CN115242509B - Data analysis-based identity verification system for network access - Google Patents

Data analysis-based identity verification system for network access Download PDF

Info

Publication number
CN115242509B
CN115242509B CN202210868487.XA CN202210868487A CN115242509B CN 115242509 B CN115242509 B CN 115242509B CN 202210868487 A CN202210868487 A CN 202210868487A CN 115242509 B CN115242509 B CN 115242509B
Authority
CN
China
Prior art keywords
information
network
verification
equipment
cable
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210868487.XA
Other languages
Chinese (zh)
Other versions
CN115242509A (en
Inventor
张岳
裴云霞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Henan Police College
Original Assignee
Henan Police College
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Henan Police College filed Critical Henan Police College
Priority to CN202210868487.XA priority Critical patent/CN115242509B/en
Publication of CN115242509A publication Critical patent/CN115242509A/en
Application granted granted Critical
Publication of CN115242509B publication Critical patent/CN115242509B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01LMEASURING FORCE, STRESS, TORQUE, WORK, MECHANICAL POWER, MECHANICAL EFFICIENCY, OR FLUID PRESSURE
    • G01L5/00Apparatus for, or methods of, measuring force, work, mechanical power, or torque, specially adapted for specific purposes
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01LMEASURING FORCE, STRESS, TORQUE, WORK, MECHANICAL POWER, MECHANICAL EFFICIENCY, OR FLUID PRESSURE
    • G01L5/00Apparatus for, or methods of, measuring force, work, mechanical power, or torque, specially adapted for specific purposes
    • G01L5/04Apparatus for, or methods of, measuring force, work, mechanical power, or torque, specially adapted for specific purposes for measuring tension in flexible members, e.g. ropes, cables, wires, threads, belts or bands
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Power Engineering (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention discloses an identity verification system for network access based on data analysis, which comprises a user identity verification system, a wired access verification system and a wireless access verification system; the user identity verification system is used for carrying out user identity verification when a user uses the network access equipment, and allowing the user to use the network access equipment to carry out network access after the user identity verification is passed; the wired access verification module is used for verifying an accessed access network transmission cable when a wired network access mode is used, and the network access cable is allowed to be used for network connection after verification; the wireless access verification module is used for verifying the accessed wireless network when the wireless network access mode is used, and the wireless network is allowed to be used after verification. The invention can more comprehensively verify the network access identity and ensure the safety of the access network, thereby better protecting the data safety of the user.

Description

Data analysis-based identity verification system for network access
Technical Field
The invention relates to the field of network access verification, in particular to an identity verification system for network access based on data analysis.
Background
The network access technology is a technology adopted on the last section of line connected with the user in the network, and becomes a big hot spot of the network technology, so that in order to provide end-to-end broadband connection, broadband access is a problem to be solved;
in order to ensure the data security of the user, the network authentication is required to be performed to verify the network security when the network access is performed, so that the data security of the user is ensured, and the network access authentication system is required to be used when the network authentication is performed.
The existing identity verification system for network access has single verification mode, mostly single password verification, lower network security for the access in time and certain influence on the use of the identity verification system for network access, so the identity verification system for network access based on data analysis is provided.
Disclosure of Invention
The technical problems to be solved by the invention are as follows: how to solve the problem that the prior network access identity authentication system has single authentication mode, mostly single password authentication, and low network security of the access in time brings certain influence to the use of the network access identity authentication system, and provides the network access identity authentication system based on data analysis.
The invention solves the technical problems through the following technical scheme, and comprises a user identity verification system, a wired access verification system and a wireless access verification system;
the user identity verification system is used for carrying out user identity verification when a user uses the network access equipment, and allowing the user to use the network access equipment to carry out network access after the user identity verification is passed;
the wired access verification module is used for verifying an accessed access network transmission cable when a wired network access mode is used, and the network access cable is allowed to be used for network connection after verification;
the wireless access verification module is used for verifying the accessed wireless network when the wireless network access mode is used, and the wireless network is allowed to be used after verification;
the user identity verification system comprises a user information acquisition module and a user information verification module, wherein the user information acquisition module is used for acquiring user identity information, the user identity information is sent to the user information verification module, the user information verification module is used for verifying the received user identity information, verification passing information is generated after verification is passed, and verification failure information is generated after continuous verification failure;
the cable access verification system comprises a cable identification acquisition module, a cable identification verification module, a cable information acquisition module, a cable information verification module and a user confirmation module;
the cable identification acquisition module is used for acquiring a preset identification image to obtain real-time identification image information when a cable is connected, and the cable identification verification module is used for processing the acquired real-time identification image information to obtain preliminary verification information, wherein the preliminary verification information comprises preliminary verification failure information and preliminary verification passing information;
the cable information acquisition module is used for acquiring cable data of an access cable to obtain real-time cable data, the cable information verification module is used for processing the real-time cable data to obtain secondary verification information and cable evaluation information, the secondary verification information comprises secondary verification passing information and secondary verification failure information, and the cable evaluation information comprises cable normal information and cable abnormal information;
the user confirmation module is used for manually selecting and confirming by a user, and the access cable is used without verification after the manual confirmation;
the wireless access verification system comprises an access network acquisition module, an access network evaluation module, a network equipment acquisition module, a network equipment evaluation module and a violation information base;
the access network acquisition module is used for acquiring network speed information, network fluctuation state information and access network name information of a network, the access network evaluation module is used for processing the network speed information and the network fluctuation state information of the accessed network to generate network evaluation information, the access network name information is matched with the previous access record, when the network name information is matched, matching success information is generated, otherwise, matching failure information is generated, and the network evaluation information comprises network normal information and network abnormal information;
the network equipment acquisition module is used for acquiring equipment ID information and equipment state information of the network equipment, the network equipment ID information with illegal behaviors, namely, the illegal equipment ID information is stored in the illegal information base, the network equipment evaluation module is used for processing the equipment ID information and the network name information of the network equipment to generate network verification information, and simultaneously, evaluating and processing the equipment ID information, the equipment state information and the illegal equipment ID information to obtain network equipment selection information, network equipment warning information and network use level information.
The user identity information comprises face information and fingerprint information, and the user information verification module performs the following specific process of the user information verification module: and verifying the acquired face information and fingerprint information, performing fingerprint verification, performing face verification after the fingerprint verification is passed, performing live experience verification after the face verification is passed, generating verification passing information after the live experience verification is passed, generating verification failure information when the fingerprint verification is passed but the continuous verification failure of the face verification exceeds the preset times, uploading the fingerprint information to the extraction corresponding to the fingerprint obtained by data, and sending verification warning information to personnel corresponding to the fingerprint.
The method is characterized in that the real-time identification image information collected by the cable identification is provided with at least three preset patterns around the access cable connector, and the shapes of the preset identifications are different;
the specific process of the cable identification verification module for identification verification is as follows: the method comprises the steps of extracting collected real-time identification image information, extracting position information of an identification in the real-time identification image, directly generating preliminary verification failure information when the position information of the identification deviates from a preset identification position, amplifying the identification in the collected real-time identification image when the position information of the identification is aligned with the preset identification position, performing image sharpening after amplifying, obtaining a clear identification through image sharpening, comparing the similarity of the clear identification with a pre-stored standard identification, and generating preliminary verification passing information when the similarity of the feature point is identical to a preset value, wherein the feature point is a basic point on a preset identification pattern.
The real-time cable data comprises interface stress information and cable tightness information, and the specific processing procedures of the secondary verification information and the cable assessment information are as follows: interface stress information is extracted from real-time cable data, the interface stress information comprises first stress information and second stress information, when the first stress information and the second stress information are both in a preset value range, secondary verification passing information is generated, when any one of the first stress information and the second stress information exceeds the preset value range, namely secondary verification failure information, cable tightness information is extracted, when the cable tightness information is larger than a preset value and exceeds a preset duration, namely cable abnormal information is generated, and when the cable tightness information is smaller than the preset value, cable normal information is generated.
The specific process of the access network evaluation module for processing the network speed information and the network fluctuation state information of the accessed network to generate the network evaluation information is as follows: after the network is accessed, network speed testing is carried out on the network to obtain network speed information, when the network speed information is smaller than a preset value, network abnormal information is directly generated, when the network speed information is larger than the preset value, but the network fluctuation amplitude in the network fluctuation information is larger than the preset value, network abnormal information is also generated, when the network abnormal information is generated, network connection is directly cut off, and when the network speed information is larger than the preset value, the network fluctuation amplitude in the network fluctuation information is smaller than the preset amplitude, and network normal information is generated.
Further, the network verification information includes that the network verification fails, and the specific process of the network device evaluation module processing the device ID information and the network name information of the network device to generate the network verification information is as follows: when the network name information is verified, the device ID information of the network corresponding to the network name is extracted, the device ID information is marked as the past ID information, when the past ID information is different from the device ID information of the current network device, the network verification failure information is generated, when the past ID information is different from the device ID information of the current network device, the network verification success information is generated, and the network verification failure information is that the network cannot be used.
The network usage level information comprises primary network information, secondary network information and tertiary network information, and the network device evaluation module evaluates and processes the device ID information, the device state information and the illegal device ID information to obtain network device selection information, network device warning information and network usage level information, wherein the specific processing procedures are as follows: extracting equipment ID information, matching the equipment ID information with an illegal equipment ID in the illegal equipment ID information, generating network equipment selected information when the equipment ID cannot be matched, namely indicating that the equipment corresponding to the equipment ID has no illegal action in the past, generating network equipment warning information when the current equipment ID information is matched from the illegal equipment ID information, analyzing and processing the equipment state information, generating network equipment warning information when the network equipment state information is abnormal, simultaneously extracting frequency information of the network equipment corresponding to the traditional equipment ID information, generating three-level network information when the frequency information of the network equipment is greater than a preset value frequency A1, generating two-level network information when the frequency information of the network equipment is between the preset value frequency A1 and A2, and generating one-level network information when the frequency information of the network equipment is less than the preset value frequency A2;
the specific content of the primary network information is "the network can only be used for page browsing", the specific content of the secondary network information is "the function based on the primary network", the network can also download data ", the specific content of the secondary network information is" the function based on the secondary network ", the network can also upload information".
The network equipment evaluation module analyzes and processes the equipment state information, and the specific process of generating the network equipment warning information when the network equipment state information is abnormal is as follows: the network equipment state information comprises network equipment service life information and network equipment daily temperature information, and when any one of the network equipment service life information is larger than a preset value period and the network equipment daily temperature information is larger than a preset value temperature, network equipment warning information is generated, and the network equipment daily temperature information is network equipment average temperature information in a preset time period.
Compared with the prior art, the invention has the following advantages: according to the authentication system for network access based on data analysis, when network equipment is used, authentication of a user is performed first, the user passing through the authentication can use the equipment, so that the condition that equipment data is stolen caused by the fact that an unauthenticated user uses the equipment to connect a network is effectively prevented, when a wired network connection mode is used, the accessed network cable is carefully authenticated, so that the accessed cable is enabled to be connected, receipt leakage of the used equipment caused by network connection by using an unauthorized network cable is prevented, meanwhile, when a wireless network connection mode is used, detailed network authentication is performed, network classification is performed according to the prior use condition of the network, network use with different authorities is performed, network security after the authentication of the system is guaranteed, the network authentication of the system can be accurately performed under different network connection modes, the equipment data security is guaranteed, and the system is worth popularizing and using.
Drawings
FIG. 1 is a system block diagram of the present invention;
fig. 2 is a diagram of a wired network access architecture of the present invention.
Detailed Description
The following describes in detail the examples of the present invention, which are implemented on the premise of the technical solution of the present invention, and detailed embodiments and specific operation procedures are given, but the scope of protection of the present invention is not limited to the following examples.
As shown in fig. 1-2, the present embodiment provides a technical solution: the network access identity verification system based on data analysis comprises a user identity verification system, a wired access verification system and a wireless access verification system;
the user identity verification system is used for carrying out user identity verification when a user uses the network access equipment, and allowing the user to use the network access equipment to carry out network access after the user identity verification is passed;
the wired access verification module is used for verifying the accessed access network transmission cable when the wired network access mode is used, and the network access cable is allowed to be used for network connection after verification;
the wireless access verification module is used for verifying the accessed wireless network when the wireless network access mode is used, and the wireless network is allowed to be used after verification;
the user identity verification system comprises a user information acquisition module and a user information verification module, wherein the user information acquisition module is used for acquiring user identity information, the user identity information is sent to the user information verification module, the user information verification module is used for verifying the received user identity information, verification passing information is generated after the user identity information passes the verification, and verification failure information is generated after continuous verification failure;
the cable access verification system comprises a cable identification acquisition module, a cable identification verification module, a cable information acquisition module, a cable information verification module and a user confirmation module;
the cable identification acquisition module is used for acquiring a preset identification image when a cable is connected to obtain real-time identification image information;
the cable identification acquisition module is an image acquisition device arranged around the device interface, and the image acquisition device acquires identification images, namely real-time identification image information, arranged on the network cable connector;
the cable identification verification module is used for processing the acquired real-time identification image information to obtain preliminary verification information, wherein the preliminary verification information comprises preliminary verification failure information and preliminary verification passing information;
the cable information acquisition module is used for acquiring cable data of the access cable to obtain real-time cable data;
the cable data real-time cable data comprises interface stress information and cable tightness information, a preset block with certain elasticity is arranged at a joint of a network cable, deformation of the preset block is stressed and compressed when the joint inserted into the network cable is inserted into an equipment interface, a stress sensor arranged in the interface is restored and extruded inside the equipment interface, the stress sensor collects the interface stress information, and a sensor for measuring the cable tightness is further arranged on the cable to collect the cable tightness information;
the cable information verification module is used for processing the real-time cable data to obtain secondary verification information and cable evaluation information, wherein the secondary verification information comprises secondary verification passing information and secondary verification failure information, and the cable evaluation information comprises cable normal information and cable abnormal information;
the user confirmation module is used for manually selecting and confirming by a user, and the access cable is used without verification after the manual confirmation;
but after the manual confirmation is finished, the identity information of the user is specially marked and imported into a user library, and when data leakage or loss occurs, the identity information of the user is exported to perform responsibility tracking;
the wireless access verification system comprises an access network acquisition module, an access network evaluation module, a network equipment acquisition module, a network equipment evaluation module and a violation information base;
the access network acquisition module is used for acquiring network speed information, network fluctuation state information and access network name information of a network, the access network evaluation module is used for processing the network speed information and the network fluctuation state information of the accessed network to generate network evaluation information, the access network name information is matched with the previous access record, when the network name information is matched, matching success information is generated, otherwise, matching failure information is generated, and the network evaluation information comprises network normal information and network abnormal information;
the network fluctuation information is acquired as follows: collecting x times of network speed information in a preset time period, calculating the difference value between two times of network speeds at one time to obtain a plurality of network speed differences, wherein when the continuous network speed difference is larger than a preset value, the network fluctuation is larger, and when the continuous network speed difference is smaller than the preset value, the network fluctuation is smaller;
the violation information in the violation information base comprises data loss when the network is used and attack by viruses when the network is used;
the network equipment acquisition module is used for acquiring equipment ID information and equipment state information of the network equipment, wherein network equipment ID information with illegal behaviors, namely illegal equipment ID information, is stored in the illegal information base, the network equipment evaluation module is used for processing the equipment ID information and the network name information of the network equipment to generate network verification information, and simultaneously, evaluating the equipment ID information, the equipment state information and the illegal equipment ID information to obtain network equipment selection information, network equipment warning information and network use level information;
when the network equipment is used, the user can use the equipment after the authentication is passed, so that the condition that equipment data is stolen caused by the fact that the equipment is connected by an unauthenticated user is effectively prevented, when a wired network connection mode is used, the accessed network cable is carefully verified, the accessed cable is ensured to be a cable which allows connection, the receipt leakage of the equipment is prevented, caused by the fact that the network connection is performed by using the network cable which is not used, when the wireless network connection mode is used, the detailed network authentication is also performed, network classification is performed according to the prior use condition of the network, network use with different authorities is performed, network security after the network authentication is ensured through the system, and the setting of multiple authentications is better, so that the system can accurately perform network authentication under different network connection modes, and the safety of the equipment data is ensured.
The user identity information comprises face information and fingerprint information, and the user information verification module performs the following specific process of the user information verification module: verifying the acquired face information and fingerprint information, performing fingerprint verification, performing face verification after the fingerprint verification is passed, performing live experience verification after the face verification is passed, generating verification passing information after the live experience verification is passed, generating verification failure information when the fingerprint verification is passed but the continuous verification of the face verification fails for more than a preset number of times, uploading the fingerprint information to data, acquiring the extraction corresponding to the fingerprint, and sending verification warning information to personnel corresponding to the fingerprint;
through the process, the identity verification is performed when the network equipment is used, the situations that equipment data are stolen and the like caused by unnecessary personnel using the network equipment are reduced, verification warning information is timely generated, a user who is stolen identity information can know that the identity information is stolen, and the identity information is timely corrected and changed.
The identification collected in the real-time identification image information collected by the cable identification is a preset pattern arranged around the access cable connector, the number of the preset identifications is at least three, the shapes of each identification are different, and the specific process of the cable identification verification module for carrying out identification verification is as follows: extracting the acquired real-time identification image information, extracting the position information of the identification in the real-time identification image, directly generating preliminary verification failure information when the position information of the identification deviates from a preset identification position, amplifying the identification in the acquired real-time identification image when the position information of the identification is aligned with the preset identification position, performing image sharpening processing after amplifying to obtain a clear identification, performing similarity comparison between the clear identification and a pre-stored standard identification and feature points, and generating preliminary verification passing information when the feature points are consistent and have the similarity larger than a preset value, wherein the feature points are basic points on a preset identification pattern;
the real-time cable data comprises interface stress information and cable tightness information, and the specific processing process of the secondary verification information and cable assessment information is as follows: extracting interface stress information from real-time cable data, wherein the interface stress information comprises first stress information and second stress information, when the first stress information and the second stress information are both in a preset value range, secondary verification passing information is generated, when any one of the first stress information and the second stress information exceeds the preset value range, namely secondary verification failure information, cable tightness information is extracted, when the cable tightness information is larger than a preset value and exceeds a preset duration, namely cable abnormal information is generated, and when the cable tightness information is smaller than the preset value, cable normal information is generated;
the position verification of different preset identifiers arranged at different positions of the access network cable in advance is matched with the verification of the cable access stress condition, so that double verification is realized, network identity verification during wired network access is guaranteed, the safety of the access network is guaranteed, and the condition that the network cable falls off the network terminal due to cable stress after the cable with too high tightness is accessed can be effectively avoided by collecting and analyzing cable tightness information of the accessed network cable.
The specific process of the access network evaluation module for processing the network speed information and the network fluctuation state information of the accessed network to generate the network evaluation information is as follows: after accessing a network, firstly, carrying out network speed test on the network to obtain network speed information, when the network speed information is smaller than a preset value, directly generating network abnormal information, when the network speed information is larger than the preset value, but the network fluctuation amplitude in the network fluctuation information is larger than the preset value, generating network abnormal information, when the network abnormal information is generated, directly cutting off network connection, and when the network speed information is larger than the preset value, generating network normal information when the network fluctuation amplitude in the network fluctuation information is smaller than the preset amplitude;
through the process, the warning information can be timely sent out when the network speed of the accessed network is intersected or the network fluctuation is large, the user is prompted to switch the network, the occurrence of the situations such as data transmission failure and the like caused by abnormal network speed or abnormal network fluctuation is avoided, and the data safety of using network equipment is also better ensured.
The network verification information comprises network verification passing and network verification failure, and the specific process of the network equipment evaluation module for processing the equipment ID information and the network name information of the network equipment to generate the network verification information is as follows: when the network name information is verified, the device ID information of the network corresponding to the network name is extracted, the network name information is marked as the past ID information, when the past ID information is different from the device ID information of the current network device, the network verification failure information is generated, when the past ID information is different from the device ID information of the current network device, the network verification success information is generated, and the network verification failure is that the network cannot be used;
through the process, the situation that the network equipment uses the network by tampering with the network name can be effectively avoided, so that the data security of the network equipment is ensured.
The network use level information comprises primary network information, secondary network information and tertiary network information, and the network equipment evaluation module evaluates and processes the equipment ID information, the equipment state information and the illegal equipment ID information to obtain network equipment selection information, network equipment warning information and network use level information, wherein the specific processing procedures are as follows: extracting equipment ID information, matching the equipment ID information with an illegal equipment ID in the illegal equipment ID information, generating network equipment selected information when the equipment ID cannot be matched, namely indicating that the equipment corresponding to the equipment ID has no illegal action in the past, generating network equipment warning information when the current equipment ID information is matched from the illegal equipment ID information, analyzing and processing the equipment state information, generating network equipment warning information when the network equipment state information is abnormal, simultaneously extracting frequency information of the network equipment corresponding to the traditional equipment ID information, generating three-level network information when the frequency information of the network equipment is greater than a preset value frequency A1, generating two-level network information when the frequency information of the network equipment is between the preset value frequency A1 and A2, and generating one-level network information when the frequency information of the network equipment is less than the preset value frequency A2;
the specific content of the first-level network information is 'the network can only be used for page browsing', the specific content of the second-level network information is 'the function based on the first-level network', the network can also carry out data downloading ', the specific content of the second-level network information is' the function based on the second-level network ', and the network can also carry out information uploading';
through the process, the network sending equipment can be subjected to security assessment and network classification according to the prior use records, and networks with different levels have different network use authorities, so that the system is ensured to have a plurality of different verification modes, and the data security is better protected.
The network equipment evaluation module analyzes and processes the equipment state information, and the specific process of generating the network equipment warning information when the network equipment state information is abnormal is as follows: the network equipment state information comprises network equipment service life information and network equipment daily temperature information, and when any one of the network equipment service life information is larger than a preset value period and the network equipment daily temperature information is larger than a preset value temperature, network equipment warning information is generated, wherein the network equipment daily temperature information is network equipment average temperature information in a preset time period;
through the process, the state of the network sending equipment can be evaluated, so that the conditions of network interruption, data loss and the like caused by network speed fluctuation due to overhigh temperature of the network sending equipment or network interruption caused by too long service life of the network using equipment are avoided, and the safety of using the network equipment is further ensured.

Claims (8)

1. The network access identity verification system based on data analysis is characterized by comprising a user identity verification system, a wired access verification system and a wireless access verification system;
the user identity verification system is used for carrying out user identity verification when a user uses the network access equipment, and allowing the user to use the network access equipment to carry out network access after the user identity verification is passed;
the wired access verification system is used for verifying an accessed access network transmission cable when a wired network access mode is used, and the network connection is performed by the network access cable after verification;
the wireless access verification system is used for verifying the accessed wireless network when the wireless network access mode is used, and the wireless network is allowed to be used after verification;
the user identity verification system comprises a user information acquisition module and a user information verification module, wherein the user information acquisition module is used for acquiring user identity information, the user identity information is sent to the user information verification module, the user information verification module is used for verifying the received user identity information, verification passing information is generated after verification is passed, and verification failure information is generated after continuous verification failure;
the cable access verification system comprises a cable identification acquisition module, a cable identification verification module, a cable information acquisition module, a cable information verification module and a user confirmation module;
the cable identification acquisition module is used for acquiring a preset identification image to obtain real-time identification image information when a cable is connected, and the cable identification verification module is used for processing the acquired real-time identification image information to obtain preliminary verification information, wherein the preliminary verification information comprises preliminary verification failure information and preliminary verification passing information; the cable information acquisition module is used for acquiring cable data of an access cable to obtain real-time cable data, the cable information verification module is used for processing the real-time cable data to obtain secondary verification information and cable evaluation information, the secondary verification information comprises secondary verification passing information and secondary verification failure information, and the cable evaluation information comprises cable normal information and cable abnormal information;
the user confirmation module is used for manually selecting and confirming by a user, and the access cable is used without verification after the manual confirmation;
the wireless access verification system comprises an access network acquisition module, an access network evaluation module, a network equipment acquisition module, a network equipment evaluation module and a violation information base;
the access network acquisition module is used for acquiring network speed information, network fluctuation state information and access network name information of a network, the access network evaluation module is used for processing the network speed information and the network fluctuation state information of the accessed network to generate network evaluation information, the access network name information is matched with the previous access record, when the network name information is matched, matching success information is generated, otherwise, matching failure information is generated, and the network evaluation information comprises network normal information and network abnormal information;
the network equipment acquisition module is used for acquiring equipment ID information and equipment state information of the network equipment, the network equipment ID information with illegal behaviors, namely, the illegal equipment ID information is stored in the illegal information base, the network equipment evaluation module is used for processing the equipment ID information and the network name information of the network equipment to generate network verification information, and simultaneously, evaluating and processing the equipment ID information, the equipment state information and the illegal equipment ID information to obtain network equipment selection information, network equipment warning information and network use level information.
2. The authentication system for network access based on data analysis of claim 1, wherein: the user identity information comprises face information and fingerprint information, and the user information verification module performs the following specific process of the user information verification module: and verifying the acquired face information and fingerprint information, performing fingerprint verification, performing face verification after the fingerprint verification is passed, performing live experience verification after the face verification is passed, generating verification passing information after the live experience verification is passed, generating verification failure information when the fingerprint verification is passed but the continuous verification failure of the face verification exceeds the preset times, uploading the fingerprint information to the extraction corresponding to the fingerprint obtained by data, and sending verification warning information to personnel corresponding to the fingerprint.
3. The authentication system for network access based on data analysis of claim 1, wherein: the marks collected in the real-time mark image information collected by the cable marks are preset patterns arranged around the access cable connector, the number of the preset marks is at least three, and the shapes of the marks are different;
the specific process of the cable identification verification module for identification verification is as follows: the method comprises the steps of extracting collected real-time identification image information, extracting position information of an identification in the real-time identification image, directly generating preliminary verification failure information when the position information of the identification deviates from a preset identification position, amplifying the identification in the collected real-time identification image when the position information of the identification is aligned with the preset identification position, performing image sharpening after amplifying, obtaining a clear identification through image sharpening, comparing the similarity of the clear identification with a pre-stored standard identification, and generating preliminary verification passing information when the similarity of the feature point is identical to a preset value, wherein the feature point is a basic point on a preset identification pattern.
4. The authentication system for network access based on data analysis of claim 1, wherein: the real-time cable data comprises interface stress information and cable tightness information, and the specific processing procedures of the secondary verification information and the cable assessment information are as follows: interface stress information is extracted from real-time cable data, the interface stress information comprises first stress information and second stress information, when the first stress information and the second stress information are both in a preset value range, secondary verification passing information is generated, when any one of the first stress information and the second stress information exceeds the preset value range, namely secondary verification failure information, cable tightness information is extracted, when the cable tightness information is larger than a preset value and exceeds a preset duration, namely cable abnormal information is generated, and when the cable tightness information is smaller than the preset value, cable normal information is generated.
5. The authentication system for network access based on data analysis of claim 1, wherein: the specific process of the access network evaluation module for processing the network speed information and the network fluctuation state information of the accessed network to generate the network evaluation information is as follows: after the network is accessed, network speed testing is carried out on the network to obtain network speed information, when the network speed information is smaller than a preset value, network abnormal information is directly generated, when the network speed information is larger than the preset value, but the network fluctuation amplitude in the network fluctuation information is larger than the preset value, network abnormal information is also generated, when the network abnormal information is generated, network connection is directly cut off, and when the network speed information is larger than the preset value, the network fluctuation amplitude in the network fluctuation information is smaller than the preset amplitude, and network normal information is generated.
6. The authentication system for network access based on data analysis of claim 1, wherein: the network verification information comprises network verification passing and network verification failure, and the specific process of the network equipment evaluation module for processing the equipment ID information and the network name information of the network equipment to generate the network verification information is as follows: when the network name information is verified, the device ID information of the network corresponding to the network name is extracted, the device ID information is marked as the past ID information, when the past ID information is different from the device ID information of the current network device, the network verification failure information is generated, when the past ID information is different from the device ID information of the current network device, the network verification success information is generated, and the network verification failure information is that the network cannot be used.
7. The authentication system for network access based on data analysis of claim 1, wherein: the network use level information comprises primary network information, secondary network information and tertiary network information, and the network equipment evaluation module evaluates and processes the equipment ID information, the equipment state information and the illegal equipment ID information to obtain network equipment selection information, network equipment warning information and network use level information, wherein the specific processing procedures are as follows: extracting equipment ID information, matching the equipment ID information with the illegal equipment ID in the illegal equipment ID information, when the equipment ID cannot be matched, namely, the equipment corresponding to the equipment ID has no illegal action in the past, generating network equipment selected information, and when the current equipment ID information is matched from the illegal equipment ID information, generating network equipment warning information;
meanwhile, analyzing and processing the equipment state information, generating network equipment warning information when the network equipment state information is abnormal, extracting the frequency information of the network equipment corresponding to the prior equipment ID information, generating tertiary network information when the frequency information of the network equipment is larger than a preset value frequency A1, generating secondary network information when the frequency information of the network equipment is between the preset value frequency A1 and A2, and generating primary network information when the frequency information of the network equipment is smaller than the preset value frequency A2;
the specific content of the primary network information is "the network can only be used for page browsing", the specific content of the secondary network information is "the function based on the primary network", the network can also download data ", the specific content of the secondary network information is" the function based on the secondary network ", the network can also upload information".
8. The authentication system for network access based on data analysis of claim 1, wherein: the network equipment evaluation module analyzes and processes the equipment state information, and the specific process of generating the network equipment warning information when the network equipment state information is abnormal is as follows: the network equipment state information comprises network equipment service life information and network equipment daily temperature information, and when any one of the network equipment service life information is larger than a preset value period and the network equipment daily temperature information is larger than a preset value temperature, network equipment warning information is generated, and the network equipment daily temperature information is network equipment average temperature information in a preset time period.
CN202210868487.XA 2022-07-22 2022-07-22 Data analysis-based identity verification system for network access Active CN115242509B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210868487.XA CN115242509B (en) 2022-07-22 2022-07-22 Data analysis-based identity verification system for network access

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210868487.XA CN115242509B (en) 2022-07-22 2022-07-22 Data analysis-based identity verification system for network access

Publications (2)

Publication Number Publication Date
CN115242509A CN115242509A (en) 2022-10-25
CN115242509B true CN115242509B (en) 2023-10-17

Family

ID=83674803

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210868487.XA Active CN115242509B (en) 2022-07-22 2022-07-22 Data analysis-based identity verification system for network access

Country Status (1)

Country Link
CN (1) CN115242509B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016091006A1 (en) * 2014-12-11 2016-06-16 苏州海博智能系统有限公司 Method and system for authorization validating based on biometric identification
WO2017071348A1 (en) * 2015-10-28 2017-05-04 广东欧珀移动通信有限公司 Network access method, server, terminal and system
CN112465513A (en) * 2020-11-30 2021-03-09 滨州学院 Network security system and method based on identity authentication
CN114491443A (en) * 2022-01-14 2022-05-13 北京国信网联科技有限公司 Information safety device in network communication

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100389555C (en) * 2005-02-21 2008-05-21 西安西电捷通无线网络通信有限公司 An access authentication method suitable for wired and wireless network
CN101631113B (en) * 2009-08-19 2011-04-06 西安西电捷通无线网络通信股份有限公司 Security access control method of wired LAN and system thereof
JP6370664B2 (en) * 2014-10-09 2018-08-08 株式会社東芝 Cable connection confirmation system, method and program
CN106034104B (en) * 2015-03-07 2021-02-12 华为技术有限公司 Verification method, device and system for network application access
US10536041B2 (en) * 2016-07-13 2020-01-14 Comcast Cable Communications, Llc System and method for wireless intercommunication and power delivery
WO2019010669A1 (en) * 2017-07-13 2019-01-17 深圳市汇顶科技股份有限公司 Method, apparatus and system for identity validity verification

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016091006A1 (en) * 2014-12-11 2016-06-16 苏州海博智能系统有限公司 Method and system for authorization validating based on biometric identification
WO2017071348A1 (en) * 2015-10-28 2017-05-04 广东欧珀移动通信有限公司 Network access method, server, terminal and system
CN112465513A (en) * 2020-11-30 2021-03-09 滨州学院 Network security system and method based on identity authentication
CN114491443A (en) * 2022-01-14 2022-05-13 北京国信网联科技有限公司 Information safety device in network communication

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
无线网络安全的防范与治理;刘建峰;电脑知识与技术;第18卷(第11期);全文 *

Also Published As

Publication number Publication date
CN115242509A (en) 2022-10-25

Similar Documents

Publication Publication Date Title
US7639806B2 (en) Fingerprinting digital devices using electromagnetic characteristics of their communications
CN105335731A (en) Fingerprint identification method and device as well as terminal equipment
CN113472547A (en) Safety monitoring system based on block chain
CN110740140A (en) network information security supervision system based on cloud platform
CN115150182A (en) Information system network attack detection method based on flow analysis
CN115242509B (en) Data analysis-based identity verification system for network access
CN107491891A (en) A kind of safety monitor information cloud plateform system based on Quick Response Code
CN112118244A (en) Water quality online monitoring data verification method and verification system
CN112464209A (en) Fingerprint authentication method and device for power terminal
CN107908156A (en) Equipment point-detecting method
CN116049797A (en) Intelligent storage system based on data classification system
CN114553528B (en) Internal and external network data safety transmission system and transmission method thereof
CN114584403B (en) Power plant inspection equipment authentication management system and method
CN115982681A (en) Computer network identity verification system
CN113961902A (en) Household skill level authentication method, equipment and medium
Yan et al. Hardware-fingerprint Based Authentication for NFC Devices in Power Grids
CN113612751B (en) Access security detection method for power line carrier communication system of power distribution network
CN110266562A (en) The method of network application system identity authentication function detected automatically
CN114218545B (en) Sharing management system with data authentication and security authentication method
CN113542221B (en) Method and system for judging falsification of sensor data of intelligent substation, electronic equipment and storage medium
CN115643106B (en) Agricultural product quality data transmission method based on artificial intelligence and cloud platform
CN114697135B (en) Method and system for detecting intrusion of regional network of automobile controller and automobile
CN117272281B (en) Visual environment monitoring system based on data Internet of things
CN111932270B (en) Bank customer identity verification method and device
CN114584342B (en) Network vulnerability recognition and detection system based on data analysis

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant