CN108985053A - distributed data processing method and device - Google Patents
distributed data processing method and device Download PDFInfo
- Publication number
- CN108985053A CN108985053A CN201810678367.7A CN201810678367A CN108985053A CN 108985053 A CN108985053 A CN 108985053A CN 201810678367 A CN201810678367 A CN 201810678367A CN 108985053 A CN108985053 A CN 108985053A
- Authority
- CN
- China
- Prior art keywords
- file
- alarm log
- log file
- information
- service end
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
Abstract
A kind of distributed data processing method and device provided in an embodiment of the present invention, the journal file for generating and sending by obtaining different server-sides, screening, which is carried out, according to the journal file and the first information condition obtains alarm log file, the alarm log file that screening obtains destination service end is carried out according to the alarm log file and the second information condition, it is analyzed using alarm log file of the preset different types of processing strategie to destination service end, it obtains corresponding analysis information and shows, it realizes and journal file and information condition matches detection, the magnitude for reaching analyzed journal file reduces, improve the accuracy of information detection and the purpose of detection efficiency.
Description
Technical field
The present invention relates to technical field of information processing more particularly to a kind of distributed data processing method and devices.
Background technique
Journal file is the record file or file set for recording server-side action event.Journal file is comprising closing
In the file of server-side processing message, alarm log, audit log and user behaviors log including Network Security Device.Different days
Will file records different information.For example, have plenty of the server-side journal file of default, some record particular tasks.To log
File carries out big data analysis processing, can find out the malicious act in log.
It is analyzed in the alarm log file to safety equipment, it will usually carry out log using for corresponding server-side
All journal files are carried out set analysis after acquisition by file acquisition, and workload is huge.
Summary of the invention
The present invention provides a kind of distributed data processing method and device, for solve under distributed environment massive logs with
Information data handles problem.
In a first aspect, the embodiment of the present invention provides a kind of distributed data processing method, comprising:
Obtain the journal file that different server-sides are generated and sent;
Screening, which is carried out, according to the journal file and the first information condition obtains alarm log file;
The alarm log text that screening obtains destination service end is carried out according to the alarm log file and the second information condition
Part;
It is analyzed using alarm log file of the preset different types of processing strategie to destination service end, acquisition pair
The analysis information answered;
The analysis information is shown.
Optionally, the journal file for obtaining different server-sides and generating and sending, comprising:
The journal file that different server-sides generate respectively is obtained, and log amount dynamic is carried out to all journal files and is divided equally;
The journal file after dividing equally is received using distinct interface.
Optionally, described that screening acquisition destination service end is carried out according to the alarm log file and the second information condition
Alarm log file, comprising:
Obtain the IP address at the destination service end;
Receive the second information condition that cloud is sent;
The corresponding alarm log file of the IP address is filtered out from the alarm log file according to the IP address;
Destination service end is filtered out from the corresponding alarm log file of the IP address according to the second information condition
Contribution journal file.
Optionally, the processing strategie includes: data grabber and inspection policies, URL original log storage strategy, domain name letter
Cease storage strategy, warning strategies, trend prediction strategy, storage strategy.
Second aspect, the embodiment of the present invention provide a kind of distributed data processing device, comprising:
Data acquisition module, the journal file for generating and sending for obtaining different server-sides;
Data analysis module obtains alarm log text for carrying out screening according to the journal file and the first information condition
Part;
Data resolution module obtains target clothes for carrying out screening according to the alarm log file and the second information condition
The alarm log file at business end;
Data memory module, for the alarm log text using preset different types of processing strategie to destination service end
Part is analyzed, and corresponding analysis information is obtained;
Data display module, for the analysis information to be shown.
Optionally, the data acquisition module is specifically used for:
The journal file that different server-sides generate respectively is obtained, and log amount dynamic is carried out to all journal files and is divided equally;
The journal file after dividing equally is received using distinct interface.
Optionally, the data resolution module is specifically used for:
Obtain the IP address at the destination service end;
Receive the second information condition that cloud is sent;
The corresponding alarm log file of the IP address is filtered out from the alarm log file according to the IP address;
Destination service end is filtered out from the corresponding alarm log file of the IP address according to the second information condition
Contribution journal file.
Optionally, the processing strategie includes: data grabber and inspection policies, URL original log storage strategy, domain name letter
Cease storage strategy, warning strategies, trend prediction strategy, storage strategy.
The third aspect, the embodiment of the present invention provide a kind of electronic equipment, comprising: processor, memory, bus and are stored in
On memory and the computer program that can run on a processor;
Wherein, the processor, memory complete mutual communication by the bus;
The processor realizes such as above-mentioned method when executing the computer program.
Fourth aspect, the embodiment of the present invention provide a kind of non-transient computer readable storage medium, the non-transient calculating
It is stored with computer program on machine readable storage medium storing program for executing, such as above-mentioned method is realized when which is executed by processor.
As shown from the above technical solution, a kind of distributed data processing method and device provided in an embodiment of the present invention is led to
It crosses and obtains the journal file that different server-sides are generated and sent, screening is carried out according to the journal file and the first information condition and is obtained
Alarm log file is obtained, the alarm that screening obtains destination service end is carried out according to the alarm log file and the second information condition
Journal file is analyzed using alarm log file of the preset different types of processing strategie to destination service end, is obtained
Corresponding analysis information simultaneously shows, realizes and journal file and information condition match detection, reach analyzed journal file
Magnitude reduces, and improves the accuracy of information detection and the purpose of detection efficiency.
Detailed description of the invention
Fig. 1 is the flow diagram for the distributed data processing method that one embodiment of the invention provides;
Fig. 2 is the execution flow diagram for the distributed data processing method that one embodiment of the invention provides;
Fig. 3 is the flow diagram for the distributed data processing method that one embodiment of the invention provides;
Fig. 4 is the structural schematic diagram for the distributed data processing device that one embodiment of the invention provides;
Fig. 5 is the structural schematic diagram for the electronic equipment that one embodiment of the invention provides.
Specific embodiment
With reference to the accompanying drawings and examples, specific embodiments of the present invention will be described in further detail.Implement below
Example is not intended to limit the scope of the invention for illustrating the present invention.
Fig. 1 shows one embodiment of the invention and provides a kind of distributed data processing method, comprising:
S11, the journal file that different server-sides are generated and sent is obtained;
S12, screening acquisition alarm log file is carried out according to the journal file and the first information condition;
S13, the alarm day that screening obtains destination service end is carried out according to the alarm log file and the second information condition
Will file;
S14, it is analyzed, is obtained using alarm log file of the preset different types of processing strategie to destination service end
Obtain corresponding analysis information;
S15, the analysis information is shown.
In above-mentioned steps S11- step S15, it should be noted that in embodiments of the present invention, in server-side distribution
Under layout, the quantity for the journal file that different server-sides generate is different, may store a large number of or smaller amount difference
It please situation.Therefore, the journal file that different server-sides generate respectively is obtained, and it is equal to carry out log amount dynamic to all journal files
Point, the journal file after dividing equally is received using distinct interface, keeps the reception of log amount balanced.
In embodiments of the present invention, journal file record is that server-side executes movement in execution business procedure.The
One information condition is to judge the execution of server-side acts the judgment criteria whether to go wrong.Pass through information condition and journal file
Matching detection is carried out, so as to filter out journal file of problems, as alarm log file.The alarm log file
It further include source-information, operation information, version information, domain name etc. including the journal entries to go wrong, in short, with problem day
The relevant information of will can be within scope.In the present embodiment, the first information condition can be held level with both hands for different type service
Basic information bank in platform, such as the library malice URL, file prestige library.For specific information, be for the prior art,
This is repeated no more.
In embodiments of the present invention, it when the journal file to required server-side is analyzed, needs from through the first information
Further go out the alarm log text at destination service end in alarm log file after conditional filtering according to the second information conditional filtering
Part.The second information condition is the information condition that cloud is sent, for the further detection screening to journal file.In this implementation
In example, the second information condition may include IP ownership place and cloud machine learning secondary information information.For specific information,
It is for the prior art, details are not described herein.
After screening again, carried out using alarm log file of the preset different types of processing strategie to destination service end
Analysis, obtains corresponding analysis information.Since the type of journal file is different, when analyzing it, corresponding place need to be used
Reason strategy can just obtain matched analysis result.In embodiments of the present invention, data grabber and inspection policies, URL original log
Storage strategy, domain-name information storage strategy, warning strategies, trend prediction strategy, storage strategy.
It is illustrated in figure 2 the execution flow chart of the present embodiment the method, as can be seen from the figure:
Different server-sides are obtained to generate and after the journal file sent, according to the journal file and the first information condition into
Row screening obtains alarm log file, analyzes as data;It is sieved according to the alarm log file and the second information condition
Choosing obtains the alarm log file at destination service end, parses as data;Using the preset different types of processing plan issued
Slightly the alarm log file at destination service end is analyzed, obtains corresponding analysis information.
Through analyzing obtained analysis as a result, need to be shown on display end, thus point of intuitive show log file
Analyse result.
A kind of distributed data processing method provided in an embodiment of the present invention is generated and is sent by the different server-sides of acquisition
Journal file, according to the journal file and the first information condition carry out screening obtain alarm log file, according to the announcement
Alert journal file and the second information condition carry out the alarm log file that screening obtains destination service end, using preset inhomogeneity
The processing strategie of type analyzes the alarm log file at destination service end, obtains corresponding analysis information and shows, realizes
Journal file and information condition are matched detection, the magnitude for reaching analyze journal file reduces, the standard that raising information detects
The purpose of true property and detection efficiency.
Fig. 3 shows a kind of distributed data processing method of one embodiment of the invention offer, comprising:
S21, the journal file that different server-sides are generated and sent is obtained;
S22, screening acquisition alarm log file is carried out according to the journal file and the first information condition;
S23, the IP address for obtaining the destination service end and the second information condition for receiving cloud transmission;
S24, the corresponding alarm log of the IP address is filtered out from the alarm log file according to the IP address
File;
S25, target clothes are filtered out from the corresponding alarm log file of the IP address according to the second information condition
The contribution journal file at business end;
S26, it is analyzed, is obtained using alarm log file of the preset different types of processing strategie to destination service end
Obtain corresponding analysis information;
S27, the analysis information is shown.
For step S21- step S22 and step S26- step S27, these steps and above-mentioned steps S11- step
S12 and step S14- step S15 are identical in principle, and details are not described herein.
For step S23- step S25, it should be noted that in embodiments of the present invention, obtain the destination service end
IP address, to determine destination service end.Receive the second information condition that cloud is sent.According to the IP address from the alarm
The corresponding alarm log file of the IP address is filtered out in journal file.Then according to the second information condition from the IP
The alarm log file at destination service end is filtered out in the corresponding alarm log file in address.
A kind of distributed data processing method provided in an embodiment of the present invention is generated and is sent by the different server-sides of acquisition
Journal file, according to the journal file and the first information condition carry out screening obtain alarm log file, according to the announcement
Alert journal file and the second information condition carry out the alarm log file that screening obtains destination service end, using preset inhomogeneity
The processing strategie of type analyzes the alarm log file at destination service end, obtains corresponding analysis information and shows, realizes
Journal file and information condition are matched detection, the magnitude for reaching analyze journal file reduces, the standard that raising information detects
The purpose of true property and detection efficiency.
Fig. 4 shows a kind of distributed data processing device provided in an embodiment of the present invention, including data acquisition module 31,
Data analysis module 32, data resolution module 33, data memory module 34 and data display module 35, in which:
Data acquisition module 31, the journal file for generating and sending for obtaining different server-sides;
Data analysis module 32 obtains alarm log for carrying out screening according to the journal file and the first information condition
File;
Data resolution module 33 obtains target for carrying out screening according to the alarm log file and the second information condition
The alarm log file of server-side;
Data memory module 34, for the alarm log using preset different types of processing strategie to destination service end
File is analyzed, and corresponding analysis information is obtained;
Data display module 35, for the analysis information to be shown.
Since described device of the embodiment of the present invention is identical as the principle of above-described embodiment the method, for more detailed
Explain that details are not described herein for content.
It should be noted that can be by hardware processor (hardware processor) come real in the embodiment of the present invention
Existing related function module.
A kind of distributed data processing device provided in an embodiment of the present invention is generated and is sent by the different server-sides of acquisition
Journal file, according to the journal file and the first information condition carry out screening obtain alarm log file, according to the announcement
Alert journal file and the second information condition carry out the alarm log file that screening obtains destination service end, using preset inhomogeneity
The processing strategie of type analyzes the alarm log file at destination service end, obtains corresponding analysis information and shows, realizes
Journal file and information condition are matched detection, the magnitude for reaching analyze journal file reduces, the standard that raising information detects
The purpose of true property and detection efficiency.
Fig. 5 show the embodiment of the present invention provide a kind of electronic equipment, comprising: processor 41, memory 42, bus 43 and
Store the computer program that can be run on a memory and on a processor;
Wherein, the processor, memory complete mutual communication by the bus;
The processor realizes such as above-mentioned method when executing the computer program, for example, obtains different services
The journal file that end generates and sends;Screening, which is carried out, according to the journal file and the first information condition obtains alarm log text
Part;The alarm log file that screening obtains destination service end is carried out according to the alarm log file and the second information condition;It adopts
It is analyzed with alarm log file of the preset different types of processing strategie to destination service end, obtains corresponding analysis letter
Breath;The analysis information is shown.
The embodiment of the present invention provides a kind of non-transient computer readable storage medium, the non-transient computer readable storage
It is stored with computer program on medium, such as above-mentioned method is realized when which is executed by processor, for example, obtain
The journal file for taking different server-sides to generate and sending;Screening is carried out according to the journal file and the first information condition to be accused
Alert journal file;The alarm log that screening obtains destination service end is carried out according to the alarm log file and the second information condition
File;It is analyzed, is corresponded to using alarm log file of the preset different types of processing strategie to destination service end
Analysis information;The analysis information is shown.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included certain features rather than other feature, but the combination of the feature of different embodiments mean it is of the invention
Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed
Meaning one of can in any combination mode come using.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and ability
Field technique personnel can be designed alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference symbol between parentheses should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element or step listed in the claims.Word "a" or "an" located in front of the element does not exclude the presence of multiple such
Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real
It is existing.In the unit claims listing several devices, several in these devices can be through the same hardware branch
To embody.The use of word first, second, and third does not indicate any sequence.These words can be explained and be run after fame
Claim.
Those of ordinary skill in the art will appreciate that: the above embodiments are only used to illustrate the technical solution of the present invention., and
It is non-that it is limited;Although present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art
It is understood that it is still possible to modify the technical solutions described in the foregoing embodiments, either to part of or
All technical features are equivalently replaced;And these are modified or replaceed, it does not separate the essence of the corresponding technical solution this hair
Bright claim limited range.
Claims (10)
1. a kind of distributed data processing method characterized by comprising
Obtain the journal file that different server-sides are generated and sent;
Screening, which is carried out, according to the journal file and the first information condition obtains alarm log file;
The alarm log file that screening obtains destination service end is carried out according to the alarm log file and the second information condition;
It is analyzed, is obtained corresponding using alarm log file of the preset different types of processing strategie to destination service end
Analyze information;
The analysis information is shown.
2. the method according to claim 1, wherein the log text for obtaining different server-sides and generating and sending
Part, comprising:
The journal file that different server-sides generate respectively is obtained, and log amount dynamic is carried out to all journal files and is divided equally;
The journal file after dividing equally is received using distinct interface.
3. the method according to claim 1, wherein described according to the alarm log file and the second information item
Part carries out the alarm log file that screening obtains destination service end, comprising:
Obtain the IP address at the destination service end;
Receive the second information condition that cloud is sent;
The corresponding alarm log file of the IP address is filtered out from the alarm log file according to the IP address;
The original text at destination service end is filtered out from the corresponding alarm log file of the IP address according to the second information condition
Part journal file.
4. the method according to claim 1, wherein the processing strategie include: data grabber and inspection policies,
URL original log storage strategy, domain-name information storage strategy, warning strategies, trend prediction strategy, storage strategy.
5. a kind of distributed data processing device characterized by comprising
Data acquisition module, the journal file for generating and sending for obtaining different server-sides;
Data analysis module obtains alarm log file for carrying out screening according to the journal file and the first information condition;
Data resolution module obtains destination service end for carrying out screening according to the alarm log file and the second information condition
Alarm log file;
Data memory module, for using preset different types of processing strategie to the alarm log file at destination service end into
Row analysis, obtains corresponding analysis information;
Data display module, for the analysis information to be shown.
6. device according to claim 5, which is characterized in that the data acquisition module is specifically used for:
The journal file that different server-sides generate respectively is obtained, and log amount dynamic is carried out to all journal files and is divided equally;
The journal file after dividing equally is received using distinct interface.
7. device according to claim 5, which is characterized in that the data resolution module is specifically used for:
Obtain the IP address at the destination service end;
Receive the second information condition that cloud is sent;
The corresponding alarm log file of the IP address is filtered out from the alarm log file according to the IP address;
The original text at destination service end is filtered out from the corresponding alarm log file of the IP address according to the second information condition
Part journal file.
8. device according to claim 5, which is characterized in that the processing strategie include: data grabber and inspection policies,
URL original log storage strategy, domain-name information storage strategy, warning strategies, trend prediction strategy, storage strategy.
9. a kind of electronic equipment characterized by comprising processor, memory, bus and storage on a memory and can located
The computer program run on reason device;
Wherein, the processor, memory complete mutual communication by the bus;
The processor realizes such as method of any of claims 1-4 when executing the computer program.
10. a kind of non-transient computer readable storage medium, which is characterized in that in the non-transient computer readable storage medium
It is stored with computer program, such as side of any of claims 1-4 is realized when which is executed by processor
Method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810678367.7A CN108985053B (en) | 2018-06-27 | 2018-06-27 | Distributed data processing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810678367.7A CN108985053B (en) | 2018-06-27 | 2018-06-27 | Distributed data processing method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108985053A true CN108985053A (en) | 2018-12-11 |
| CN108985053B CN108985053B (en) | 2020-10-02 |
Family
ID=64538393
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810678367.7A Active CN108985053B (en) | 2018-06-27 | 2018-06-27 | Distributed data processing method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108985053B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110908858A (en) * | 2019-10-12 | 2020-03-24 | 中国平安财产保险股份有限公司 | Log sample sampling method based on double-funnel structure and related device |
| CN111124859A (en) * | 2019-12-13 | 2020-05-08 | 北京浪潮数据技术有限公司 | Log processing method, device, equipment and storage medium |
| CN112100048A (en) * | 2020-09-24 | 2020-12-18 | 中国建设银行股份有限公司 | Self-adaptive routing inspection method and device for server |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101399658A (en) * | 2007-09-24 | 2009-04-01 | 北京启明星辰信息技术有限公司 | Safe log analyzing method and system |
| CN102238023A (en) * | 2010-04-23 | 2011-11-09 | 中兴通讯股份有限公司 | Method and device for generating warning data of network management system |
| CN103824069A (en) * | 2014-03-19 | 2014-05-28 | 北京邮电大学 | Intrusion detection method based on multi-host-log correlation |
| US9319382B2 (en) * | 2014-07-14 | 2016-04-19 | Cautela Labs, Inc. | System, apparatus, and method for protecting a network using internet protocol reputation information |
-
2018
- 2018-06-27 CN CN201810678367.7A patent/CN108985053B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101399658A (en) * | 2007-09-24 | 2009-04-01 | 北京启明星辰信息技术有限公司 | Safe log analyzing method and system |
| CN102238023A (en) * | 2010-04-23 | 2011-11-09 | 中兴通讯股份有限公司 | Method and device for generating warning data of network management system |
| CN103824069A (en) * | 2014-03-19 | 2014-05-28 | 北京邮电大学 | Intrusion detection method based on multi-host-log correlation |
| US9319382B2 (en) * | 2014-07-14 | 2016-04-19 | Cautela Labs, Inc. | System, apparatus, and method for protecting a network using internet protocol reputation information |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110908858A (en) * | 2019-10-12 | 2020-03-24 | 中国平安财产保险股份有限公司 | Log sample sampling method based on double-funnel structure and related device |
| CN110908858B (en) * | 2019-10-12 | 2022-10-25 | 中国平安财产保险股份有限公司 | Log sample sampling method based on double-funnel structure and related device |
| CN111124859A (en) * | 2019-12-13 | 2020-05-08 | 北京浪潮数据技术有限公司 | Log processing method, device, equipment and storage medium |
| CN112100048A (en) * | 2020-09-24 | 2020-12-18 | 中国建设银行股份有限公司 | Self-adaptive routing inspection method and device for server |
| CN112100048B (en) * | 2020-09-24 | 2024-01-26 | 中国建设银行股份有限公司 | Self-adaptive inspection method and device for server |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108985053B (en) | 2020-10-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20200389495A1 (en) | Secure policy-controlled processing and auditing on regulated data sets | |
| US11750659B2 (en) | Cybersecurity profiling and rating using active and passive external reconnaissance | |
| US20200412767A1 (en) | Hybrid system for the protection and secure data transportation of convergent operational technology and informational technology networks | |
| US20220210200A1 (en) | Ai-driven defensive cybersecurity strategy analysis and recommendation system | |
| US11218510B2 (en) | Advanced cybersecurity threat mitigation using software supply chain analysis | |
| US10452851B2 (en) | Automated security assessment of business-critical systems and applications | |
| US7454523B2 (en) | Geographic location determination including inspection of network address | |
| US9208309B2 (en) | Dynamically scanning a web application through use of web traffic information | |
| US20210385251A1 (en) | System and methods for integrating datasets and automating transformation workflows using a distributed computational graph | |
| US20210092160A1 (en) | Data set creation with crowd-based reinforcement | |
| US20220210202A1 (en) | Advanced cybersecurity threat mitigation using software supply chain analysis | |
| US20220014561A1 (en) | System and methods for automated internet-scale web application vulnerability scanning and enhanced security profiling | |
| CN108985053A (en) | distributed data processing method and device | |
| US20210136120A1 (en) | Universal computing asset registry | |
| CN106453320B (en) | The recognition methods of malice sample and device | |
| CN110392039A (en) | Network system events source tracing method and system based on log and flow collection | |
| CN110210213A (en) | The method and device of filtering fallacious sample, storage medium, electronic device | |
| CN109271359A (en) | Log information processing method, device, electronic equipment and readable storage medium storing program for executing | |
| CN110020161A (en) | Data processing method, log processing method and terminal | |
| US20150106279A1 (en) | Compliance as a service for an organization | |
| CN115865525B (en) | Log data processing method, device, electronic equipment and storage medium | |
| CN105933186A (en) | Security detection method, device and system | |
| von der Assen | DDoSGrid 2.0: Integrating and Providing Visualizations for the European DDoS Clearing House | |
| CN115643082A (en) | Method and device for determining lost host and computer equipment | |
| US11947694B2 (en) | Dynamic virtual honeypot utilizing honey tokens and data masking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 100088 Building 3 332, 102, 28 Xinjiekouwai Street, Xicheng District, Beijing Applicant after: Qianxin Technology Group Co.,Ltd. Address before: 100015 Jiuxianqiao Chaoyang District Beijing Road No. 10, building 15, floor 17, layer 1701-26, 3 Applicant before: Beijing Qihoo Technology Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |