CN114679333A - Dual security decision method based on function and network and computer readable storage medium - Google Patents
Dual security decision method based on function and network and computer readable storage medium Download PDFInfo
- Publication number
- CN114679333A CN114679333A CN202210413437.2A CN202210413437A CN114679333A CN 114679333 A CN114679333 A CN 114679333A CN 202210413437 A CN202210413437 A CN 202210413437A CN 114679333 A CN114679333 A CN 114679333A
- Authority
- CN
- China
- Prior art keywords
- network
- function
- security
- safety
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 44
- 230000009977 dual effect Effects 0.000 title claims abstract description 34
- 230000006870 function Effects 0.000 claims abstract description 104
- 238000012795 verification Methods 0.000 claims abstract description 44
- 231100000279 safety data Toxicity 0.000 claims abstract description 28
- 239000000284 extract Substances 0.000 claims description 4
- 238000005336 cracking Methods 0.000 abstract description 4
- 238000004364 calculation method Methods 0.000 description 4
- 238000004590 computer program Methods 0.000 description 3
- 150000001875 compounds Chemical class 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 239000000463 material Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention relates to a dual security decision method based on function and network and a computer-readable storage medium. Aiming at one operation scene, the invention respectively judges the data generated by the applicable multiple functional safety strategies to ensure the conformity with the functional safety, and simultaneously respectively judges the data generated by the applicable multiple network safety strategies to ensure the conformity with the network safety, thereby meeting the requirements of the network safety and the functional safety. And aiming at the operation scene which is initially judged to be safe, extracting the data combination of the function safety data and the network safety data, and performing parallel verification on each data combination by adopting a plurality of different verification model functions, so that the simultaneous accordance with the function safety and the network safety can be ensured. Through circulation verification, the cracking difficulty is exponentially increased, and the safety can be further ensured.
Description
Technical Field
The present invention relates to the field of network security, and more particularly, to a dual security decision method based on function and network and a computer-readable storage medium.
Background
The cyber-physical system has dual world attributes and dual function security problems, specifically including function security problems and network security problems, and the security system in the existing defense and attack mode mainly aims at the reliability of function security and the security protection mode of vulnerability patch type of network security. The interleaving property of the double security problem enables the traditional reliability theory premise to be overturned, and a novel network protection method is urgently needed to solve the common problem of functional security and network security.
However, the security decision scheme in the prior art considers functional security and network security separately, and does not consider the interleaving problem of functional security and network security comprehensively, and in the key information infrastructure, the double security problem becomes the most serious common threat of network security.
Disclosure of Invention
The present invention is directed to solve the above-mentioned problems of the prior art, and provides a dual security determination method based on function and network and a computer-readable storage medium, which can effectively ensure both function security and network security.
The technical scheme adopted by the invention for solving the technical problems is as follows: a dual safety judgment method based on functions and networks is constructed, and the method comprises the following steps:
s1, performing initial safety judgment on the operation scene based on the function safety data and the network safety data respectively;
and S2, extracting data combinations of the function safety data and the network safety data of the operation scene which is initially judged to be safe, performing parallel verification on each data combination by adopting a plurality of different verification model functions, and circularly judging whether the operation scene is safe or not based on the parallel verification result.
In the dual security determination method based on function and network according to the present invention, the step S1 further includes the following steps:
s11, collecting function security policy setA is ═ a1,a2,…,amB and network security policy set B ═ B1,b2,…,bn}
S12, the operation scene S is jointly constructed through heterogeneous redundancy of function security and network security { S1, S2, …, sl };
s13, calculating a function safety index for each operation scene and judging whether the function is safe or not based on the function safety index;
s14, calculating a network safety index aiming at each operation scene and judging whether the network is safe or not based on the network safety index;
s15, performing the initial safety judgment on the operation scene based on the function safety judgment result and the network safety judgment result.
In the dual security determination method based on function and network according to the present invention, the step S13 further includes the following steps:
s131, aiming at the operation scene Si, selecting the function security policy set A ═ { a ═ from the function security policy set A1,a2,…,amExtract application function security policy set Asi∈A,Applying to obtain functional safety data related to the operation scene SiAnd the set of application function security policiesCorresponding functional safety threshold
S132, safety data based on functionsCalculating the functional safety of the operation scene SiNumber of
S133, safety index based on functionAnd said functional safety thresholdAnd judging whether the function is safe.
In the dual security determination method based on function and network according to the present invention, in the step S133, the function security of the operation scenario Si is calculated based on the following formulaWhereinWhen X is presentsiAnd if not equal to 0, judging that the operation scene Si is unsafe, otherwise, judging that the operation scene Si is safe in function.
In the dual security determination method based on function and network according to the present invention, the step S14 further includes the following steps:
s141, aiming at the operation scene Si, selecting the network security policy set B ═ { B ═ B1,b2,…,bnExtracting application network security policy set Bsi∈B,Applying to obtain network security data related to the operating scenario SiAnd the application network security policy setCorresponding network security threshold
S142, based on the network security dataCalculating the network security index of the operation scene Si
S143, based on the network security indexAnd the network security thresholdAnd judging whether the network is safe.
In the dual security determination method based on function and network according to the present invention, in the step S143, the network security of the operation scenario Si is calculated based on the following formulaWhereinWhen Y issiAnd if not equal to 0, judging that the operation scene Si is unsafe, otherwise, judging that the operation scene Si is safe in network.
In the dual security determination method based on function and network according to the present invention, in the step S15, when X is detectedsi0 and YsiAnd when the running scene Si is 0, initially judging that the running scene Si is safe.
In the dual security decision method based on function and network according to the present invention, the step S2 further includes the following steps:
s21, extracting a data combination C ═ C of function safety data and network safety data aiming at the operation scene which is initially judged to be safe1,c2,…,ct}
S22, c for each data combinationkUsing r different verification model functions W ═ W1,W2,…,WrPerforming parallel verification, and if a single verification is safe, making Wi(ck)=0;
S23, judging whether the parallel verification result satisfiesIf yes, executing step S24, otherwise, judging the data combination ckThe corresponding operation scene is a danger;
s24, adding the circulation times, judging whether the circulation times reach the upper limit, if so, judging the data combination ckAnd if the corresponding operation scene is safe, otherwise, returning to the step S22.
In the dual security determination method based on function and network according to the present invention, the number of cycles is greater than or equal to 2.
Another technical solution to solve the technical problem of the present invention is to construct a computer-readable storage medium, wherein the computer-readable storage medium is configured to implement the dual security determination method based on function and network when executed by a processor.
By implementing the dual-safety judgment method based on the function and the network and the computer readable storage medium, the accessed node can be finally accessed only if the space condition and the time condition are met and each node on the path is credible; therefore, the reliability of secret access can be effectively ensured, and the risk of secret leakage is reduced.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a flow chart of the steps of a preferred embodiment of the dual function and network based security decision method of the present invention;
FIG. 2 is a flow chart of the initial security decision steps of the preferred embodiment of the dual function and network based security decision method of the present invention;
fig. 3 is a schematic diagram of the multi-mode authentication step of the preferred embodiment of the dual security decision method based on function and network of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and do not limit the invention.
The invention relates to a dual safety judgment method based on functions and a network, which comprises the steps of carrying out initial safety judgment on an operation scene based on function safety data and network safety data respectively; and aiming at the operation scene which is initially judged to be safe, extracting the data combination of the function safety data and the network safety data, performing parallel verification on each data combination by adopting a plurality of different verification model functions, and circularly judging whether the operation scene is safe or not based on the parallel verification result. Aiming at one operation scene, data generated by a plurality of applicable functional safety strategies are respectively judged to ensure that the data accord with functional safety, and meanwhile, data generated by a plurality of applicable network safety strategies are respectively judged to ensure that the data accord with network safety, so that the requirements of network safety and functional safety can be met. And aiming at the operation scene which is initially judged to be safe, extracting the data combination of the function safety data and the network safety data, and performing parallel verification on each data combination by adopting a plurality of different verification model functions, so that the simultaneous accordance with the function safety and the network safety can be ensured. Through circulation verification, the cracking difficulty is exponentially increased, and the safety can be further ensured.
Fig. 1 is a flow chart of the steps of a preferred embodiment of the dual function and network-based security decision method of the present invention. As described in fig. 1, in step S1, an initial security decision is made on the operation scenario based on the function security data and the network security data, respectively. In a preferred embodiment of the present invention, a functional security policy set and a network security policy set may be collected separately; the operation scene is constructed through heterogeneous redundancy of functional safety and network safety; calculating a functional safety index for each operating scene and determining whether the function is safe or not based on the functional safety index; calculating a network security index for each of the operating scenarios and determining whether to be network secure based on the network security index; and finally, performing the initial safety judgment on the operation scene based on a function safety judgment result and a network safety judgment result. In the method, for one operation scene, data generated by a plurality of applicable functional security policies are respectively judged to ensure that the data accord with functional security, and data generated by a plurality of applicable network security policies are respectively judged to ensure that the data accord with network security, so that the requirements of network security and functional security can be met.
As will be appreciated by those skilled in the art, the steps of the functional security policy set and the network security policy set and the steps of constructing the operation scenario may be performed simultaneously, or may be performed in different orders, for example, the step of collecting may be performed first, and then the step of constructing may be performed, or the step of constructing may be performed first and then the step of collecting may be performed. The functional security determination step and the network security step may be performed simultaneously or in a different order. In the invention, the safety of the operation scene is initially judged only when the function safety judgment result and the network safety judgment result are both safe.
In step S2, for the operation scenario initially determined to be safe, data combinations of the function security data and the network security data are extracted, each data combination is verified in parallel using a plurality of different verification model functions, and whether the operation scenario is safe is determined based on the parallel verification result in a loop. In the preferred embodiment of the invention, aiming at the operation scene which is initially judged to be safe, the data combination of the function safety data and the network safety data is extracted, and a plurality of different verification model functions are adopted to carry out parallel verification on each data combination, so that the function safety and the network safety can be ensured to be simultaneously met.
In a further preferred embodiment of the present invention, a loop determination may be performed on the parallel verification result, and based on a result of the loop determination, whether the operation scenario is safe or not may be performed. Through the cycle verification, the cracking difficulty is exponentially increased, even if malicious attacks pass through the cycle verification once by accident, the second cycle is blocked with high probability, and the safety is further ensured.
Fig. 2 is a flow chart of the initial security decision steps of the preferred embodiment of the dual function and network based security decision method of the present invention. Further preferred embodiments of the present invention are described below with reference to fig. 2.
In step S11, the function security policy sets a ═ a are collected respectively1,a2,…,amH and a set of network security policies B ═ B1,b2,…,bnCollection of the set of functional security policies and the set of network security policies can be performed by one skilled in the art herein according to any known method. Wherein n and m are positive integers of any value.
In step S12, the operating scenario S ═ S1, S2, …, sl } is jointly constructed by heterogeneous redundancy of functional security and network security. Here, a person skilled in the art may construct an operation scenario according to any known method as long as heterogeneous redundancy of function security and network security is ensured, where l is a positive integer with any value.
In verification S13, a functional safety index is calculated for each of the operating scenarios and it is determined whether or not the function is safe based on the functional safety index. The method comprises the following specific steps.
For each operating scenario Si (i takes a value of 1 to l), from the set of functional security policies a ═ a1,a2,…,amExtract application function security policy set Asi∈A,Performing an application to obtain functional safety data related to the operation scenario SiAnd the set of application function security policiesCorresponding workSafety threshold
Security data based on the functionCalculating a functional safety index of the operating scene SiHere, the calculation may be performed according to any known functional safety index calculation method. The person skilled in the art can select the compound according to practical situations, and is not limited herein.
And then based on the functional safety indexAnd said functional safety thresholdAnd judging whether the function is safe.
I.e. the functional safety of the operating scenario Si is calculated on the basis of the following formulaWhereinWhen X is presentsiIf not equal to 0, judging that the operation scene Si is unsafe, otherwise, judging that X is XsiAnd when the value is 0, judging that the running scene Si is safe in function.
In step S14, a network security index is calculated for each of the operation scenarios and it is determined whether to be network secure based on the network security index. The method comprises the following specific steps.
For the operating scenario Si, from the set of network security policies B ═ { B ═ B1,b2,…,bnExtracting application network security policy set Bsi∈B,Applying to obtain network security data related to the operating scenario SiAnd the application network security policy setCorresponding network security threshold
Based on the network security dataCalculating the network safety index of the operation scene SiHere, the calculation may be performed according to any known network security index calculation method. The person skilled in the art can select the compound according to practical situations, and is not limited herein.
Subsequent network based security indexAnd the network security thresholdAnd judging whether the network is safe.
Namely, the network security of the operation scene Si is calculated based on the following formulaWhereinWhen Y issiWhen not equal to 0, judging that the operation scene Si is unsafe, otherwise, YsiAnd when the operation scene is 0, judging the Si work network safety of the operation scene.
In step S15, the initial security determination is made for the operation scenario based on the function security determination result and the network security determination result.
Specifically, when Xsi0 and YsiAnd when the running scene Si is 0, initially judging that the running scene Si is safe.
In this case, for each operation scenario, the data generated by the applicable multiple functional security policies are respectively determined to ensure compliance with functional security, and simultaneously or subsequently, the data generated by the applicable multiple network security policies are respectively determined to ensure compliance with network security.
Fig. 3 is a schematic diagram of the multimode authentication step of the preferred embodiment of the dual function and network-based security decision method of the present invention. Further preferred embodiments of the present invention are described below with reference to fig. 3.
For the operation scene St initially determined as safe in the step of fig. 2, extracting a data combination C ═ C of the function safety data and the network safety data1,c2,…,ctI.e. for satisfying Xsi0 and Ysi0 scene St, and extracts a data combination C ═ C of the function security data and the network security data1,c2,…,ctWhere t is a positive integer.
For each data combination ck(k-1, 2, …, t), using r different verification model functions W-W1,W2,…,WrPerforming parallel verification, if a single verification is safe, making Wi(ck) 0. As shown in fig. 3, r is a positive integer less than n. Where r different verification model functions may be selected any suitable verification model function.
Determining whether parallel verification results satisfyIf yes, adding one to the number of loops to determine whether the number of loops reaches an upper limit, if yes, determining the data combination ckThe corresponding operating scene is AnnAnd if not, returning to the parallel verification step. And if the verification result is greater than 0, determining that the system is dangerous.
That is, as shown in FIG. 3, the above parallel verification steps are circularly judged, and if the number of the circulation is limited, for example, h ≧ 2, the parallel verification result can be satisfied each timeThe data combination c can be determinedkAnd the corresponding operation scene is safe.
In this way, both the problem of unknown uncertainty at the individual level and the problem of unknown certainty, which is known, can be translated into a "known unknown" probabilistic problem of population-level differential or common-mode representation (perceiving unknown events in a way that it is only known to be unknown at all). The size of the differential mode probability (controlling the possible influence range of unknown problems) can be controlled by adjusting the relative scale and the scene heterogeneity of the relative correct axiom logic expression, a voting strategy and the like. Simple consensus arbitration results have a small probability of error, requiring multidimensional dynamic iterative processing and arbitration. The relative correct axiom is not time robust and quality robust (even if life cannot be guaranteed) under human trial and error or blind attack conditions.
Therefore, the data combination generated by the applicable strategy combination of a plurality of functional safety and network safety is adopted for multi-mode verification, and the simultaneous conformity of the functional safety and the network safety is ensured; through the cycle verification, the cracking difficulty is exponentially increased, even if malicious attacks pass through the cycle verification once by accident, the second cycle is blocked with high probability, and the safety is further ensured.
Further preferred embodiments of the present invention also relate to a computer-readable storage medium that, when executed by a processor, implements the aforementioned dual function and network-based security decision method.
Accordingly, the present invention can be realized in hardware, software, or a combination of hardware and software. The present invention can be realized in a centralized fashion in at least one computer system, or in a distributed fashion where different elements are spread across several interconnected computer systems. Any kind of computer system or other apparatus adapted for carrying out the methods of the present invention is suited. A typical combination of hardware and software could be a general purpose computer system with a computer program that, when being loaded and executed, controls the computer system such that it carries out the methods described herein.
The present invention may also be implemented by a computer program product, comprising all the features enabling the implementation of the methods of the invention, when loaded in a computer system. The computer program in this document refers to: any expression, in any programming language, code or notation, of a set of instructions intended to cause a system having an information processing capability to perform a particular function either directly or after either or both of the following: a) conversion to other languages, codes or symbols; b) reproduced in a different format.
While the invention has been described with reference to specific embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted without departing from the scope of the invention. In addition, many modifications may be made to adapt a particular situation or material to the teachings of the invention without departing from its scope. Therefore, it is intended that the invention not be limited to the particular embodiment disclosed, but that the invention will include all embodiments falling within the scope of the appended claims.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.
Claims (10)
1. A dual security judgment method based on functions and networks is characterized by comprising the following steps:
s1, performing initial safety judgment on the operation scene based on the function safety data and the network safety data respectively;
and S2, extracting data combinations of the function safety data and the network safety data of the operation scene which is initially judged to be safe, performing parallel verification on each data combination by adopting a plurality of different verification model functions, and circularly judging whether the operation scene is safe or not based on the parallel verification result.
2. The dual function and network-based security decision method according to claim 1, wherein the step S1 further comprises the steps of:
s11, collection function security policy set a ═ a1,a2,…,amB and network security policy set B ═ B1,b2,…,bn};
S12, the operation scene S is jointly constructed through heterogeneous redundancy of function security and network security { S1, S2, …, sl };
s13, calculating a function safety index for each operation scene and judging whether the function is safe or not based on the function safety index;
s14, calculating a network safety index aiming at each operation scene and judging whether the network is safe or not based on the network safety index;
s15, performing the initial safety judgment on the operation scene based on the function safety judgment result and the network safety judgment result.
3. The dual function and network-based security decision method according to claim 2, wherein said step S13 further comprises the steps of:
s131, aiming at the operation scene Si, selecting the function security policy set A ═ { a ═ from the function security policy set A1,a2,…,amExtract application function security policy set Asi∈A,Applying to obtain functional safety data related to the operation scene SiAnd the set of application function security policiesCorresponding functional safety threshold
4. The dual function and network-based security determination method according to claim 3, wherein in the step S133, the function security degree of the operation scenario Si is calculated based on the following formulaWhereinWhen X issiAnd if not equal to 0, judging that the operation scene Si is unsafe, otherwise, judging that the operation scene Si is safe in function.
5. The dual function and network-based security decision method of claim 4, wherein said step S14 further comprises the steps of:
s141, aiming at the operation scene Si, selecting the network security policy set B ═ { B ═ B1,b2,…,bnExtracting an application network security policy set B from the databasesi∈B,Applying to obtain network security data related to the operating scenario SiAnd the application network security policy setCorresponding network security threshold
S142, based on the network security dataCalculating the network security index of the operation scene Si
6. The method according to claim 5, wherein in step S143, the network security level of the operation scenario Si is calculated based on the following formulaWhereinWhen Y issiAnd if not equal to 0, judging that the operation scene Si is unsafe, otherwise, judging that the operation scene Si is safe in network.
7. The dual security decision method based on function and network as claimed in claim 6, wherein in said step S15, when X is the number of timessi0 and YsiAnd when the running scene Si is 0, initially judging that the running scene Si is safe.
8. The method for determining dual security based on function and network according to any one of claims 1-6, wherein the step S2 further comprises the steps of:
s21, extracting a data combination C of function safety data and network safety data for the operation scene which is initially judged to be safe1,c2,…,ct};
S22, c for each data combinationkUsing r different verification model functions W ═ W1,w2,…,wrCarry out parallel verification, if single verification is safe, let wi(ck)=0;
S23, judging whether the parallel verification result meets the requirementIf yes, executing step S24, otherwise, judging the data combination ckThe corresponding operation scene is a danger;
s24, adding the circulation times to determine whether the circulation times reaches the upper limit, if so, determining the data combination ckAnd if the corresponding operation scene is safe, otherwise, returning to the step S22.
9. The dual function and network-based security decision method of claim 8, wherein the number of cycles is 2 or more.
10. A computer-readable storage medium, wherein the computer-readable storage medium, when executed by a processor, implements the dual function and network-based security decision method of any of claims 1-9.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210413437.2A CN114679333A (en) | 2022-04-19 | 2022-04-19 | Dual security decision method based on function and network and computer readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210413437.2A CN114679333A (en) | 2022-04-19 | 2022-04-19 | Dual security decision method based on function and network and computer readable storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114679333A true CN114679333A (en) | 2022-06-28 |
Family
ID=82077447
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210413437.2A Pending CN114679333A (en) | 2022-04-19 | 2022-04-19 | Dual security decision method based on function and network and computer readable storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114679333A (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018175352A1 (en) * | 2017-03-22 | 2018-09-27 | Symantec Corporation | Systems and methods for enforcing dynamic network security policies |
CN111885019A (en) * | 2020-07-08 | 2020-11-03 | 福建奇点时空数字科技有限公司 | Network security situation element extraction method based on attack and defense information comparison |
CN111935161A (en) * | 2020-08-14 | 2020-11-13 | 国网重庆市电力公司电力科学研究院 | Network attack and defense analysis method and system based on game theory |
US20210006584A1 (en) * | 2019-05-29 | 2021-01-07 | Christian Lee Basballe Sorensen | Systems and methods for evaluating and training cybersecurity teams |
CN112769825A (en) * | 2021-01-07 | 2021-05-07 | 深圳市永达电子信息股份有限公司 | Network security guarantee method, system and computer storage medium |
CN113824744A (en) * | 2021-11-24 | 2021-12-21 | 深圳市永达电子信息股份有限公司 | Situation awareness visualization method and system for business view and storage medium |
CN114143099A (en) * | 2021-12-03 | 2022-03-04 | 中国电信集团系统集成有限责任公司 | Network security policy self-checking attack and defense test method and device |
-
2022
- 2022-04-19 CN CN202210413437.2A patent/CN114679333A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018175352A1 (en) * | 2017-03-22 | 2018-09-27 | Symantec Corporation | Systems and methods for enforcing dynamic network security policies |
US20210006584A1 (en) * | 2019-05-29 | 2021-01-07 | Christian Lee Basballe Sorensen | Systems and methods for evaluating and training cybersecurity teams |
CN111885019A (en) * | 2020-07-08 | 2020-11-03 | 福建奇点时空数字科技有限公司 | Network security situation element extraction method based on attack and defense information comparison |
CN111935161A (en) * | 2020-08-14 | 2020-11-13 | 国网重庆市电力公司电力科学研究院 | Network attack and defense analysis method and system based on game theory |
CN112769825A (en) * | 2021-01-07 | 2021-05-07 | 深圳市永达电子信息股份有限公司 | Network security guarantee method, system and computer storage medium |
CN113824744A (en) * | 2021-11-24 | 2021-12-21 | 深圳市永达电子信息股份有限公司 | Situation awareness visualization method and system for business view and storage medium |
CN114143099A (en) * | 2021-12-03 | 2022-03-04 | 中国电信集团系统集成有限责任公司 | Network security policy self-checking attack and defense test method and device |
Non-Patent Citations (2)
Title |
---|
李 璇: "工业控制系统主动入侵反应的若干关键技术研究", 中国博士学位论文全文数据库 (信息科技辑), no. 2019, pages 3 - 5 * |
胡博文: "基于模糊多目标决策的智能仪表功能安全与信息安全融合方法", 信息网络安全, no. 2021 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11509679B2 (en) | Trust topology selection for distributed transaction processing in computing environments | |
US10482395B2 (en) | System and methods for digital account threat detection | |
US10924514B1 (en) | Machine learning detection of fraudulent validation of financial institution credentials | |
RU2638710C1 (en) | Methods of detecting malicious elements of web pages | |
US6880087B1 (en) | Binary state machine system and method for REGEX processing of a data stream in an intrusion detection system | |
CN109478220A (en) | It is remedied to software attacks are extorted in cloud drive folder | |
KR20180105688A (en) | Computer security based on artificial intelligence | |
Dash et al. | Adaptive Naive Bayes method for masquerade detection | |
US11657899B2 (en) | Computing device | |
Zhao et al. | Federatedreverse: A detection and defense method against backdoor attacks in federated learning | |
Ahmad et al. | Machine learning and blockchain technologies for cybersecurity in connected vehicles | |
Rakhimberdiev et al. | Prospects for the use of neural network models in the prevention of possible network attacks on modern banking information systems based on blockchain technology in the context of the digital economy | |
CN110290110B (en) | Encrypted malicious traffic identification method and system based on redundancy detection architecture | |
Cheng et al. | STC‐IDS: Spatial–temporal correlation feature analyzing based intrusion detection system for intelligent connected vehicles | |
CN116684202B (en) | Internet of things information security transmission method | |
CN114679333A (en) | Dual security decision method based on function and network and computer readable storage medium | |
JP6674443B2 (en) | Method and apparatus for using exhaustible network resources | |
CN111917760A (en) | Network collaborative manufacturing cross-domain fusion trust management and control method based on identification analysis | |
CN116527317A (en) | Access control method, system and electronic equipment | |
El Hadj et al. | Validation and correction of large security policies: A clustering and access log based approach | |
US9998495B2 (en) | Apparatus and method for verifying detection rule | |
Miehling et al. | A dependency graph formalism for the dynamic defense of cyber networks | |
Jain et al. | A literature review on machine learning for cyber security issues | |
CN113139878A (en) | Method and system for identifying network security risk of power distribution automation master station | |
Iadarola et al. | Designing Robust Deep Learning Classifiers for Image-based Malware Analysis |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |