CN114091906A

CN114091906A - Security situation analysis method and device, electronic equipment and computer readable medium

Info

Publication number: CN114091906A
Application number: CN202111392805.1A
Authority: CN
Inventors: 王姗姗; 徐雷; 张曼君; 谢泽铖; 陆勰
Original assignee: China United Network Communications Group Co Ltd
Current assignee: China United Network Communications Group Co Ltd
Priority date: 2021-11-23
Filing date: 2021-11-23
Publication date: 2022-02-25

Abstract

The invention discloses a security situation analysis method and device, electronic equipment and a computer readable medium, which aim to solve the problem that in the prior art, only single data can be analyzed, so that the analysis result is one-sided. The method comprises the following steps: acquiring road monitoring information and production data information of a geographic area to be detected and network flow information of residents in the geographic area to be detected; processing the road monitoring information to obtain a traffic safety situation value of the geographical area to be detected, processing the production data information to obtain a production safety situation value of the geographical area to be detected, and processing the network traffic information to obtain a network safety situation value of the geographical area to be detected; and performing correlation analysis on the traffic safety situation value, the production safety situation value and the network safety situation value of the geographical area to be detected to obtain a comprehensive safety situation value of the geographical area to be detected.

Description

Security situation analysis method and device, electronic equipment and computer readable medium

Technical Field

The invention relates to the technical field of security, in particular to a security situation analysis method and device, electronic equipment and a computer readable medium.

Background

With the victory of poverty-deprivation and the victory of the poverty-deprivation, the step of comprehensively promoting the pleasure of the countryside is also accelerated, the digital countryside becomes an important strategy, as an important part for constructing the digital China, the construction of the mathematical countryside can help to accelerate the informatization development of the countryside, the modernization development degree of the agricultural countryside is integrally improved, and the wings of science and technology are inserted into the agricultural countryside.

While the digital rural construction process is promoted, the safety problem of the rural area cannot be ignored, the safety problem is really related to the vital interests of the rural area, the brought safety risk can cause economic loss, and the life safety of residents in the rural area is threatened.

The existing security situation analysis method, particularly the rural security situation analysis method, can only analyze single data, so that the analysis result is one-sided. When the national security analysis is needed, a plurality of platforms may be needed to analyze different data respectively, so that the analysis efficiency is low, the data intercommunication cost between different platforms is high, and the security analysis cost is increased.

Disclosure of Invention

Therefore, the invention provides a security situation analysis method and device, electronic equipment and a computer readable medium, which aim to solve the problem that in the prior art, only single data can be analyzed, so that the analysis result is one-sided.

In order to achieve the above object, a first aspect of the present invention provides a security posture analyzing method, including:

acquiring road monitoring information and production data information of a geographic area to be detected and network flow information of residents in the geographic area to be detected;

processing the road monitoring information to obtain a traffic safety situation value of the geographical area to be detected, processing the production data information to obtain a production safety situation value of the geographical area to be detected, and processing the network traffic information to obtain a network safety situation value of the geographical area to be detected;

and performing correlation analysis on the traffic safety situation value, the production safety situation value and the network safety situation value of the geographical area to be detected to obtain a comprehensive safety situation value of the geographical area to be detected.

Optionally, the acquiring of the road monitoring information and the production data information of the geographic area to be detected and the network traffic information of residents in the geographic area to be detected includes: collecting the road monitoring information through the road monitoring equipment of the geographical area to be detected, wherein the road monitoring information comprises video data collected by the road monitoring equipment of the geographical area to be detected; collecting the production data information through the Internet of things and production equipment of the geographic area to be detected, wherein the production data information comprises data of multiple links of a product supply chain of the geographic area to be detected; and acquiring the network flow information through operator network equipment of the geographic area to be detected, wherein the network flow information comprises communication flow data of residents in the geographic area to be detected.

Further optionally, the processing the road monitoring information to obtain the traffic safety situation value of the geographic area to be detected includes: and calculating the similarity between the video data acquired by the road monitoring equipment of the geographical area to be detected and the plurality of standard safety data by using a perceptual hash algorithm, and acquiring the traffic safety situation value of the geographical area to be detected according to the similarity.

Further optionally, the processing the production data information to obtain the production safety situation value of the geographic area to be detected includes: and acquiring the completion degree of the product supply chain of the geographical area to be detected according to the data of the multiple links of the product supply chain of the geographical area to be detected, and acquiring the production safety situation value of the geographical area to be detected according to the completion degree of the product supply chain of the geographical area to be detected.

Further optionally, the processing the network traffic information to obtain the network security situation value of the geographic area to be detected includes: and inputting the communication flow data of residents in the geographic area to be detected into a pre-trained model, judging whether the residents in the geographic area to be detected have communication abnormity, and acquiring the network security situation value of the geographic area to be detected according to the judgment result.

Optionally, before performing association analysis on the traffic safety situation value, the production safety situation value, and the network safety situation value of the geographic area to be detected to obtain the comprehensive safety situation value of the geographic area to be detected, the method further includes: acquiring a safety situation evaluation result of residents in the geographic area to be tested on the geographic area to be tested; the correlation analysis of the traffic safety situation value, the production safety situation value and the network safety situation value of the geographic area to be detected to obtain the comprehensive safety situation value of the geographic area to be detected comprises the following steps: and performing correlation analysis on the safety situation evaluation result, the traffic safety situation value, the production safety situation value and the network safety situation value to obtain a comprehensive safety situation value of the geographical area to be detected.

Further optionally, the associating and analyzing the safety situation evaluation result of the residents in the geographic area to be detected on the geographic area to be detected, the traffic safety situation value, the production safety situation value and the network safety situation value of the geographic area to be detected to obtain the comprehensive safety situation value of the geographic area to be detected includes: selecting a weight model from a preset model library, and calculating influence weights of the safety situation evaluation result, the traffic safety situation value, the production safety situation value and the network safety situation value on the comprehensive safety situation value of the geographical area to be tested according to the weight model; and acquiring a comprehensive safety situation value of the geographical area to be detected according to the safety situation evaluation result of the geographical area to be detected, the traffic safety situation value, the production safety situation value, the network safety situation value and the corresponding influence weight of the geographical area to be detected.

A second aspect of the present invention provides a security posture analyzing apparatus, comprising:

the system comprises an information acquisition module, a data processing module and a data processing module, wherein the information acquisition module is used for acquiring road monitoring information and production data information of a geographic area to be detected and network flow information of residents in the geographic area to be detected;

the data processing module is used for processing the road monitoring information to acquire a traffic safety situation value of the geographic area to be detected, processing the production data information to acquire a production safety situation value of the geographic area to be detected, and processing the network traffic information to acquire a network safety situation value of the geographic area to be detected;

and the comprehensive analysis module is used for performing correlation analysis on the traffic safety situation value, the production safety situation value and the network safety situation value of the geographical area to be detected to obtain a comprehensive safety situation value of the geographical area to be detected.

A third aspect of the present invention provides an electronic apparatus comprising:

one or more processors;

a storage device having one or more programs stored thereon which, when executed by the one or more processors, cause the one or more processors to implement the above-described method;

one or more I/O interfaces connected between the processor and the memory and configured to enable information interaction between the processor and the memory.

A fourth aspect of the invention provides a computer-readable medium, on which a computer program is stored, which program, when being executed by a processor, is adapted to carry out the method described above.

The invention has the following advantages:

the safety situation analysis method provided by the embodiment of the invention can be used for processing various types of data simultaneously so as to obtain the traffic safety situation value, the production safety situation value and the network safety situation value of the geographical area to be detected, and performing correlation analysis to obtain the comprehensive safety situation value.

Drawings

The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention.

Fig. 1 is a schematic flow chart of a security situation analysis method according to an embodiment of the present invention;

fig. 2 is a schematic flowchart illustrating a part of steps of a security situation analyzing method according to an embodiment of the present invention;

FIG. 3 is a flowchart illustrating a portion of steps of a method for security posture analysis according to an embodiment of the present invention;

FIG. 4 is a flowchart illustrating a portion of steps of a method for security posture analysis according to an embodiment of the present invention;

FIG. 5 is a flowchart illustrating a portion of steps of a method for security posture analysis according to an embodiment of the present invention;

FIG. 6 is a flowchart illustrating a portion of steps of a method for security posture analysis according to an embodiment of the present invention;

fig. 7 is a block diagram illustrating a security situation analysis apparatus according to an embodiment of the present invention;

fig. 8 is a schematic composition diagram of a security situation analysis apparatus according to an embodiment of the present invention;

fig. 9 is a schematic composition diagram of an electronic device according to an embodiment of the present invention.

Detailed Description

The following describes in detail embodiments of the present invention with reference to the drawings. It should be understood that the detailed description and specific examples, while indicating the present invention, are given by way of illustration and explanation only, not limitation.

As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.

When the terms "comprises" and/or "comprising … …" are used in this specification, the presence of stated features, integers, steps, operations, elements, and/or components are specified, but does not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.

The embodiments of the invention may be described with reference to plan views and/or cross-sectional views by way of idealized schematic representations of the invention. Accordingly, the example illustrations can be modified in accordance with manufacturing techniques and/or tolerances.

Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the relevant art and the present invention and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.

In a first aspect, an embodiment of the present invention provides a security posture analysis method.

Fig. 1 is a schematic flow chart of a security posture analysis method according to an embodiment of the present invention.

Referring to fig. 1, the method for analyzing a security situation according to the embodiment of the present invention specifically includes:

s101, acquiring road monitoring information and production data information of the geographic area to be detected and network flow information of residents in the geographic area to be detected.

The safety situation analysis device acquires road monitoring information of the geographic area to be detected through road monitoring equipment installed in the geographic area to be detected, acquires production data information of the geographic area to be detected through a product supply chain of the geographic area to be detected, and acquires network flow information of residents of the geographic area to be detected through operator equipment.

The road monitoring equipment of the geographic area to be detected can be monitoring equipment which is installed on a country road, a village intersection, a farm orchard, a resident doorway and the like and can shoot the country road; the products in the geographic area to be measured can be agricultural products, handmade products, industrial products and the like produced in the country.

S102, the road monitoring information is processed to obtain a traffic safety situation value of the geographical area to be detected, the production data information is processed to obtain a production safety situation value of the geographical area to be detected, and the network traffic information is processed to obtain a network safety situation value of the geographical area to be detected.

The safety situation analysis device respectively processes the acquired road monitoring information, production data information and network flow information after acquiring the road monitoring information and the production data information of the geographical area to be detected and the network flow information of residents of the geographical area to be detected, acquires a traffic safety situation value of the geographical area to be detected by processing the road monitoring information, acquires a production safety situation value of the geographical area to be detected by processing the production data information and acquires a network safety situation value of the geographical area to be detected by processing the network flow information.

Specifically, most of the road monitoring information is semi-structured data such as video images, and therefore, the road monitoring information can be processed by using an artificial intelligence algorithm (such as a support vector machine algorithm) and utilizing a model.

Most of the production data information and the network traffic information are structured data, so that the production data information and the network traffic information can be processed by using a common standard algorithm.

S103, carrying out correlation analysis on the traffic safety situation value, the production safety situation value and the network safety situation value of the geographical area to be detected to obtain a comprehensive safety situation value of the geographical area to be detected.

After the traffic safety situation value, the production safety situation value and the network safety situation value of the geographical area to be detected are obtained, the safety situation analysis device performs correlation analysis on the traffic safety situation value, the production safety situation value and the network safety situation value to obtain a comprehensive safety situation value of the geographical area to be detected.

Specifically, after acquiring the comprehensive security situation value of the geographic area to be tested, the security situation analysis device can comprehensively display the security situation of the geographic area to be tested on a large screen, such as displaying the traffic security situation value, the production security situation value, the network security situation value, and the comprehensive security situation value in an imaging manner.

With the development of digital villages and communication network technologies, especially the development of 5G (fifth generation mobile communication technology) communication, the construction progress of rural communication networks is continuously promoted, the national rural communication coverage rate exceeds 98%, the popularization of the internet utilization rate of farmers is realized, the communication networks play an unavailable role in the construction of the digital villages, the network safety becomes an important aspect of rural safety, and the communication networks, the traffic safety and the production safety guarantee the production and the life of residents in the villages.

Compared with the prior art in which single data is analyzed to obtain a security situation result, the security situation analysis method provided by the embodiment of the invention can simultaneously process various types of data to obtain the traffic security situation, the production security situation and the network security situation of the geographic area to be detected, and perform correlation analysis to obtain the comprehensive security situation.

In some embodiments, referring to fig. 2, acquiring road monitoring information and production data information of a geographic area to be detected, and network traffic information of residents of the geographic area to be detected (step S101), specifically including:

s201, collecting road monitoring information through road monitoring equipment of the geographical area to be detected, wherein the road monitoring information comprises video data collected by the road monitoring equipment of the geographical area to be detected.

The safety situation analysis device reads video data collected by road monitoring equipment (such as monitoring equipment which is arranged on roads of a certain country, villages, intersections, farmlands, resident doorways and the like and can shoot the roads of the country) arranged in a geographic area to be detected (specifically, the certain country) according to a certain time interval, and takes the video data as road monitoring information of the geographic area to be detected.

S202, collecting production data information through the Internet of things and production equipment of the geographic area to be detected, wherein the production data information comprises data of multiple links of a product supply chain of the geographic area to be detected.

The safety situation analysis device collects data of multiple links of a supply chain of production, processing, sale and the like of products (specifically agricultural products, handmade products, industrial products and the like produced in the country) through the Internet of things and intelligent production equipment (such as production equipment provided with an intelligent control program) of the geographic area to be detected, and the data are used as production data information of the geographic area to be detected.

S203, collecting production data information through the Internet of things and production equipment of the geographic area to be detected, wherein the production data information comprises data of multiple links of a product supply chain of the geographic area to be detected.

The security situation analysis device collects resident communication traffic data (including fixed communication traffic data and mobile communication traffic data) through operator network equipment, and uses the data as network traffic information of the geographic area to be detected.

It should be emphasized that the steps S201, S202, and S203 are not executed in a sequential order, and the security situation analysis apparatus may execute these steps at the same time.

In some embodiments, referring to fig. 3, in a case that the road monitoring information includes video data acquired by a road monitoring device of the geographic area to be detected, processing the road monitoring information to obtain a traffic safety situation value of the geographic area to be detected includes:

s301, calculating the similarity between video data acquired by road monitoring equipment of the geographic area to be detected and the plurality of standard safety data by using a perceptual hash algorithm, and acquiring the traffic safety situation value of the geographic area to be detected according to the similarity.

The safety situation analysis device decomposes video data into multi-frame images after acquiring the video data acquired by the road monitoring equipment, compares and identifies the decomposed images with a plurality of standard safety images, calculates similarity by using a perceptual hash algorithm, and obtains a traffic safety situation value of a geographical area to be detected according to the calculated similarity.

In some embodiments, in order to increase the processing speed, a key frame extraction technology is adopted to extract key frames in the video data, the key frames are compared and identified with a plurality of standard security images, the similarity is calculated by using a perceptual hash algorithm, the traffic and personnel security situation of the geographic area to be detected is obtained according to the calculated similarity, and the traffic and personnel security situation is used as the traffic security situation value of the geographic area to be detected.

In some embodiments, referring to fig. 4, in a case that the production data information includes data of multiple links of a product supply chain in a geographic area to be measured, processing the production data information to obtain a production safety situation value of the geographic area to be measured includes:

s401, according to data of multiple links of a product supply chain of the geographic area to be detected, the completion degree of the product supply chain of the geographic area to be detected is obtained, and according to the completion degree of the product supply chain of the geographic area to be detected, the production safety situation value of the geographic area to be detected is obtained.

The safety situation analysis device acquires data of multiple links of a supply chain such as product production, processing and sale, acquires the completion degree of the product supply chain according to the data, acquires the production safety situation of the geographical area to be detected according to the completion degree of the product supply chain, and takes the production safety situation as the production safety situation value of the geographical area to be detected.

The safety situation analysis device can also utilize the data to perform safety tracing, so that the intelligent cultivation, product tracing, farm management and other services are provided, and the agricultural production safety is promoted.

In some embodiments, referring to fig. 5, in a case that the network traffic information includes communication traffic data of residents in the geographic area to be measured, processing the network traffic information to obtain a network security situation value of the geographic area to be measured includes:

s501, inputting communication flow data of residents in the geographic area to be detected into a pre-trained model, judging whether the residents in the geographic area to be detected have communication abnormity, and acquiring a network security situation value of the geographic area to be detected according to a judgment result.

After acquiring the fixed communication traffic data and the mobile communication traffic data of the residents, the security situation analysis device may input the traffic data into a pre-trained model (e.g., a model for determining whether a fraud call is received), determine whether the residents in the geographic area to be detected have communication abnormality in combination with other network security open capabilities of the operator, acquire the network security situation of the geographic area to be detected according to the determination result, and use the network security situation as the network security situation value of the geographic area to be detected.

In some embodiments, referring to fig. 6, before performing association analysis on the traffic safety situation value, the production safety situation value, and the network safety situation value of the geographic area to be measured to obtain the comprehensive safety situation value of the geographic area to be measured (step S103), the method further includes:

s601, obtaining a safety situation evaluation result of residents in the geographic area to be tested on the geographic area to be tested.

Residents in the geographic area to be detected can perform real-name authentication and basic information filling through a terminal (such as a mobile phone), perform information registration (such as agricultural machinery registration and land registration), and fill in questionnaires (such as questionnaires for evaluating the safety situation of the geographic area to be detected).

The security situation analysis device can acquire the security situation evaluation result of residents of the geographic area to be tested on the geographic area to be tested by acquiring the filling result of the questionnaire for evaluating the security situation of the geographic area to be tested.

The traffic safety situation value, the production safety situation value and the network safety situation value of the geographical area to be detected are subjected to correlation analysis to obtain a comprehensive safety situation value (S103) of the geographical area to be detected, and the method comprises the following steps:

s602, performing correlation analysis on the safety situation evaluation result, the traffic safety situation value, the production safety situation value and the network safety situation value to obtain a comprehensive safety situation value of the geographical area to be detected.

And the safety situation analysis device performs correlation analysis on the traffic safety situation value, the production safety situation value and the network safety situation value by combining the safety situation evaluation result filled by residents to obtain a comprehensive safety situation value of the geographical area to be detected.

Obviously, the traffic safety, the production safety and the network safety have different safety influence degrees on the geographical area to be measured, so the safety situation analysis device can select an appropriate weight model from a model library comprising a plurality of preset models, calculate the respective influence degrees of the safety situation evaluation result, the traffic safety situation value, the production safety situation value and the network safety situation value on the comprehensive safety situation value according to the weight model, namely the respective corresponding influence weights, calculate a score (such as a score of 0-10) according to the safety situation evaluation result, the traffic safety situation value of the geographical area to be measured, the production safety situation value, the network safety situation value and the corresponding influence weights, and take the score as the comprehensive safety situation value of the geographical area to be measured.

The weight model may be a model obtained by training road monitoring information with labels, production data information, and network traffic information using an artificial intelligence algorithm, or a model for determining weights by AHP (multi-scheme decision method), or a model for determining weights by a coefficient method.

The steps of the above methods are divided for clarity, and the implementation may be combined into one step or split some steps, and the steps are divided into multiple steps, so long as the same logical relationship is included, which are all within the protection scope of the present patent; it is within the scope of the patent to add insignificant modifications to the algorithms or processes or to introduce insignificant design changes to the core design without changing the algorithms or processes.

In a second aspect, referring to fig. 7, an embodiment of the present invention provides a security situation analyzing apparatus.

The information acquisition module is used for acquiring road monitoring information and production data information of the geographic area to be detected and network flow information of residents in the geographic area to be detected;

In some specific embodiments, referring to fig. 8, the security situation analysis apparatus according to the embodiment of the present invention further includes a human-computer interaction module and a distributed database.

The human-computer interaction module comprises an intelligent large screen, an alarm notification unit, a background management unit and a standard interface, and can display the safety situation of the whole geographical area to be detected or a specific place (area) through the intelligent large screen; through the alarm notification, manual alarm and automatic alarm notification can be provided for a manager, and safety information is pushed to residents, so that an early warning effect is achieved; through the standard interface, other equipment can access the security situation analysis device and acquire a security situation analysis result; through background management, an administrator can log in a background management unit through a terminal (such as a mobile phone) to manage the security situation analysis device.

The distributed database is used for storing data generated by each module of the security situation analyzing device, required to be stored and required to be used, such as various models and the like.

The information acquisition module specifically comprises a monitoring information acquisition unit, a production data acquisition unit, a network flow acquisition unit and a basic information acquisition unit.

The basic information acquisition unit is used for acquiring information filled by residents in a geographic area to be detected through a terminal (such as a mobile phone), specifically, the residents can log in through an account distributed by the security situation analysis device, the security situation analysis device judges that a user is a common resident or an administrator according to the user account, and when the user is judged to be the common resident, the account is allowed to perform real-name authentication, information registration and filling in a difference questionnaire.

The monitoring information acquisition unit is used for reading video data collected by road monitoring equipment (such as monitoring equipment which is arranged on the rural road, a village intersection, a farm orchard, a resident doorway and the like and can shoot the rural road) arranged in the geographic area to be detected according to a certain time interval.

The production data acquisition unit is used for acquiring data of multiple links of a supply chain of production, processing, sale and the like of products (specifically agricultural products, handmade products, industrial products and the like produced in the country) through the Internet of things and intelligent production equipment (such as production equipment provided with an intelligent control program) in a geographic area to be detected.

The network flow acquisition unit is used for acquiring resident communication flow data (including fixed communication flow data and mobile communication flow data).

The data processing module specifically comprises an image analysis unit and a structured data analysis unit.

The image analysis unit is used for decomposing the video data into multi-frame images, comparing and identifying the decomposed images with a plurality of standard safety images, calculating the similarity by using a perceptual hash algorithm, and obtaining the traffic safety situation value of the geographical area to be detected according to the calculated similarity.

The structured data analysis unit is used for acquiring the completion degree of a product supply chain according to data of multiple links of the supply chain such as product production, processing and sale, acquiring the production safety situation of the geographic area to be detected according to the completion degree of the product supply chain, and taking the production safety situation as the production safety situation value of the geographic area to be detected; and inputting the fixed communication traffic data and the mobile communication traffic data of the residents into a pre-trained model (which can be stored in a distributed database), judging whether the residents in the geographic area to be detected have communication abnormality or not by combining with other network security open capacity of an operator, acquiring the network security situation of the geographic area to be detected according to the judgment result, and taking the network security situation as the network security situation value of the geographic area to be detected.

The comprehensive analysis module is specifically configured to select a suitable weight model from a model library (i.e., a distributed database) including a plurality of preset models, calculate respective degrees of influence of the security situation evaluation result, the traffic security situation value, the production security situation value, and the network security situation value on the comprehensive security situation value, i.e., respective corresponding influence weights, according to the weight model, calculate a score (e.g., a score of 0 to 10) according to the security situation evaluation result, the traffic security situation value of the geographic area to be measured, the production security situation value, the network security situation value, and the corresponding influence weights, and use the score as the comprehensive security situation value of the geographic area to be measured.

It is to be understood that the invention is not limited to the particular arrangements and instrumentality described in the above embodiments and shown in the drawings. For convenience and brevity of description, detailed description of a known method is omitted here, and for the specific working processes of the system, the module and the unit described above, reference may be made to corresponding processes in the foregoing method embodiments, which are not described herein again.

Referring to fig. 9, an embodiment of the present invention provides an electronic device, including:

one or more processors 901;

a memory 902 having one or more programs stored thereon that, when executed by the one or more processors, cause the one or more processors to implement the security posture analysis method of any one of the above;

one or more I/O interfaces 903 coupled between the processor and the memory and configured to enable information interaction between the processor and the memory.

Among them, the processor 901 is a device with data processing capability, which includes but is not limited to a Central Processing Unit (CPU) or the like; memory 902 is a device having data storage capabilities including, but not limited to, random access memory (RAM, more specifically SDRAM, DDR, etc.), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), FLASH memory (FLASH); an I/O interface (read/write interface) 903 is coupled between the processor 901 and the memory 902 and can enable information interaction between the processor 901 and the memory 902, which includes but is not limited to a data Bus (Bus) and the like.

In some embodiments, the processor 901, memory 902, and I/O interface 903 are connected to each other and to other components of the computing device by a bus.

The present embodiment further provides a computer readable medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the security posture analysis method provided in the present embodiment, and in order to avoid repeated descriptions, specific steps of the security posture analysis method are not described herein again.

It will be understood by those of ordinary skill in the art that all or some of the steps of the above inventive method, systems, functional modules/units in the apparatus may be implemented as software, firmware, hardware, and suitable combinations thereof. In a hardware implementation, the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be performed by several physical components in cooperation. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as is well known to those of ordinary skill in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, Digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computer. In addition, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media as known to those skilled in the art.

It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

Those skilled in the art will appreciate that although some embodiments described herein include some features included in other embodiments instead of others, combinations of features of different embodiments are meant to be within the scope of the embodiments and form different embodiments.

It will be understood that the above embodiments are merely exemplary embodiments adopted to illustrate the principles of the present invention, and the present invention is not limited thereto. It will be apparent to those skilled in the art that various modifications and improvements can be made without departing from the spirit and scope of the invention, and such modifications and improvements are also considered to be within the scope of the invention.

Claims

1. A method for security posture analysis, the method comprising:

2. The method according to claim 1, wherein the acquiring of the road monitoring information, the production data information and the network traffic information of the residents in the geographic area to be detected comprises:

acquiring the road monitoring information through the road monitoring equipment of the geographical area to be detected, wherein the road monitoring information comprises video data acquired by the road monitoring equipment of the geographical area to be detected;

collecting the production data information through the Internet of things and production equipment of the geographic area to be detected, wherein the production data information comprises data of multiple links of a product supply chain of the geographic area to be detected;

and acquiring the network flow information through operator network equipment of the geographic area to be detected, wherein the network flow information comprises communication flow data of residents in the geographic area to be detected.

3. The method according to claim 2, wherein the processing the road monitoring information to obtain the traffic safety situation value of the geographic area to be detected comprises:

and calculating the similarity between the video data acquired by the road monitoring equipment of the geographical area to be detected and the plurality of standard safety data by using a perceptual hash algorithm, and acquiring the traffic safety situation value of the geographical area to be detected according to the similarity.

4. The method according to claim 2, wherein the processing the production data information to obtain the production safety situation value of the geographic area to be tested comprises:

and acquiring the completion degree of the product supply chain of the geographical area to be detected according to the data of the multiple links of the product supply chain of the geographical area to be detected, and acquiring the production safety situation value of the geographical area to be detected according to the completion degree of the product supply chain of the geographical area to be detected.

5. The method according to claim 2, wherein the processing the network traffic information to obtain the network security posture value of the geographic area to be tested comprises:

and inputting the communication flow data of residents in the geographic area to be detected into a pre-trained model, judging whether the residents in the geographic area to be detected have communication abnormity, and acquiring the network security situation value of the geographic area to be detected according to the judgment result.

6. The method of claim 1,

before performing correlation analysis on the traffic safety situation value, the production safety situation value and the network safety situation value of the geographic area to be detected to obtain the comprehensive safety situation value of the geographic area to be detected, the method further comprises the following steps:

acquiring a safety situation evaluation result of residents in the geographic area to be tested on the geographic area to be tested;

the correlation analysis of the traffic safety situation value, the production safety situation value and the network safety situation value of the geographical area to be detected to obtain the comprehensive safety situation value of the geographical area to be detected comprises the following steps:

and performing correlation analysis on the safety situation evaluation result, the traffic safety situation value, the production safety situation value and the network safety situation value to obtain a comprehensive safety situation value of the geographical area to be detected.

7. The method according to claim 6, wherein the obtaining of the comprehensive security situation value of the geographic area to be tested by performing correlation analysis on the security situation evaluation result of the residents of the geographic area to be tested on the geographic area to be tested, the traffic security situation value, the production security situation value and the network security situation value of the geographic area to be tested comprises:

selecting a weight model from a preset model library, and calculating influence weights of the safety situation evaluation result, the traffic safety situation value, the production safety situation value and the network safety situation value on the comprehensive safety situation value of the geographical area to be tested according to the weight model;

and acquiring a comprehensive safety situation value of the geographical area to be detected according to the safety situation evaluation result of the geographical area to be detected, the traffic safety situation value, the production safety situation value, the network safety situation value and the corresponding influence weight of the geographical area to be detected.

8. A security posture analysis apparatus, characterized in that the apparatus comprises:

the system comprises an information acquisition module, a data acquisition module and a data acquisition module, wherein the information acquisition module is used for acquiring road monitoring information and production data information of a geographic area to be detected and network flow information of residents in the geographic area to be detected;

9. An electronic device, comprising:

one or more processors;

storage, having one or more programs stored thereon, which when executed by the one or more processors, cause the one or more processors to implement the method of any of claims 1-7;

10. A computer-readable medium, on which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-7.