CN109818831A - A kind of system data dynamic monitoring device and method across private network based on DMZ - Google Patents
A kind of system data dynamic monitoring device and method across private network based on DMZ Download PDFInfo
- Publication number
- CN109818831A CN109818831A CN201910164453.0A CN201910164453A CN109818831A CN 109818831 A CN109818831 A CN 109818831A CN 201910164453 A CN201910164453 A CN 201910164453A CN 109818831 A CN109818831 A CN 109818831A
- Authority
- CN
- China
- Prior art keywords
- dimensional code
- dmz
- module
- data
- concerning security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 23
- 238000012806 monitoring device Methods 0.000 title claims abstract description 15
- 238000011160 research Methods 0.000 claims abstract description 26
- 230000005540 biological transmission Effects 0.000 claims abstract description 17
- 238000013480 data collection Methods 0.000 claims abstract description 14
- 238000012544 monitoring process Methods 0.000 claims description 16
- 238000007405 data analysis Methods 0.000 claims description 13
- 238000004458 analytical method Methods 0.000 claims description 5
- 230000002068 genetic effect Effects 0.000 claims description 3
- 230000001537 neural effect Effects 0.000 claims description 2
- 238000004883 computer application Methods 0.000 abstract description 2
- 238000005516 engineering process Methods 0.000 abstract description 2
- 238000013527 convolutional neural network Methods 0.000 description 6
- 238000012549 training Methods 0.000 description 4
- 238000013473 artificial intelligence Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000001914 filtration Methods 0.000 description 2
- 238000010295 mobile communication Methods 0.000 description 2
- 238000005457 optimization Methods 0.000 description 2
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 238000013135 deep learning Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000036632 reaction speed Effects 0.000 description 1
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of system data dynamic monitoring device and method across private network based on DMZ, belongs to computer application technology.The system data dynamic monitoring device across private network based on DMZ of the invention includes automatic data collection module, two-dimensional code generation module, DMZ transmission module and BI research and application module, the automatic data collection module, two-dimensional code generation module are arranged in non-concerning security matters network system, BI research and application module is arranged in concerning security matters network system, and non-concerning security matters network system is connected with concerning security matters network system by DMZ transmission module.The system data dynamic monitoring device information transmitting across private network based on DMZ of the invention is more convenient, safer, and frame performance is high, redundancy ability is strong, portable strong, has good application value.
Description
Technical field
The present invention relates to computer application technologies, and it is dynamic specifically to provide a kind of system data across private network based on DMZ
State monitoring device and method.
Background technique
With the continuous development of society, social economy is constantly progressive, and there has also been significant progresses for each enterprise.In view of certain
Enterprise has highly confidential requirement, and the system or data for being related to enterprise's concerning security matters must be in classified network, the systems or number of non-concerning security matters
According to absolute physical isolation can be belonged between intranet and extranet in outer net, " hand can only be passed through between outer net system and Intranet system
Work is imprinted CDs " mode carry out data transmitting, have significant limitation.
Summary of the invention
Technical assignment of the invention is in view of the above problems, to provide a kind of information transmitting more convenient, safer, frame
Frame performance is high, redundancy ability is strong, portable strong, the system across private network based on DMZ especially suitable for monitoring the field of early warning
Data dynamic monitoring device.
The further technical assignment of the present invention is to provide one kind data information between two systems in the case where being physically isolated network
System data dynamic monitoring and controlling method across private network of the single problem of the problem and Early-warning Model of transmitting based on DMZ.
To achieve the above object, the present invention provides the following technical scheme that
A kind of system data dynamic monitoring device across private network based on DMZ, the device include automatic data collection module,
Two-dimensional code generation module, DMZ transmission module and BI research and application module, the automatic data collection module, two dimensional code generate mould
Block be arranged in non-concerning security matters network system, BI research and application module be arranged in concerning security matters network system, non-concerning security matters network system with
Concerning security matters network system is connected by DMZ transmission module;Automatic data collection module is used for the non-concerning security matters network system of automatic collection
In data file, two-dimensional code generation module is used for the Generating Data File two dimensional code that will acquire, and passes through DMZ transmission module general
The two dimensional code of generation is transmitted to BI research and application module, and BI research and application module is used to identify data file to two dimensional code, and
It is analyzed.
The batch data that non-concerning security matters network system chooses needs to transmit generates two dimensional code, and shows on an interface
Come, concerning security matters network system is waited to be scanned.Concerning security matters network system will do it automatically scanning identification two dimensional code and be converted to document,
It by file information storage into concerning security matters network system, is analyzed by BI research and application module, while utilizing mobile communication skill
Art linkage surveillance.In addition, it is whether normal by BI research and application module monitors data, it is automatic to issue early warning to monitoring some of the staff
Prompting message, and decision scheme is provided according to big data analysis, assist dispatch control.
A safety area is constructed between non-concerning security matters network system and concerning security matters network system by DMZ transmission module,
Form the subnet of a filtering.Network topology independently can be established in the region DMZ according to service to be offered and security strategy,
It realizes that concerning security matters network and private network directly play secure communication, calculating is made to data in time by artificial intelligence, ensures early warning timeliness
And accuracy.The dynamic on-line monitoring to internet system data may be implemented in the device, and is analyzed according to data training and AI,
Early-warning Model is generated, early warning is done to ambient conditions, improves ability to supervise.And data transmitting is more convenient, safer.
Preferably, the device further includes scan module, scan module is arranged in concerning security matters network system, non-for scanning
The two dimensional code generated in concerning security matters network system, and two dimensional code is transferred to BI research and application module.
Scan module uses scanner in the present invention, scans the two dimensional code in concerning security matters network system, will store in two dimensional code
Information identify and pass to non-concerning security matters network system.
Detailed process are as follows:
1) it clicks and starts to scan, start the scanning oracle listener of service.
2) scanner scans a code, increases by one automatically in table and is about to information and shows.
3) after document is scanned, the record in table is selected, clicks and generates document, by Auto-matching and improves document letter
Breath, is saved in database.
Preferably, the device further includes encrypting module, for adding to the two dimensional code that two-dimensional code generation module generates
It is close.
Preferably, the encrypting module is SM2 encryption.
A kind of system data dynamic monitoring and controlling method across private network based on DMZ, this method specifically includes the following steps:
S1, data acquisition, data file to be passed in non-concerning security matters network system is acquired by automatic data collection module;
S2, two dimensional code generate, and generate two dimensional code according to the data of automatic data collection module acquisition;
The two dimensional code that non-concerning security matters network system generates is transferred to concerning security matters network system by S3, DMZ transmission;
S4, data analysis, analyze the two dimensional code transmitted from non-concerning security matters network system by BI research and application module.
Preferably, by collected data, automatically generating two using nonlinear algorithm when two dimensional code generates in step S2
Code is tieed up, and includes signature identity information in two dimensional code.
Preferably, encrypting to the two dimensional code of generation, being encrypted using SM2 after step S2 two dimensional code generates.
Preferably, by DMZ secure network, identification is first carried out, by reliable identity when DMZ is transmitted in step S3
The compressed data that certification is sent is transmitted.
Preferably, being handled by BI when data are analyzed in step S4 and carrying out authentication, two dimensional code identification, pass through BI
Analysis carries out AI intellectual analysis and big data analysis using convolutional neural networks and genetic algorithm.
Using the advanced intelligence AI algorithm of industry, have parameter learning and adjustment function, it is quasi- to step up monitoring judgement
True rate.Based on current existing model training data, the training of convolutional neural networks is carried out, wherein the model of convolutional neural networks is set
Meter uses for reference aster-RCNN, YOLO, SSD, mask rcnn domestic and international forward position deep learning algorithm structure at present, for enterprise's number
According to scene and business demand, distinctive algorithm model structure is designed.In order to promote pre-alert notification speed and precision, convolutional Neural net
The entire algorithm framework of network sufficiently uses domestic and international leading model compression, Model Parameter Optimization strategy at present, it is ensured that accuracy
On the basis of, pre-warning time is reduced, reaction speed is improved.Convolutional neural networks bottom frame uses caffe, caffe2,
The frames such as tensorflow, mxnet, but cost is reduced in order to promote the speed of service, convolutional neural networks engine is devised, is based on
The network structure of design carries out frame optimization, is further reduced detection time.
Preferably, step S4 before analyzing data, is scanned the two dimensional code generated in non-concerning security matters network system,
The two dimensional code scanned is transferred to BI research and application module and carries out data analysis.
Compared with prior art, the system data dynamic monitoring device and method tool across private network of the invention based on DMZ
Have it is following prominent the utility model has the advantages that
Detailed description of the invention
Fig. 1 is the topological diagram of the system data dynamic monitoring device across private network of the present invention based on DMZ.
Specific embodiment
Below in conjunction with drawings and examples, the system data dynamic monitoring across private network of the invention based on DMZ is filled
It sets and method is described in further detail.
Embodiment
As shown in Figure 1, the system data dynamic monitoring device across private network of the invention based on DMZ, including data are automatic
Acquisition module, two-dimensional code generation module, DMZ transmission module, BI research and application module, scan module and encrypting module.
Automatic data collection module, two-dimensional code generation module are arranged in non-concerning security matters network system, BI research and application module
It is arranged in concerning security matters network system, non-concerning security matters network system is connected with concerning security matters network system by DMZ transmission module.Data are certainly
Dynamic acquisition module is used for the number that will be acquired for the data file in the non-concerning security matters network system of automatic collection, two-dimensional code generation module
The two dimensional code of generation is transmitted to BI research and application module, BI analysis prison according to file generated two dimensional code, and by DMZ transmission module
Module is surveyed for identifying data file to two dimensional code, and is analyzed.Scan module is arranged in concerning security matters network system, is used for
The two dimensional code generated in non-concerning security matters network system is scanned, and two dimensional code is transferred to BI research and application module.It is scanned in the present invention
Module uses scanner, scans the two dimensional code in concerning security matters network system, the information stored in two dimensional code is identified and is passed to
Non- concerning security matters network system.The two dimensional code that encrypting module is used to generate two-dimensional code generation module encrypts, and encrypting module uses
SM2 is encrypted.
The batch data that non-concerning security matters network system chooses needs to transmit generates two dimensional code, and shows on an interface
Come, concerning security matters network system is waited to be scanned.Concerning security matters network system will do it automatically scanning identification two dimensional code and be converted to document,
It by file information storage into concerning security matters network system, is analyzed by BI research and application module, while utilizing mobile communication skill
Art linkage surveillance.In addition, it is whether normal by BI research and application module monitors data, it is automatic to issue early warning to monitoring some of the staff
Prompting message, and decision scheme is provided according to big data analysis, assist dispatch control.
A safety area is constructed between non-concerning security matters network system and concerning security matters network system by DMZ transmission module,
Form the subnet of a filtering.Network topology independently can be established in the region DMZ according to service to be offered and security strategy,
It realizes that concerning security matters network and private network directly play secure communication, calculating is made to data in time by artificial intelligence, ensures early warning timeliness
And accuracy.The dynamic on-line monitoring to internet system data may be implemented in the device, and is analyzed according to data training and AI,
Early-warning Model is generated, early warning is done to ambient conditions, improves ability to supervise.And data transmitting is more convenient, safer.
A kind of system data dynamic monitoring and controlling method across private network based on DMZ of the invention, this method specifically includes following
Step:
S1, data acquisition, data file to be passed in non-concerning security matters network system is acquired by automatic data collection module.
S2, two dimensional code generate, and generate two dimensional code according to the data of automatic data collection module acquisition.
When two dimensional code generates, by collected data, two dimensional code, and packet in two dimensional code are automatically generated using nonlinear algorithm
Include signature identity information.After two dimensional code generates, the two dimensional code of generation is encrypted, is encrypted using SM2.
Detailed process are as follows:
1) it clicks and starts to scan, start the scanning oracle listener of service.
2) scanner scans a code, increases by one automatically in table and is about to information and shows.
3) after document is scanned, the record in table is selected, clicks and generates document, by Auto-matching and improves document letter
Breath, is saved in database.
The two dimensional code that non-concerning security matters network system generates is transferred to concerning security matters network system by S3, DMZ transmission.
When DMZ is transmitted, by DMZ secure network, identification is first carried out, the compressed data that reliable authentication is sent
It is transmitted.
S4, data analysis, analyze the two dimensional code transmitted from non-concerning security matters network system by BI research and application module.
When data are analyzed, is handled by BI and carry out authentication, two dimensional code identification, analyzed by BI, utilize convolutional Neural
Network and genetic algorithm carry out AI intellectual analysis and big data analysis.Before data analysis, to being generated in non-concerning security matters network system
Two dimensional code be scanned, by the two dimensional code scanned be transferred to BI research and application module carry out data analysis.
Specific process code are as follows:
Embodiment described above, the only present invention more preferably specific embodiment, those skilled in the art is at this
The usual variations and alternatives carried out within the scope of inventive technique scheme should be all included within the scope of the present invention.
Claims (10)
1. a kind of system data dynamic monitoring device across private network based on DMZ, it is characterised in that: the device includes that data are automatic
Acquisition module, two-dimensional code generation module, DMZ transmission module and BI research and application module, the automatic data collection module, two dimension
Code generation module is arranged in non-concerning security matters network system, and BI research and application module is arranged in concerning security matters network system, non-classified network
Network system is connected with concerning security matters network system by DMZ transmission module;Automatic data collection module is used for the non-concerning security matters of automatic collection
Data file in network system, two-dimensional code generation module is used for the Generating Data File two dimensional code that will be acquired, and is passed by DMZ
The two dimensional code of generation is transmitted to BI research and application module by defeated module, and BI research and application module is for identifying data to two dimensional code
File, and analyzed.
2. the system data dynamic monitoring device across private network according to claim 1 based on DMZ, it is characterised in that: should
Device further includes scan module, and scan module is arranged in concerning security matters network system, generates for scanning in non-concerning security matters network system
Two dimensional code, and two dimensional code is transferred to BI research and application module.
3. the system data dynamic monitoring device across private network according to claim 1 or 2 based on DMZ, it is characterised in that:
The device further includes encrypting module, for encrypting to the two dimensional code that two-dimensional code generation module generates.
4. the system data dynamic monitoring device across private network according to claim 3 based on DMZ, it is characterised in that: institute
Encrypting module is stated as SM2 encryption.
5. a kind of system data dynamic monitoring and controlling method across private network based on DMZ, it is characterised in that: this method specifically includes following
Step:
S1, data acquisition, data file to be passed in non-concerning security matters network system is acquired by automatic data collection module;
S2, two dimensional code generate, and generate two dimensional code according to the data of automatic data collection module acquisition;
The two dimensional code that non-concerning security matters network system generates is transferred to concerning security matters network system by S3, DMZ transmission;
S4, data analysis, analyze the two dimensional code transmitted from non-concerning security matters network system by BI research and application module.
6. the system data dynamic monitoring and controlling method across private network according to claim 5 based on DMZ, it is characterised in that: step
When two dimensional code generates in rapid S2, by collected data, two dimensional code is automatically generated using nonlinear algorithm, and include in two dimensional code
Signature identity information.
7. the system data dynamic monitoring and controlling method across private network according to claim 5 or 6 based on DMZ, it is characterised in that:
After step S2 two dimensional code generates, the two dimensional code of generation is encrypted, is encrypted using SM2.
8. the system data dynamic monitoring and controlling method across private network according to claim 7 based on DMZ, it is characterised in that: step
In rapid S3 when DMZ transmission, by DMZ secure network, first carry out identification, the compressed data that reliable authentication is sent into
Row transmission.
9. the system data dynamic monitoring and controlling method across private network according to claim 8 based on DMZ, it is characterised in that: step
In rapid S4 when data analysis, is handled by BI and carry out authentication, two dimensional code identification, analyzed by BI, utilize convolutional Neural net
Network and genetic algorithm carry out AI intellectual analysis and big data analysis.
10. the system data dynamic monitoring and controlling method across private network according to claim 9 based on DMZ, it is characterised in that: step
Rapid S4 is scanned the two dimensional code generated in non-concerning security matters network system before analyzing data, and the two dimensional code scanned is passed
It is defeated by BI research and application module and carries out data analysis.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910164453.0A CN109818831A (en) | 2019-03-05 | 2019-03-05 | A kind of system data dynamic monitoring device and method across private network based on DMZ |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910164453.0A CN109818831A (en) | 2019-03-05 | 2019-03-05 | A kind of system data dynamic monitoring device and method across private network based on DMZ |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109818831A true CN109818831A (en) | 2019-05-28 |
Family
ID=66608110
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910164453.0A Pending CN109818831A (en) | 2019-03-05 | 2019-03-05 | A kind of system data dynamic monitoring device and method across private network based on DMZ |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109818831A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111769996A (en) * | 2020-09-02 | 2020-10-13 | 江苏达科云数据科技有限公司 | Equipment monitoring method applied to complex network environment |
| CN112422510A (en) * | 2020-10-22 | 2021-02-26 | 山东浪潮通软信息科技有限公司 | Data transmission method and system based on DMZ zone |
| CN112926069A (en) * | 2021-03-01 | 2021-06-08 | 安徽商信政通信息技术股份有限公司 | Non-physical contact lossless interaction method and system for confidential data of government affair system |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101697180A (en) * | 2009-11-06 | 2010-04-21 | 深圳市优特普科技有限公司 | Computer data communication isolation management system and data monitoring method |
| CN103268644A (en) * | 2013-05-09 | 2013-08-28 | 国家电网公司 | Communication equipment inspection system |
| CN104125222A (en) * | 2014-07-18 | 2014-10-29 | 国网上海市电力公司 | Information intranet security hole monitoring processing method |
| CN104484695A (en) * | 2014-11-24 | 2015-04-01 | 贺州市公安局 | Two-dimensional code data cross-network transmitting platform |
| EP3206368A1 (en) * | 2016-02-10 | 2017-08-16 | Accenture Global Solutions Limited | Telemetry analysis system for physical process anomaly detection |
| CN107517142A (en) * | 2017-10-10 | 2017-12-26 | 朱汉源 | A kind of system and method that remote maintenance is realized by Quick Response Code |
| CN108520193A (en) * | 2018-03-27 | 2018-09-11 | 康体佳智能科技(深圳)有限公司 | Quick Response Code identifying system based on neural network and recognition methods |
| CN109254955A (en) * | 2018-09-27 | 2019-01-22 | 贵州华云创谷科技有限公司 | Unidirectional file is ferried method and system between a kind of separation net based on two dimensional code |
-
2019
- 2019-03-05 CN CN201910164453.0A patent/CN109818831A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101697180A (en) * | 2009-11-06 | 2010-04-21 | 深圳市优特普科技有限公司 | Computer data communication isolation management system and data monitoring method |
| CN103268644A (en) * | 2013-05-09 | 2013-08-28 | 国家电网公司 | Communication equipment inspection system |
| CN104125222A (en) * | 2014-07-18 | 2014-10-29 | 国网上海市电力公司 | Information intranet security hole monitoring processing method |
| CN104484695A (en) * | 2014-11-24 | 2015-04-01 | 贺州市公安局 | Two-dimensional code data cross-network transmitting platform |
| EP3206368A1 (en) * | 2016-02-10 | 2017-08-16 | Accenture Global Solutions Limited | Telemetry analysis system for physical process anomaly detection |
| CN107517142A (en) * | 2017-10-10 | 2017-12-26 | 朱汉源 | A kind of system and method that remote maintenance is realized by Quick Response Code |
| CN108520193A (en) * | 2018-03-27 | 2018-09-11 | 康体佳智能科技(深圳)有限公司 | Quick Response Code identifying system based on neural network and recognition methods |
| CN109254955A (en) * | 2018-09-27 | 2019-01-22 | 贵州华云创谷科技有限公司 | Unidirectional file is ferried method and system between a kind of separation net based on two dimensional code |
Non-Patent Citations (1)
| Title |
|---|
| 廖楷炜等: "公安信息网与互联网数据双向安全交换研究", 《广东公安科技》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111769996A (en) * | 2020-09-02 | 2020-10-13 | 江苏达科云数据科技有限公司 | Equipment monitoring method applied to complex network environment |
| CN112422510A (en) * | 2020-10-22 | 2021-02-26 | 山东浪潮通软信息科技有限公司 | Data transmission method and system based on DMZ zone |
| CN112926069A (en) * | 2021-03-01 | 2021-06-08 | 安徽商信政通信息技术股份有限公司 | Non-physical contact lossless interaction method and system for confidential data of government affair system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108428141B (en) | Food traceability information management system based on ERP system and block chain | |
| CN109818831A (en) | A kind of system data dynamic monitoring device and method across private network based on DMZ | |
| CN113536376B (en) | Enterprise financial data security management system and method thereof | |
| CN111404914A (en) | Ubiquitous power Internet of things terminal safety protection method under specific attack scene | |
| CN107911370A (en) | A kind of data ciphering method and device, data decryption method and device | |
| CN114140082B (en) | Enterprise content management system | |
| CN112804348B (en) | Method for judging repeatability of reported data of edge computing node by cloud monitoring center | |
| CN108881203A (en) | Data managing method, electronic equipment, storage medium and system based on block chain | |
| CN111046415A (en) | Intelligent grading early warning system and method for confidential files | |
| CN113160604A (en) | Bus management method and system based on artificial intelligence | |
| CN112613006A (en) | Power data sharing method and device, electronic equipment and storage medium | |
| CN112688822A (en) | Edge computing fault or security threat monitoring system and method based on multi-point cooperation | |
| CN111092960A (en) | Distributed data acquisition system and operation method thereof | |
| CN109495514A (en) | Mutual role help system and method based on edge termination | |
| CN116383786A (en) | Big data information supervision system and method based on Internet of things | |
| CN113660080B (en) | Safe multi-party calculation and federal analysis technology | |
| CN116208340A (en) | Trusted data flow platform system method based on privacy calculation and blockchain | |
| CN115189966A (en) | Block chain private data encryption and decryption service system | |
| CN107491503A (en) | A kind of multifunctional client information management system | |
| CN114579961A (en) | Sensitive data identification method based on multi-industry detection rules and related device | |
| CN110933025A (en) | Multi-source heterogeneous data cross-domain synchronous shared storage method, device, equipment and medium | |
| CN113378222A (en) | File encryption method and system based on data content identification | |
| CN112347491A (en) | Method for endogenous data secure interaction of double-middlebox double-chain architecture | |
| Shi et al. | Privacy protection and intrusion detection system of wireless sensor network based on artificial neural network | |
| CN111127261A (en) | Intellectual property service platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190528 |