CN106603624A - Data mining system and realization method thereof - Google Patents
Data mining system and realization method thereof Download PDFInfo
- Publication number
- CN106603624A CN106603624A CN201610969883.6A CN201610969883A CN106603624A CN 106603624 A CN106603624 A CN 106603624A CN 201610969883 A CN201610969883 A CN 201610969883A CN 106603624 A CN106603624 A CN 106603624A
- Authority
- CN
- China
- Prior art keywords
- data
- client
- cloud platform
- network
- mining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000007418 data mining Methods 0.000 title abstract description 5
- 238000004458 analytical method Methods 0.000 claims abstract description 26
- 238000005065 mining Methods 0.000 claims description 70
- 230000008569 process Effects 0.000 claims description 15
- 238000012423 maintenance Methods 0.000 claims description 8
- 230000003993 interaction Effects 0.000 claims description 3
- 230000008520 organization Effects 0.000 abstract description 4
- 238000007726 management method Methods 0.000 description 10
- 238000010586 diagram Methods 0.000 description 6
- 230000000694 effects Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 239000000203 mixture Substances 0.000 description 4
- 238000009412 basement excavation Methods 0.000 description 3
- 230000000052 comparative effect Effects 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 238000013523 data management Methods 0.000 description 2
- 230000009931 harmful effect Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000002265 prevention Effects 0.000 description 2
- 230000001681 protective effect Effects 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 206010022000 influenza Diseases 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1095—Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/53—Network services using third party service providers
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- Entrepreneurship & Innovation (AREA)
- Economics (AREA)
- Strategic Management (AREA)
- Development Economics (AREA)
- Physics & Mathematics (AREA)
- Educational Administration (AREA)
- Marketing (AREA)
- Operations Research (AREA)
- Quality & Reliability (AREA)
- Tourism & Hospitality (AREA)
- Game Theory and Decision Science (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a data mining system, which comprises a client and a cloud platform, wherein the client is used for collecting sharing data corresponding to a preset sharing policy in a network where the client is when the network where the client is participates in data sharing, and reporting the related policy information and the gathered sharing data to the cloud platform; and the cloud platform is used for receiving the related policy information and the sharing data uploaded by each client in the network, carrying out summary analysis processing on the sharing data to obtain a plurality of types of mined data, and pushing a corresponding type of mined data to a corresponding client according to the related policy information; and the client is also used for receiving the mined data pushed by the cloud platform. The invention also discloses a data mining system realization method. Thus, sharing of network data among different organizations can be realized, each organization can carry out organization operations and decision management according to the acquired sharing data provided by other organizations.
Description
Technical field
The present invention relates to data mining technology field, more particularly to data digging system and its implementation.
Background technology
Currently, the tissue such as many enterprises, government have purchased substantial amounts of gateway device, such as virtualized gateway device, enter
The security classes software of row end points protection, or hardware gateway equipment etc., and disposed, such as it is network log-in management equipment, anti-
Wall with flues equipment etc., the scale of these gateway devices is generally all than larger and be mostly deployed on the network egress of these tissues.It is existing
In having technology, so large-scale gateway device is generally widely used in internet behavior audit, flow-control, the service of tissue
The aspect such as device and Intranet protection.
Presently, these substantial amounts of gateway devices be also only merely used in tissue on one's body, namely in these nets
Shut collection information data be generally all supplied to tissue oneself carry out data analysiss with value excavate, that is to say, that enterprise,
Government etc. respectively will not organize the internal data of itself to share to its hetero-organization between tissue, so that each tissue all can not
The running and decision-making management of autologous tissue are carried out using the inside related data of its hetero-organization, such as the work effect between organizing
Rate is compared, internet security is than equity.
The content of the invention
Present invention is primarily targeted at providing a kind of data digging system and its implementation, it is intended to solve prior art
In each tissue the running of autologous tissue and the technology of decision-making management all can not be carried out using the inside related data of its hetero-organization
Problem.
For achieving the above object, the present invention provides a kind of data digging system, and the data digging system includes:Cloud platform
With some clients, wherein, independently with cloud platform carry out data interaction between each client;
The client, for when client place network participates in data sharing, collecting the client and being located
The shared data corresponding with preset shared strategy in network, and by the relevant policy information in the sharing policy and collection
The shared data report the cloud platform;
The cloud platform, for receiving the relevant policy information of each client upload and the shared number on network
According to, and Macro or mass analysis process is carried out to the shared data, the mining data of several type is obtained, and according to the related plan
Slightly information, by the mining data of corresponding types correspondence client is pushed to, wherein, the type of the mining data at least includes:
Data results, the focus security classes data result of same industry concern;
The client is additionally operable to:Receive the mining data that the cloud platform is pushed.
Preferably, the client includes gateway device, client place network at least by the gateway device and
The some network equipments composition being connected with the gateway device, wherein, the type of the gateway device at least sets including hardware gateway
Standby, virtualized gateway device, the security classes software or equipment that carry out end points protection.
Preferably, the data digging system also includes:
End is safeguarded, for the cloud platform to be safeguarded and monitored, the maintenance at least includes updating the cloud platform
On relative program.
Preferably, the client is additionally operable to:Configure the client data in a network sharing policy;The phase
Closing policy information at least includes:The type of the required mining data of client place network, the mining data connect
Debit's formula.
Preferably, the cloud platform is built in public cloud trusty, and the cloud platform is completed by program
The Macro or mass analysis of the shared data are processed, and all data to processing in processing procedure are encrypted, and the cloud
Provider's information not comprising data in the mining data that platform is pushed.
Further, for achieving the above object, the present invention also provides a kind of implementation method of data digging system, the number
Include according to the implementation method of digging system:
When client place network participates in data sharing, the client collect the client institute in a network with advance
The corresponding shared data of sharing policy is put, and the relevant policy information in the sharing policy and the described of collection are shared
Data report cloud platform;
The cloud platform receives the relevant policy information and the shared data of each client upload on network, and
Macro or mass analysis process is carried out to the shared data, the mining data of several type is obtained, and is believed according to the corresponding strategies
Breath, by the mining data of corresponding types correspondence client is pushed to, wherein, the type of the mining data at least includes:Colleague
Data results, the focus security classes data result of industry concern;
The client receives the mining data that the cloud platform is pushed.
Preferably, the client includes gateway device, client place network at least by the gateway device and
The some network equipments composition being connected with the gateway device, wherein, the type of the gateway device at least sets including hardware gateway
Standby, virtualized gateway device, the security classes software or equipment that carry out end points protection.
Preferably, the implementation method of the data digging system also includes:
Safeguard that end is safeguarded and monitored to the cloud platform, the maintenance at least includes updating the phase in the cloud platform
Pass program.
Preferably, the client collect the client before shared data in a network, the data mining
The implementation method of system also includes:The client configure the client data in a network sharing policy;The phase
Closing policy information at least includes:The type of the required mining data of client place network, the mining data connect
Debit's formula.
Preferably, the cloud platform is built in public cloud trusty, and the cloud platform is completed by program
The Macro or mass analysis of the shared data are processed, and all data to processing in processing procedure are encrypted, and the cloud
Provider's information not comprising data in the mining data that platform is pushed.
In the present invention, each tissue completes the configuration of the sharing policy of data in tissue network by respective client, and
Collect the shared data in tissue network and the shared data is uploaded to into third party cloud platform by client and collected
Analyzing and processing, and then by the cloud platform, the mining data excavated in the shared data provided from each tissue is obtained, and will
Mining data is pushed to the tissue of each participation data sharing, and then can realize the shared of network data between different tissues, so as to
So that each tissue can utilize the shared data that its hetero-organization is provided, the running organized and decision-making management.
Description of the drawings
Fig. 1 is the high-level schematic functional block diagram of data digging system first embodiment of the present invention;
Fig. 2 is the high-level schematic functional block diagram of data digging system second embodiment of the present invention;
Fig. 3 is the connection configuration diagram of the embodiment of data digging system of the present invention;
Fig. 4 is the schematic flow sheet of the embodiment of implementation method one of data digging system of the present invention.
The realization of the object of the invention, functional characteristics and advantage will be described further referring to the drawings in conjunction with the embodiments.
Specific embodiment
It should be appreciated that specific embodiment described herein is not intended to limit the present invention only to explain the present invention.
With reference to Fig. 1, Fig. 1 is the high-level schematic functional block diagram of data digging system first embodiment of the present invention.The present embodiment converges
Always, the data digging system includes:Some clients 10 and cloud platform 20, wherein, between each client 10 independently with
Cloud platform 20 carries out data interaction, and the connected mode between each client 10 and cloud platform 20 is not limited, with specific reference to being actually needed
Be configured, such as using wired connection, or can also be using wireless connection.
In the present embodiment, for the type of client is not limited, such as gateway device, such as network log-in management equipment, fire prevention
Wall equipment etc., or software gateway platform, or the network equipment of information, or the safety for carrying out end points protection can be carried out
Software etc..Optionally, client 10 includes gateway device, meanwhile, the place network of client 10 at least by the gateway device and
The some network equipments composition being connected with the gateway device.
In the present embodiment, organizing user by client 10 configure client 10 data in a network shared plan
Slightly, such as the config option for providing sharing policy for organizing user in the controlling interface of gateway device such as provides client
Whether 10 place networks participate in the config option of data sharing, if participated in, further provide for other correlations of data sharing
The configuration of strategy, such as which kind of data configured in collection network carry out data sharing, are such as operated the correlation of efficiency comparative
The sharing of the related data for sharing, carrying out Game Market contrast of data, carry out receiving the dependency number that Botnet attacks contrast
According to it is shared, the related data of student interests trend shared etc..
Additionally, the mining data issued by cloud platform that can also be further to receiving in the present embodiment carries out related plan
Configuration slightly, such as configure type, reception mode of mining data of the required mining data of client place network etc., enters
And enable cloud platform 20 according to the corresponding strategies of above-mentioned configuration, corresponding mining data is pushed to into corresponding client
10, such as the mining data of type-A is pushed to and participates in the A clients of data sharing, and the mining data of B types is pushed to
Participate in B clients of data sharing etc..
In the present embodiment, when organizing user have selected the place network of client 10 in client 10 matching somebody with somebody for data sharing is participated in
When putting policing option, client 10 will collect client 10 institute shared data corresponding with sharing policy in a network, and general
The shared data of relevant policy information and collection in sharing policy reports cloud platform 20.For example, what organizing user was configured is total to
Strategy is enjoyed to collect the related data for carrying out work efficiency contrast, then client 10 will be collected in tissue network and be operated effect
The related data of rate contrast.
Additionally, to ensure that cloud platform 20 can push mining data according to the configuration strategy of organizing user, therefore, client
10 by the shared data of collection while cloud platform 20 are uploaded to, and also the relevant policy information of configuration are together uploaded to into cloud and are put down
Platform 20.
In the present embodiment, cloud platform 20 receives the relevant policy information that each client 10 is uploaded on network and shared number
According to, and Macro or mass analysis process is carried out to shared data, the mining data of several type is obtained, and according to relevant policy information,
The mining data of corresponding types is pushed to into correspondence client 10.Wherein, in the present embodiment, cloud platform 20 is for being total to for receiving
The Macro or mass analysis processing mode for enjoying data is not limited.Additionally, in the present embodiment, cloud platform 20 both can be pushed according to the set time and dug
Pick data, it is also possible to which the special time according to setting pushes again mining data, wherein, cloud platform 20 is only pushed to mining data
Participate in the corresponding client 10 of data sharing.
Optionally, relevant policy information at least includes:The type of the required mining data of the place network of client 10, digging
The reception mode of pick data.
Additionally, client 10 will also receive the mining data that pushed of cloud platform, so can according to mining data (namely
The shared data provided by its hetero-organization network), the running organized and decision-making management.For example, with by Botnet
Attack and contrast as a example by this shared data, notebook data digging system can achieve the effect that as follows:One tissue map network passes through
Client 10 is added after Information Sharing analysis mechanisms, and cloud platform 20 will regularly push linked groups' (group such as mutually of the same trade
Knit) the average Botnet that is subject to of map network attack the distribution situation of number and this type flaw attack in each dimension, so
Afterwards tissue can judge oneself tissue in this respect in which kind of level according to the mining data for receiving, and further sentence
It is disconnected whether to need to do further protective treatment.In addition, some safety analysis numbers of versatility can also be included in mining data
According to so as to oneself tissue is by these safety analysis data, being collected, contrasted, the organization and administration work such as decision-making.
In the present embodiment, each tissue completes the configuration of the sharing policy of data in tissue network by respective client,
And the shared data in tissue network collected by client and the shared data is uploaded to into third party cloud platform is converged
Bulk analysis is processed, and then by the cloud platform, obtains the mining data excavated in the shared data provided from each tissue, and
Mining data is pushed to into the tissue of each participation data sharing, and then the shared of network data between different tissues can be realized, from
And cause each tissue to utilize the shared data that be provided of its hetero-organization, the running organized and decision-making management.
With reference to Fig. 2, Fig. 2 is the high-level schematic functional block diagram of data digging system second embodiment of the present invention, it is characterised in that
Data digging system also includes:
End 30 is safeguarded, for cloud platform 20 to be safeguarded and monitored, the maintenance at least includes updating in cloud platform 20
Relative program, for the type and set-up mode of safeguarding end 30 are not limited in the present embodiment, data digging system as shown in Figure 3
Configuration diagram.
For example, " automatically analyzing and supplying system for shared data " program, the system program are installed in cloud platform 20
Can be developed and maintenance by the equipment manufacturer corresponding to client 10, the Main Function of the system program is to each client
10 shared datas for being reported carry out Macro or mass analysis process, then form the required mining data of tissue that client 10 is located simultaneously
It is pushed to client 10.And safeguard that end 30 is then used to that cloud platform 20 to be safeguarded and monitored, it is main to include updating cloud platform 20
On relative program, such as " automatically analyzing and supplying system for shared data " program.Additionally, also to the whole fortune of cloud platform 20
Row process carries out security monitoring.
It is further alternative, in the embodiment of data digging system of the present invention, to avoid each tissue by client 10
The shared data of upload is got by the manager of cloud platform 20 and its hetero-organization, therefore, in the present embodiment, especially by following
The measure of three aspects is solved:
(1) building in the enterprising platform 20 that racks of public cloud trusty, such as by conventional telecommunications operator infrastructure,
Including the public cloud that China Mobile, CHINAUNICOM and China Telecom are provided;Or put down by cloud computing where under Government-Leading
Platform;Or including Ali's cloud, Tengxun's cloud etc..
(2) cloud platform 20 completes the Macro or mass analysis process to shared data by program, and then avoids anthropic factor and lead
Leaking data is caused, meanwhile, all data to processing in processing procedure are encrypted, even if so as to leaking data, also cannot
Decrypt easily, so as to assuring data security;Additionally, also need to further illustrate, for the attendant of cloud platform also needs
To adopt related data safety privacy mechanism, and then the data that attendant to be touched and the number being not readily accessible to
According to corresponding safe handling is carried out respectively, concrete processing mode is not done and is excessively repeated.
(3) the provider's information not comprising data in the mining data that cloud platform 20 is pushed, even and if then its hetero-organization
Related data is got, also causes its hetero-organization to determine the provider of the data, so as to further reduce after leaking data
Tissue harmful effect to participating in data sharing.
Additionally, being considered based on Information Security, the shared data uploaded from each client 10 can be in each correspondence tissue
Show on network data management equipment, so that shared data provider can directly have a clear understanding of shared data, it is complete
The shared supervision of paired data.
With reference to Fig. 4, Fig. 4 is the schematic flow sheet of the embodiment of implementation method one of data digging system of the present invention.This enforcement
In example, the implementation method of data digging system includes:
Step S10, when client place network participate in data sharing when, client collect client institute in a network with advance
The corresponding shared data of sharing policy is put, and the shared data of the relevant policy information in sharing policy and collection is reported
Cloud platform;
When sharing policy is preconfigured to client place network participates in data sharing, client is collected client and is located
The shared data corresponding with sharing policy in network, such as the related data for being operated efficiency comparative is shared, is swum
The sharing of related data of play market contrast, carry out receiving Botnet attack contrast related data it is shared etc..
In the present embodiment, when organizing user have selected the configuration plan that client place network participates in data sharing in client
Slightly option when, client will collect client shared data corresponding with sharing policy in a network, and by sharing policy
In relevant policy information and the shared data of collection report cloud platform 20.For example, the sharing policy of organizing user configuration is
Collection carries out the related data of work efficiency contrast, then client will collect the phase for being operated efficiency comparative in tissue network
Close data.
Additionally, to ensure that cloud platform can push mining data according to the configuration strategy of organizing user, therefore, client exists
While the shared data of collection is uploaded to into cloud platform, also the relevant policy information of configuration is together uploaded to into cloud platform.
Step S20, cloud platform receives the relevant policy information and shared data of each client upload, and to shared data
Macro or mass analysis process is carried out, the mining data of several type is obtained, and according to relevant policy information, by the excavation of corresponding types
Data-pushing gives correspondence client;
Step S30, client receives the mining data that cloud platform is pushed.
In the present embodiment, cloud platform receives the relevant policy information and shared data of each client upload, and to shared
Data carry out Macro or mass analysis process, obtain the mining data of several type, and according to relevant policy information, by corresponding types
Mining data is pushed to correspondence client.Wherein, in the present embodiment, cloud platform is for the Macro or mass analysis of the shared data for receiving
Processing mode is not limited, such as excavate data type, focus security classes data type of concern of the same trade etc..Additionally, the present embodiment
In, cloud platform both can push mining data according to the set time, it is also possible to which the special time according to setting pushes again excavation number
According to, wherein, mining data is only pushed to cloud platform the corresponding client for participating in data sharing.
Optionally, relevant policy information at least includes:The type of the required mining data of client place network, excavation
The reception mode of data.
Additionally, client will also receive the mining data that pushed of cloud platform, so can according to mining data (namely by
The shared data that its hetero-organization network is provided), the running organized and decision-making management.For example, being attacked by Botnet
Hit and contrast as a example by this shared data, notebook data digging system can achieve the effect that as follows:One tissue map network is by visitor
Family end is added after Information Sharing analysis mechanisms, and cloud platform will regularly push the right of linked groups' (tissue such as mutually of the same trade)
The average Botnet that network is subject to is answered to attack the distribution situation of number and this type flaw attack in each dimension, then tissue can
Which kind of according to the mining data for receiving, to judge oneself tissue in this respect in level, and further determine whether to need
Do further protective treatment.In addition, some safety analysis data of versatility can also be included in mining data, so as to certainly
Oneself tissue is collected, is contrasted, the organization and administration work such as decision-making by these safety analysis data.
In the present embodiment, each tissue completes the configuration of the sharing policy of data in tissue network by respective client,
And the shared data in tissue network collected by client and the shared data is uploaded to into third party cloud platform is converged
Bulk analysis is processed, and then by the cloud platform, obtains the mining data excavated in the shared data provided from each tissue, and
Mining data is pushed to into the tissue of each participation data sharing, and then the shared of network data between different tissues can be realized, from
And cause each tissue to utilize the shared data that be provided of its hetero-organization, the running organized and decision-making management.
Optionally, in another embodiment of implementation method of data digging system of the present invention, client collects the client institute
Before shared data in a network, the implementation method of data digging system also includes:Client configures the client place net
The sharing policy of data in network.
In the present embodiment, for the type of client is not limited, such as gateway device, such as network log-in management equipment, fire prevention
Wall equipment etc., or software gateway platform, or network equipment of information etc. can be carried out.Optionally, client includes net
Pass equipment, meanwhile, client place network is at least by the gateway device and some network equipments being connected with the gateway device
Composition.
In the present embodiment, organizing user by client configure client data in a network sharing policy, than
The config option for such as providing sharing policy for organizing user in the controlling interface of gateway device, in the config option of sharing policy
Appearance is not limited.The config option whether client place network participates in data sharing is such as provided, if participated in, is further provided for
The configuration of other corresponding strategies of data sharing.
Additionally, the mining data issued by cloud platform that can also be further to receiving in the present embodiment carries out related plan
Configuration slightly, such as configure type, reception mode of mining data of the required mining data of client place network etc., enters
And cloud platform is enabled according to the corresponding strategies of above-mentioned configuration, corresponding mining data is pushed to into corresponding client, than
Such as the mining data of type-A is pushed to and participates in the A clients of data sharing, and the mining data of B types is pushed to into participation
B clients of data sharing etc..
It is further alternative, in the embodiment of implementation method one of data digging system of the present invention, data digging system
Implementation method also includes:
Safeguard that end is safeguarded to cloud platform and monitored, wherein, the maintenance at least includes updating the correlation in cloud platform
Program.
For example, " automatically analyzing and supplying system for shared data " program is installed in cloud platform, the system program can
Equipment manufacturer by corresponding to client develops and maintenance, and the Main Function of the system program is in each client institute
The shared data of report carries out Macro or mass analysis process, then forms the mining data required for tissue that client is located and is pushed to visitor
Family end.And safeguard that end is then used to safeguard cloud platform and be monitored, it is main to include updating the relative program in cloud platform, such as
" automatically analyzing and supplying system for shared data " program.Additionally, also carrying out security monitoring to the whole service process of cloud platform.
It is further alternative, in the embodiment of implementation method one of data digging system of the present invention, to avoid each tissue logical
The shared data for crossing client upload is got by cloud platform manager and its hetero-organization, therefore, it is concrete logical in the present embodiment
Cross the measure in terms of three below to solve:
(1) building in the enterprising platform that racks of public cloud trusty, such as by conventional telecommunications operator infrastructure, bag
Include the public cloud that China Mobile, CHINAUNICOM and China Telecom are provided;Or by cloud computing platform where under Government-Leading
Deng.
(2) cloud platform completes the Macro or mass analysis process to shared data by program, and then avoids anthropic factor and cause
Leaking data, meanwhile, all data to processing in processing procedure are encrypted, even if so as to leaking data, also cannot be light
Easily decryption, so as to assuring data security;
(3) in the mining data that cloud platform is pushed not comprising data provider's information, even and if then its hetero-organization obtain
Related data is got, also causes its hetero-organization to determine the provider of the data, it is right after leaking data so as to further reduce
Participate in the tissue harmful effect of data sharing.
Additionally, considered based on Information Security, can be in the net of each correspondence tissue from the shared data of each client upload
Show on network data management apparatus, so that shared data provider can directly have a clear understanding of shared data, complete
Supervision to data sharing.
The preferred embodiments of the present invention are these are only, the scope of the claims of the present invention is not thereby limited, it is every using this
Equivalent structure or equivalent flow conversion that bright description and accompanying drawing content are made, or directly or indirectly it is used in other related skills
Art field, is included within the scope of the present invention.
Claims (10)
1. a kind of data digging system, it is characterised in that the data digging system includes:Cloud platform and some clients, its
In, independently with cloud platform carry out data interaction between each client;
The client, for when client place network participates in data sharing, collecting client place network
In the shared data corresponding with preset shared strategy, and by the relevant policy information in the sharing policy and the institute of collection
State shared data and report the cloud platform;
The cloud platform, for receiving the relevant policy information and the shared data of each client upload on network,
And Macro or mass analysis process is carried out to the shared data, the mining data of several type is obtained, and according to the corresponding strategies
Information, by the mining data of corresponding types correspondence client is pushed to, wherein, the type of the mining data at least includes:Together
Data results, the focus security classes data result of industry concern;
The client is additionally operable to:Receive the mining data that the cloud platform is pushed.
2. data digging system as claimed in claim 1, it is characterised in that the client includes gateway device, the visitor
Family end place network is at least made up of the gateway device and some network equipments being connected with the gateway device, wherein, it is described
The type of gateway device at least includes hardware gateway equipment, virtualized gateway device, carries out the security classes software of end points protection
Or equipment.
3. data digging system as claimed in claim 2, it is characterised in that the data digging system also includes:
End is safeguarded, for the cloud platform to be safeguarded and monitored, the maintenance at least includes updating in the cloud platform
Relative program.
4. data digging system as claimed any one in claims 1 to 3, it is characterised in that the client is additionally operable to:Match somebody with somebody
Put the client data in a network sharing policy;
The relevant policy information at least includes:Type, the digging of the required mining data of client place network
The reception mode of pick data.
5. data digging system as claimed any one in claims 1 to 3, it is characterised in that the cloud platform is in trusted
Public cloud on built, and the cloud platform completes to process the Macro or mass analysis of the shared data by program, and
All data in processing procedure to processing are encrypted, and not comprising number in the mining data that pushed of the cloud platform
According to provider's information.
6. a kind of implementation method of data digging system, it is characterised in that the implementation method of the data digging system includes:
When client place network participates in data sharing, it is common with preset in a network that the client collects the client institute
Enjoy the corresponding shared data of strategy, and by the relevant policy information in the sharing policy and the shared data of collection
Report cloud platform;
The cloud platform receives the relevant policy information and the shared data of each client upload on network, and to institute
Stating shared data carries out Macro or mass analysis process, obtains the mining data of several type, and according to the relevant policy information, will
The mining data of corresponding types is pushed to correspondence client, wherein, the type of the mining data at least includes:Same industry concern
Data results, focus security classes data result;
The client receives the mining data that the cloud platform is pushed.
7. the implementation method of data digging system as claimed in claim 6, it is characterised in that the client sets including gateway
Standby, client place network is at least made up of the gateway device and some network equipments being connected with the gateway device,
Wherein, the peace that the type of the gateway device at least includes hardware gateway equipment, virtualized gateway device, carries out end points protection
Universal class software or equipment.
8. the implementation method of data digging system as claimed in claim 7, it is characterised in that the reality of the data digging system
Existing method also includes:
Safeguard that end is safeguarded and monitored to the cloud platform, the maintenance at least includes updating the related journey in the cloud platform
Sequence.
9. the implementation method of the data digging system as any one of claim 6 to 8, it is characterised in that the client
End collect the client before shared data in a network, the implementation method of the data digging system also includes:Institute
State client configure the client data in a network sharing policy;
The relevant policy information at least includes:Type, the digging of the required mining data of client place network
The reception mode of pick data.
10. the implementation method of the data digging system as any one of claim 6 to 8, it is characterised in that the cloud is put down
Platform is built in public cloud trusty, and the cloud platform completes the Macro or mass analysis to the shared data by program
Process, and all data to processing in processing procedure are encrypted, and the mining data that the cloud platform is pushed
In not comprising data provider's information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610969883.6A CN106603624B (en) | 2016-10-27 | 2016-10-27 | Data mining system and implementation method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610969883.6A CN106603624B (en) | 2016-10-27 | 2016-10-27 | Data mining system and implementation method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106603624A true CN106603624A (en) | 2017-04-26 |
| CN106603624B CN106603624B (en) | 2020-01-07 |
Family
ID=58590684
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610969883.6A Active CN106603624B (en) | 2016-10-27 | 2016-10-27 | Data mining system and implementation method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106603624B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109995815A (en) * | 2017-12-29 | 2019-07-09 | 高德信息技术有限公司 | A kind of data receiving processing platform |
| CN113536107A (en) * | 2020-10-06 | 2021-10-22 | 翁海坤 | Big data decision method and system based on block chain and cloud service center |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103024062A (en) * | 2012-12-24 | 2013-04-03 | 腾讯科技(深圳)有限公司 | Data sharing method, clients and data sharing system |
| CN103024027A (en) * | 2012-12-07 | 2013-04-03 | 中国电信股份有限公司云计算分公司 | Data mining achieving method and system based on cloud computing |
| CN103095489A (en) * | 2012-12-14 | 2013-05-08 | 上海斐讯数据通信技术有限公司 | Management method for network device |
| CN103152352A (en) * | 2013-03-15 | 2013-06-12 | 北京邮电大学 | Perfect information security and forensics monitoring method and system based on cloud computing environment |
| US20130198808A1 (en) * | 2012-01-30 | 2013-08-01 | Cisco Technology, Inc. | Integrated Security Platform |
| CN103838617A (en) * | 2014-02-18 | 2014-06-04 | 河海大学 | Method for constructing data mining platform in big data environment |
-
2016
- 2016-10-27 CN CN201610969883.6A patent/CN106603624B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130198808A1 (en) * | 2012-01-30 | 2013-08-01 | Cisco Technology, Inc. | Integrated Security Platform |
| CN103024027A (en) * | 2012-12-07 | 2013-04-03 | 中国电信股份有限公司云计算分公司 | Data mining achieving method and system based on cloud computing |
| CN103095489A (en) * | 2012-12-14 | 2013-05-08 | 上海斐讯数据通信技术有限公司 | Management method for network device |
| CN103024062A (en) * | 2012-12-24 | 2013-04-03 | 腾讯科技(深圳)有限公司 | Data sharing method, clients and data sharing system |
| CN103152352A (en) * | 2013-03-15 | 2013-06-12 | 北京邮电大学 | Perfect information security and forensics monitoring method and system based on cloud computing environment |
| CN103838617A (en) * | 2014-02-18 | 2014-06-04 | 河海大学 | Method for constructing data mining platform in big data environment |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109995815A (en) * | 2017-12-29 | 2019-07-09 | 高德信息技术有限公司 | A kind of data receiving processing platform |
| CN109995815B (en) * | 2017-12-29 | 2022-01-28 | 阿里巴巴(中国)有限公司 | Data accommodating and processing platform |
| CN113536107A (en) * | 2020-10-06 | 2021-10-22 | 翁海坤 | Big data decision method and system based on block chain and cloud service center |
| CN113536107B (en) * | 2020-10-06 | 2022-07-29 | 西安创业天下网络科技有限公司 | Big data decision method and system based on block chain and cloud service center |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106603624B (en) | 2020-01-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Diogenes et al. | Cybersecurity-attack and defense strategies: Infrastructure security with red team and blue team tactics | |
| Zhang et al. | Three decades of deception techniques in active cyber defense-retrospect and outlook | |
| KR101460589B1 (en) | Server for controlling simulation training in cyber warfare | |
| Li et al. | The study of APT attack stage model | |
| Gutzwiller et al. | A task analysis toward characterizing cyber-cognitive situation awareness (CCSA) in cyber defense analysts | |
| CN109462599B (en) | Honeypot management system | |
| Durkota et al. | Case studies of network defense with attack graph games | |
| WO2018216000A1 (en) | A system and method for on-premise cyber training | |
| Yao et al. | Network security analyzing and modeling based on Petri net and Attack tree for SDN | |
| Aoyama et al. | Studying resilient cyber incident management from large-scale cyber security training | |
| Østby et al. | A socio-technical framework to improve cyber security training: A work in progress | |
| Kim et al. | Becoming invisible hands of national live-fire attack-defense cyber exercise | |
| CN106603624A (en) | Data mining system and realization method thereof | |
| Colbert et al. | Modeling Cyber-Physical War-Gaming | |
| Kim et al. | DEVS-based Modeling Methodology for Cybersecurity Simulations from a Security Perspective. | |
| CN116962057A (en) | Multi-user collaborative network security emergency response and exercise platform and operation method thereof | |
| Mendonça et al. | Botnets: a heuristic-based detection framework | |
| Grant et al. | Simulating adversarial interactions between intruders and system administrators using OODA-RR | |
| Leszczyna et al. | Malsim-mobile agent malware simulator | |
| CN103401886A (en) | Implementation method of information security attack-defense confrontation | |
| Habib et al. | Cybersecurity and Smart Cities: Current Status and Future | |
| CN115296936A (en) | Automatic method and system for assisting detection of anti-network crime | |
| Barika et al. | Agent IDS based on misuse approach | |
| Asgarkhani et al. | A strategic approach to managing security in SCADA systems | |
| Chaskos | Cyber-security training: a comparative analysis of cyberranges and emerging trends |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: Nanshan District Xueyuan Road in Shenzhen city of Guangdong province 518052 No. 1001 Nanshan Chi Park building A1 layer Applicant after: SANGFOR TECHNOLOGIES Inc. Address before: Nanshan District Xueyuan Road in Shenzhen city of Guangdong province 518052 No. 1001 Nanshan Chi Park building A1 layer Applicant before: Sangfor Technologies Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Data mining system and its implementation methods Effective date of registration: 20231212 Granted publication date: 20200107 Pledgee: Shenzhen Branch of China Merchants Bank Co.,Ltd. Pledgor: SANGFOR TECHNOLOGIES Inc. Registration number: Y2023980070863 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |