[go: up one dir, main page]

WO2015182873A1 - Bloc de sélection de serveur dns et procédé de modification d'adresse dns utilisant un mandataire - Google Patents

Bloc de sélection de serveur dns et procédé de modification d'adresse dns utilisant un mandataire Download PDF

Info

Publication number
WO2015182873A1
WO2015182873A1 PCT/KR2015/003863 KR2015003863W WO2015182873A1 WO 2015182873 A1 WO2015182873 A1 WO 2015182873A1 KR 2015003863 W KR2015003863 W KR 2015003863W WO 2015182873 A1 WO2015182873 A1 WO 2015182873A1
Authority
WO
WIPO (PCT)
Prior art keywords
dns
address
server
packet
dns query
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/KR2015/003863
Other languages
English (en)
Korean (ko)
Inventor
이용환
박민혁
김수로
김규리
임준혁
강경태
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Plustech Co Ltd
Original Assignee
Plustech Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Plustech Co Ltd filed Critical Plustech Co Ltd
Priority to US15/308,033 priority Critical patent/US10320751B2/en
Publication of WO2015182873A1 publication Critical patent/WO2015182873A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/22Arrangements for preventing the taking of data from a data transmission channel without authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks

Definitions

  • the following description relates to a technique for preventing information leakage and a network security method.
  • Korean Laid-Open Patent No. 2014-0044987 provides an Internet access path bypass derivation system and method through DNS packet modulation, thereby preventing IP address collisions so that communication can be made smoothly.
  • the patent is a network security system using a proxy server to inspect the incoming packets from the outside, but not blocking the packets going out from the inside. Accordingly, there is a need for a technology capable of providing a security service while maintaining an existing network environment.
  • the network security system may provide a method of preventing information leakage using a proxy server.
  • the network security system may provide a method of selectively blocking a DNS server.
  • the DNS blocking server may generate the fake DNS response packet by inputting the IP address of the proxy server as a response IP address corresponding to the DNS query domain address.
  • the DNS blocking server includes a list of managed domain addresses including at least one managed domain address, extracts the DNS query domain address from the DNS query packet, and the DNS query domain address. It may be determined whether or not the management target domain address is included in the management target domain address list.
  • the management target domain address list includes at least one web mail site address
  • the proxy server is configured such that the request packet from the client terminal is destined for the at least one web mail site. If not, the predetermined administrator is notified, and upon receiving the administrator's approval request, the mail transmission through the web mail site is sent to the outside. If the administrator does not request the approval, the mail transmission through the web mail site is sent to the outside. May not ship.
  • the DNS blocking server extracts a DNS server address from the DNS query packet, and if the DNS server address is a blocking target DNS server address, DNS query of the DNS query packet with the IP address of the alert server.
  • the fake DNS response packet may be generated and transmitted to the client terminal by inputting the response IP address corresponding to the domain address.
  • the alert server may provide the client terminal with a web page displaying a warning page indicating that the client terminal is using an unauthorized DNS server together with an IP address of an authorized DNS server.
  • a network security method includes: mirroring a DNS query packet through a network device to which a client terminal is connected; Extracting a DNS query domain address from the DNS query packet; Determining whether the DNS query domain address is a management target domain address; Generating a fake DNS response packet when the DNS query domain address is a management target domain address; And transmitting the generated fake DNS response packet to the client terminal.
  • the generating of the fake DNS response packet may include generating the fake DNS response packet by inputting an IP address of a proxy server as a response IP address corresponding to the DNS query domain address.
  • a network security method includes: mirroring a DNS query packet through a network device to which a client terminal is connected; Extracting a DNS server address from the DNS query packet; Determining whether the DNS server address is a blocking target DNS server address; Generating a fake DNS response packet when the DNS server address is a blocking target DNS server address; And transmitting the generated fake DNS response packet to the client terminal.
  • generating the fake DNS response packet generating the fake DNS response packet by inputting the IP address of the alert server as a response IP address corresponding to the DNS query domain address of the DNS query packet. can do.
  • the network system may filter the packets communicating internally and externally without setting a client environment, thereby selectively accessing the site and preventing information leakage.
  • the network security system may selectively block a site by providing another server IP address in response to a DNS query for an unauthorized server for a DNS server request.
  • FIG. 1 is a diagram illustrating an operation of a network security system according to an exemplary embodiment.
  • FIG. 2 is a diagram illustrating an operation of a network security system according to an exemplary embodiment.
  • FIG. 3 is a flowchart illustrating a network security method of a network security system according to an embodiment.
  • FIG. 4 is a flowchart illustrating a network security method of a network security system according to an embodiment.
  • FIG. 5 is a flowchart illustrating an operation of a proxy server according to an exemplary embodiment.
  • 6A and 6B are diagrams illustrating a list of DNS blocking servers according to an embodiment.
  • FIG. 1 is a diagram illustrating an operation of a network security system according to an exemplary embodiment.
  • the client 160 terminal When accessing the Internet 100 from the client 160 terminal in a network environment, the client 160 terminal may be connected to a switch 170 or a router. The client 160 terminal may be connected to the switch 170 or the router to enable network connection and data transmission. In this case, at least one client may be connected to the Internet.
  • the client may be a terminal such as a PC or a smart phone.
  • the DNS blocking server 140 may be connected to a network device to which the client terminal 160 is connected to mirror a DNS query packet through the network device.
  • the DNS blocking server 140 may store a list of management target domain addresses.
  • the DNS blocking server 140 may store www.aaa.com, www.bbb.com, and www.ccc.com which are managed domain addresses.
  • the DNS query packet may be delivered to the external DNS server 120 through the Internet 100, or may be forwarded to the DNS blocking server 140 through mirroring.
  • the DNS blocking server 140 may extract a DNS query domain address included in the DNS query packet. For example, www.abc.com, which is a DNS query domain address included in a DNS query packet, may be extracted. At this time, it may be determined whether the DNS query domain address is a management target domain address. By comparing the list of managed domain addresses stored in the DNS blocking server 140 with the DNS query domain address, it may be determined whether the management target domain address is the same.
  • the www server 130 may transmit a DNS response packet for the DNS query packet transmitted to the external DNS server 120 through the Internet 100 to the client 160 terminal.
  • the client 160 terminal normally accesses a destination site using a DNS response packet to perform communication.
  • the DNS response packet may be provided in response to a DNS query packet requesting an IP address corresponding to the domain name, and may include an IP address corresponding to the domain name.
  • a fake DNS response packet may be generated and transmitted to the client 160 terminal.
  • the DNS blocking server 140 may generate a fake DNS response packet by inputting the IP address of the proxy server 150 as a response IP address corresponding to the DNS query domain address.
  • the generated DNS response packet may be transmitted to the client 160 terminal.
  • the DNS blocking server 140 may substitute the IP address of the proxy server 150 (eg, 10.10.10.10) for the DNS query domain address.
  • a fake DNS response packet may be generated by inputting a response IP address corresponding to, and the generated fake DNS response packet may be transmitted to the client 160 terminal.
  • the client 160 terminal may receive a DNS response packet and access the proxy server 150.
  • the proxy server 150 may monitor the request packet from the client 160 terminal generated using the fake DNS response packet.
  • the proxy server 150 may identify the destination server from the connection request, and receive the requested page from the destination server.
  • the proxy server 150 may log, monitor, and block the request to the destination server and the communication received from the destination server according to the policy.
  • the managed domain address list may include addresses of at least one web mail site.
  • the proxy server 150 notifies a predetermined administrator when the request packet from the client 160 terminal is at least one web mail site, and transmits the mail through the web mail site upon receiving the administrator's approval request. It can be sent externally, and unless the administrator asks for approval, mail transmission through a web mail site can not be sent out.
  • spam mail can be detected and the team leader of the team member who sent the mail can be notified of the fact so that the mail can be sent to the outside only when there is an approval of the team leader.
  • user A sends mail to user B.
  • DNS requests for mail.abc.com are assigned to a proxy server address (10.10.10.10) rather than the actual mail.abc.com server (125.209.222.15)
  • the client accesses mail.abc.com but actually does
  • the server can be accessed and controlled by a proxy server. It can also inspect incoming packets as well as incoming packets in response to requests.
  • the network security system may access a site through filtering on a packet communicated to the outside without configuring a client.
  • filtering can be performed after receiving all contents transmitted by the client through the proxy server.
  • the network security system does not cause a service stop problem because the network communication is continuously performed even if the DNS blocking server or the proxy server fails.
  • the DNS blocking server is mirrored even when the DNS server is broken, since the DNS response packet is transmitted from the normal DNS server to the client terminal, the client terminal can make a normal network connection using the DNS response packet.
  • it can be easy to install, maintain, maintain, and manage because it can provide a network security service additionally installed with an additional DNS blocking server and proxy server while maintaining the existing network environment.
  • FIG. 2 is a diagram illustrating an operation of a network security system according to an exemplary embodiment.
  • the client 230 terminal when accessing the Internet 200 from a client 230 terminal in a network environment, the client 230 terminal may be connected to a switch 210 or a router.
  • the client terminal 230 may be connected to the switch 210 or the router to enable network connection and data transmission.
  • at least one client 230 terminal may be connected to the Internet.
  • the client 230 terminal may be a terminal such as a PC and a smart phone.
  • the DNS blocking server 220 may mirror the DNS query packet through the network device to which the client terminal 230 is connected.
  • the DNS query packet may be delivered to an external DNS server through the Internet 200, or may be forwarded to the DNS blocking server 220 through mirroring.
  • the DNS blocking server 220 may store a list of blocking target DNS server addresses.
  • the DNS blocking server 220 may store 100.100.100.101 and 111.111.111.111 which are blocking DNS server addresses.
  • the DNS blocking server 220 may extract a DNS server address from the DNS query packet.
  • the DNS server address extracted from the DNS query packet may be 101.101.101.101.
  • the DNS blocking server 220 may determine whether the DNS server address is a blocking target DNS server address.
  • the blocking target DNS server address may be determined by comparing the blocking target DNS server addresses stored in the DNS blocking server 220 with the DNS server address.
  • the DNS response packet for the DNS request packet transmitted to the external DNS server through the Internet 200 may be delivered to the client 230 terminal, and the client 230 terminal.
  • a DNS response packet can be used to access and communicate with a destination site.
  • the DNS server address is a blocking target DNS server address
  • a page displaying a warning page indicating that an unauthorized DNS server is used may be delivered to the client 230 terminal.
  • the DNS server address extracted from the DNS query packet is 101.101.101.101, it is not a DNS server address stored in the blocked DNS server address list. Therefore, a DNS response packet is used to connect to the destination site for communication. can do.
  • the DNS server address extracted from the DNS query packet is 111.111.111.111
  • the response server's IP address corresponds to the DNS query domain address in the DNS query packet because it matches the DNS server address stored in the list of blocked DNS server addresses.
  • a fake DNS response packet may be generated and transmitted to the client 230 terminal.
  • the warning server may provide the client 230 terminal with a web page displaying a warning page indicating that the client terminal is using an unauthorized DNS server together with the IP address of the authorized DNS server.
  • the page may display the IP address of the authorized DNS server so that the client 230 terminal may use the IP address of the authorized DNS server.
  • FIG. 3 is a flowchart illustrating a network security method of a network security system according to an embodiment.
  • the network security system may mirror the DNS query packet through the network equipment to which the client terminal is connected.
  • the network security system may extract the DNS query domain address from the DNS query packet.
  • the DNS query domain address www.ccc.com can be extracted from the DNS query packet.
  • the network security system may determine whether the DNS query domain address is a management target domain address. In this case, when the DNS query domain address is not the management target domain address, a DNS response packet for the DNS query packet may be transmitted to the client terminal (350).
  • the client terminal normally connects to the destination site using a DNS response packet to perform communication. For example, referring to the managed domain address of FIG. 6A, if the domain address extracted from the DNS query packet is www.plus.com, the DNS response packet for the DNS query packet is transmitted to the client because it is not the managed domain address. The client can then go to www.plus.com as normal.
  • a fake DNS response packet may be generated (340), and the generated fake DNS response packet may be transmitted to the client terminal (350).
  • the fake DNS response packet may generate a fake DNS response packet by inputting a proxy server's IP address as a response IP address corresponding to a DNS query domain address. For example, if the domain address extracted from the DNS query packet is www.plustech.com, referring to FIG. 6A, since www.plustech.com is a managed domain address, a fake DNS response packet may be generated, and the generated fake The DNS response packet can be sent to the client terminal. If the IP address of the proxy server is 10.10.10.10, for example, the IP address of the proxy server may be entered as a response IP address corresponding to www.plustech.com to transmit a fake DNS response packet to the client terminal.
  • FIG. 4 is a flowchart illustrating a network security method of a network security system according to an embodiment.
  • the network security method may be performed by a network security system.
  • the network security system may mirror the DNS query packet.
  • the network security system may extract the DNS server address from the DNS query packet.
  • the DNS server address 222.222.222.222 can be extracted from the DNS query packet.
  • the network security system may determine whether the DNS server address is a blocking target DNS server address. If the DNS server address is not the blocking target DNS server address, the DNS response packet for the DNS query packet may be transmitted to the client terminal (450). Then, the DNS response packet for the DNS request packet transmitted to the external DNS server through the Internet can be delivered to the client terminal, and the client can normally communicate with the destination site by using the DNS response packet. For example, if the DNS server address is 222.222.222.222, referring to FIG. 6B, since the DNS server address is not the blocking target DNS server address, a DNS response packet for the DNS query packet may be transmitted to the client terminal, and the client may transmit the DNS server address. 222.222.222.222 can be used to connect to the destination site (eg, www.mmm.com) to communicate.
  • the destination site eg, www.mmm.com
  • a fake DNS response packet may be generated (440), and the generated fake DNS response packet may be transmitted to the client terminal (450).
  • the fake DNS response packet may generate a fake DNS response packet by inputting the IP address of the alert server as a response IP address corresponding to the DNS query domain address of the DNS query packet. For example, if the DNS server address is 10.10.0.2, referring to FIG. 6B, since the DNS server address is a blocking target, the IP address of the alert server (for example, 333.333.333.333) is replaced with the DNS query domain address ( For example, a fake DNS response packet may be generated and transmitted to a client terminal by inputting a response IP address corresponding to wwww.mmm.com).
  • a page may display a warning page indicating that an unauthorized DNS server is being used, and the client terminal permits the client terminal by displaying the IP address of the authorized DNS server to the client terminal. You can use the IP address of the DNS server.
  • FIG. 5 is a flowchart illustrating an operation of a proxy server according to an exemplary embodiment.
  • the proxy server may receive a connection request from a client. If the DNS query domain address is a managed domain address, the DNS blocking server may send a fake DNS response packet to the client, and the client may receive a fake response DNS response packet and connect to the proxy server.
  • the proxy server may identify the destination server from the connection request from the client and receive the requested page from the destination server.
  • the destination server may be a web server. If the destination server is a server of Portal A, the proxy server can identify the server of Portal A and receive the page of Portal A from the server of Portal A.
  • the proxy server may log, monitor, and block the request to the destination server and the communication received from the destination server according to the policy. For example, the proxy server notifies a predetermined administrator when a request packet from a client terminal is destined for at least one web mail site, and sends a mail to the outside through a web mail site upon receiving the administrator's approval request. It can be sent, and the mail transmission through the web mail site can not be sent to the outside without the administrator's request for approval.
  • the proxy server since the proxy server according to an embodiment continues to perform network communication even if a failure occurs, Internet communication may be performed smoothly.
  • the proxy server uses a proxy server without setting the proxy server in the client terminal, it is possible to solve the problem of setting the proxy server in all the client terminals. In addition, it is possible to solve the problem of avoiding network security by using another proxy by changing the proxy setting in the client terminal.
  • 6A and 6B are diagrams illustrating a list of DNS blocking servers according to an embodiment.
  • 6A is a diagram showing that the management target domain address is stored.
  • FIG. 6A illustrates a list of managed domain addresses.
  • the managed domain address may be stored in a database of a DNS blocking server and an external database in which the managed domain address is stored.
  • the management target domain address list may include a domain address field 610 and an information field, and other fields may be generated and stored.
  • the management target domain address list may be stored in a database in a list form, and the management target domain address may be updated at regular intervals.
  • the management target domain address list may modify, add, and delete domain addresses.
  • the managed target domain list may store a managed target domain address.
  • the list of managed domains may be stored as managed domain addresses www.plustech.com, www.abc.com, and www.zzz.com. It may also include the address of at least one web mail site.
  • 6B is a diagram showing that the blocking target DNS server address is stored.
  • the blocking target DNS server address may be stored in a database of the DNS blocking server, and an external database storing the blocking target DNS server address may be used.
  • the blocking target DNS server address list may include a DNS server address field 650 and an information field, and other fields may be generated and stored.
  • the blocking target DNS server address list may be stored in a database in a list form, and the blocking target DNS server address may be updated at regular intervals.
  • the blocking target DNS server address list may modify, add, and delete DNS server addresses.
  • the list of blocked DNS server addresses may store the blocked DNS server addresses.
  • the blocking target DNS server address list may include the blocking target DNS server addresses 10.10.0.2, 10.10.x.y, and 10.10.x.z.
  • the apparatus described above may be implemented as a hardware component, a software component, and / or a combination of hardware components and software components.
  • the devices and components described in the embodiments may be, for example, processors, controllers, arithmetic logic units (ALUs), digital signal processors, microcomputers, field programmable arrays (FPAs), It may be implemented using one or more general purpose or special purpose computers, such as a programmable logic unit (PLU), microprocessor, or any other device capable of executing and responding to instructions.
  • the processing device may execute an operating system (OS) and one or more software applications running on the operating system.
  • the processing device may also access, store, manipulate, process, and generate data in response to the execution of the software.
  • OS operating system
  • the processing device may also access, store, manipulate, process, and generate data in response to the execution of the software.
  • processing device includes a plurality of processing elements and / or a plurality of types of processing elements. It can be seen that it may include.
  • the processing device may include a plurality of processors or one processor and one controller.
  • other processing configurations are possible, such as parallel processors.
  • the software may include a computer program, code, instructions, or a combination of one or more of the above, and configure the processing device to operate as desired, or process it independently or collectively. You can command the device.
  • Software and / or data may be any type of machine, component, physical device, virtual equipment, computer storage medium or device in order to be interpreted by or to provide instructions or data to the processing device. Or may be permanently or temporarily embodied in a signal wave to be transmitted.
  • the software may be distributed over networked computer systems so that they may be stored or executed in a distributed manner.
  • Software and data may be stored on one or more computer readable recording media.
  • the method according to the embodiment may be embodied in the form of program instructions that can be executed by various computer means and recorded in a computer readable medium.
  • the computer readable medium may include program instructions, data files, data structures, etc. alone or in combination.
  • the program instructions recorded on the media may be those specially designed and constructed for the purposes of the embodiments, or they may be of the kind well-known and available to those having skill in the computer software arts.
  • Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tape, optical media such as CD-ROMs, DVDs, and magnetic disks, such as floppy disks.
  • Examples of program instructions include not only machine code generated by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like.
  • the hardware device described above may be configured to operate as one or more software modules to perform the operations of the embodiments, and vice versa.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Conformément à un mode de réalisation, la présente invention concerne un système de sécurité de réseau qui peut comprendre : un serveur de blocage DNS qui est connecté à un équipement de réseau auquel un terminal client est connecté et reflète un paquet d'interrogation DNS traversant l'équipement de réseau, et qui génère et transmet un faux paquet de réponse DNS au terminal client si une adresse de domaine d'interrogation DNS du paquet d'interrogation DNS est une adresse de domaine à gérer ; et un serveur mandataire qui surveille un paquet de requête provenant du terminal client généré à l'aide du faux paquet de réponse DNS.
PCT/KR2015/003863 2014-05-26 2015-04-17 Bloc de sélection de serveur dns et procédé de modification d'adresse dns utilisant un mandataire Ceased WO2015182873A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US15/308,033 US10320751B2 (en) 2014-05-26 2015-04-17 DNS server selective block and DNS address modification method using proxy

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2014-0062990 2014-05-26
KR1020140062990A KR101522139B1 (ko) 2014-05-26 2014-05-26 DNS 서버 선별 차단 및 Proxy를 이용한 DNS 주소 변경 방법

Publications (1)

Publication Number Publication Date
WO2015182873A1 true WO2015182873A1 (fr) 2015-12-03

Family

ID=53395214

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2015/003863 Ceased WO2015182873A1 (fr) 2014-05-26 2015-04-17 Bloc de sélection de serveur dns et procédé de modification d'adresse dns utilisant un mandataire

Country Status (2)

Country Link
KR (1) KR101522139B1 (fr)
WO (1) WO2015182873A1 (fr)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101702102B1 (ko) * 2015-08-13 2017-02-13 주식회사 케이티 인터넷 연결 장치, 중앙 관리 서버 및 인터넷 연결 방법
KR101891705B1 (ko) * 2015-11-27 2018-08-24 주식회사 수산아이앤티 사설 네트워크 파악 방법 및 그 장치
KR101925317B1 (ko) * 2016-06-16 2018-12-05 주식회사 수산아이앤티 웹 메일 보안 장치 및 방법
KR101961451B1 (ko) 2018-10-11 2019-03-22 주식회사 에프원시큐리티 Dns 서버에 기반한 감염 시스템의 원점 추적 방법 및 시스템

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060007538A (ko) * 2004-07-20 2006-01-26 박재홍 Dns를 이용한 선택적 인터넷 접속 차단 서비스 제공 방법
KR100732689B1 (ko) * 2005-05-13 2007-06-27 (주)트리니티소프트 웹 보안방법 및 그 장치
KR20110124833A (ko) * 2010-05-12 2011-11-18 (주)한드림넷 네트워크 스위치 및 그 네트워크 스위치의 보안공지방법
KR20140044987A (ko) * 2012-09-25 2014-04-16 주식회사 시큐아이 보안 시스템 및 그것의 동작 방법

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060007538A (ko) * 2004-07-20 2006-01-26 박재홍 Dns를 이용한 선택적 인터넷 접속 차단 서비스 제공 방법
KR100732689B1 (ko) * 2005-05-13 2007-06-27 (주)트리니티소프트 웹 보안방법 및 그 장치
KR20110124833A (ko) * 2010-05-12 2011-11-18 (주)한드림넷 네트워크 스위치 및 그 네트워크 스위치의 보안공지방법
KR20140044987A (ko) * 2012-09-25 2014-04-16 주식회사 시큐아이 보안 시스템 및 그것의 동작 방법

Also Published As

Publication number Publication date
KR101522139B1 (ko) 2015-05-20

Similar Documents

Publication Publication Date Title
US11252183B1 (en) System and method for ransomware lateral movement protection in on-prem and cloud data center environments
JP5090408B2 (ja) ネットワーク通信において送信データの宛先を動的に制御する方法及び機器
US11520530B2 (en) Peripheral device for configuring compute instances at client-selected servers
US11563799B2 (en) Peripheral device enabling virtualized computing service extensions
CN104967609A (zh) 内网开发服务器访问方法、装置及系统
KR101290963B1 (ko) 가상화 기반 망분리 시스템 및 방법
WO2014148667A1 (fr) Système de test pour la réduction du coût de test de performance dans un environnement nuagique et méthode de test associée
WO2020040556A1 (fr) Système et procédé de moissonnage basé sur un navigateur web
CN104243442A (zh) 网络访问系统、网络防护设备和终端服务器
WO2015182873A1 (fr) Bloc de sélection de serveur dns et procédé de modification d'adresse dns utilisant un mandataire
JP2009246957A (ja) セキュリティポリシー制御システム、セキュリティポリシー制御方法、及びプログラム
Zhan et al. CIADL: cloud insider attack detector and locator on multi-tenant network isolation: an OpenStack case study
WO2015190692A1 (fr) Procédé de blocage d'accès à internet à l'aide d'un programme d'agent
KR101489759B1 (ko) 스토리지 장치를 이용한 파일전송 프로토콜 제어 방법
AU2023434980B2 (en) Information processing device, information processing method, and information processing program
CN109218415B (zh) 一种分布式节点管理的方法、节点及存储介质
WO2015167151A1 (fr) Procede de blocage d'acces internet utilisant une adresse ip et un url
WO2025100601A1 (fr) Système de pot de miel et procédé de fonctionnement de pot de miel dans un environnement de grappe distribuée, et dispositif informatique pour sa mise en œuvre
WO2018088680A1 (fr) Système de sécurité et procédé de traitement de demande d'accès à un site bloqué
US11456918B2 (en) Client driven network configuration
US20170155680A1 (en) Inject probe transmission to determine network address conflict
KR102044870B1 (ko) Url 맵을 이용하여 도메인을 관리하는 장치 및 방법
JP4290526B2 (ja) ネットワークシステム
WO2016195344A1 (fr) Système de sécurité de réseau et procédé permettant de bloquer le téléchargement à l'improviste d'un logiciel malveillant
US8660143B2 (en) Data packet interception system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15800604

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 15308033

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15800604

Country of ref document: EP

Kind code of ref document: A1