| CPC H04L 63/1425 (2013.01) [H04L 9/50 (2022.05); H04L 63/1416 (2013.01)] | 13 Claims |
|
1. A blockchain-based host security monitoring method, comprising:
monitoring traffic data of a host in a network communication and determining whether the traffic data is malicious traffic;
in response the determining that the traffic data is the malicious traffic, obtaining security state information of the host and saving the security state information into a security state blockchain; and
generating an invasion log corresponding to the malicious traffic and saving the invasion log and the security state information into a log storage blockchain,
wherein the saving the security state information into the security state blockchain comprises:
saving a network address of the host and the security state information into a block body of a current security state block to be consensus authenticated;
in response that a block generation condition is met, obtaining block header data of a previous security state block in the security state blockchain, and obtaining a parent block hash value by calculation according to the block header data;
calculating a block body hash value of the current security state block according to data saved in the block body of the current block;
saving the parent block hash value, the block body hash value and a timestamp of a current time into a block header of the current security state block; and
broadcasting the current security state block to a security state blockchain network to perform consensus authentication on the current security state block, and linking the current security state block onto the security state blockchain upon a successful authentication.
|