摘要
针对目前物联网用户危险源识别存在的关联风险大、识别范围狭窄等问题,通过将安全威胁探测模块部署在被保护的业务系统局域网内部,并综合采用Linux操作系统下的IPTABLES软件防火墙技术、TCP_WRAPPERS、应用层IP访问白名单技术以及子网卡抓包技术,在低成本、高安全的情况下,实现了高灵敏度、高概率识别非法攻击危险源,从而有效地保护物联网用户,并具有绿色低碳、高安全、大范围探测等特点。
In response to the current problems of high associated risks and narrow identification range in identifying hazards for IoT users,the security threat detection module is deployed within the protected business system LAN,and the Linux operating system̓s IPTABLES software firewall technology,TCP_WRAPPERS,application layer IP access whitelist technology,and subnet card packet capture technology are comprehensively adopted.At low cost and high security,high sensitivity and high probability identification of illegal attack hazards are achieved,effectively protecting IoT users,and it has the characteristics of green,low-carbon,high security,and large-scale detection.
作者
于城
童贞理
潘松柏
YU Cheng;TONG Zhenli;PAN Songbai(China Unicom Digital Technology Co.,Ltd.,Beijing 100000,China;Chongqing Branch,China United Network Communications Co.,Ltd.,Chongqing 400000,China)
出处
《计算机应用文摘》
2024年第10期150-152,共3页
Chinese Journal of Computer Application
关键词
物联网
非法攻击
危险源识别
Internet of Things
illegal attack
hazard identification
