CN114785616A - Data risk detection method and device, computer equipment and storage medium - Google Patents

Data risk detection method and device, computer equipment and storage medium Download PDF

Info

Publication number
CN114785616A
CN114785616A CN202210659765.0A CN202210659765A CN114785616A CN 114785616 A CN114785616 A CN 114785616A CN 202210659765 A CN202210659765 A CN 202210659765A CN 114785616 A CN114785616 A CN 114785616A
Authority
CN
China
Prior art keywords
data
risk
detected
statistical analysis
analysis result
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210659765.0A
Other languages
Chinese (zh)
Inventor
路成
刘小龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Hongtu Technology Co ltd
Original Assignee
Shenzhen Hongtu Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Hongtu Technology Co ltd filed Critical Shenzhen Hongtu Technology Co ltd
Priority to CN202210659765.0A priority Critical patent/CN114785616A/en
Publication of CN114785616A publication Critical patent/CN114785616A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/142Network analysis or design using statistical or mathematical methods
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Algebra (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Pure & Applied Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The embodiment of the invention discloses a data risk detection method, a data risk detection device, computer equipment and a storage medium. The method comprises the following steps: acquiring data of interface flow in an application system by adopting a byte code enhancement technology to obtain data to be detected; inputting the data to be detected into a data image model for statistical analysis to obtain a statistical analysis result; performing risk assessment according to the statistical analysis result to obtain a risk grade; storing the risk level. By implementing the method provided by the embodiment of the invention, the safety risk of all data of the application system can be comprehensively evaluated and detected, and the detection efficiency and accuracy are improved.

Description

Data risk detection method and device, computer equipment and storage medium
Technical Field
The present invention relates to a data detection method, and more particularly, to a data risk detection method, apparatus, computer device, and storage medium.
Background
The existing data risk detection technology generally adopts manual work to carry out risk assessment on data, the traditional data risk detection mode is single, the phenomenon of multi-report and missing report exists, manual confirmation is needed, the data safety risk management requirements of enterprise organizations cannot be met, and the problems of low efficiency and low accuracy rate exist in the manual assessment mode.
Therefore, it is necessary to design a new method for comprehensively evaluating and detecting the security risk of all data of the application system, and improving the detection efficiency and accuracy.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a data risk detection method, a data risk detection device, computer equipment and a storage medium.
In order to achieve the purpose, the invention adopts the following technical scheme: a data risk detection method, comprising:
acquiring data of interface circulation in an application system by adopting a byte code enhancement technology to obtain data to be detected;
inputting the data to be detected into a data image model for statistical analysis to obtain a statistical analysis result;
performing risk assessment according to the statistical analysis result to obtain a risk grade;
storing the risk level.
The further technical scheme is as follows: the method for acquiring the data transferred by the interface in the application system by adopting the byte code enhancement technology to obtain the data to be detected comprises the following steps:
identifying interface information of an application system in a calling process by adopting a byte code enhancement technology;
and acquiring data of interface circulation corresponding to the interface information to obtain data to be detected.
The further technical scheme is as follows: the inputting the data to be detected into a data image model for statistical analysis to obtain a statistical analysis result comprises:
and forming a data image for the data to be detected according to different statistical dimensions by adopting a data image model so as to obtain a statistical analysis result.
The further technical scheme is as follows: the performing risk assessment according to the statistical analysis result to obtain a risk grade includes:
and performing machine learning on the statistical analysis result by adopting a Bayesian statistical model to determine the risk probability of different quantitative indexes so as to obtain the risk grade.
The further technical scheme is as follows: after the data of interface circulation in the application system is collected by adopting the byte code enhancement technology to obtain the data to be detected, the method further comprises the following steps:
and storing the data to be detected.
The invention also provides a data risk detection device, comprising:
the acquisition unit is used for acquiring data transferred by an interface in an application system by adopting a byte code enhancement technology to obtain data to be detected;
the analysis unit is used for inputting the data to be detected into a data image model for statistical analysis so as to obtain a statistical analysis result;
the evaluation unit is used for carrying out risk evaluation according to the statistical analysis result so as to obtain a risk grade;
a first storage unit for storing the risk level.
The further technical scheme is as follows: the acquisition unit includes:
the identification subunit is used for identifying the interface information of the application system in the calling process by adopting a byte code enhancement technology;
and the data acquisition subunit is used for acquiring the data of the interface flow corresponding to the interface information so as to obtain the data to be detected.
The further technical scheme is as follows: and the analysis unit is used for forming a data image for the data to be detected according to different statistical dimensions by adopting a data image model so as to obtain a statistical analysis result.
The invention also provides computer equipment which comprises a memory and a processor, wherein the memory is stored with a computer program, and the processor realizes the method when executing the computer program.
The invention also provides a storage medium storing a computer program which, when executed by a processor, implements the method described above.
Compared with the prior art, the invention has the beneficial effects that: according to the invention, the data transferred by the interface is automatically acquired by adopting a byte code enhancement technology, the corresponding data can be comprehensively acquired, the data portrait model is adopted for statistical analysis, the risk grade is carried out by combining with risk probability evaluation, and the risk grade is determined and then stored, so that the safety risk of all data of the application system is comprehensively evaluated and detected, and the detection efficiency and the accuracy are improved.
The invention is further described below with reference to the accompanying drawings and specific embodiments.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the description below are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
Fig. 1 is a schematic view of an application scenario of a data risk detection method according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a data risk detection method according to an embodiment of the present invention;
FIG. 3 is a schematic sub-flow chart of a data risk detection method according to an embodiment of the present invention;
FIG. 4 is a schematic flow chart of a data risk detection method according to another embodiment of the present invention;
FIG. 5 is a schematic block diagram of a data risk detection apparatus provided in an embodiment of the present invention;
fig. 6 is a schematic block diagram of an acquisition unit of the data risk detection apparatus provided in the embodiment of the present invention;
FIG. 7 is a schematic block diagram of a data risk detection apparatus according to another embodiment of the present invention;
fig. 8 is a schematic block diagram of a computer device provided in an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting. As used in this specification and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in this specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items and includes such combinations.
Referring to fig. 1 and fig. 2, fig. 1 is a schematic view of an application scenario of a data risk detection method according to an embodiment of the present invention. Fig. 2 is a schematic flow chart of a data risk detection method according to an embodiment of the present invention. The data risk detection method is applied to a server. The server performs data interaction with the terminal, acquires interface circulation data in an application system of the terminal by adopting a byte code enhancement technology, performs statistical analysis by adopting a data portrait model, and performs risk assessment according to a statistical analysis result to determine a risk level.
Fig. 2 is a schematic flowchart of a data risk detection method according to an embodiment of the present invention. As shown in fig. 2, the method includes the following steps S110 to S140.
S110, acquiring data of interface circulation in the application system by adopting a byte code enhancement technology to obtain data to be detected.
In this embodiment, the data to be detected refers to data of an interface stream specified in an application system, and reference may be made to chinese patent CN202110344846.7 for data acquisition by using a bytecode enhancement technology.
In an embodiment, referring to fig. 3, the step S110 may include steps S111 to S112.
S111, identifying interface information of the application system in a calling process by adopting a byte code enhancement technology;
and S112, collecting data of interface circulation corresponding to the interface information to obtain to-be-detected data.
Automatically discovering an interface in an application system through a data acquisition engine based on a byte code enhancement technology at a server management end; and after finding the interface of the application system, collecting data transferred by the interface.
The data acquisition engine mainly performs two parts of work based on a byte code enhancement technology, namely automatically discovering an application system interface and acquiring the flow data of the interface; and secondly, transmitting the collected circulation data to a data portrait system.
In this embodiment, the intercepted access data stream is analyzed according to a data acquisition policy, without point burying modification, the interface information of the application system in the calling process can be automatically identified, the data circulating in the interface is acquired, meanwhile, the data is also uploaded to the server, the server analyzes the information and writes the information into the database as the data to be detected, and the data to be detected can be queried.
And S120, inputting the data to be detected into a data image model for statistical analysis to obtain a statistical analysis result.
In this embodiment, the statistical analysis result refers to a data image formed by the data to be detected according to a plurality of statistical dimensions.
Specifically, a data portrait model is adopted to form a data portrait for the data to be detected according to different statistical dimensions so as to obtain a statistical analysis result.
The data circulating in the application system interface is automatically acquired by an innovative data acquisition engine, and the acquired data is transmitted to a data portrait model for comprehensive statistical analysis to form a comprehensive data portrait.
The data portrait model mainly carries out statistical analysis on the collected data, forms a comprehensive data portrait according to different dimensions, and transmits a statistical result to the data risk detection system.
The data portrait model is based on data portrait technology to carry out data key index calculation, the technology utilizes a conditional random field method to carry out multidimensional measurement and calculation on collected data by methods such as machine learning, statistical analysis and the like, and further obtains data key indexes such as sensitive data identification, data classification, user access, data access total amount and the like, thereby forming an omnibearing data portrait.
And S130, performing risk assessment according to the statistical analysis result to obtain a risk grade.
In this embodiment, the risk level refers to a level corresponding to the data risk.
Specifically, a Bayesian statistical model is adopted to perform machine learning on the statistical analysis result so as to determine risk probabilities of different quantitative indexes and obtain risk levels.
And (3) importing the statistical analysis result into related quantitative indexes such as risk occurrence probability, risk severity, risk type, risk occurrence frequency and the like by using a data risk analysis evaluation formula such as a Bayesian statistical model to perform machine learning, and evaluating and calculating various risk probabilities in the data use process to obtain a risk level.
Through the multidimensional analysis of the data images and the combination of a data risk detection mode, a more comprehensive data risk analysis and evaluation formula is constructed, various risk probabilities in the data use process are calculated, the risk condition in the data use process is evaluated and detected, the data risk level is obtained, the whole process efficiency is higher, and the effect is better.
After the analysis statistical result of the data portrait is determined, the data risk probability is calculated through a preset risk analysis and evaluation formula so as to realize evaluation and detection of the data risk condition and obtain a data risk grade, and the shortage of risk to precautionary measures is improved to reduce the risk value as much as possible.
And S140, storing the risk level.
The server analyzes the data to be detected and writes the risk grade into the database as risk data, the risk grade result can be inquired, the risk grade is obtained through the data risk detection system based on the data image, the whole process efficiency is higher, and the effect is better.
According to the method, the data collection engine automatically collects the circulation data in the interface of the application system, and the data portrait system carries out statistical analysis on the collected data to form a comprehensive data portrait. Meanwhile, data are transmitted to a data risk detection system, a branching analysis and evaluation formula is utilized, the data risk overview is rapidly calculated, the data risk level is obtained, the efficiency of the whole process is higher, and the effect is better.
The method of the embodiment utilizes a data acquisition engine to identify the interface of the application system and acquire the interface circulation data, the data acquisition engine transmits the data of the acquired interface circulation to a data portrait model, the data portrait model carries out the risk calculation on the statistical analysis result by utilizing a data risk analysis and evaluation formula to obtain the risk level,
the data acquisition engine automatically discovers interface information of the application system and acquires the interface transfer data, and the whole process is automatically realized without manual intervention; the data portrait is combined with a risk analysis formula, so that a more accurate data risk detection means is provided; risk grades can be obtained by carrying out risk calculation on the statistical analysis results, the whole process is higher in efficiency and better in effect; data risk detection is developed by taking the data portrait as a core, and powerful support is provided for data security construction of enterprises.
According to the data risk detection method, the data circulated by the interface is automatically acquired by adopting the byte code enhancement technology, the corresponding data can be comprehensively acquired, the data portrait model is adopted for statistical analysis, the risk grade is evaluated by combining with the risk probability, and the risk grade is determined and then stored, so that the safety risk of all data of the application system is comprehensively evaluated and detected, and the detection efficiency and the accuracy are improved.
Fig. 4 is a flowchart illustrating a data risk detection method according to another embodiment of the present invention. As shown in fig. 4, the data risk detection method of the present embodiment includes steps S210 to S250. Step S210 is similar to step S110 in the above embodiment, and steps S230 to S250 are similar to steps S120 to S140 in the above embodiment, and are not repeated here. The added step S220 in the present embodiment is explained in detail below.
And S220, storing the data to be detected.
And uploading the data to be detected to a server, analyzing the information by the server, writing the information into a database as the acquired data, and inquiring the acquired result.
Fig. 5 is a schematic block diagram of a data risk detection apparatus 300 according to an embodiment of the present invention. As shown in fig. 5, the present invention also provides a data risk detection apparatus 300 corresponding to the above data risk detection method. The data risk detection apparatus 300 includes means for performing the data risk detection method, and the apparatus may be configured in a desktop computer, a tablet computer, a portable computer, or the like. Specifically, referring to fig. 5, the data risk detection apparatus 300 includes a collecting unit 301, an analyzing unit 303, an evaluating unit 304, and a first storage unit 305.
The acquisition unit 301 is configured to acquire data transferred by an interface in an application system by using a bytecode enhancement technology to obtain data to be detected; the analysis unit 303 is configured to input the data to be detected into a data image model for statistical analysis to obtain a statistical analysis result; an evaluation unit 304, configured to perform risk evaluation according to the statistical analysis result to obtain a risk level; a first storage unit 305 for storing the risk level.
In an embodiment, as shown in fig. 6, the acquisition unit 301 includes an identification subunit 3011 and a data acquisition subunit 3012.
The identifying subunit 3011 is configured to identify, by using a bytecode enhancement technology, interface information of the application system in a call process; and the data acquisition subunit 3012 is configured to acquire data of the interface flow corresponding to the interface information to obtain data to be detected.
In an embodiment, the analyzing unit 303 is configured to form a data image for the data to be detected according to different statistical dimensions by using a data image model, so as to obtain a statistical analysis result.
In an embodiment, the evaluation unit 304 is configured to perform machine learning on the statistical analysis result by using a bayesian statistical model to determine risk probabilities of different quantitative indicators so as to obtain a risk level.
Fig. 7 is a schematic block diagram of a data risk detection apparatus 300 according to another embodiment of the present invention. As shown in fig. 7, the data risk detection apparatus 300 of the present embodiment is the above embodiment with the addition of a second storage unit 302.
The second storage unit 302 is configured to store the data to be detected.
It should be noted that, as can be clearly understood by those skilled in the art, the specific implementation processes of the data risk detection apparatus 300 and each unit may refer to the corresponding descriptions in the foregoing method embodiments, and for convenience and brevity of description, no further description is provided herein.
The data risk detection apparatus 300 may be implemented in the form of a computer program that can be run on a computer device as shown in fig. 8.
Referring to fig. 8, fig. 8 is a schematic block diagram of a computer device according to an embodiment of the present application. The computer device 500 may be a server, wherein the server may be an independent server or a server cluster composed of a plurality of servers.
Referring to fig. 8, the computer device 500 includes a processor 502, memory, and a network interface 505 connected by a system bus 501, where the memory may include a non-volatile storage medium 503 and an internal memory 504.
The non-volatile storage medium 503 may store an operating system 5031 and a computer program 5032. The computer programs 5032 include program instructions that, when executed, cause the processor 502 to perform a data risk detection method.
The processor 502 is used to provide computing and control capabilities to support the operation of the overall computer device 500.
The internal memory 504 provides an environment for the execution of the computer program 5032 in the non-volatile storage medium 503, and when the computer program 5032 is executed by the processor 502, the processor 502 may be caused to perform a data risk detection method.
The network interface 505 is used for network communication with other devices. Those skilled in the art will appreciate that the configuration shown in fig. 8 is a block diagram of only a portion of the configuration associated with aspects of the present application, and is not intended to limit the scope of the computer device 500 to which aspects of the present application may be applied, and that a particular computer device 500 may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
Wherein the processor 502 is configured to run the computer program 5032 stored in the memory to perform the steps of:
acquiring data of interface flow in an application system by adopting a byte code enhancement technology to obtain data to be detected; inputting the data to be detected into a data image model for statistical analysis to obtain a statistical analysis result; performing risk assessment according to the statistical analysis result to obtain a risk grade; storing the risk level.
In an embodiment, when the processor 502 implements the step of acquiring data of interface flow in an application system by using the bytecode enhancement technology to obtain the data to be detected, the following steps are specifically implemented:
identifying interface information of an application system in a calling process by adopting a byte code enhancement technology; and acquiring data of interface circulation corresponding to the interface information to obtain data to be detected.
In an embodiment, when implementing the step of inputting the data to be detected into the data image model for statistical analysis to obtain a statistical analysis result, the processor 502 specifically implements the following steps:
and forming a data image for the data to be detected according to different statistical dimensions by adopting a data image model so as to obtain a statistical analysis result.
In an embodiment, when the processor 502 implements the step of performing risk assessment according to the statistical analysis result to obtain a risk level, the following steps are specifically implemented:
and performing machine learning on the statistical analysis result by adopting a Bayesian statistical model to determine the risk probability of different quantitative indexes so as to obtain the risk grade.
In an embodiment, after the step of acquiring data of an interface flow in an application system by using a bytecode enhancement technology to obtain data to be detected is implemented by the processor 502, the following steps are further implemented:
and storing the data to be detected.
It should be understood that in the embodiment of the present Application, the Processor 502 may be a Central Processing Unit (CPU), and the Processor 502 may also be other general-purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, and the like. Wherein a general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
It will be understood by those skilled in the art that all or part of the flow of the method implementing the above embodiments may be implemented by a computer program instructing associated hardware. The computer program includes program instructions, and the computer program may be stored in a storage medium, which is a computer-readable storage medium. The program instructions are executed by at least one processor in the computer system to implement the flow steps of the embodiments of the method described above.
Accordingly, the present invention also provides a storage medium. The storage medium may be a computer-readable storage medium. The storage medium stores a computer program, wherein the computer program, when executed by a processor, causes the processor to perform the steps of:
acquiring data of interface flow in an application system by adopting a byte code enhancement technology to obtain data to be detected; inputting the data to be detected into a data image model for statistical analysis to obtain a statistical analysis result; performing risk assessment according to the statistical analysis result to obtain a risk grade; storing the risk level.
In an embodiment, when the processor executes the computer program to realize the step of acquiring the data of the interface flow in the application system by using the bytecode enhancement technology to obtain the data to be detected, the following steps are specifically implemented:
identifying interface information of an application system in a calling process by adopting a byte code enhancement technology; and acquiring data of interface circulation corresponding to the interface information to obtain data to be detected.
In an embodiment, when the processor executes the computer program to implement the step of inputting the data to be detected into the data image model for statistical analysis to obtain a statistical analysis result, the following steps are specifically implemented:
and forming a data image for the data to be detected according to different statistical dimensions by adopting a data image model so as to obtain a statistical analysis result.
In an embodiment, when the processor executes the computer program to perform the step of performing risk assessment according to the statistical analysis result to obtain a risk level, the following steps are specifically performed:
and performing machine learning on the statistical analysis result by adopting a Bayesian statistical model to determine the risk probability of different quantitative indexes so as to obtain the risk grade.
In an embodiment, after the processor executes the computer program to acquire the data of the interface flow in the application system by using the bytecode enhancement technology to obtain the data to be detected, the processor further performs the following steps:
and storing the data to be detected.
The storage medium may be a usb disk, a removable hard disk, a Read-Only Memory (ROM), a magnetic disk, or an optical disk, which can store various computer readable storage media.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative. For example, the division of each unit is only one logic function division, and there may be another division manner in actual implementation. For example, various elements or components may be combined or may be integrated in another system or some features may be omitted, or not implemented.
The steps in the method of the embodiment of the invention can be sequentially adjusted, combined and deleted according to actual needs. The units in the device of the embodiment of the invention can be combined, divided and deleted according to actual needs. In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a separate product, may be stored in a storage medium. Based on such understanding, the technical solution of the present invention essentially or partially contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a terminal, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention.
While the invention has been described with reference to specific embodiments, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. The data risk detection method is characterized by comprising the following steps:
acquiring data of interface circulation in an application system by adopting a byte code enhancement technology to obtain data to be detected;
inputting the data to be detected into a data image model for statistical analysis to obtain a statistical analysis result;
performing risk assessment according to the statistical analysis result to obtain a risk grade;
storing the risk level.
2. The method for detecting data risk according to claim 1, wherein the acquiring data transferred by an interface in an application system by using a bytecode enhancement technology to obtain the data to be detected comprises:
identifying interface information of an application system in a calling process by adopting a byte code enhancement technology;
and collecting the data of the interface circulation corresponding to the interface information to obtain the data to be detected.
3. The data risk detection method according to claim 1, wherein the inputting the data to be detected into a data image model for statistical analysis to obtain a statistical analysis result comprises:
and forming a data image for the data to be detected according to different statistical dimensions by adopting a data image model so as to obtain a statistical analysis result.
4. The data risk detection method of claim 1, wherein the performing risk assessment according to the statistical analysis result to obtain a risk level comprises:
and performing machine learning on the statistical analysis result by adopting a Bayesian statistical model to determine the risk probability of different quantitative indexes so as to obtain the risk grade.
5. The method for detecting data risk according to claim 1, wherein after acquiring the data transferred by the interface in the application system by using the bytecode enhancement technology to obtain the data to be detected, the method further comprises:
and storing the data to be detected.
6. Data risk detection device, characterized in that includes:
the acquisition unit is used for acquiring data transferred by an interface in an application system by adopting a byte code enhancement technology to obtain data to be detected;
the analysis unit is used for inputting the data to be detected into a data image model for statistical analysis so as to obtain a statistical analysis result;
the evaluation unit is used for carrying out risk evaluation according to the statistical analysis result so as to obtain a risk grade;
a first storage unit for storing the risk level.
7. The data risk detection device of claim 6, wherein the acquisition unit comprises:
the identification subunit is used for identifying the interface information of the application system in the calling process by adopting a byte code enhancement technology;
and the data acquisition subunit is used for acquiring the data of the interface flow corresponding to the interface information so as to obtain the data to be detected.
8. The data risk detection device of claim 6, wherein the analysis unit is configured to form a data representation of the data to be detected according to different statistical dimensions using a data representation model to obtain a statistical analysis result.
9. A computer arrangement, characterized in that the computer arrangement comprises a memory, on which a computer program is stored, and a processor, which when executing the computer program, carries out the method according to any one of claims 1-5.
10. A storage medium, characterized in that the storage medium stores a computer program which, when executed by a processor, implements the method according to any one of claims 1 to 5.
CN202210659765.0A 2022-06-13 2022-06-13 Data risk detection method and device, computer equipment and storage medium Pending CN114785616A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210659765.0A CN114785616A (en) 2022-06-13 2022-06-13 Data risk detection method and device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210659765.0A CN114785616A (en) 2022-06-13 2022-06-13 Data risk detection method and device, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
CN114785616A true CN114785616A (en) 2022-07-22

Family

ID=82422181

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210659765.0A Pending CN114785616A (en) 2022-06-13 2022-06-13 Data risk detection method and device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN114785616A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116595554A (en) * 2023-05-18 2023-08-15 北京长河数智科技有限责任公司 Method and device for realizing government affair data security analysis based on multiple dimensions

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7313540B1 (en) * 2000-03-08 2007-12-25 Hueler Companies Electronic communication system and method for facilitating financial transaction bidding and reporting processes
WO2018120427A1 (en) * 2016-12-29 2018-07-05 平安科技(深圳)有限公司 Risk assessment method, apparatus, and device based on location service, and storage medium
CN109360105A (en) * 2018-09-18 2019-02-19 平安科技(深圳)有限公司 Product risks method for early warning, device, computer equipment and storage medium
CN110163242A (en) * 2019-04-03 2019-08-23 阿里巴巴集团控股有限公司 Risk Identification Method, device and server
EP3792784A1 (en) * 2019-07-11 2021-03-17 Wangsu Science & Technology Co., Ltd. Service system update method, electronic device and readable storage medium
CN112738137A (en) * 2021-03-30 2021-04-30 深圳红途创程科技有限公司 Data acquisition and link processing method and device, computer equipment and storage medium
CN113079048A (en) * 2021-03-30 2021-07-06 深圳红途创程科技有限公司 Data acquisition method and device, computer equipment and storage medium
CN113868664A (en) * 2021-09-16 2021-12-31 杭州孝道科技有限公司 Path traversal vulnerability detection method

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7313540B1 (en) * 2000-03-08 2007-12-25 Hueler Companies Electronic communication system and method for facilitating financial transaction bidding and reporting processes
WO2018120427A1 (en) * 2016-12-29 2018-07-05 平安科技(深圳)有限公司 Risk assessment method, apparatus, and device based on location service, and storage medium
CN109360105A (en) * 2018-09-18 2019-02-19 平安科技(深圳)有限公司 Product risks method for early warning, device, computer equipment and storage medium
CN110163242A (en) * 2019-04-03 2019-08-23 阿里巴巴集团控股有限公司 Risk Identification Method, device and server
EP3792784A1 (en) * 2019-07-11 2021-03-17 Wangsu Science & Technology Co., Ltd. Service system update method, electronic device and readable storage medium
CN112738137A (en) * 2021-03-30 2021-04-30 深圳红途创程科技有限公司 Data acquisition and link processing method and device, computer equipment and storage medium
CN113079048A (en) * 2021-03-30 2021-07-06 深圳红途创程科技有限公司 Data acquisition method and device, computer equipment and storage medium
CN113868664A (en) * 2021-09-16 2021-12-31 杭州孝道科技有限公司 Path traversal vulnerability detection method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116595554A (en) * 2023-05-18 2023-08-15 北京长河数智科技有限责任公司 Method and device for realizing government affair data security analysis based on multiple dimensions
CN116595554B (en) * 2023-05-18 2024-01-19 北京长河数智科技有限责任公司 Method and device for realizing government affair data security analysis based on multiple dimensions

Similar Documents

Publication Publication Date Title
CN107633265B (en) Data processing method and device for optimizing credit evaluation model
CN108090567B (en) Fault diagnosis method and device for power communication system
CN107122669B (en) Method and device for evaluating data leakage risk
CN110806954B (en) Method, device, equipment and storage medium for evaluating cloud host resources
CN109933984B (en) Optimal clustering result screening method and device and electronic equipment
CN108182515B (en) Intelligent rule engine rule output method, equipment and computer readable storage medium
WO2021164232A1 (en) User identification method and apparatus, and device and storage medium
CN110995273B (en) Data compression method, device, equipment and medium for power database
CN110826494A (en) Method and device for evaluating quality of labeled data, computer equipment and storage medium
CN111191601A (en) Method, device, server and storage medium for identifying peer users
CN112839014A (en) Method, system, device and medium for establishing model for identifying abnormal visitor
CN113379469A (en) Abnormal flow detection method, device, equipment and storage medium
CN115205866A (en) Block chain-based scientific and technological paper big data plagiarism detection method and system
CN114785616A (en) Data risk detection method and device, computer equipment and storage medium
CN110602207A (en) Method, device, server and storage medium for predicting push information based on off-network
CN110704614B (en) Information processing method and device for predicting user group type in application
CN116774986A (en) Automatic evaluation method and device for software development workload, storage medium and processor
CN110852384A (en) Medical image quality detection method, device and storage medium
CN113535458B (en) Abnormal false alarm processing method and device, storage medium and terminal
CN113988226B (en) Data desensitization validity verification method and device, computer equipment and storage medium
CN114595765A (en) Data processing method and device, electronic equipment and storage medium
CN113691525A (en) Traffic data processing method, device, equipment and storage medium
CN113095589A (en) Population attribute determination method, device, equipment and storage medium
CN112417007A (en) Data analysis method and device, electronic equipment and storage medium
CN113448955B (en) Data set quality evaluation method and device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination