CN115913738A - Network security event handling system, method, electronic device and storage medium - Google Patents
Network security event handling system, method, electronic device and storage medium Download PDFInfo
- Publication number
- CN115913738A CN115913738A CN202211528605.9A CN202211528605A CN115913738A CN 115913738 A CN115913738 A CN 115913738A CN 202211528605 A CN202211528605 A CN 202211528605A CN 115913738 A CN115913738 A CN 115913738A
- Authority
- CN
- China
- Prior art keywords
- event
- security event
- network security
- network
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 238000004458 analytical method Methods 0.000 claims abstract description 14
- 238000012552 review Methods 0.000 claims description 31
- 230000007123 defense Effects 0.000 claims description 25
- 238000001514 detection method Methods 0.000 claims description 24
- 238000012545 processing Methods 0.000 claims description 22
- 230000008439 repair process Effects 0.000 claims description 19
- 230000010485 coping Effects 0.000 claims description 13
- 238000004088 simulation Methods 0.000 claims description 12
- 238000012550 audit Methods 0.000 claims description 9
- 241000700605 Viruses Species 0.000 claims description 7
- 230000008569 process Effects 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 6
- 238000000605 extraction Methods 0.000 claims description 4
- 238000012795 verification Methods 0.000 claims description 4
- 238000013527 convolutional neural network Methods 0.000 claims description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012806 monitoring device Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application discloses a network security event handling system, a method, electronic equipment and a storage medium, and relates to the technical field of Internet. According to the network security event handling system, the network security event handling method, the electronic device and the storage medium, authenticity and threat level of the detected network security event are accurately analyzed through threat reinspection of the network security event, different network security events are handled through a classified handling mode, comprehensive analysis, classified management and classified handling of the network security event are achieved, pressure of manual handling of the network security event is reduced, handling efficiency of the network security event is improved, and handling cost is reduced.
Description
Technical Field
The application relates to the technical field of internet, in particular to a network security event handling system, a network security event handling method, electronic equipment and a storage medium.
Background
The network security event refers to the situation that an attacker carries out malicious attack on an information system, so that data leakage, data tampering, no access and the like of the information system can be caused.
Due to the diversity of network data, the existing network security event handling technology mainly depends on manual processing, and lacks of systematic and automatic processing technology, for some fuzzy data which may be misjudged or network data with low threat, and some high-risk data are all based on a manual handling mode, so that the situations of low handling efficiency and high cost of network security events occur.
Disclosure of Invention
An object of the present application is to provide a system, a method, an electronic device, and a storage medium for handling network security events, so as to solve the problems of low handling efficiency and high cost of the conventional network security event handling technology proposed in the background art.
In order to achieve the purpose, the application discloses the following technical scheme:
in a first aspect, the application discloses a network security event handling system, which comprises an event detection module, an event review module, a record storage module, an event distribution module, a defense module and an event auditing module;
the event detection module is configured to detect a security event in a network;
the event review module is configured to perform threat review on the authenticity of the network security event through manual work and/or preset verification rules, and the result of the threat review comprises a false security event, a low-level security event and a high-level security event;
the event dispatching module is configured to classify and handle the detected network security events based on the result of the threat review, wherein the classified handling comprises storing the false security events to the record storage module, dispatching the low-level security events to a defense module for virus killing processing, and dispatching the high-level security events to related personnel for processing;
the recording storage module is configured to record the detected network security events and list the fake security events in a mark list;
the defense module is configured to perform active defense and treatment on low-level security events based on a defense model and a strategy established by the convolutional neural network;
the event auditing module is configured to send the processed network security event to the event detection module for detection, define the processed network security event which is determined as the security event without detection as approved, otherwise, define the processed network security event as not approved, and conduct threat review by the event review module and re-dispatch by the event dispatch module for processing until the audit is passed.
Preferably, the defense module comprises a feature storage unit configured to store network attack features, an attack simulation unit configured to perform simulated attack based on the network attack features, a policy customization unit configured to formulate a corresponding coping policy based on the attack simulation unit, an event analysis unit configured to analyze a network security event and extract event features, and a feature comparison unit configured to compare the event features with the stored network attack features; the low-level security event is sent to the event analysis unit to extract event features, the feature comparison unit obtains the extracted event features, network attack features stored in the feature storage unit are read and compared with the event features, and the strategy customization unit matches a coping strategy corresponding to the network attack features based on the compared result to handle the event.
In a second aspect, the present application discloses a method for handling a network security event, which includes the following steps:
carrying out threat retesting on the detected network security events, wherein the result of the threat retesting comprises a fake security event, a low-level security event and a high-level security event;
classifying and disposing the result of the threat retesting, wherein the false security events are listed in a mark list, the low-level security events are sent to a defense module for virus checking and killing, and the high-level security events are sent to related personnel for processing;
and auditing the classified treatment result, recording all data generated in the treatment process if the classified treatment result passes the audit, feeding back audit content and determining the invalidity of the treatment step when the audit is not passed, and repeating the corresponding treatment mode.
Preferably, the threat rechecking of the detected network security event specifically includes verifying the authenticity of the network security event through a manual and/or preset verification rule.
Preferably, after the advanced security event is dispatched to a relevant person for processing, feedback information of the relevant person is received, whether the advanced security event is effectively handled is analyzed based on the feedback information, and after the advanced security event is determined to be effectively handled, handling of the advanced security event is finished.
Preferably, in the threat review of the detected network security event, the detected network security event is matched with the security events recorded in the tag list, when the matching is successful and the number of times that the network security event is judged to be a false security event by the threat review reaches a preset threshold value, the threat review result corresponding to the network security event is adjusted to be a high-level security event, and after the repair patch suggestion data is generated, the repair patch suggestion data is packaged with the network security event and then is classified and disposed.
Preferably, after receiving the high-level security event with the repair patch suggested data, the relevant personnel adjust the patch data based on the repair patch suggested data, detect the repair data with the patch data implanted by using a security event detection method, and define that the network security event is handled completely until the detection result does not detect the repair data as the network security event.
Preferably, the defense module comprises a feature storage unit configured to store network attack features, an attack simulation unit configured to perform simulated attack based on the network attack features, a policy customization unit configured to formulate a corresponding coping policy based on the attack simulation unit, an event analysis unit configured to analyze a network security event and extract event features, and a feature comparison unit configured to compare the event features with the stored network attack features; the low-level security event is sent to the event analysis unit for event feature extraction, the feature comparison unit obtains the extracted event features, network attack features stored in the feature storage unit are read and compared with the event features, and the strategy customization unit matches a coping strategy corresponding to the network attack features for event handling based on the compared result.
In a third aspect, the present application discloses an electronic device, which includes a processor and a memory, where the memory stores computer readable instructions, and the computer readable instructions, when executed by the processor, execute the steps in the network security event handling method.
In a fourth aspect, the present application discloses a storage medium having a computer program stored thereon, where the computer program is executed by a processor to execute the steps of the network security event handling method.
Has the beneficial effects that: the network security event handling system, the method, the electronic device and the storage medium accurately analyze the authenticity and the threat level of the detected network security event through the threat reinspection of the network security event, record the data which is falsely detected as the network security event through a classification handling mode, list the simple network security event with lower threat level or more common network security event as a low-level security event and automatically handle the low-level security event through a defense module, and list the network security event with higher threat level or stronger aggressivity as a high-level security event and handle the high-level security event by related personnel, thereby realizing comprehensive analysis, classification management and classification handling of the network security event, reducing the pressure of manually handling the network security event, improving the handling efficiency of the network security event and reducing the handling cost.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the embodiments or the prior art descriptions will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a block diagram illustrating a network security event handling system according to an embodiment of the present application;
fig. 2 is a schematic flow chart of a network security event handling method in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In this document, the term "comprises/comprising" is intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising 8230; \8230;" comprises 8230; "does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
Examples
Referring to fig. 1, a network security event handling system includes an event detection module, an event review module, a record storage module, an event distribution module, a defense module, and an event auditing module.
In particular, it relates to
The event detection module is configured to detect a security event in a network. The event detection module may be any network security event monitoring device in the prior art, and detects data and behaviors generated in the network through preset attack rule comparison or other manners, so as to define the data or behaviors with corresponding attack characteristics as network security events.
The event review module is configured to perform threat review on authenticity of the network security event through manual work and/or preset review rules, and the result of the threat review includes a false security event, a low-level security event and a high-level security event, wherein the false security event refers to data traffic which is detected by mistake and has attack characteristics, the low-level security event refers to data traffic which has common attack characteristics (such as an advertisement popup window, a blue screen of a display and the like), and the high-level security event refers to a network security event which has strong aggressivity and is judged by an existing virus judgment mode, such as the data difference generated by unusual attack characteristics and normal data interaction is too large.
The event dispatching module is configured to perform classified handling on the detected network security events based on the result of the threat review, and the classified handling comprises storing the false security events to the record storage module, dispatching the low-level security events to a defense module for virus killing processing, and dispatching the high-level security events to related personnel for processing.
The recording storage module is configured to record the detected network security events and list the fake security events in a label list.
The defense module is configured to perform active defense and treatment of low-level security events based on a defense model and strategy established by the convolutional neural network. In this embodiment, the defense module includes a feature storage unit configured to store network attack features, an attack simulation unit configured to simulate an attack based on the network attack features, a policy customization unit configured to formulate a corresponding coping policy based on the attack simulation unit, an event analysis unit configured to analyze a network security event and extract event features, and a feature comparison unit configured to compare the event features with the stored network attack features; the low-level security event is sent to the event analysis unit for event feature extraction, the feature comparison unit obtains the extracted event features, network attack features stored in the feature storage unit are read and compared with the event features, and the strategy customization unit matches a coping strategy corresponding to the network attack features for event handling based on the compared result.
The event auditing module is configured to send the processed network security event to the event detection module for detection, define the processed network security event which is determined as the security event without detection as approved, otherwise, define the processed network security event as not approved, and conduct threat review by the event review module and re-dispatch by the event dispatch module for processing until the audit is passed.
The embodiment also discloses a network security event handling method, as shown in fig. 2, the method includes the following steps:
s101, carrying out threat retesting on the detected network security events, wherein the result of the threat retesting comprises false security events, low-level security events and high-level security events. The threat rechecking of the detected network security event specifically comprises verifying the authenticity of the network security event through manual work and/or preset verification rules. And matching the network security event which is rechecked as the fake security event with the security event recorded in the marked list, adjusting the threat rechecking result corresponding to the network security event into a high-level security event when the matching is successful and the frequency of the network security event which is determined as the fake security event by the threat rechecking reaches a preset threshold value, generating repair patch suggestion data, packaging the repair patch suggestion data with the network security event, and then performing classification treatment. The step aims to repair the data and forcibly process the attack data which adopts a hiding means to hide the identity and attempts to avoid the security detection, thereby avoiding the situations of missing and wrong detection. Further, after receiving the high-level security event with the patch repair suggestion data, the relevant personnel adjust the patch data based on the patch repair suggestion data, detect the repair data with the patch data implanted by using a security event detection method, and define that the network security event is handled completely until the detection result does not detect the repair data as the network security event.
S102, classifying and disposing the result of the threat review, wherein the fake security events are listed in a mark list, the low-level security events are sent to a defense module to be subjected to virus killing processing, the high-level security events are sent to relevant personnel to be processed, feedback information of the relevant personnel is received after the processing, whether the high-level security events are effectively disposed or not is analyzed on the basis of the feedback information, and after the high-level security events are determined to be effectively disposed, the disposal of the high-level security events is finished. In this embodiment, the defense module includes a feature storage unit configured to store network attack features, an attack simulation unit configured to perform simulated attack based on the network attack features, a policy customization unit configured to formulate a corresponding coping policy based on the attack simulation unit, an event analysis unit configured to analyze a network security event and extract event features, and a feature comparison unit configured to compare the event features with the stored network attack features; the low-level security event is sent to the event analysis unit for event feature extraction, the feature comparison unit obtains the extracted event features, network attack features stored in the feature storage unit are read and compared with the event features, and the strategy customization unit matches a coping strategy corresponding to the network attack features for event handling based on the compared result.
S103, checking the classified processing result, recording all data generated in the processing process if the checking is passed, feeding back the checking content and determining the invalidity of the processing step when the checking is not passed, and repeating the corresponding processing mode.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The embodiment also discloses an electronic device, which includes a processor and a memory, where the memory stores computer readable instructions, and when the computer readable instructions are executed by the processor, the steps in the network security event handling method are executed.
And a storage medium, which may be a read-only memory, a magnetic disk or an optical disk, etc., on which a computer program is stored, wherein the computer program, when executed by a processor, executes the steps in the above network security event handling method.
Finally, it should be noted that: although the present application has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments or portions thereof without departing from the spirit and scope of the present application.
Claims (10)
1. A network security event handling system is characterized by comprising an event detection module, an event review module, a record storage module, an event distribution module, a defense module and an event auditing module;
the event detection module is configured to detect a security event in a network;
the event review module is configured to perform threat review on the authenticity of the network security event through manual and/or preset review rules, and the result of the threat review comprises a fake security event, a low-level security event and a high-level security event;
the event dispatching module is configured to classify and handle the detected network security events based on the result of the threat review, wherein the classified handling comprises storing the false security events to the record storage module, dispatching the low-level security events to a defense module for virus killing processing, and dispatching the high-level security events to related personnel for processing;
the recording storage module is configured to record the detected network security events and list the fake security events in a mark list;
the defense module is configured to perform active defense and treatment of low-level security events based on a defense model and a strategy established by a convolutional neural network;
the event auditing module is configured to send the processed network security event to the event detection module for detection, define the processed network security event which is determined as the security event without detection as approved, otherwise, define the processed network security event as not approved, and conduct threat review by the event review module and re-dispatch by the event dispatch module for processing until the audit is passed.
2. The system according to claim 1, wherein the defense module comprises a feature storage unit configured to store network attack features, an attack simulation unit configured to simulate attacks based on the network attack features, a policy customization unit configured to formulate corresponding coping policies based on the attack simulation unit, an event analysis unit configured to analyze network security events and extract event features, and a feature comparison unit configured to compare the event features with the stored network attack features; the low-level security event is sent to the event analysis unit to extract event features, the feature comparison unit obtains the extracted event features, network attack features stored in the feature storage unit are read and compared with the event features, and the strategy customization unit matches a coping strategy corresponding to the network attack features based on the compared result to handle the event.
3. A method for handling network security events, the method comprising:
carrying out threat reinspection on the detected network security events, wherein the result of the threat reinspection comprises a fake security event, a low-level security event and a high-level security event;
classifying and disposing the result of the threat retesting, wherein the false security events are listed in a mark list, the low-level security events are sent to a defense module for virus checking and killing, and the high-level security events are sent to related personnel for processing;
and auditing the classified disposal results, recording all data generated in the disposal process if the classified disposal results pass the audit, feeding back audit contents and determining the invalidity of the disposal steps when the audit fails, and repeating the corresponding disposal mode.
4. The method as claimed in claim 3, wherein the threat review of the detected network security event specifically includes verifying the authenticity of the network security event by a human and/or a preset verification rule.
5. The method according to claim 3, wherein the dispatching the advanced security event to the relevant personnel for processing receives feedback information of the relevant personnel, analyzes whether the advanced security event is effectively processed based on the feedback information, and terminates processing of the advanced security event after determining that the advanced security event is effectively processed.
6. The method for handling the network security event according to claim 3, wherein in the threat review of the detected network security event, the detected network security event is matched with the security event recorded in the tag list, when the matching is successful and the number of times that the network security event is determined as a false security event by the threat review reaches a preset threshold value, the threat review result corresponding to the network security event is adjusted to a high-level security event, and after the repair patch suggestion data is generated, the repair patch suggestion data is packaged with the network security event and then is classified and handled.
7. The method for handling the network security event according to claim 6, wherein after receiving the high security event with the recommended repair patch data, the relevant personnel adjusts the patch data based on the recommended repair patch data, and detects the repair data after the patch data is implanted by using a security event detection method until the detection result does not detect the repair data as the network security event, and then defines that the handling of the network security event is completed.
8. The method for handling the network security event according to claim 3, wherein the defense module comprises a feature storage unit configured to store the network attack features, an attack simulation unit configured to simulate an attack based on the network attack features, and a corresponding coping strategy making unit configured to make a corresponding coping strategy based on the attack simulation unit
The system comprises a policy customization unit, an event analysis unit configured to analyze the network security event and extract the event characteristics, and a characteristic comparison unit configured to compare the event characteristics with the stored network attack characteristics; the low-level security event is sent to the event analysis unit for event feature extraction, the feature comparison unit obtains the extracted event features, network attack features stored in the feature storage unit are read and compared with the event features, and the strategy customization unit matches a coping strategy corresponding to the network attack features for event handling based on the compared result.
9. An electronic device comprising a processor and a memory, the memory storing computer readable instructions which, when executed by the processor, perform the steps of the network security event handling method of any of claims 3 to 8.
10. A storage medium having a computer program stored thereon, wherein the computer program, when executed by a processor, performs the steps of the network security event handling method according to any of claims 3 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211528605.9A CN115913738A (en) | 2022-11-30 | 2022-11-30 | Network security event handling system, method, electronic device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211528605.9A CN115913738A (en) | 2022-11-30 | 2022-11-30 | Network security event handling system, method, electronic device and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115913738A true CN115913738A (en) | 2023-04-04 |
Family
ID=86496047
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211528605.9A Pending CN115913738A (en) | 2022-11-30 | 2022-11-30 | Network security event handling system, method, electronic device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115913738A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107241352A (en) * | 2017-07-17 | 2017-10-10 | 浙江鹏信信息科技股份有限公司 | A kind of net security accident classificaiton and Forecasting Methodology and system |
| US20170316203A1 (en) * | 2012-02-01 | 2017-11-02 | Servicenow, Inc. | Techniques for sharing network security event information |
| CN108337270A (en) * | 2018-05-18 | 2018-07-27 | 梧州井儿铺贸易有限公司 | A kind of enterprise network security event management system |
| US20200053117A1 (en) * | 2018-08-07 | 2020-02-13 | Telesis Corporation | Method, system, and/or software for finding and addressing an information/data or related system's security risk, threat, vulnerability, or similar event, in a computing device or system |
| CN111935074A (en) * | 2020-06-22 | 2020-11-13 | 国网电力科学研究院有限公司 | Integrated network security detection method and device |
| CN113271318A (en) * | 2021-07-19 | 2021-08-17 | 中国科学院信息工程研究所 | Network threat perception system and method |
-
2022
- 2022-11-30 CN CN202211528605.9A patent/CN115913738A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170316203A1 (en) * | 2012-02-01 | 2017-11-02 | Servicenow, Inc. | Techniques for sharing network security event information |
| CN107241352A (en) * | 2017-07-17 | 2017-10-10 | 浙江鹏信信息科技股份有限公司 | A kind of net security accident classificaiton and Forecasting Methodology and system |
| CN108337270A (en) * | 2018-05-18 | 2018-07-27 | 梧州井儿铺贸易有限公司 | A kind of enterprise network security event management system |
| US20200053117A1 (en) * | 2018-08-07 | 2020-02-13 | Telesis Corporation | Method, system, and/or software for finding and addressing an information/data or related system's security risk, threat, vulnerability, or similar event, in a computing device or system |
| CN111935074A (en) * | 2020-06-22 | 2020-11-13 | 国网电力科学研究院有限公司 | Integrated network security detection method and device |
| CN113271318A (en) * | 2021-07-19 | 2021-08-17 | 中国科学院信息工程研究所 | Network threat perception system and method |
Non-Patent Citations (2)
| Title |
|---|
| WENBO GUO; QINGLONG WANG; KAIXUAN ZHANG; ALEXANDER G. ORORBIA; SUI HUANG; XUE LIU MCGILL UNIVERSITY ; C. LEE GILES; LIN LIN PENNSY: "《Defending Against Adversarial Samples Without Security through Obscurity》", 《 2018 IEEE INTERNATIONAL CONFERENCE ON DATA MINING (ICDM)》, 30 December 2018 (2018-12-30) * |
| 陈帅豪: "《面向网络安全领域的实体抽取技术研究》", 《信息科技》, no. 2022, 15 October 2022 (2022-10-15) * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108683687B (en) | Network attack identification method and system | |
| CN108881263B (en) | Network attack result detection method and system | |
| CN106790186A (en) | Multi-step attack detection method based on multi-source anomalous event association analysis | |
| CN108833186A (en) | A kind of network attack prediction technique and device | |
| CN105138913A (en) | Malware detection method based on multi-view ensemble learning | |
| CN107016298B (en) | Webpage tampering monitoring method and device | |
| CN109190657A (en) | Sample homogeneous assays method based on data slicer and image hash combination | |
| CN106027528A (en) | WEB horizontal authority automatic identification method and device | |
| CN109859030A (en) | Methods of risk assessment, device, storage medium and server based on user behavior | |
| JP2003126067A (en) | Device and method to enhance verification of characteristics of body | |
| CN107566350A (en) | Security configuration vulnerability monitoring method, apparatus and computer-readable recording medium | |
| Beltzung et al. | Real-time detection of fake-shops through machine learning | |
| CN106973051A (en) | Set up method, device, storage medium and the processor of detection Cyberthreat model | |
| CN105227540B (en) | The MTD guard systems and method of a kind of event-triggered | |
| CN109474611A (en) | It is a kind of that detection technique is protected based on multifactor E mail safety | |
| CN113987508A (en) | Vulnerability processing method, device, equipment and medium | |
| CN115913738A (en) | Network security event handling system, method, electronic device and storage medium | |
| CN112836160A (en) | Content auditing method, device and equipment | |
| US11113917B2 (en) | Method for implementing banknote counting of banknote counting device, and banknote counting device | |
| CN112818150B (en) | Picture content auditing method, device, equipment and medium | |
| CN109146521A (en) | Palm off risk management method and system | |
| CN114037395A (en) | Abnormal consignment data identification method and system, electronic equipment and storage medium | |
| CN113162891B (en) | Attack flow rapid identification system, method, computer readable medium and equipment | |
| CN114124453A (en) | Network security information processing method and device, electronic equipment and storage medium | |
| CN114641022A (en) | Mobile internet security service system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |