述步骤(1)中,利用创世文件搭建私有链,需要对该JSON类型文件进行数据调整,即修改内部difficulty(难度值)参数。通过对难度值的调整,使挖矿时间间隔T处于一种合理范围之内,从而使阵列蜜罐系统内部服务主机的变换周期处于防御最佳阶段。In the step (1), to build a private chain by using the creation file, it is necessary to perform data adjustment on the JSON type file, that is, modify the internal difficulty (difficulty value) parameter. By adjusting the difficulty value, the mining time interval T is within a reasonable range, so that the transformation period of the service hosts inside the array honeypot system is in the best defense stage.

步骤(2):在n台主机内,构建具有主动防御功能的分布式动态阵列蜜罐系统,即honArray={sys0,sys2,…,sysn-1}。Step (2): In n hosts, build a distributed dynamic array honeypot system with active defense function, namely honArray={sys 0 ,sys 2 ,...,sys n-1 }.

所述步骤(2)中,为保证蜜罐系统与区块链分布结构的一致性,建立一种节点之间地位对等的P2P网络架构,该架构保证了阵列内部全部主机的角色平等性,即各个主机既担任通信服务器,也担任通信客户端,与以太坊平台实现拓扑结构对等互通。In the step (2), in order to ensure the consistency of the honeypot system and the blockchain distribution structure, a P2P network architecture with equal status between nodes is established, and the architecture ensures the role equality of all hosts in the array, That is, each host acts as both a communication server and a communication client, and achieves peer-to-peer interoperability with the Ethereum platform.

步骤(3):在priChain上部署符合阵列蜜罐系统去中心化业务逻辑的智能合约。Step (3): Deploy smart contracts on priChain that conform to the decentralized business logic of the array honeypot system.

所述步骤(3)中的智能合约需满足蜜罐系统的实际业务需求,实现自动执行的链上代码。The smart contract in the step (3) needs to meet the actual business requirements of the honeypot system and realize the automatic execution of the code on the chain.

步骤(4):创建以太坊账户account={ac0,ac2,…,acn-1},执行挖矿。Step (4): Create an Ethereum account account={ac 0 ,ac 2 ,...,ac n-1 }, and perform mining.

所述步骤(4)中的以太坊账户根据对应节点创建,在阵列蜜罐系统下,一个主机挖矿节点对应一个以太坊挖矿账户即可满足应用需要。The Ethereum account in the step (4) is created according to the corresponding node. Under the array honeypot system, one host mining node corresponding to one Ethereum mining account can meet the application needs.

步骤(5):针对挖矿成功账户aci对应的服务主机hosti,由阵列蜜罐私有链中的其它n-1个主机hostj对其进行真实性验证,其中j≠i。Step (5): For the service host host i corresponding to the successful mining account aci, the authenticity is verified by other n-1 hosts host j in the private chain of the array honeypot, where j≠i.

步骤(6):实际挖矿成功的蜜罐主机hosti通过以太坊平台接口实现与阵列蜜罐系统sysi的信息传输。Step (6): The honeypot host host i , which has actually successfully mined, realizes the information transmission with the array honeypot system sys i through the Ethereum platform interface.

所述步骤(6)中,在挖矿成功的蜜罐系统主机中向阵列其它主机发送变换指令中,利用RSA非对称加密机制保证信息隐匿性,指令发送方实施RSA加密,传送加密后的密文数据,指令接收方实施RSA解密,获取具体变换指令可读明文信息,防止通信过程中数据被窃取利用。挖矿成功的蜜罐系统主机还将记录服务访问具体时间、端口等信息,并利用web3J接口将其存储至私有链中,由于链中数据的不可篡改性,可将这些访问记录数据作为攻击者发起攻击的数字取证,提供法律意义上的系统防御保障。In the step (6), in the honeypot system host that has successfully mined, sending transformation instructions to other hosts in the array, the RSA asymmetric encryption mechanism is used to ensure information privacy, and the instruction sender implements RSA encryption, and transmits the encrypted password. The instruction receiver implements RSA decryption to obtain the readable plaintext information of the specific transformation instruction, so as to prevent the data from being stolen and utilized during the communication process. The honeypot system host that successfully mines will also record the specific time, port and other information of service access, and use the web3J interface to store it in the private chain. Due to the immutability of the data in the chain, these access record data can be used as attackers. The digital forensics of the attack provides a legal system defense guarantee.

步骤(7):接收到挖矿成功指令的阵列蜜罐系统主机hosti在未来T时间段内负责变换服务具体信息分配任务。Step (7): The host i of the array honeypot system that has received the successful mining instruction is responsible for the task of changing the specific information distribution of the service in the future T time period.

步骤(8):在T时段之后,新一轮挖矿动作执行,选出不同于主机hosti的具备记账权的其它主机hosti,其中j≠i,执行一次循环,实行阵列蜜罐各主机服务变换分配任务。Step (8): After T period, a new round of mining operations is performed, and other hosts host i with accounting rights different from host i are selected, where j≠i, execute a cycle, and execute each of the array honeypots. The host service transforms the assignment task.

所述步骤(8)中,在单次挖矿周期结束后,进入下一轮的循环中,继续进行记账权主机选取,选择出新的主机担任新周期内的协同控制任务,进行变换具体信息的生成和发送。In the step (8), after the end of a single mining cycle, the next cycle is entered, and the selection of the accounting right host is continued, and a new host is selected to serve as the collaborative control task in the new cycle, and the specific changes are carried out. Generation and transmission of information.

以上将基于区块链的阵列蜜罐协同控制方法基本步骤进行了详细描述。在此方案下的阵列蜜罐协同控制方法,通过构建P2P阵列蜜罐系统网络架构,利用以太坊平台执行挖矿作业,得到周期间隔内的记账权主机,执行变换信息指令的生成,其余主机接收该指令进行实际服务变换,从而实现阵列内部各蜜罐服务主机的协同控制。通过对区块链以太坊平台与蜜罐系统的结合,旨在保证阵列蜜罐系统内部服务主机集群的正常运作。The basic steps of the blockchain-based array honeypot collaborative control method are described in detail above. The array honeypot collaborative control method under this scheme builds the network architecture of the P2P array honeypot system, uses the Ethereum platform to perform mining operations, obtains the accounting rights host in the periodic interval, executes the generation of transformation information instructions, and the rest hosts Receive the instruction to perform actual service transformation, so as to realize the coordinated control of each honeypot service host in the array. Through the combination of the blockchain Ethereum platform and the honeypot system, it aims to ensure the normal operation of the service host cluster within the array honeypot system.

Claims (4)

1. An array honeypot cooperative control method based on a block chain is characterized by comprising the following steps:
(1) under an Ether shop platform, a creating block file is utilized to build a private chain formed by n hosts in honey pots in an array, namely, priChain ═ host0,host2,…,hostn-1In which host0Denotes the 0 th host, host2Indicating host 2n-1Represents the n-1 st host computer;
(2) in n hosts, an array honeypot system with an active defense function is constructed, namely honArray { sys0,sys2,…,sysn-1Wherein sys0Represents a single honeypot system, sys, deployed by the 0 th host2Represents a single honeypot system, sys, deployed by a 2 nd hostn-1Representing a single honeypot system deployed by the (n-1) th host;
(3) deploying an intelligent contract which accords with the decentralized business logic of the array honeypot system on the priChain;
(4) creating Etherhouse account ═ { ac0,ac2,…,acn-1Where ac is0To representEther house account, ac, of host computer 02Etherhouse account, ac representing host 2n-1Representing an Ether house account for the (n-1) th host, each host performing a mine excavation;
(5) account ac for mining successiCorresponding service hostiBy the other n-1 hosts host in the private chain of the array honeypotjVerifying authenticity of the product, wherein j is not equal to i;
(6) array honeypot system host receiving mining success instructioniThe method is responsible for changing specific service information distribution tasks in the mining time interval T, and realizes the sys of the array honeypot system through the Ether workshop platform interfaceiThe information transmission of (2);
(7) after a period of time T, a new round of mining is performed, selecting a host different from the hostiOther host with accounting rightjAnd j ≠ i, executing the loop steps from (5) to (7) and executing the service transformation distribution task of each host of the array honeypot.
2. The method as claimed in claim 1, wherein before building the private chain by using the founder file, a JSON type lightweight data exchange file containing block chain initialization information needs to be subjected to data adjustment, that is, an internal difficulty parameter is modified, and the mining interval T is within a reasonable range by adjusting the difficulty value, so that a transformation cycle of an internal service host of the array honeypot system is in a defense optimal stage.
3. The method as claimed in claim 1 or 2, wherein the method comprises establishing a peer-to-peer P2P network architecture between nodes when constructing the array honeypot system, the architecture ensuring the role equality of all hosts within the array, that is, each host acts as both a communication server and a communication client to realize topology peer-to-peer interworking with the ethernet platform.
4. The array honeypot cooperative control method based on the block chain as claimed in claim 3, comprising the steps of sending a transformation instruction to other array hosts in a honeypot system host which succeeds in mining, ensuring information confidentiality by using an RSA asymmetric encryption mechanism, implementing RSA encryption by an instruction sender, transmitting encrypted ciphertext data, implementing RSA decryption by an instruction receiver, obtaining readable plaintext information of a specific transformation instruction, recording specific service access time and port information by the honeypot system host which succeeds in mining, storing the information into a private chain by using a web3J interface, and taking the access record data as digital evidence of attack initiated by an attacker due to non-tamper-property of data in the chain.
CN201810329244.2A 2018-04-13 2018-04-13 A blockchain-based array honeypot collaborative control method Active CN108521426B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810329244.2A CN108521426B (en) 2018-04-13 2018-04-13 A blockchain-based array honeypot collaborative control method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810329244.2A CN108521426B (en) 2018-04-13 2018-04-13 A blockchain-based array honeypot collaborative control method

Publications (2)

Publication Number Publication Date
CN108521426A CN108521426A (en) 2018-09-11
CN108521426B true CN108521426B (en) 2020-09-01

Family

ID=63432514

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810329244.2A Active CN108521426B (en) 2018-04-13 2018-04-13 A blockchain-based array honeypot collaborative control method

Country Status (1)

Country Link
CN (1) CN108521426B (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109493027A (en) * 2018-11-19 2019-03-19 众安信息技术服务有限公司 A kind of method and device realized across chain transactional operation
CN109472162B (en) * 2018-11-21 2022-03-08 北京齐乐无穷文化科技有限公司 Block chain encryption and decryption method based on game software
CN110324313B (en) * 2019-05-23 2022-12-13 平安科技(深圳)有限公司 Honeypot system-based malicious user identification method and related equipment
CN110650128B (en) * 2019-09-17 2020-09-11 西安电子科技大学 A system and method for detecting Ethereum digital currency theft attack
CN113098835A (en) * 2020-01-08 2021-07-09 北京奇虎科技有限公司 Honeypot implementation method based on block chain, honeypot client and honeypot system
CN111683084B (en) * 2020-06-05 2022-05-10 广州大学 A smart contract intrusion detection method, device, terminal device and storage medium
CN111800407B (en) * 2020-06-30 2022-12-02 京东科技信息技术有限公司 Network attack defense method and device, electronic equipment and storage medium
CN111953671B (en) * 2020-07-31 2022-08-26 中国工商银行股份有限公司 Dynamic honey net data processing method and system based on block chain
CN111835872B (en) * 2020-09-14 2020-12-01 江苏开博科技有限公司 Method for realizing decentralized distributed process guarding based on ad hoc network technology
CN114218809B (en) * 2021-12-29 2022-06-03 中国科学技术大学 A protocol automatic formal modeling method and system for Ethereum smart contracts
CN116931844B (en) * 2023-09-18 2024-02-23 北京云尚汇信息技术有限责任公司 Data storage method and device based on multi-block subchain in block chain

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106951307A (en) * 2017-03-06 2017-07-14 钱德君 A kind of intelligent contract virtual machine realization method
CN107103098A (en) * 2017-05-12 2017-08-29 曾建伟 A blockchain network database including smart contracts and its working method
CN107342858A (en) * 2017-07-05 2017-11-10 武汉凤链科技有限公司 A kind of intelligent contract guard method and system based on trusted context
CN107819749A (en) * 2017-10-26 2018-03-20 平安科技(深圳)有限公司 Block catenary system and transaction data processing method based on ether mill

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107533501A (en) * 2015-03-20 2018-01-02 里维茨公司 Use block chain automated validation appliance integrality
US9960920B2 (en) * 2016-01-26 2018-05-01 Stampery Inc. Systems and methods for certification of data units and/or certification verification

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106951307A (en) * 2017-03-06 2017-07-14 钱德君 A kind of intelligent contract virtual machine realization method
CN107103098A (en) * 2017-05-12 2017-08-29 曾建伟 A blockchain network database including smart contracts and its working method
CN107342858A (en) * 2017-07-05 2017-11-10 武汉凤链科技有限公司 A kind of intelligent contract guard method and system based on trusted context
CN107819749A (en) * 2017-10-26 2018-03-20 平安科技(深圳)有限公司 Block catenary system and transaction data processing method based on ether mill

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
分布式蜜罐系统的设计与实现;肖军粥,刘广祎;《计算机工程与设计》;20071203;全文 *
基于动态阵列蜜罐的协同式网络防御研究;李婕;《万方》;20120731;全文 *
基于区块链技术的网络DDoS联合防御方法研究;陈旭;《网络安全技术与应用》;20171205;全文 *
基于区块链的应用系统开发方法研究;蔡维德,郁莲;《软件学报》;20170705;全文 *
蜜罐先知型半分布式P2P Botnet的构建及检测方法;谢静,谭良;《计算机工程与应用》;20111231;全文 *

Also Published As

Publication number Publication date
CN108521426A (en) 2018-09-11

Similar Documents

Publication Publication Date Title
CN108521426B (en) A blockchain-based array honeypot collaborative control method
CN110580414B (en) Private data query method and device based on block chain account
EP3688929B1 (en) System and method for providing privacy and security protection in blockchain-based private transactions
Javaid et al. Blockpro: Blockchain based data provenance and integrity for secure iot environments
CN112749188B (en) Data processing method and terminal for solving data isolation between sub-chains in alliance chain
CN110580418A (en) Private data query method and device based on block chain account
KR102042739B1 (en) Apparatus and method for communication using message history-based security key using blockchain
CN110580245B (en) Private data sharing method and device
CN110430235B (en) Method, apparatus, storage medium and computing device for cross-chain transmission of authenticatable messages
CN110580411A (en) permission query configuration method and device based on intelligent contract
Yohan et al. Blockchain-based firmware update framework for internet-of-things environment
Urmila et al. A comparitive study of blockchain applications for enhancing internet of things security
CN114071462B (en) Unmanned aerial vehicle group satellite navigation defense decoy method
Jamader et al. BcIoT: blockchain based DDoS prevention architecture for IoT
CN108429762A (en) A Dynamic Honeypot Defense Method Based on Service Role Transformation
CN114629678A (en) TLS-based intranet penetration method and device
Tan et al. Blockchain-based lightweight authentication for resilient UAV communications: Architecture, scheme, and future directions
Gangwani et al. On the convergence of blockchain and IoT for enhanced security
CA3163962A1 (en) Apparatus and methods for encrypted communication
WO2020042929A1 (en) Block chain system
CN114465730A (en) Internet of things equipment mutual authentication method and device based on block chain technology
KR20200132546A (en) Cloud computing and blockchain based smart home system
Aprizal et al. Ensuring security using blockchain technology
Garcia Contribution to security and privacy in the Blockchain-based Internet of Things: Robustness, Reliability, and Scalability
Cheng et al. A secure elliptic curve based RFID ownership transfer scheme with controlled delegation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant