CN111181984A - Security protection method, device and system based on environment-friendly 212 protocol - Google Patents

Security protection method, device and system based on environment-friendly 212 protocol Download PDF

Info

Publication number
CN111181984A
CN111181984A CN201911425110.1A CN201911425110A CN111181984A CN 111181984 A CN111181984 A CN 111181984A CN 201911425110 A CN201911425110 A CN 201911425110A CN 111181984 A CN111181984 A CN 111181984A
Authority
CN
China
Prior art keywords
environment
data
friendly
information
data packet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911425110.1A
Other languages
Chinese (zh)
Other versions
CN111181984B (en
Inventor
王刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Likong Huacon Technology Co ltd
Original Assignee
Beijing Likong Huacon Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Likong Huacon Technology Co ltd filed Critical Beijing Likong Huacon Technology Co ltd
Priority to CN201911425110.1A priority Critical patent/CN111181984B/en
Publication of CN111181984A publication Critical patent/CN111181984A/en
Application granted granted Critical
Publication of CN111181984B publication Critical patent/CN111181984B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/08Protocols for interworking; Protocol conversion

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a safety protection method, a device and a system based on an environment-friendly 212 protocol, wherein the method comprises the following steps: acquiring an environment-friendly 212 data packet, and judging whether the information of the environment-friendly 212 data packet is the same as preset information or not; when the information of the environment-friendly 212 data packet is the same as the preset information, analyzing the environment-friendly 212 data packet to obtain analyzed data; updating the analyzed data according to the information which is the same as the preset information; and generating 212 a data packet according to the updated data, and outputting 212 the data packet. By implementing the invention, format verification, equipment identification, password verification, data matching and filtering and the like can be carried out on the environment-friendly 212 data packet acquired by the online automatic monitoring equipment, whether the data packet is valid and credible can be checked, the data is prevented from being illegally tampered, the safety protection level of the environment-friendly 212 protocol data transmission is enhanced, meanwhile, attack data and the like in the environment-friendly 212 data can be removed through the process, and equipment such as a monitoring center and the like can be effectively protected.

Description

Security protection method, device and system based on environment-friendly 212 protocol
Technical Field
The invention relates to the technical field of data protection, in particular to a safety protection method, a device and a system based on an environment-friendly 212 protocol.
Background
At present, environmental protection departments in various regions have or are building and transforming pollution source monitoring systems, remote online monitoring on discharge ports of water pollution, atmospheric pollution and the like and pollution sources of discharge enterprises is realized, so that the development trends of automation, networking, instantaneity and intellectualization of environmental monitoring are adapted, and the pollution source online monitoring systems are key development objects of the environmental protection industry. Aiming at the monitoring industry standard of pollutants, the national environmental protection administration sets a data transmission standard (HJ/T212-2017) of a pollutant online monitoring system.
In HJ/T212-2017, pollutant monitoring can be performed by using a pollutant online monitoring system, which comprises a monitoring center and an online automatic monitoring device. The monitoring center is arranged in each level of environmental protection departments, can be connected with the automatic monitoring equipment through a transmission network and sends commands such as inquiry, control and the like to the automatic monitoring equipment; the on-line automatic monitoring equipment is arranged on the site of a pollutant monitoring point and a process node influencing pollutant emission and is used for monitoring and monitoring pollutant emission conditions and process parameters and completing communication and transmission with a monitoring center, and the automatic monitoring equipment comprises a pollutant monitoring instrument, a flow (speed) meter, a pollution control facility operation recorder, a data acquisition and transmission instrument and the like.
However, the environmental protection 212 data collected by the on-line automatic monitoring device needs to be transmitted over a wide area network when being transmitted to the monitoring center through the transmission network. However, in the prior art, only the transmission direction of the data can be controlled for the transmission of the environmental protection 212 data, and the validity and the credibility of the data transmitted to the monitoring center cannot be ensured.
Disclosure of Invention
In view of this, embodiments of the present invention provide a security protection method, device, and system based on the environment-friendly 212 protocol, so as to solve the technical problem in the prior art that only the transmission direction of data can be controlled for the transmission of the environment-friendly 212 data, and the data transmitted to the monitoring center cannot be guaranteed to be valid and trusted.
The technical scheme provided by the embodiment of the invention is as follows:
a first aspect of an embodiment of the present invention provides a security protection method based on an environment-friendly 212 protocol, where the security protection method includes the following steps: acquiring an environment-friendly 212 data packet, and judging whether the information of the environment-friendly 212 data packet is the same as preset information; when the information of the environment-friendly 212 data packet is the same as the preset information, analyzing the environment-friendly 212 data packet to obtain analyzed data; updating the analyzed data according to the information which is the same as the preset information; and generating 212 a data packet according to the updated data, and outputting the 212 data packet.
Optionally, the determining whether the information of the environment-friendly 212 data packet is the same as the preset information includes: judging whether the environment-friendly 212 data packet meets the requirement of a preset format; when the environment-friendly 212 data packet meets the requirement of a preset format, extracting the equipment identification and the password information in the environment-friendly 212 data packet; judging whether the equipment identification and the password information are the same as the preset equipment identification and the preset password information; and when the device identifier and the password information are the same as the preset device identifier and the preset password information, judging whether the rule information in the environment-friendly 212 data packet is the same as the preset rule information.
Optionally, the rule information includes a system number, a data category, a parameter content, and a pollutant code.
Optionally, the method for safeguarding based on the environmental 212 protocol further includes: and when the information of the environment-friendly 212 data packet is different from the preset information, performing security check on the environment-friendly 212 data packet.
A second aspect of an embodiment of the present invention provides a safety protection device based on an environment-friendly 212 protocol, where the safety protection device includes: the judging module is used for acquiring the environment-friendly 212 data packet and judging whether the information of the environment-friendly 212 data packet is the same as the preset information or not; the analysis module is used for analyzing the environment-friendly 212 data packet to obtain analyzed data when the information of the environment-friendly 212 data packet is the same as preset information; the updating module is used for updating the analyzed data according to the information which is the same as the preset information; and the compression module is used for generating 212 data packets according to the updated data and outputting the 212 data packets.
A third aspect of an embodiment of the present invention provides a security protection system based on an environment-friendly 212 protocol, where the security protection system includes: the environment-friendly data processing system comprises a proxy server and a proxy client, wherein the proxy server is used for acquiring an environment-friendly 212 data packet, judging whether the information of the environment-friendly 212 data packet is the same as preset information or not, when the information of the environment-friendly 212 data packet is the same as the preset information, analyzing the environment-friendly 212 data packet to obtain analyzed data, updating the analyzed data according to the information which is the same as the preset information, and sending the updated data to the proxy client; and the proxy client is used for generating 212 data packets according to the updated data and outputting the 212 data packets.
Optionally, the environmental 212 protocol-based security protection system further includes: and the isolation exchange module is used for transmitting the analyzed data in the proxy server to the proxy client in a one-way mode.
Optionally, the number of the proxy clients is multiple, and the multiple proxy clients respectively receive the analyzed data and respectively output the generated 212 data packets.
A fourth aspect of the embodiments of the present invention provides a computer-readable storage medium, where computer instructions are stored, and the computer instructions are configured to cause the computer to execute the method for safeguarding based on the environment 212 protocol according to any one of the first aspect and the first aspect of the embodiments of the present invention.
A fifth aspect of the embodiments of the present invention provides a security protection terminal based on an environment-friendly 212 protocol, including: the security protection method based on the environmental 212 protocol according to the first aspect of the embodiments of the present invention includes a memory and a processor, where the memory and the processor are communicatively connected to each other, the memory stores computer instructions, and the processor executes the computer instructions to perform the security protection method based on the environmental 212 protocol according to the first aspect of the embodiments of the present invention.
The technical scheme provided by the invention has the following effects:
the safety protection method and device based on the environment-friendly 212 protocol provided by the embodiment of the invention can perform format verification, equipment identification, password verification, data matching and filtering and the like on the environment-friendly 212 data packet acquired by the online automatic monitoring equipment, can check whether the data packet is valid and credible, avoids data from being illegally tampered, enhances the safety protection level of data transmission of the environment-friendly 212 protocol, and can remove attack data and the like in the environment-friendly 212 data through the process, so that equipment such as a monitoring center and the like can be effectively protected.
According to the safety protection system based on the environment-friendly 212 protocol provided by the embodiment of the invention, the proxy server and the proxy client are arranged, so that format verification, equipment identification, password verification, data matching and filtering and the like can be carried out on the environment-friendly 212 data packet acquired by the online automatic monitoring equipment, whether the data packet is valid and credible can be checked, the data is prevented from being illegally tampered, the safety protection level of data transmission of the environment-friendly 212 protocol is enhanced, meanwhile, attack data and the like in the environment-friendly 212 data can be removed through the process, and equipment such as a monitoring center and the like can be effectively protected. In addition, the isolation switching module can ensure that data can realize unidirectional transmission; meanwhile, the plurality of proxy clients can also realize synchronous forwarding of multi-path data, and performance consumption of the environment-friendly clients is reduced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 is a flow diagram of a method of securing based on the Environment 212 protocol, according to an embodiment of the invention;
FIG. 2 is a block diagram of a secure gatekeeper based on the Environment 212 protocol, according to an embodiment of the present invention;
FIG. 3 is a block diagram of a security system based on the Environment 212 protocol according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a hardware structure of a security protection terminal based on the environment protection 212 protocol according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
An embodiment of the present invention provides a security protection method based on an environment-friendly 212 protocol, and as shown in fig. 1, the security protection method includes the following steps:
step S101: and acquiring the environment-friendly 212 data packet, and judging whether the information of the environment-friendly 212 data packet is the same as the preset information.
Specifically, after the environment-friendly 212 data packet is obtained, whether the data packet meets the requirement of a preset format or not can be judged firstly, according to the HJ/T212-2017 standard, the environment-friendly 212 data collected by the online automatic monitoring equipment generally consists of ASCII code (except for chinese characters, UTF-8 code, 8 bits, 1 byte) characters, and specifically consists of a packet header, a data segment length, a data segment, CRC check and a packet tail. Thus, the acquired data packet of the ring 212 may be checked according to the format requirement when it is verified, and when the check meets the requirement, the next verification is performed. In addition, other preset formats may also be set according to actual needs, which is not limited in the present invention.
After the format verification is passed, extracting the equipment identifier and the password information in the data packet, and judging whether the equipment identifier and the password information are the same as the preset equipment identifier and the preset password information; the data segment in the data packet composition may specifically include a request code, a system code, a command code, a password, an equipment unique identifier, a flag bit, a total packet number, a packet number, and an instruction parameter; the unique equipment identifier can be used for uniquely identifying one piece of equipment, and the identifier consists of 24 characters from 0 to 9A to F, and generally comprises a name, a header, a manufacturer identification code, an object classification code, a serial number and the like; the password may be an access password. In the verification process of the step, the device identification and the password information in the acquired data packet can be verified according to the device unique identification and the access password in the data segment as the preset device identification and the preset password information, and after the verification is passed, the data packet method data is indicated, and the next verification can be performed.
After the data packet is verified to be legal data, the rule information in the environment-friendly 212 data packet can be matched according to the preset rule information. For example, the rule information may include a system number, a data class, parameter content, a contamination code, and the like. The system number can be divided into four categories, specifically can be represented as an environment quality category, and can be represented by 10-29; the category of the environmental pollution source can be represented by 30-49; the working condition type can be represented by 50-69; the system interaction category can be represented by 91-99. The data types can be divided into pollutant factors, working condition monitoring factors, field end information and the like; wherein, the pollutant factor can comprise a water monitoring factor, a gas monitoring factor and an acoustic environment monitoring factor; the working condition monitoring factors can comprise a sewage discharge process, a flue gas discharge process and the like. The parameter content can comprise the working parameters of the online automatic monitoring equipment and the like; the pollutant code can be determined according to codes defined by acoustic environment quality standard (GB 3096-2008), air pollutant code (HJ 524-2009) and water pollutant code (HJ 525-2009) in relevant national and industrial standards. Therefore, when matching the rule information of the data packet of the ring 212, the rule information may be matched according to the above-mentioned code or code.
Step S102: when the information of the environment-friendly 212 data packet is the same as the preset information, analyzing the environment-friendly 212 data packet to obtain analyzed data; specifically, after the verification, including the format verification, the password device verification, and the rule information verification, pass, the actual measurement point value in the data packet of the environment-friendly 212 may be analyzed, for example, an actual measurement value of the pollutant may be obtained through analysis. In addition, when the information of the data packet of the ring 212 is different from the preset information, the data packet may not meet the standard or be trusted, and the security check may be performed on the data packet of the ring 212.
Step S103: updating the analyzed data according to the information which is the same as the preset information; specifically, after the actual measurement point value is obtained through analysis, data identical to the preset information can be extracted according to the verification process in the step S101, and other invalid data are filtered out; for example, only data that the device identification passes the verification may be extracted, and other error data or attack data (including virus attack or illegal data) may be filtered out.
Step S104: and generating 212 a data packet according to the updated data, and outputting 212 the data packet. Specifically, the updated data may be regenerated 212 into a data packet according to the standard and output to a monitoring center of the environmental protection department or other departments needing data monitoring.
The safety protection method based on the environment-friendly 212 protocol provided by the embodiment of the invention can be used for carrying out format verification, equipment identification, password verification, data matching and filtering and the like on the environment-friendly 212 data packet acquired by the online automatic monitoring equipment, checking whether the data packet is valid and credible, avoiding illegal tampering of the data, enhancing the safety protection level of data transmission of the environment-friendly 212 protocol, and simultaneously removing attack data and the like in the environment-friendly 212 data through the process, so that equipment such as a monitoring center and the like can be effectively protected.
Example 2
An embodiment of the present invention provides a safety protection device based on an environment-friendly 212 protocol, as shown in fig. 2, the safety protection device includes:
the determining module 10 is configured to obtain an environment-friendly 212 data packet, and determine whether information of the environment-friendly 212 data packet is the same as preset information; for details, refer to the related description of step S101 in the above method embodiment.
The analysis module 20 is configured to analyze the environment-friendly 212 data packet to obtain analyzed data when the information of the environment-friendly 212 data packet is the same as the preset information; for details, refer to the related description of step S102 in the above method embodiment.
An updating module 30, configured to update the analyzed data according to information that is the same as the preset information; for details, refer to the related description of step S103 in the above method embodiment.
And the compression module 40 is used for generating 212 a data packet according to the updated data and outputting the 212 data packet. For details, refer to the related description of step S104 in the above method embodiment.
The safety protection device based on the environment-friendly 212 protocol provided by the embodiment of the invention can perform format verification, equipment identification, password verification, data matching and filtering and the like on the environment-friendly 212 data packet acquired by the online automatic monitoring equipment, can check whether the data packet is valid and credible, avoids illegal tampering of the data, enhances the safety protection level of data transmission of the environment-friendly 212 protocol, and simultaneously can remove attack data and the like in the environment-friendly 212 data through the process, so that equipment such as a monitoring center and the like can be effectively protected.
Example 3
An embodiment of the present invention provides a security protection system based on an environment 212 protocol, and as shown in fig. 3, the security protection system includes: a proxy server 1 and a proxy client 2.
The proxy server 1 is configured to obtain an environment-friendly 212 data packet, determine whether information of the environment-friendly 212 data packet is the same as preset information, analyze the environment-friendly 212 data packet when the information of the environment-friendly 212 data packet is the same as the preset information to obtain analyzed data, update the analyzed data according to the information the same as the preset information, and send the updated data to the proxy client;
specifically, the proxy server 1 may include the determination module, the parsing module, and the updating module in embodiment 2 described above. The proxy server 1 may be connected to an environmental protection client 3, the environmental protection client 3 may be disposed in a power plant or other places needing monitoring, and the environmental protection client 3 may obtain environmental protection data through various monitoring instruments such as sensors, and generate an environmental protection 212 data packet.
And the proxy client 2 is used for generating 212 data packets according to the updated data and outputting the 212 data packets.
Specifically, the proxy client 2 may include the compression module in embodiment 2, and the proxy client 2 may be connected to the proxy server 1 through the isolation switching module 4, and obtain the updated data in the proxy server 1 to generate 212 a data packet. The isolated switching module 4 may transmit the data analyzed in the proxy server 1 to the proxy client 2 in a unidirectional manner. The number of the proxy clients 2 may be plural, and the plurality of proxy clients 2 may receive the analyzed data and output the generated 212 data packets, respectively.
In addition, the agent client 2 may be connected to the environmental protection server 5, such as a monitoring center, and may output the generated 212 data packet to the environmental protection server 5, and the environmental protection server 5 may store the received 212 data packet, and may also perform corresponding data display on a graphical interface. The monitoring center may be disposed in an environmental protection bureau, an environmental protection hall, an environmental protection department, or the like, and the plurality of agent clients may be connected to the monitoring centers, respectively, and transmit the generated 212 data packets to the corresponding departments.
According to the safety protection system based on the environment-friendly 212 protocol provided by the embodiment of the invention, the proxy server and the proxy client are arranged, so that format verification, equipment identification, password verification, data matching and filtering and the like can be carried out on the environment-friendly 212 data packet acquired by the online automatic monitoring equipment, whether the data packet is valid and credible can be checked, the data is prevented from being illegally tampered, the safety protection level of data transmission of the environment-friendly 212 protocol is enhanced, meanwhile, attack data and the like in the environment-friendly 212 data can be removed through the process, and equipment such as a monitoring center and the like can be effectively protected. In addition, the isolation switching module can ensure that data can realize unidirectional transmission; meanwhile, the plurality of proxy clients can also realize synchronous forwarding of multi-path data, and performance consumption of the environment-friendly clients is reduced.
Example 4
An embodiment of the present invention further provides a security protection terminal based on the environment 212 protocol, as shown in fig. 4, the security protection terminal based on the environment 212 protocol may include a processor 51 and a memory 52, where the processor 51 and the memory 52 may be connected by a bus or in another manner, and fig. 4 takes the example of connection by a bus as an example.
The processor 51 may be a Central Processing Unit (CPU). The Processor 51 may also be other general purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, or combinations thereof.
The memory 52, which is a non-transitory computer readable storage medium, may be used to store non-transitory software programs, non-transitory computer executable programs, and modules, such as the corresponding program instructions/modules in the embodiments of the present invention. The processor 51 executes various functional applications and data processing of the processor by executing non-transitory software programs, instructions and modules stored in the memory 52, that is, implements the security protection method based on the environment 212 protocol in the above method embodiment.
The memory 52 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created by the processor 51, and the like. Further, the memory 52 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory 52 may optionally include memory located remotely from the processor 51, and these remote memories may be connected to the processor 51 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The one or more modules are stored in the memory 52 and, when executed by the processor 51, perform a method of security protection based on the environmental 212 protocol in the embodiment shown in fig. 1.
The details of the security protection terminal based on the environment 212 protocol may be understood with reference to the corresponding description and effects in the embodiment shown in fig. 1, and are not described herein again.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a Flash Memory (Flash Memory), a Hard Disk (Hard Disk Drive, abbreviated as HDD) or a Solid State Drive (SSD), etc.; the storage medium may also comprise a combination of memories of the kind described above.
Although the embodiments of the present invention have been described in conjunction with the accompanying drawings, those skilled in the art may make various modifications and variations without departing from the spirit and scope of the invention, and such modifications and variations fall within the scope defined by the appended claims.

Claims (10)

1. A safety protection method based on an environment protection 212 protocol is characterized by comprising the following steps:
acquiring an environment-friendly 212 data packet, and judging whether the information of the environment-friendly 212 data packet is the same as preset information;
when the information of the environment-friendly 212 data packet is the same as the preset information, analyzing the environment-friendly 212 data packet to obtain analyzed data;
updating the analyzed data according to the information which is the same as the preset information;
and generating 212 a data packet according to the updated data, and outputting the 212 data packet.
2. The method of claim 1, wherein determining whether the information of the ring 212 packet is the same as preset information comprises:
judging whether the environment-friendly 212 data packet meets the requirement of a preset format;
when the environment-friendly 212 data packet meets the requirement of a preset format, extracting the equipment identification and the password information in the environment-friendly 212 data packet;
judging whether the equipment identification and the password information are the same as the preset equipment identification and the preset password information;
and when the device identifier and the password information are the same as the preset device identifier and the preset password information, judging whether the rule information in the environment-friendly 212 data packet is the same as the preset rule information.
3. The method of claim 2, wherein the rule information comprises a system number, a data class, a parameter content, and a contaminant code.
4. The method of claim 1, further comprising:
and when the information of the environment-friendly 212 data packet is different from the preset information, performing security check on the environment-friendly 212 data packet.
5. A safety shield apparatus based on the environmental 212 protocol, comprising:
the judging module is used for acquiring the environment-friendly 212 data packet and judging whether the information of the environment-friendly 212 data packet is the same as the preset information or not;
the analysis module is used for analyzing the environment-friendly 212 data packet to obtain analyzed data when the information of the environment-friendly 212 data packet is the same as preset information;
the updating module is used for updating the analyzed data according to the information which is the same as the preset information;
and the compression module is used for generating 212 data packets according to the updated data and outputting the 212 data packets.
6. A security system based on the vee 212 protocol, comprising: a proxy server and a proxy client, wherein,
the proxy server is used for acquiring an environment-friendly 212 data packet, judging whether the information of the environment-friendly 212 data packet is the same as preset information or not, analyzing the environment-friendly 212 data packet when the information of the environment-friendly 212 data packet is the same as the preset information to obtain analyzed data, updating the analyzed data according to the information which is the same as the preset information, and sending the updated data to the proxy client;
and the proxy client is used for generating 212 data packets according to the updated data and outputting the 212 data packets.
7. The environmentally 212 protocol-based security protection system of claim 6, further comprising: and the isolation exchange module is used for unidirectionally transmitting the updated data in the proxy server to the proxy client.
8. The environmental 212 protocol-based security protection system of claim 6, wherein the number of the agent clients is plural, and the plural agent clients respectively receive the updated data and respectively output the generated 212 data packets.
9. A computer-readable storage medium having stored thereon computer instructions for causing a computer to execute the method for safeguarding based on the environmental 212 protocol of any of claims 1-4.
10. A security terminal based on the environmental 212 protocol, comprising: a memory and a processor, the memory and the processor being communicatively coupled to each other, the memory storing computer instructions, the processor executing the computer instructions to perform the method of safeguarding based on the environmental 212 protocol of any of claims 1-4.
CN201911425110.1A 2019-12-31 2019-12-31 Security protection method, device, system, terminal and storage medium based on environment-friendly 212 protocol Active CN111181984B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911425110.1A CN111181984B (en) 2019-12-31 2019-12-31 Security protection method, device, system, terminal and storage medium based on environment-friendly 212 protocol

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911425110.1A CN111181984B (en) 2019-12-31 2019-12-31 Security protection method, device, system, terminal and storage medium based on environment-friendly 212 protocol

Publications (2)

Publication Number Publication Date
CN111181984A true CN111181984A (en) 2020-05-19
CN111181984B CN111181984B (en) 2022-04-01

Family

ID=70657771

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911425110.1A Active CN111181984B (en) 2019-12-31 2019-12-31 Security protection method, device, system, terminal and storage medium based on environment-friendly 212 protocol

Country Status (1)

Country Link
CN (1) CN111181984B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030115328A1 (en) * 2001-11-29 2003-06-19 Riku Salminen Firewall for filtering tunneled data packets
CN102694815A (en) * 2012-06-04 2012-09-26 浙江中控技术股份有限公司 Safety protection method, control unit and industrial control system
CN104539600A (en) * 2014-12-22 2015-04-22 北京卓越信通电子股份有限公司 Industrial control firewall implementing method for supporting filtering IEC 104 protocol
CN109150869A (en) * 2018-08-14 2019-01-04 南瑞集团有限公司 A kind of exchanger information acquisition analysis system and method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030115328A1 (en) * 2001-11-29 2003-06-19 Riku Salminen Firewall for filtering tunneled data packets
CN102694815A (en) * 2012-06-04 2012-09-26 浙江中控技术股份有限公司 Safety protection method, control unit and industrial control system
CN104539600A (en) * 2014-12-22 2015-04-22 北京卓越信通电子股份有限公司 Industrial control firewall implementing method for supporting filtering IEC 104 protocol
CN109150869A (en) * 2018-08-14 2019-01-04 南瑞集团有限公司 A kind of exchanger information acquisition analysis system and method

Also Published As

Publication number Publication date
CN111181984B (en) 2022-04-01

Similar Documents

Publication Publication Date Title
CN107454109B (en) Network privacy stealing behavior detection method based on HTTP traffic analysis
US9954903B2 (en) Industrial network security translator
CN112468488B (en) Industrial anomaly monitoring method, industrial anomaly monitoring device, computer equipment and readable storage medium
US10715639B2 (en) Data processing method and apparatus for performing protocol parsing in a cloud
CN111130883B (en) Method and device for determining topological graph of industrial control equipment and electronic equipment
CN109922085B (en) Safety protection system and method based on CIP (common interface protocol) in PLC (programmable logic controller)
CN110099058B (en) Modbus message detection method and device, electronic equipment and storage medium
KR102414860B1 (en) Network probes and methods for processing messages
CN106921676B (en) Intrusion detection method based on OPCClasic
CN111478966A (en) Internet of things protocol analysis method and device, computer equipment and storage medium
CN111191767B (en) Vectorization-based malicious traffic attack type judging method
JP2009017298A (en) Data analysis apparatus
CN106899419B (en) Method, device and request terminal for realizing exception handling
CN111181984B (en) Security protection method, device, system, terminal and storage medium based on environment-friendly 212 protocol
CN113238923A (en) Service behavior tracing method and system based on state machine
CN114070624B (en) Message monitoring method, device, electronic equipment and medium
CN113645241B (en) Intrusion detection method, device and equipment for industrial control proprietary protocol
CN112640392B (en) Trojan horse detection method, device and equipment
CN110750290B (en) Software version upgrading method and device based on DNS query
CN114172980A (en) Method, system, device, equipment and medium for identifying type of operating system
CN111314278A (en) Safety detection method based on Ethernet IP industrial control protocol
CN113098837B (en) Industrial firewall state detection method and device, electronic equipment and storage medium
CN117749648B (en) Industrial control flow auditing method and device
CN115442154B (en) Method and system for verifying deep analysis of modular industrial control protocol packet
CN115348334B (en) Data analysis method and device and related equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant