CN112383411B - Network security early warning notification method, electronic device and storage medium - Google Patents
Network security early warning notification method, electronic device and storage medium Download PDFInfo
- Publication number
- CN112383411B CN112383411B CN202011138569.6A CN202011138569A CN112383411B CN 112383411 B CN112383411 B CN 112383411B CN 202011138569 A CN202011138569 A CN 202011138569A CN 112383411 B CN112383411 B CN 112383411B
- Authority
- CN
- China
- Prior art keywords
- information
- early warning
- network security
- preset
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/22—Indexing; Data structures therefor; Storage structures
- G06F16/2282—Tablespace storage structures; Management thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2455—Query execution
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0681—Configuration of triggering conditions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Computational Linguistics (AREA)
- Software Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application relates to a network security early warning reporting method, an electronic device and a storage medium, wherein preset characteristic information is detected in network security information by acquiring network security information to be early warned and reported, and the network security information is reported to an early warning object according to a preset early warning mode by inquiring target information in a preset target parameter table according to the characteristic information; the early warning reporting mechanism is simple and high in reliability, solves the problems that the early warning reporting mechanism is too simple and low in reliability in the prior art, and improves the reliability and stability of a network safety early warning reporting system.
Description
Technical Field
The present application relates to the field of network security early warning notification, and in particular, to a network security early warning notification method, an electronic device, and a storage medium.
Background
With the continuous development of information technology, information security is particularly important for the development of information technology, a network and information security information reporting mechanism needs to be established, the construction of a security information reporting mechanism is actively promoted, a network security situation perception monitoring and reporting means and an information reporting early warning and emergency handling system are established, a network security situation perception monitoring and reporting platform is established, the functions of security monitoring of important websites and important information systems on the internet, online computer virus trojan propagation monitoring, reporting early warning, emergency handling, situation analysis, security event (accident) management, supervision and improvement and the like are realized, and technical support is provided for the development of related reporting early warning work.
At present, an effective report early warning technical means aiming at a supervision unit is lacked, discovered potential safety hazards and events are reported and early warned by using a traditional information synchronization means (short messages, weChat, QQ, mails, special APPs and the like), information synchronization is not instant, APP compatibility is not good, a management process is difficult to follow, discovered potential hazards lack of a verification process cannot ensure report accuracy, traditional network safety report early warning is mostly realized by the special APPs, the supervision unit and users respectively and independently install the APPs through developing the special APPs, the report early warning process is realized by the special report APPs, a traditional independent mobile phone APP report early warning system is in the using process, the update and update of a mobile phone terminal are carried out, the update report of a mobile phone operating system and the version of the early warning APP need to be continuously updated along with the change of the external environment, maintenance cost investment is huge, in addition, the independent APPs are not high in daily utilization rate, related APP processes can be released by the mobile phone to save resources, and the related APP is often in a closed state in the mobile phone, and related early warning reports can not be transmitted in real time.
At present, no effective solution is provided aiming at the problems of too simple early warning reporting mechanism and low reliability in the related technology.
Disclosure of Invention
The embodiment of the application provides a network security early warning reporting method, an electronic device and a storage medium, so as to at least solve the problems that an early warning reporting mechanism in the related prior art is too simple and the reliability is low.
In a first aspect, an embodiment of the present application provides a network security early warning notification method, including:
acquiring network security information to be notified by early warning;
detecting preset characteristic information in the network security information, wherein the characteristic information is used for determining target information for receiving the network security information;
inquiring target information in a preset target parameter table according to the characteristic information, wherein the preset target parameter table comprises a corresponding relation between the characteristic information and the target information, and the target information at least comprises an early warning object for receiving network security information;
according to a preset early warning mode, at least reporting network safety information to an early warning object, wherein the early warning mode comprises one of the following modes: and warning, reminding and correcting.
In some embodiments, the preset target parameter table includes an event-related target parameter table, and querying the target information in the preset target parameter table according to the feature information includes:
extracting threat information in the characteristic information, wherein the threat information at least comprises one of the following information: threat events, attack events, security holes;
inquiring an affair-related target associated with the threat information in an affair-related target parameter table according to the threat information, wherein the affair-related target parameter table comprises a relation between the affair-related target and the threat information generated by the affair-related target;
and in the case that the affair-related target is detected, determining that the early warning object comprises the affair-related target.
In some of these embodiments, the method further comprises:
determining a plurality of first information units related to the affair-related target, wherein the first information units comprise websites;
detecting threat information in first network security information generated by a plurality of first information units, and determining the first information units generating the first network security information as event-related information units under the condition that the threat information is detected;
and selecting the affair-related targets corresponding to the affair-related information units, and determining that the target information comprises the affair-related targets.
In some embodiments, notifying at least network security intelligence information to the early-warning object according to a preset early-warning mode includes:
under the condition that the early warning mode comprises early warning reminding, reporting network safety information to an early warning object;
and under the condition that the early warning mode comprises rectification, reporting the network security information and a preset rectification time limit to an early warning object.
In some embodiments, the early warning object is associated with at least one second information unit, and after at least reporting network security intelligence information to the early warning object according to a preset early warning mode, the method comprises the following steps: and updating the notification state of the second information unit, wherein the second information unit comprises a website, and the notification state comprises whether the second information unit is notified by early warning.
In some of these embodiments, the method further comprises: and under the condition that the early warning mode comprises early warning reminding, after the early warning object receives the network safety information, the early warning object refers to unread network safety information and marks the information state of the network safety information as read, and generates a referred receipt corresponding to the network safety information.
In some of these embodiments, the method further comprises: under the condition that the early warning mode comprises rectification, after the early warning object receives network safety information and rectification time limit, the early warning object detects whether the rectification time limit is expired;
when the early warning object detects that the rectification deadline is expired, inquiring a preset target parameter table, generating a preset new rectification deadline, and reporting network security information and the new rectification deadline to the early warning object;
and when the early warning object detects that the rectification deadline is not expired, the early warning object refers to unread network security information and marks the information state of the network security information as read, and generates a referred receipt corresponding to the network security information.
In some embodiments, after the information status flag of the network security intelligence information is read, the method comprises:
the method comprises the steps that an early warning object inquires operation authority of network security information in a preset operation authority parameter table, wherein the preset operation authority parameter table comprises a corresponding relation of operation authorities of the early warning object and the early warning object, and the operation authority comprises a reply authority;
and generating reply information corresponding to the network security information by the early warning object under the condition of inquiring that the early warning object has the reply authority.
In a second aspect, an embodiment of the present application provides an electronic apparatus, which includes a memory and a processor, where the memory stores a computer program, and the processor is configured to execute the computer program to perform the network security early warning notification method according to the first aspect.
In a third aspect, an embodiment of the present application provides a storage medium, in which a computer program is stored, where the computer program is configured to execute the network security early warning notification method according to the first aspect when the computer program runs.
Compared with the related prior art, the network security early warning notification method, the electronic device and the storage medium provided by the embodiment of the application adopt the steps of obtaining network security information to be early warned and notified; detecting preset characteristic information in the network security intelligence information, wherein the characteristic information is used for determining target information for receiving the network security intelligence information; inquiring target information in a preset target parameter table according to the characteristic information, wherein the preset target parameter table comprises a corresponding relation between the characteristic information and the target information, and the target information at least comprises an early warning object for receiving network security information; according to a preset early warning mode, at least network safety information is reported to an early warning object, the problems that an early warning reporting mechanism in the related technology is too simple and the reliability is low are solved, and the reliability and the stability of a network safety early warning reporting system are improved.
The details of one or more embodiments of the application are set forth in the accompanying drawings and the description below to provide a more thorough understanding of the application.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
fig. 1 is a flowchart of a network security early warning notification method according to an embodiment of the present application;
fig. 2 is a flowchart of a network security pre-warning notification method according to a preferred embodiment of the present application;
fig. 3 is another flowchart of a network security pre-warning notification method according to a preferred embodiment of the present application;
fig. 4 is a first structural diagram of a network security early warning notification apparatus according to a preferred embodiment of the present application;
fig. 5 is a second structural diagram of a network security early warning notification apparatus according to a preferred embodiment of the present application;
fig. 6 is a block diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be described and illustrated below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of and not restrictive on the broad application. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments provided in the present application without any inventive step are within the scope of protection of the present application. Moreover, it should be appreciated that such a development effort might be complex and tedious, but would nevertheless be a routine undertaking of design, fabrication, and manufacture for those of ordinary skill having the benefit of this disclosure, given the benefit of this disclosure, without departing from the scope of this disclosure.
Reference in the specification to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the specification. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Those of ordinary skill in the art will explicitly and implicitly appreciate that the embodiments described herein may be combined with other embodiments without conflict.
Unless defined otherwise, technical or scientific terms referred to herein shall have the ordinary meaning as understood by those of ordinary skill in the art to which this application belongs. The use of the terms "a" and "an" and "the" and similar referents in the context of describing the invention (including a single reference) are to be construed in a non-limiting sense as indicating either the singular or the plural. The present application is directed to the use of the terms "including," "comprising," "having," and any variations thereof, which are intended to cover non-exclusive inclusions; for example, a process, method, system, article, or apparatus that comprises a list of steps or modules (elements) is not limited to the listed steps or elements, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus. Reference to "connected," "coupled," and the like in this application is not intended to be limited to physical or mechanical connections, but may include electrical connections, whether direct or indirect. Reference herein to "a plurality" means greater than or equal to two. "and/or" describes an association relationship of associated objects, meaning that three relationships may exist, for example, "A and/or B" may mean: a exists alone, A and B exist simultaneously, and B exists alone. Reference herein to the terms "first," "second," "third," and the like, are merely to distinguish similar objects and do not denote a particular ordering for the objects.
The embodiment of the application mainly provides a network security early warning reporting method, which is more and more widely applied based on the form of small programs along with the popularization of instant communication tools such as nails, weChat and the like, can effectively solve the problems of APP compatibility, upgrading and the like, and is convenient and easy to use. The notification early warning system is upgraded based on instant messaging software such as nailing/WeChat, and the notification early warning system is enabled to be really available to be easy to use.
A network safety report early warning system is a report early warning system used for a safety supervision department to synchronously inform the information of a supervised unit.
Instant Messaging (IM) is a terminal service that allows two or more people to communicate text messages, files, voice and video in real time over a network. The instant messaging is divided into enterprise instant messaging and website instant messaging according to the use purpose, and can be divided into mobile phone instant messaging and PC instant messaging according to the loaded object, wherein the mobile phone instant messaging represents short messages, websites and video instant messaging. The current popular instant messaging software mainly comprises QQ, weChat, nail and the like.
Applet (micro application): the applet is an application that can be used without downloading, and is a very high-threshold innovation, and through the development of the last two years, a new applet development environment and a developer ecology have been constructed. The small program is an innovative result which can really influence common programmers in the IT industry of China for many years, over 150 thousands of developers are added into the small program development to jointly exert force to promote the development of the small program, the application quantity of the small program exceeds one million, the small program covers more than 200 subdivided industries, daily users reach two hundred million, and the small program also realizes the support of subway and bus services in many cities.
Because the instant messaging software (such as WeChat, nailing and the like) has wide application range, high use frequency and comprehensive technology of related software manufacturers, the compatibility, the reliability and the like of the related instant messaging software are higher. In addition, because the use frequency of the instant messaging software is high, the common mobile phone is used as a resident application and is ensured to run in the background all the time. According to the network safety early warning report platform based on the instant messaging software, due to the fact that the network safety early warning report applet is developed on the platform of the instant messaging software, 2 major problems of a traditional network report early warning APP are solved by means of the instant messaging software.
In order to realize the network security early warning report platform based on the instant messaging software, the problem that the updating and the report early warning APP version of a mobile phone operating system need to be continuously upgraded and modified along with the change of the external environment along with the update and the upgrade of a mobile phone terminal in the using process of a traditional independent mobile phone APP report early warning system is solved, and the maintenance cost is greatly invested. In addition, due to the fact that the daily utilization rate of the independent APP is low, the related APP processes can be released by the mobile phone to save resources, the notification early warning APP is in a closed state in the mobile phone frequently, and the related notification early warning cannot be transmitted in real time.
The embodiment provides a network security early warning notification method. Fig. 1 is a flowchart of a network security early warning notification method according to an embodiment of the present application, and as shown in fig. 1, the flowchart includes the following steps:
and step S101, acquiring network security information to be notified by early warning.
In the embodiment, the execution main body for acquiring the network security intelligence information to be notified by the early warning is an early warning notification applet based on instant messaging software. In the supervision mechanism of the present embodiment, the main body of the operation or use early warning notification applet is a supervision unit, and the supervision object of the supervision unit is a lower level supervision unit or a supervised unit. The early warning small reporting program based on instant communication software is used as a platform, the network safety information refers to related information of a record website of a lower supervision unit or a supervised unit and an online important information system, the online computer virus trojan propagation monitoring, the report early warning, the emergency treatment, the situation analysis, the safety event (accident) management and the like, the information can be obtained by public reporting and channels such as network security officers actively finding and reporting, the supervision unit can independently find the information or a special information collecting platform and department can collect the information and uniformly upload the information to an information server, and the early warning small reporting program can directly obtain the information in related supervision authorities from the information server through a data port.
Step S102, preset characteristic information is detected in the network security information, wherein the characteristic information is used for determining target information for receiving the network security information.
In this embodiment, the preset feature information is feature information such as a website, a character, and an image included in the network security information, for example: more specifically, the characteristic information of the web address, the text, the image and the like is "xx company", "www.xxx.com.cn", "existence of a level a network security hole" and the like. The detection means can be that the early warning notice small program is detected by a detection technical tool, and can also be manually detected by a supervision unit.
Step S103, target information is inquired in a preset target parameter table according to the characteristic information, wherein the preset target parameter table comprises the corresponding relation between the characteristic information and the target information, and the target information at least comprises an early warning object for receiving network security information.
In this embodiment, according to the feature information detected in step S102, the preset target parameter table may determine target information, for example: target information corresponding to the characteristic information "xx company" is a backup main unit, namely a monitored unit, of the website and is also used as an early warning object; target information corresponding to the characteristic information 'www.xxx.com.cn' is a website link address; the target information corresponding to the characteristic information of the existence of the A-level network security vulnerability is that a network security vulnerability event occurs, the grade of the event is A, the event is defined as a serious event and needs to be rectified.
Step S104, at least reporting the network security information to an early warning object according to a preset early warning mode, wherein the early warning mode comprises one of the following modes: warning, reminding and correcting.
In the present embodiment, based on the target information obtained in step S103, it can be decided in which warning manner the warning notification is performed. For example: the early warning report belongs to a serious event and needs to execute rectification, and the early warning report belongs to a slight event and executes early warning reminding.
Through the steps S101 to S104, acquiring network safety information to be early-warned and notified; detecting preset characteristic information in the network security information, wherein the characteristic information is used for determining target information for receiving the network security information; inquiring target information in a preset target parameter table according to the characteristic information, wherein the preset target parameter table comprises a corresponding relation between the characteristic information and the target information, and the target information at least comprises an early warning object for receiving network security information; according to a preset early warning mode, at least the network safety information is reported to an early warning object, the problems that an early warning reporting mechanism in the related technology is too simple and the reliability is low are solved, and the reliability and the stability of a network safety early warning reporting system are improved.
It should be noted that, the network security early warning notification method of the embodiment of the present application adopts the method of obtaining the network security information to be notified by early warning; detecting preset characteristic information in the network security information, wherein the characteristic information is used for determining target information for receiving the network security information; inquiring target information in a preset target parameter table according to the characteristic information, wherein the preset target parameter table comprises a corresponding relation between the characteristic information and the target information, and the target information at least comprises an early warning object for receiving network security information; according to a preset early warning mode, at least reporting network safety information to an early warning object; the method has the advantages that the target information extraction processing of the network security information is realized, the early warning mode is determined, the early warning mechanism is simple, but the reliability is high, in the embodiment, through the combination of the network security early warning reporting method and the instant messaging software, a fast online and stable reporting early warning means is provided for a monitoring unit, a technical basis is provided for the management of the monitoring unit, the problems that in the prior art, the information synchronization is not instant, the APP compatibility is not good, the management process is difficult to follow, the discovered hidden danger lacks a verification process and the reporting accuracy cannot be ensured are further solved, and the timeliness, the stability, the compatibility and the actual combat of the network security early warning reporting system are improved; the method is used for receiving and managing information such as security threats, events, attack threats and the like; and providing a small program docked into the instant communication software on the basis of a report early warning information system as a platform; the small report early warning program for safety supervision can issue reports by combining the safety data discovered by monitoring means with an instant messaging software mode, and achieves a report early warning mechanism for safety supervision by establishing a supervision visual angle and a supervised visual angle.
It should be further noted that, no matter the administrative unit or the supervised unit, when the notification early warning applet is used in the instant messaging software, the registered account needs to be logged in for use, for example, the registered account can be directly registered by using a WeChat account; in the registration process, a unit is required to provide and upload corresponding identification evidences, for example, a supervision unit is required to provide supervision qualification, supervision identification evidences and the like, for example, a supervised unit is required to provide a business license of an entity enterprise unit corresponding to the supervised unit, relevant information of a legal person and the like, and after the registration is finished, the login can be carried out; from the experience of using applets generally, account information needs to be verified during the first login, and subsequent login can directly enter a related operation interface, namely a supervision operation interface or a supervised operation interface.
It should be noted that, in order to standardize the supervision authority, the corresponding supervision relationship needs to be actively selected or automatically selected during registration, for example, a city level supervision unit may have supervision authority on all registered enterprises and websites thereof in a city/county; otherwise, all the filing enterprises and the websites thereof can be supervised by the administrative department of the local/provincial department.
In some embodiments, when registering a user by the notification and early warning applet, the user attribute is already bound as a supervision unit or a subordinate supervision unit or a supervised unit, and the user directly logs in a supervision operation interface or a supervised operation interface after logging in the notification and early warning applet; or after logging in the small reporting and early warning program, the user selects the user attribute as a supervision unit, a lower-level supervision unit or a supervised unit and then enters a corresponding supervision operation interface or a supervised operation interface; the supervision unit enters a supervision control interface, and the lower-level supervision unit or the supervised unit enters a supervised operation interface.
In some embodiments, the preset target parameter table includes an event-related target parameter table, and querying the target information in the preset target parameter table according to the feature information includes the following steps:
step 1, threat information in the characteristic information is extracted, wherein the threat information at least comprises one of the following: threat events, attack events, security breaches.
In this embodiment, after the feature information is obtained, threat content is analyzed according to the feature information, that is, threat information in the feature information is extracted, where the threat information is corresponding to the threat content, for example: "the website site www.xxx.com.cn of xx company has a level A network security hole" constitutes threat information.
And 2, inquiring an affair-related target associated with the threat information in an affair-related target parameter table according to the threat information, wherein the affair-related target parameter table comprises a relation between the affair-related target and the threat information generated by the affair-related target.
In this embodiment, after the threat information is obtained, the event-related target is analyzed according to the corresponding relationship between the event-related target and the threat information generated by the event-related target in the event-related target parameter table, so as to support the subsequent determination of the early warning object, for example: the website www.xxx.com.cn has a level A network security hole, corresponds to the xx company, and the xx company forms a task-related target.
And 3, determining that the early warning object comprises the accident-related target under the condition that the accident-related target is detected.
In this embodiment, after the event-related target is acquired, the event-related target is taken as an early warning target of the early warning notification. For example: "xx company" is used as the target of the related affairs, and then is used as the pre-warning object of the pre-warning notice.
Extracting threat information in the characteristic information through the steps, inquiring an accident-related target associated with the threat information in an accident-related target parameter table according to the threat information, and determining that the early warning object comprises the accident-related target under the condition that the accident-related target is detected; threat information is extracted from the characteristic information, an accident-related target is directly obtained according to the threat information, the accident-related target is used as an early warning object for reporting early warning, and the early warning object for early warning reporting is determined.
In some embodiments, the network security early warning notification method further includes the following steps:
step 1, determining a plurality of first information units related to an affair-related target, wherein the first information units comprise websites.
In this embodiment, it is already determined that the event-related target is "xx company" from "a website www.xxx.com.cn of xx company has a level a network security vulnerability", the associated website is www.xxx.com.cn, and the website is also used as information in the early warning report, determines the website of the event-related target, and supports the subsequent early warning report.
And 2, detecting threat information in the first network security information generated by the plurality of first information units, and determining the first information units generating the first network security information as affair-related information units under the condition that the threat information is detected.
In this embodiment, the threat information detected in the first network security information is a threat event of the website, and when the threat event occurs in the website, the website needs to be used as associated incident information.
And 3, selecting the affair-related targets corresponding to the affair-related information units, and determining that the target information comprises the affair-related targets.
In this embodiment, in the determined information units related to the events, the record body corresponding to the website as the information unit related to the events, that is, the object related to the events is found as the warning object.
Through the steps, determining a plurality of first information units related to the affair-related target, detecting threat information in first network security information generated by the first information units, determining the first information units generating the first network security information as the affair-related information units under the condition that the threat information is detected, selecting the affair-related target corresponding to the affair-related information units, and determining that the target information comprises the affair-related target; the website with threat information is defined as an affair-related website, then a filing main body corresponding to the affair-related website is found out, and the filing main body is used as an early warning object of the early warning report. Different from the method for acquiring the early warning object that the prior affair-related target related to the threat information is directly acquired, the affair-related website is firstly acquired in the steps 1 to 3, and then the corresponding affair-related target is acquired according to the affair-related website. The early warning object determination of the early warning report is realized.
In some embodiments, reporting at least network security intelligence information to an early warning object according to a preset early warning mode comprises the following steps: under the condition that the early warning mode comprises early warning reminding, reporting network safety information to an early warning object; and under the condition that the early warning mode comprises rectification, reporting the network security information and a preset rectification time limit to an early warning object.
In the embodiment, different early warning notification modes are realized according to different choices of early warning modes, early warning reminding is to provide network security information and inform an early warning object, and reminding operation can be executed aiming at some slight threat events. For some more serious threat events, an operation of informing and adjusting the period of the network security intelligence information is required.
In some embodiments, the early warning object is associated with at least one second information unit, and after notifying at least network security intelligence information to the early warning object according to a preset early warning mode, the network security early warning notification method of the embodiment includes the following steps: and updating the notification state of the second information unit, wherein the second information unit comprises a website, and the notification state comprises whether the second information unit is notified by early warning.
In this embodiment, after a threat event occurs on a website, an early warning message needs to be issued to the website, and the notification status of the website is updated, for example: and updating the report state of the website with the serious threat event into a limited period of correction, and updating the report state of the website with the slight network security event into a reminder.
In some embodiments, the network security early warning notification method further includes the following steps: and under the condition that the early warning mode comprises early warning reminding, after the early warning object receives the network safety information, the early warning object refers to unread network safety information and marks the information state of the network safety information as read, and generates a referred receipt corresponding to the network safety information.
In this embodiment, in the case of an early warning mode that only needs early warning reminding, what the early warning object mainly needs to operate is to look up the received network security information confidence. The searched receipt is instantly transmitted to the instant communication software of the supervision unit through the early warning notification small program, which shows that the early warning reminder is searched and processed. In some embodiments, the notification status is updated immediately according to a preset rule, for example, the notification status can be cancelled after the warning reminder is consulted.
In some embodiments, the network security early warning notification method further includes the following steps: when the early warning mode comprises rectification, the early warning object detects whether the rectification deadline is expired after receiving the network security information and the rectification deadline;
when the early warning object detects that the rectification deadline is expired, inquiring a preset target parameter table, generating a preset new rectification deadline, and reporting network security information and the new rectification deadline to the early warning object;
and when the early warning object detects that the rectification deadline is not expired, the early warning object refers to unread network security information and marks the information state of the network security information as read, and generates a referred receipt corresponding to the network security information.
In this embodiment, the preset target parameter table includes a new modification deadline, and a new deadline is extended as the new modification deadline by combining the network security information on the basis of the expired modification deadline. Similarly, under the condition of the early warning mode needing to be rectified, the early warning object needs to look up the received network security information confidence. The found receipt is transmitted to the instant messaging software of the supervision unit in real time through the early warning notice small program, and the fact that the correction is found is shown.
In some embodiments, the network security early warning notification method further includes the following steps: after the information state mark of the network security information is read, the early warning object inquires the operation authority of the network security information in a preset operation authority parameter table, wherein the preset operation authority parameter table comprises the corresponding relation of the operation authority of the early warning object and the early warning object, and the operation authority comprises a reply authority; and generating reply information corresponding to the network security information by the early warning object under the condition of inquiring that the early warning object has the reply authority.
In this embodiment, the reply message may be a processing result of the warning report, or may be an interactive message communication. If the processing result is the processing result of the early warning notification, the processing result needs to be uploaded, for example: after the security loophole is repaired or the website trojan is cleared, the supervision unit receives the reply information in real time and can judge that the early warning reminding can be cancelled or the revised report early warning can be cancelled according to the processing result. According to different early warning objects, the early warning objects can have different operation authorities, for example, for early warning reminding of unidirectional circulation of information from a supervision unit, the early warning objects can only receive and look up the information and cannot reply the information; for an early warning reminder for bi-directional circulation of information from a regulatory body, the early warning object may state an opinion or submit a processing result to reply to the regulatory body.
Fig. 2 is a flowchart of a network security early warning notification method according to a preferred embodiment of the present application, and as shown in fig. 2, the flowchart includes the following steps:
step S201, opening the instant communication software, selecting and logging in to enter a small report early warning program,
step S202, selecting the administrative region of the lower level supervising unit or supervised unit involved in the affair and selecting the industry of the lower level supervising unit or supervised unit involved in the affair,
and step S203, selecting to enter a supervision operation interface.
In this embodiment, the supervision operation interface is a functional module for summarizing safety supervision information, supervision results are all displayed on the supervision operation interface, and the displayed safety supervision information includes a unit list, an information system under a unit, and bugs and events included in the information system.
And step S204, clicking a unit list in the supervision operation interface, and selecting a subordinate supervision unit or a supervised unit involved in the affairs.
Step S205, enter into the website list of the subordinate supervising units or supervised units involved in the affairs.
Step S206, selecting the related website of the lower level supervising unit or the supervised unit related to the affair.
And step S207, selecting an early warning reminding mode or an improved early warning mode.
Step S208, if the early warning prompt is selected in step S207, entering an early warning prompt process, and continuing to step S209; assuming that the rectification is selected in step S207, the rectification flow is entered and the process continues to step S214.
In step S209, a lower level supervising unit or supervised unit involved in the event is selected as an early warning object.
In step S210, a distribution operation is performed.
Step S211, determining whether the notification status of the website is empty, if so, the notification status of the website is unchanged and the notification status of the unit is unchanged, otherwise, changing the notification status of the website to be in the reminder, and then executing step S212.
Step S212, judging whether the unit reporting state is unreported, if so, keeping the unit reporting state unchanged, and if not, changing the unit reporting state into reminding.
Step S213 ends the notification process.
In step S214, it is determined whether the website notification status is in the modification, if so, the step S206 is returned and executed again, otherwise, the step S215 is executed.
Step S215, selecting a lower level supervision unit or a supervised unit as an early warning object.
Step S216, filling the time limit of the adjustment of the time limit.
Step S217, the publishing operation is executed, and the website notification status is changed to be in the process of modification.
Step S218, determine whether the unit reporting status is in the modification, if so, the unit reporting status is not changed, otherwise, the unit reporting status is changed to the modification.
Step S219 ends the notification process.
It should be noted that each supervised user may have a plurality of websites, so that it is necessary to notify websites related to network security, and websites that do not have network security problems are not dealt with.
It should be noted that the steps illustrated in the above-described flow diagrams or in the flow diagrams of the figures may be performed in a computer system, such as a set of computer-executable instructions, and that, although a logical order is illustrated in the flow diagrams, in some cases, the steps illustrated or described may be performed in an order different than here. For example: step S202 may be deleted, or step S202 and step S203 may be interchanged, and so on.
Fig. 3 is another flowchart of a network security early warning notification method according to a preferred embodiment of the present application, and as shown in fig. 3, the flowchart includes the following steps:
step S301, opening the instant communication software, selecting and logging in a small report early warning program.
Step S302, selecting an administrative region to which a lower level supervision unit or a supervised unit belongs and selecting an industry to which the lower level supervision unit or the supervised unit belongs.
And step S303, selecting to enter a monitored operation interface.
And step S304, clicking a report state information list in the supervised operation interface.
Step S305, selecting unread network security information, and selecting an early warning mode of early warning reminding or rectification.
Step S306, if the early warning prompt is selected in the step S305, entering an early warning prompt process, and executing the step S307; assuming that the rectification is selected in step S305, the process proceeds to a rectification process, and step S311 is executed.
And step S307, entering a reminding detail page.
And step S308, checking the network security information, automatically generating a check record, and synchronously feeding back a checked receipt to the supervision user.
Step S309, judging whether a reply button can reply the network security information, if so, filling the reply information, indicating whether the network security information is processed, and ending the processing of the network security information; if not, no operation is performed.
Step S310, judging whether the time limit of the limited time correction contained in the network security information is expired, if so, automatically sending the expired information to a supervision unit, and if not, executing step S311.
In step S311, the flow proceeds to the deadline adjustment detail page.
In step S312, steps S308 to S309 are performed.
It should be noted that if, in step S310, the administrative user selects to reissue, step S216 to step S219 need to be performed again in the administrative operation interface. When the first instant message selects the report early warning type to select the reminding, the first instant message comprises the reminding message, and when the first instant message selects the limited time correction when the report early warning type is selected, the first instant message comprises the limited time correction message. When the notification early warning type is selected and reminding is selected, the second instant message comprises a referred receipt; when the limited time correction is selected when the type of the report early warning is selected, the second instant message comprises a correction time expiration notice. The reference record is collected as an operation record of the user.
The embodiment also provides a network security early warning notification device based on instant messaging software, which is used for implementing the above embodiments and preferred embodiments, and the description of the device is omitted. As used below, the terms "module," "unit," "sub-unit," and the like may implement a combination of software and/or hardware of predetermined functions. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware or a combination of software and hardware is also possible and contemplated.
Fig. 4 is a first structural diagram of a network security warning notification apparatus according to a preferred embodiment of the present application, and as shown in fig. 4, the apparatus includes:
the acquisition module 41 is used for acquiring network security information to be notified by early warning;
the first detection module 42, coupled to the obtaining module 41, is configured to detect preset feature information in the network security intelligence information, where the feature information is used to determine target information for receiving the network security intelligence information;
a first query module 43, coupled to the first detection module 42, configured to query target information in a preset target parameter table according to the characteristic information, where the preset target parameter table includes a corresponding relationship between the characteristic information and the target information, and the target information at least includes an early warning object receiving network security information;
the first processing module 44 and the first query module 43 are coupled and connected, and configured to notify at least network security information to an early warning object according to a preset early warning manner, where the early warning manner includes one of: and warning, reminding and correcting.
In some embodiments, the preset target parameter table includes an event-related target parameter table, and the first query module 43 is configured to extract threat information in the feature information, where the threat information includes at least one of: threat events, attack events, security vulnerabilities; inquiring an affair-related target associated with the threat information in an affair-related target parameter table according to the threat information, wherein the affair-related target parameter table comprises a relation between the affair-related target and the threat information generated by the affair-related target; and in the case that the accident-related target is detected, determining that the early warning object comprises the accident-related target.
In some embodiments, a plurality of first information units related to the affair target association are determined, wherein the first information units comprise websites; the first detection module 42 is configured to detect threat information in the first network security information generated by the plurality of first information units, and determine that the first information unit generating the first network security information is an incident information unit when the first detection module 42 detects the threat information; the query module 43 selects the event-related targets corresponding to the event-related information units, and determines that the target information includes the event-related targets.
In some embodiments, the first processing module 44 is configured to notify at least network security intelligence information to the early-warning object according to a preset early-warning manner, where the notifying includes: the first processing module 44 notifies the network security information to the early warning object when the early warning mode includes early warning reminding; the first processing module 44 notifies the early warning object of the network security information and the preset modification period when the early warning mode includes modification.
In some embodiments, the early warning object is associated with at least one second information unit, and the first processing module 44 is configured to update a notification status of the second information unit after notifying at least the network security intelligence information to the early warning object in a preset early warning manner, where the second information unit includes a website, and the notification status includes whether the second information unit is notified by an early warning.
Fig. 5 is a second structural diagram of a network security early warning notification apparatus according to a preferred embodiment of the present application, where the apparatus further includes:
a receiving module 51 for network security information;
a second detecting module 52, coupled to the receiving module 51, for detecting whether the modification deadline expires;
a second query module 53, coupled to the second detection module 52, configured to query a preset target parameter table and generate a preset new modification period, and configured to query an operation permission for network security information in a preset operation permission parameter table, where the preset operation permission parameter table includes a corresponding relationship between the early warning object and an operation permission possessed by the early warning object, and the operation permission includes a reply permission;
the second processing module 54 is coupled with the second query module 53, and is used for reporting the network security information and the new modification period to the early warning object, and for looking up unread network security information and marking the information state of the network security information as read, and generating a looked-up receipt corresponding to the network security information; and generating reply information corresponding to the network security information under the condition that the reply authority is found.
In some embodiments, in the case that the pre-warning manner includes pre-warning reminding, after receiving the cyber-security information, the second processing module 54 refers to the unread cyber-security information and marks the information status of the cyber-security information as read, and generates a referred receipt corresponding to the cyber-security information.
In some embodiments, in the case that the pre-warning manner includes modification, after the pre-warning object receives the network security information and the modification deadline, the second detecting module 52 detects whether the modification deadline expires; when the early-warning object detects that the rectification deadline is expired, the second query module 53 queries a preset target parameter table and generates a preset new rectification deadline, and the second processing module 54 notifies the early-warning object of network security information and the new rectification deadline; when the pre-warning object detects that the modification period is not expired, the second processing module 54 refers to unread network security information and marks the information status of the network security information as read, and generates a referred receipt corresponding to the network security information.
In some embodiments, after the information status flag of the network security intelligence information is read, the method comprises: the second query module 53 queries the operation authority for the network security information in a preset operation authority parameter table, wherein the preset operation authority parameter table includes the corresponding relationship between the operation authority of the early warning object and the operation authority of the early warning object, and the operation authority includes a reply authority; the second processing module 54 generates reply information corresponding to the network security intelligence information when inquiring that the reply authority exists.
Fig. 6 is an electronic apparatus according to an embodiment of the present application, and includes a processor 61 and a memory 62, where the memory stores a computer program, and the processor 61 is configured to execute the computer program to execute the network security early warning notification method of the present embodiment.
In particular, the processor 61 may include a Central Processing Unit (CPU), or an Application Specific Integrated Circuit (ASIC), or may be configured to implement one or more Integrated circuits of the embodiments of the present Application.
The processor 61 reads and executes the computer program instructions stored in the memory 62 to implement any one of the network security early warning notification methods in the above embodiments.
The memory 62 may be used to store or cache various data files that need to be processed and/or used for communication, as well as possible computer program instructions executed by the processor 61.
In some of these embodiments, the electronic device may also include a communication interface 63 and a bus 60. As shown in fig. 6, the processor 61, the memory 62, and the communication interface 63 are connected via a bus 60 to complete mutual communication.
The communication interface 63 is used for implementing communication between various modules, apparatuses, units and/or devices in the embodiments of the present application. The communication interface 63 may also enable communication with other components such as: the data communication is carried out among external equipment, image/data acquisition equipment, a database, external storage, an image/data processing workstation and the like.
In addition, in combination with the network security early warning notification method in the foregoing embodiments, the present application may provide a storage medium, where a computer program is stored in the storage medium, where the computer program is configured to execute the network security early warning notification method in the present application when running.
It should be noted that, for specific examples in this embodiment, reference may be made to examples described in the foregoing embodiments and optional implementations, and details of this embodiment are not described herein again.
It should be understood by those skilled in the art that various features of the above-described embodiments can be combined in any combination, and for the sake of brevity, all possible combinations of features in the above-described embodiments are not described in detail, but rather, all combinations of features which are not inconsistent with each other should be construed as being within the scope of the present disclosure.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. A network security early warning notification method is characterized in that the method is executed in an applet developed on instant messaging program software and comprises the following steps:
acquiring network security information to be notified by early warning;
detecting preset characteristic information in the network security intelligence information, wherein the characteristic information is used for determining target information for receiving the network security intelligence information;
inquiring the target information in a preset target parameter table according to the characteristic information, wherein the preset target parameter table comprises the corresponding relation between the characteristic information and the target information, and the target information at least comprises an early warning object for receiving the network security intelligence information;
at least reporting the network safety information to the early warning object according to a preset early warning mode, wherein the early warning mode comprises one of the following modes: warning, reminding and correcting.
2. The network security early warning notification method of claim 1, wherein the preset target parameter table comprises an event-related target parameter table, and the querying the target information in the preset target parameter table according to the feature information comprises:
extracting threat information in the feature information, wherein the threat information at least comprises one of the following: threat events, attack events, security vulnerabilities;
inquiring an affair-related target associated with the threat information in the affair-related target parameter table according to the threat information, wherein the affair-related target parameter table comprises a relation between the affair-related target and the threat information generated by the affair-related target;
and determining that the early warning object comprises the affair-related target under the condition that the affair-related target is detected.
3. The network security pre-warning notification method of claim 2, further comprising:
determining a plurality of first information units related to the affair-related target, wherein the first information units comprise websites;
detecting the threat information in first network security information generated by the plurality of first information units, and determining the first information unit generating the first network security information as an accident-related information unit under the condition that the threat information is detected;
and selecting the affair-related targets corresponding to the affair-related information units, and determining that the target information comprises the affair-related targets.
4. The network security early warning reporting method of claim 1, wherein reporting at least the network security intelligence information to the early warning object according to a preset early warning manner comprises:
under the condition that the early warning mode comprises the early warning prompt, notifying the network safety information to the early warning object;
and under the condition that the early warning mode comprises the rectification, reporting the network safety information and a preset rectification time limit to the early warning object.
5. The method for reporting network security early warning according to claim 4, wherein the early warning object is associated with at least one second information unit, and after reporting at least the network security intelligence information to the early warning object according to a preset early warning manner, the method comprises: updating a notification status of the second information unit, wherein the second information unit comprises a website, and the notification status comprises whether the second information unit is notified by an early warning.
6. The network security pre-warning notification method of claim 1, further comprising: and under the condition that the early warning mode comprises the early warning prompt, after the early warning object receives the network safety information, the early warning object refers to the unread network safety information and marks the information state of the network safety information as read, and generates a referred receipt corresponding to the network safety information.
7. The network security pre-warning notification method of claim 1, wherein the method further comprises: under the condition that the early warning mode comprises rectification, after the early warning object receives the network safety information and rectification time limit, the early warning object detects whether the rectification time limit is expired;
when the early warning object detects that the rectification deadline is expired, inquiring the preset target parameter table to generate a preset new rectification deadline, and notifying the early warning object of the network security information and the new rectification deadline;
and under the condition that the early warning object detects that the rectification deadline is not expired, the unread network security information is consulted, the information state of the network security information is marked as read, and a consulted receipt corresponding to the network security information is generated.
8. The network security pre-warning notification method according to claim 6 or 7, wherein after the information status flag of the network security intelligence information is read, the method comprises:
the early warning object inquires the operation authority of the network security information in a preset operation authority parameter table, wherein the preset operation authority parameter table comprises the corresponding relation of the operation authorities of the early warning object and the early warning object, and the operation authority comprises a reply authority;
and generating reply information corresponding to the network security information by the early warning object under the condition that the early warning object inquires that the early warning object has the reply authority.
9. An electronic device comprising a memory and a processor, wherein the memory stores a computer program, and the processor is configured to run the computer program to perform the network security pre-warning notification method according to any one of claims 1 to 8.
10. A storage medium having a computer program stored therein, wherein the computer program is configured to execute the network security warning notification method according to any one of claims 1 to 8 when the computer program runs.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011138569.6A CN112383411B (en) | 2020-10-22 | 2020-10-22 | Network security early warning notification method, electronic device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011138569.6A CN112383411B (en) | 2020-10-22 | 2020-10-22 | Network security early warning notification method, electronic device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112383411A CN112383411A (en) | 2021-02-19 |
| CN112383411B true CN112383411B (en) | 2022-11-15 |
Family
ID=74581722
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011138569.6A Active CN112383411B (en) | 2020-10-22 | 2020-10-22 | Network security early warning notification method, electronic device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112383411B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113794594B (en) * | 2021-09-14 | 2022-07-15 | 交通运输信息安全中心有限公司 | Reporting system for network safety early warning disposal |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017095215A1 (en) * | 2015-11-30 | 2017-06-08 | Linkdood Technologies Sdn Bhd | A type of enterprise level instant messaging(im) system and method that supports cross system messaging |
| CN106888439A (en) * | 2015-12-16 | 2017-06-23 | 中国移动通信集团辽宁有限公司 | Information processing system and its information processing method |
| CN110290048A (en) * | 2019-05-17 | 2019-09-27 | 国家工业信息安全发展研究中心 | Government network security information reporting chain |
| CN111382976A (en) * | 2020-03-18 | 2020-07-07 | 江苏苏宁物流有限公司 | Early warning data processing method and device, computer equipment and storage medium |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100908404B1 (en) * | 2008-09-04 | 2009-07-20 | (주)이스트소프트 | System and method for protecting from distributed denial of service |
| US9794279B2 (en) * | 2014-06-11 | 2017-10-17 | Accenture Global Services Limited | Threat indicator analytics system |
| CN107770125A (en) * | 2016-08-16 | 2018-03-06 | 深圳市深信服电子科技有限公司 | A kind of network security emergency response method and emergency response platform |
| CN107770374A (en) * | 2017-10-13 | 2018-03-06 | 杭州安恒信息技术有限公司 | APP application systems are moved in a kind of circular early warning for security control |
| CN110753074B (en) * | 2018-07-24 | 2021-09-14 | 华为技术有限公司 | Event early warning method and device |
| CN109672663B (en) * | 2018-11-09 | 2022-03-25 | 杭州安恒信息技术股份有限公司 | Closed-loop network security supervision method and system for security threat event |
-
2020
- 2020-10-22 CN CN202011138569.6A patent/CN112383411B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017095215A1 (en) * | 2015-11-30 | 2017-06-08 | Linkdood Technologies Sdn Bhd | A type of enterprise level instant messaging(im) system and method that supports cross system messaging |
| CN106888439A (en) * | 2015-12-16 | 2017-06-23 | 中国移动通信集团辽宁有限公司 | Information processing system and its information processing method |
| CN110290048A (en) * | 2019-05-17 | 2019-09-27 | 国家工业信息安全发展研究中心 | Government network security information reporting chain |
| CN111382976A (en) * | 2020-03-18 | 2020-07-07 | 江苏苏宁物流有限公司 | Early warning data processing method and device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112383411A (en) | 2021-02-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109743315B (en) | Behavior identification method, behavior identification device, behavior identification equipment and readable storage medium for website | |
| CN110489391B (en) | Data processing method and related equipment | |
| CN110417778B (en) | Access request processing method and device | |
| US20140344948A1 (en) | Automated Management of Private Information | |
| CN107426173B (en) | File protection method and device | |
| CN104246785A (en) | System and method for crowdsourcing of mobile application reputations | |
| US8250138B2 (en) | File transfer security system and method | |
| CN109495467B (en) | Method and device for updating interception rule and computer readable storage medium | |
| Sellwood et al. | Sleeping android: The danger of dormant permissions | |
| CN106254528B (en) | Resource downloading method and caching device | |
| CN110955395A (en) | Risk assessment method and device for printing system and storage medium | |
| CN112738138B (en) | Cloud security hosting method, device, equipment and storage medium | |
| CN112383411B (en) | Network security early warning notification method, electronic device and storage medium | |
| CN111756697B (en) | API safety detection method and device, storage medium and computer equipment | |
| CN109818972B (en) | Information security management method and device for industrial control system and electronic equipment | |
| CN111131166B (en) | User behavior prejudging method and related equipment | |
| CN109348472B (en) | OTA (over the air) upgrading method and system based on single-point pushing | |
| CN111949363A (en) | Service access management method, computer equipment, storage medium and system | |
| CN113297583B (en) | Vulnerability risk analysis method, device, equipment and storage medium | |
| JP5851311B2 (en) | Application inspection device | |
| KR20170025201A (en) | Method and apparatus for automatic process of query | |
| CN115525897A (en) | System detection method and device for terminal equipment, electronic device and storage medium | |
| CN113743813A (en) | Performance monitoring and assessment method, system, computer equipment and storage medium | |
| CN109714371B (en) | Industrial control network safety detection system | |
| CN109933990B (en) | Multi-mode matching-based security vulnerability discovery method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |