Network Configuration Method and Device
US-2023216732-A1 · Jul 6, 2023 · US
Information leakage monitoring method and system, and electronic device
US12224989B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12224989-B2 |
| Application number | US-202218720544-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 1, 2022 |
| Priority date | Dec 17, 2021 |
| Publication date | Feb 11, 2025 |
| Grant date | Feb 11, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Traffic proxy-based Internet of Things terminal key information leakage monitoring methods and systems, electronic devices, storage media, and computer programs. An example method includes: receiving a proxy request sent by an Internet of Things terminal, the proxy request including protocol related information of the Internet of Things terminal, and the protocol related information including part or all of device model information, service type information, and data packet information; according to the protocol related information of the Internet of Things terminal, determining a target protocol corresponding to the Internet of Things terminal; and allocating a target proxy service to the Internet of Things terminal according to the target protocol, and a usage state and an online state of each proxy service in a full traffic proxy pool, and performing key information monitoring on the traffic of the Internet of Things terminal by the target proxy service.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method for monitoring key information leakage of an Internet of Things (IoT) terminal based on a traffic proxy, comprising: receiving a proxy request sent by the IoT terminal, wherein the proxy request comprises protocol-related information of the IoT terminal, and the protocol-related information comprises part or all of device model information, service type information and data packet information; determining a target protocol corresponding to the IoT terminal according to the protocol-related information of the IoT terminal; allocating a target proxy service to the IoT terminal according to the target protocol and a usage state and an online state of one or more proxy services in a full traffic proxy pool, sending relevant information of the target proxy service to the IoT terminal, so that the IoT terminal accesses the target proxy service; and forwarding traffic of the IoT terminal and performing key information monitoring on the traffic of the IoT terminal through the target proxy service; wherein the full traffic proxy pool comprises a plurality of proxy services corresponding to different protocols, and the target proxy service is a proxy service corresponding to the target protocol and having a usage state of being idle and an online state of being online in the plurality of proxy services; wherein the proxy request further comprises device identification information of the IoT terminal, after allocating the target proxy service to the IoT terminal, the method further comprises: generating a uniqueness verification identifier according to the device identification information of the IoT terminal and identification information of the target proxy service, so that the target proxy service performs service-bound uniqueness verification according to the device identification information of the IoT terminal, the identification information of the target proxy service and the uniqueness verification identifier in response to receiving the traffic sent by the IoT terminal, and performs key information monitoring on the traffic in response to a successful verification. 2. The method according to claim 1 , wherein the full traffic proxy pool comprises one or more proxy services corresponding to a single protocol, and one or more proxy services corresponding to a plurality of protocols, in response to the target protocol comprising a plurality of different protocols, the target proxy service is a proxy service corresponding to the plurality of different protocols and having a usage state of being idle and an online state of being online. 3. The method according to claim 1 , wherein performing key information monitoring on the traffic of the IoT terminal through the target proxy service comprises: segmenting a data packet of the IoT terminal according to a protocol template of the target protocol, wherein the protocol template comprises part or all of protocol data packet size information, protocol data structure information, protocol data field information, protocol data field feature set information and protocol data interaction mode information; and performing key information monitoring according to segmented data of the IoT terminal. 4. The method according to claim 3 , wherein segmenting the data packet of the IoT terminal comprises: segmenting the data packet of the IoT terminal into atomic granularity to obtain atomic granularity data corresponding to the data packet, wherein the atomic granularity data is in a form of location-content, and the atomic granularity data is the smallest unit of the data packet. 5. The method according to claim 1 , wherein before performing key information monitoring on the traffic of the IoT terminal through the target proxy service, the method further comprises: filtering invalid traffic in the traffic of the IoT terminal according to one or more invalid traffic features in an invalid traffic feature library. 6. The method according to claim 1 , wherein performing key information monitoring on the traffic of the IoT terminal through the target proxy service comprises: performing key information detection on the traffic of the IoT terminal using a preset key information detection method, wherein the preset key information detection method comprises at least two of: a key information detection method based on a feature set, a key information detection method based on a pattern set, and a key information detection method based on a machine learning model set. 7. The method according to claim 1 , wherein after performing key information monitoring on the traffic of the IoT terminal through the target proxy service, the method further comprises: in response to key information being detected, displaying one or more key information detection results, and/or giving an early warning of the key information detection results, wherein the key information detection results comprise one or more of: a protocol to which the key information belongs, a data packet to which the key information belongs, location information of the key information in the data packet, a content of the key information, and a type of the key information. 8. A system for monitoring key information leakage of an Internet of Things (IoT) terminal based on a traffic proxy, comprising: a dynamic domain access unit and one or more proxy services, wherein the dynamic domain access unit is configured to receive a proxy request sent by the IoT terminal, wherein the proxy request comprises protocol-related information of the IoT terminal, and the protocol-related information comprises part or all of device model information, service type information and data packet information; the dynamic domain access unit is further configured to determine a target protocol corresponding to the IoT terminal according to the protocol-related information of the IoT terminal; and the dynamic domain access unit is further configured to allocate a target proxy service to the IoT terminal according to the target protocol and a usage state and an online state of one or more proxy services in a full traffic proxy pool, send relevant information of the target proxy service to the IoT terminal, so that the IoT terminal accesses the target proxy service; wherein the full traffic proxy pool comprises a plurality of proxy services corresponding to different protocols, and the target proxy service is a proxy service corresponding to the target protocol and having a usage state of being idle and an online state of being online in the plurality of proxy services, wherein the proxy service is further configured to, in response to the proxy service serving as the target proxy service, forward traffic of the IoT terminal and perform key information monitoring on the traffic of the IoT terminal; wherein the proxy request further comprises device identification information of the IoT terminal, the dynamic domain access unit is further configured to generate a uniqueness verification identifier according to the device identification information of the IoT terminal and identification information of the target proxy service; the proxy service is further configured to, in response to the proxy service serving as the target proxy service and receiving the traffic sent by the IoT terminal, perform service-bound uniqueness verification according to the device identification information of the IoT terminal the identification information of the target proxy service and the uniqueness verification identifier, and perform key information monitoring on the traffic in response to a successful verification. 9. The system according to claim 8 , wherein the full traffic proxy pool comprises one or more proxy services corresponding to a single
Assignees
Inventors
Classifications
Multiprotocol handlers, e.g. single devices capable of handling multiple protocols · CPC title
Provisioning of proxy services (store-and-forward switching systems in data switching networks H04L12/54) · CPC title
Traffic logging, e.g. anomaly detection · CPC title
Parsing or analysis of headers · CPC title
- H04L63/0281Primary
Proxies · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12224989B2 cover?
- Traffic proxy-based Internet of Things terminal key information leakage monitoring methods and systems, electronic devices, storage media, and computer programs. An example method includes: receiving a proxy request sent by an Internet of Things terminal, the proxy request including protocol related information of the Internet of Things terminal, and the protocol related information including p…
- Who is the assignee on this patent?
- Hangzhou Hikvision Digital Tec
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0281. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 11 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).