CN116886370A - Protection system for network security authentication - Google Patents
Protection system for network security authentication Download PDFInfo
- Publication number
- CN116886370A CN116886370A CN202310888856.6A CN202310888856A CN116886370A CN 116886370 A CN116886370 A CN 116886370A CN 202310888856 A CN202310888856 A CN 202310888856A CN 116886370 A CN116886370 A CN 116886370A
- Authority
- CN
- China
- Prior art keywords
- network
- processed
- intrusion
- virus
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 241000700605 Viruses Species 0.000 claims abstract description 150
- 238000004458 analytical method Methods 0.000 claims abstract description 16
- 238000001514 detection method Methods 0.000 claims abstract description 15
- 238000000034 method Methods 0.000 claims description 11
- 238000012795 verification Methods 0.000 claims description 3
- 230000009545 invasion Effects 0.000 abstract description 4
- 239000004973 liquid crystal related substance Substances 0.000 description 4
- 238000004088 simulation Methods 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Abstract
The application discloses a protection system for network security authentication, which relates to the technical field of network security and comprises a network access detection unit, a characteristic comparison unit, a network intrusion virus characteristic database, a network intrusion characteristic analysis unit, a virtual operation system, a network management end and a network access authentication unit; the network access detection unit is used for extracting and detecting the data characteristics before accessing the network to form the network information to be processed; the feature comparison unit is used for comparing the features extracted before the network to be processed is accessed with the data in the network intrusion virus feature database, and confirming the security of the network to be processed; the virtual operation system is used for carrying out bearing operation on the network to be processed, and the security of the actual operation of the network to be processed is obtained. The application avoids the invasion of hidden viruses to the system, reduces the probability of invading the system, can greatly improve the security of network authentication, and has better system protection.
Description
Technical Field
The application relates to the technical field of network security, in particular to a protection system for network security authentication.
Background
With the development of society and the progress of the internet, network access is a mode of data acquisition and transmission, but at the same time, there is a great hidden danger in network access, and the network access system may be invaded and attacked by virus.
The prior art has the following defects: the characteristics of viruses are various, viruses with certain similarity are difficult to identify, the viruses cannot be verified in safety, safety authentication before network access is difficult to carry out, the system for accessing the network has no effective network safety protection, and when virus characteristic comparison is carried out, priority comparison selection is not carried out, so that the processing efficiency of virus comparison is difficult to improve.
Disclosure of Invention
The application aims to provide a protection system for network security authentication, which is used for solving the defects in the background technology.
In order to achieve the above object, the present application provides the following technical solutions: the protection system for network security authentication comprises a network access detection unit, a feature comparison unit, a network intrusion virus feature database, a network intrusion feature analysis unit, a virtual operation system, a network management end and a network access authentication unit;
the network access detection unit is used for extracting and detecting data characteristics before accessing the network to form network information to be processed;
the feature comparison unit is used for comparing the features extracted before the network to be processed is accessed with the data in the network intrusion virus feature database, and confirming the security of the network to be processed;
the virtual operation system is used for carrying out bearing operation on the network to be processed, so as to obtain the safety of the actual operation of the network to be processed;
the network intrusion characteristic analysis unit is used for extracting characteristics of dangerous network intrusion data to be processed and analyzing virus characteristic parts;
the network intrusion virus characteristic database is used for recording network intrusion virus characteristics as a comparison item;
the network management end is used for adding virus characteristics and manually analyzing and extracting the virus characteristics in dangerous network intrusion data to be processed;
the network access authentication unit is used for accessing and authenticating the network in the safe state confirmed by the virtual operation system operation.
In a preferred embodiment, the network information to be processed is formed in the following manner:
acquiring needed network information to be processed, extracting all the network data characteristics to be processed, and extracting the data characteristics of a plurality of networks to be processed and connecting data in series when a plurality of network linkage conditions to be processed exist;
and a plurality of networks to be processed are chained to form a detection item, and the collection and classification of the data characteristics are carried out according to the detection item to form the network information to be processed.
In a preferred embodiment, the method for confirming the security of the network to be processed is as follows:
acquiring network information to be processed, further carrying out data comparison in a network intrusion virus characteristic database according to the characteristics of the network data to be processed, and obtaining dangerous virus characteristics of the network data to be processed by taking characteristic data in the network intrusion virus characteristic database as comparison items, thereby forming a virus characteristic similarity block;
the similarity of the virus characteristic similar blocks is analyzed, and then dangerous marks are carried out, wherein the similarity analysis flow of the virus characteristic similar blocks is as follows:
acquiring virus characteristic similar block data and combining a comparison item to perform characteristic coincidence comparison to obtain a virus characteristic coincidence part and a virus characteristic distinction part, wherein the virus characteristic coincidence part adopts a red font mark, and the virus characteristic distinction part adopts a yellow font mark; according to the overlapping part, similarity analysis is obtained, the network to be processed is judged to be in a safe state or a dangerous state, and then a dangerous state and virus characteristic similarity block is prompted and displayed to a network management end, and the network management end judges the safety of the network to be processed;
and according to the data characteristics of the network to be processed, carrying out data comparison in a network intrusion virus characteristic database, and judging that the network is in a safe state if the virus characteristics are not present.
In a preferred embodiment, the verification mode of the actual operation security of the network to be processed is that;
the method comprises the steps of obtaining a security state to-be-processed network judged by a feature comparison unit, and accessing the to-be-processed network into a virtual operation system for operation;
when the security problem of network attack intrusion does not occur in the virtual operation system, the network to be processed is confirmed to be in a security state;
when the security problem of network attack intrusion occurs in the virtual operation system of the network to be processed, confirming that the network to be processed is in a dangerous state, and simultaneously acquiring process data of the network to be processed in the attack intrusion virtual operation system to form dangerous network intrusion data to be processed;
setting an observation period T, acquiring the network times of the network to be processed entering the virtual operation system, and simultaneously acquiring the times of dangerous states of the virtual operation system during simulation operation to obtain a network intrusion hiding index, wherein the calculation formula is as follows:
wherein, the liquid crystal display device comprises a liquid crystal display device,concealing the index, n, for network intrusion w Simulating the number of times of dangerous state occurrence for the virtual operation system, n z For the number of times the network to be processed enters the virtual operation system for operation, it should be noted that n w The larger the value is +.>The larger the value is, the stronger the index of representing network intrusion is, the more importance is required to be paid to network security authentication, and then the similarity threshold is adjusted, so that viruses with stronger hiding property are prevented from avoiding judgment of the feature comparison unit, and the network intrusion detection system has better protection property.
In a preferred embodiment, the virus signature is analyzed in the following manner: acquiring dangerous network intrusion data to be processed and feeding back the data to a network management end, analyzing the characteristics of the dangerous network intrusion data to be processed through the network management end, and extracting the characteristics of network intrusion viruses;
storing the network intrusion virus characteristics into a network intrusion virus characteristic database to form an updated network intrusion virus characteristic database, and immediately starting the intrusion virtual operation system to clear data to an original state after confirming the network intrusion virus characteristics through a network management end.
In a preferred embodiment, the contrast is formed in the following manner:
and storing the network intrusion virus characteristics acquired according to the network intrusion virus characteristic analysis unit into a network intrusion virus characteristic database to be used as an active network intrusion virus characteristic database.
In a preferred embodiment, virus characteristics can be manually input through a network management end, and the virus characteristics are stored into a network intrusion virus characteristic database to be used as a passive network intrusion virus characteristic database;
when the data of the network data to be processed is compared in the network intrusion virus characteristic database through the characteristic comparison unit, the active network intrusion virus characteristic database is used as a primary comparison database, and when the same virus characteristics are not matched in the active network intrusion virus characteristic database, the data is compared in the passive network intrusion virus characteristic database, and the passive network intrusion virus characteristic database is used as a secondary comparison database.
In a preferred embodiment, a virtual running system and a network to be processed with a security state confirmed by a feature comparison unit are obtained, and the network to be processed is further converted into an access network to be subjected to trust marking, so that network security authentication is formed.
In the technical scheme, the application has the technical effects and advantages that:
1. the application can simulate the operation of the virtual network before the network security authentication access, monitor the security of the network operation, avoid the invasion of the hidden virus to the system, reduce the probability of invading the system, greatly improve the security of the network authentication and have better system protection;
2. the application can greatly improve the processing efficiency of the virus characteristic comparison data and ensure the accuracy of the virus characteristic comparison result.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings required for the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments described in the present application, and other drawings may be obtained according to these drawings for a person having ordinary skill in the art.
Fig. 1 is a system block diagram of the present application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments of the present application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
An embodiment 1, referring to fig. 1, is a protection system for network security authentication, including a network access detection unit, a feature comparison unit, a network intrusion virus feature database, a network intrusion feature analysis unit, a virtual operation system, a network management end and a network access authentication unit;
the network access detection unit is used for extracting and detecting data characteristics before accessing the network to form network information to be processed;
the method for forming the network information to be processed comprises the following steps:
acquiring needed network information to be processed, extracting all data characteristics of the network to be processed, and extracting the data characteristics of the networks to be processed and connecting data in series when a plurality of network linkage conditions to be processed exist (a network access exists in a plurality of linkage networks);
a plurality of networks to be processed are chained to form a detection item, and data characteristics are collected and classified according to the detection item to form network information to be processed;
the feature comparison unit is used for comparing the features extracted before the network to be processed is accessed with the data in the network intrusion virus feature database, and confirming the security of the network to be processed;
the method for confirming the security of the network to be processed is as follows:
acquiring network information to be processed, further carrying out data comparison in a network intrusion virus characteristic database according to the characteristics of the network data to be processed, and obtaining dangerous virus characteristics of the network data to be processed by taking characteristic data in the network intrusion virus characteristic database as a comparison item, thereby forming a virus characteristic similar block (network data characteristics to be processed);
the similarity of the virus characteristic similar blocks is analyzed, and then dangerous marks are carried out, wherein the similarity analysis flow of the virus characteristic similar blocks is as follows:
acquiring virus characteristic similar block data and combining a comparison item to perform characteristic coincidence comparison (the virus characteristic similar block data and the comparison item data are subjected to coincidence characteristic corresponding comparison) so as to obtain a coincidence part and a distinguishing part of the virus characteristic, wherein the coincidence part of the virus characteristic adopts a red font mark, and the distinguishing part of the virus characteristic adopts a yellow font mark; and obtaining similarity analysis according to the overlapping part, wherein the obtaining formula is as follows:wherein μ is feature similarity, ε j E for the continuous code number of the network characteristics to be processed and the coincidence of the comparison items s The number of significant codes for the comparison term for the virus signature;
setting a similarity threshold, and judging that the network to be processed is in a safe state when the similarity threshold is not exceeded, and verifying by a feature comparison unit; when the similarity threshold value is exceeded, judging that the network to be processed is in a dangerous state, further prompting and displaying a dangerous state and virus characteristic similarity block to a network management end, and judging the safety of the network to be processed by the network management end;
according to the data characteristics of the network to be processed, performing data comparison in a network intrusion virus characteristic database, and judging that the network is in a safe state if no virus characteristics exist;
the virtual operation system is used for carrying out bearing operation on the network to be processed, so as to obtain the safety of the actual operation of the network to be processed;
the verification mode of the actual operation safety of the network to be processed is as follows;
the method comprises the steps of obtaining a security state to-be-processed network judged by a feature comparison unit, and accessing the to-be-processed network into a virtual operation system for operation;
when the security problem of network attack intrusion does not occur in the virtual operation system, the network to be processed is confirmed to be in a security state;
when the security problem of network attack intrusion occurs in the virtual operation system of the network to be processed, confirming that the network to be processed is in a dangerous state, and simultaneously acquiring process data of the network to be processed in the attack intrusion virtual operation system to form dangerous network intrusion data to be processed;
setting an observation period T, acquiring the network times of the network to be processed entering the virtual operation system, and simultaneously acquiring the times of dangerous states of the virtual operation system during simulation operation to obtain a network intrusion hiding index, wherein the calculation formula is as follows:
wherein, the liquid crystal display device comprises a liquid crystal display device,concealing the index, n, for network intrusion w Simulating the number of times of dangerous state occurrence for the virtual operation system, n z For the number of times the network to be processed enters the virtual operation system for operation, it should be noted that n w The larger the value is +.>The larger the value is, the representing the network intrusion hiding indexThe stronger the network security authentication is, the more importance is required, the similarity threshold is adjusted, the virus with stronger concealment is prevented from avoiding the judgment of the feature comparison unit, and the better protection is achieved;
the virtual network operation simulation can be carried out before the network security authentication access, the security of the network operation is monitored, the intrusion of hidden viruses to the system is avoided, the probability of the intrusion of the system is reduced, the security of the network authentication can be greatly improved, and the system protection is good;
the network intrusion characteristic analysis unit is used for extracting characteristics of dangerous network intrusion data to be processed and analyzing virus characteristic parts;
acquiring dangerous network intrusion data to be processed and feeding back the data to a network management end, analyzing the characteristics of the dangerous network intrusion data to be processed through the network management end, and extracting the characteristics of network intrusion viruses;
storing the network intrusion virus characteristics into a network intrusion virus characteristic database to form an updated network intrusion virus characteristic database, and immediately starting the intrusion virtual operation system to clear data to an original state (system initial download operation state) after confirming the network intrusion virus characteristics through a network management end.
In embodiment 2, referring to fig. 1, the network intrusion virus feature database is used for recording network intrusion virus features as comparison items;
the contrast item is formed in the following manner:
storing the network intrusion virus characteristics acquired according to the network intrusion virus characteristic analysis unit into a network intrusion virus characteristic database to be used as an active network intrusion virus characteristic database;
the virus characteristics (viruses of the system which are not currently invaded by the network) can be manually input through the network management end, and the virus characteristics are stored into a network invasion virus characteristic database to be used as a passive network invasion virus characteristic database;
when the data of the network data to be processed is compared in the network intrusion virus characteristic database through the characteristic comparison unit, the active network intrusion virus characteristic database is used as a first-level comparison database, and when the same virus characteristics are not matched in the active network intrusion virus characteristic database (when similar virus characteristics appear in the active network intrusion virus characteristic database, the data are also required to be transferred into a passive network intrusion virus characteristic database for comparison), and then the data are compared in the passive network intrusion virus characteristic database, and the passive network intrusion virus characteristic database is used as a second-level comparison database;
because the active network intrusion virus characteristic database is the main stream virus of the attack system virus, the active network intrusion virus characteristic database is used as a primary comparison database, so that the processing efficiency of virus characteristic comparison data can be greatly improved, and meanwhile, the accuracy of virus characteristic comparison results can be ensured;
the network management end is used for adding virus characteristics and manually analyzing and extracting the virus characteristics in dangerous network intrusion data to be processed (manually adding the virus characteristics into a network intrusion virus characteristic database);
the network access authentication unit is used for accessing and authenticating the network in the safe state confirmed by the virtual operation system operation;
and acquiring a virtual operation system and a network to be processed, the security state of which is confirmed through the feature comparison unit, and further converting the network to be processed into an access network to carry out trust marking, thereby forming network security authentication.
The foregoing is merely illustrative of the present application, and the present application is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (8)
1. A protection system for network security authentication, characterized in that: the system comprises a network access detection unit, a characteristic comparison unit, a network intrusion virus characteristic database, a network intrusion characteristic analysis unit, a virtual operation system, a network management end and a network access authentication unit;
the network access detection unit is used for extracting and detecting data characteristics before accessing the network to form network information to be processed;
the feature comparison unit is used for comparing the features extracted before the network to be processed is accessed with the data in the network intrusion virus feature database, and confirming the security of the network to be processed;
the virtual operation system is used for carrying out bearing operation on the network to be processed, so as to obtain the safety of the actual operation of the network to be processed;
the network intrusion characteristic analysis unit is used for extracting characteristics of dangerous network intrusion data to be processed and analyzing virus characteristic parts;
the network intrusion virus characteristic database is used for recording network intrusion virus characteristics as a comparison item;
the network management end is used for adding virus characteristics and manually analyzing and extracting the virus characteristics in dangerous network intrusion data to be processed;
the network access authentication unit is used for accessing and authenticating the network in the safe state confirmed by the virtual operation system operation.
2. A protection system for network security authentication as defined in claim 1, wherein: the method for forming the network information to be processed comprises the following steps:
acquiring needed network information to be processed, extracting all the network data characteristics to be processed, and extracting the data characteristics of a plurality of networks to be processed and connecting data in series when a plurality of network linkage conditions to be processed exist;
and a plurality of networks to be processed are chained to form a detection item, and the collection and classification of the data characteristics are carried out according to the detection item to form the network information to be processed.
3. A protection system for network security authentication as defined in claim 2, wherein: the method for confirming the security of the network to be processed is as follows:
acquiring network information to be processed, further carrying out data comparison in a network intrusion virus characteristic database according to the characteristics of the network data to be processed, and obtaining dangerous virus characteristics of the network data to be processed by taking characteristic data in the network intrusion virus characteristic database as comparison items, thereby forming a virus characteristic similarity block;
the similarity of the virus characteristic similar blocks is analyzed, and then dangerous marks are carried out, wherein the similarity analysis flow of the virus characteristic similar blocks is as follows:
acquiring virus characteristic similar block data and combining a comparison item to perform characteristic coincidence comparison to obtain a virus characteristic coincidence part and a virus characteristic distinction part, wherein the virus characteristic coincidence part adopts a red font mark, and the virus characteristic distinction part adopts a yellow font mark; according to the overlapping part, similarity analysis is obtained, the network to be processed is judged to be in a safe state or a dangerous state, and then a dangerous state and virus characteristic similarity block is prompted and displayed to a network management end, and the network management end judges the safety of the network to be processed;
and according to the data characteristics of the network to be processed, carrying out data comparison in a network intrusion virus characteristic database, and judging that the network is in a safe state if the virus characteristics are not present.
4. A protection system for network security authentication as defined in claim 3, wherein: the verification mode of the actual operation safety of the network to be processed is as follows;
the method comprises the steps of obtaining a security state to-be-processed network judged by a feature comparison unit, and accessing the to-be-processed network into a virtual operation system for operation;
when the security problem of network attack intrusion does not occur in the virtual operation system, the network to be processed is confirmed to be in a security state;
when the security problem of network attack intrusion occurs in the virtual operation system of the network to be processed, the network to be processed is confirmed to be in a dangerous state, and meanwhile, the process data of the network to be processed in the attack intrusion virtual operation system is acquired to form dangerous network intrusion data to be processed.
5. The protection system for network security authentication of claim 4, wherein: the virus characteristic part is analyzed in the following way: acquiring dangerous network intrusion data to be processed and feeding back the data to a network management end, analyzing the characteristics of the dangerous network intrusion data to be processed through the network management end, and extracting the characteristics of network intrusion viruses;
storing the network intrusion virus characteristics into a network intrusion virus characteristic database to form an updated network intrusion virus characteristic database, and immediately starting the intrusion virtual operation system to clear data to an original state after confirming the network intrusion virus characteristics through a network management end.
6. The protection system for network security authentication of claim 5, wherein: the contrast item is formed in the following manner:
and storing the network intrusion virus characteristics acquired according to the network intrusion virus characteristic analysis unit into a network intrusion virus characteristic database to be used as an active network intrusion virus characteristic database.
7. A protection system for network security authentication as defined in claim 6, wherein: the virus characteristics can be manually input through the network management end, and the virus characteristics are stored into a network intrusion virus characteristic database to be used as a passive network intrusion virus characteristic database;
when the data of the network data to be processed is compared in the network intrusion virus characteristic database through the characteristic comparison unit, the active network intrusion virus characteristic database is used as a primary comparison database, and when the same virus characteristics are not matched in the active network intrusion virus characteristic database, the data is compared in the passive network intrusion virus characteristic database, and the passive network intrusion virus characteristic database is used as a secondary comparison database.
8. The protection system for network security authentication of claim 4, wherein: and acquiring a virtual operation system and a network to be processed, the security state of which is confirmed through the feature comparison unit, and further converting the network to be processed into an access network to carry out trust marking, thereby forming network security authentication.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310888856.6A CN116886370B (en) | 2023-07-19 | 2023-07-19 | Protection system for network security authentication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310888856.6A CN116886370B (en) | 2023-07-19 | 2023-07-19 | Protection system for network security authentication |
Publications (2)
Publication Number | Publication Date |
---|---|
CN116886370A true CN116886370A (en) | 2023-10-13 |
CN116886370B CN116886370B (en) | 2023-12-08 |
Family
ID=88269524
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310888856.6A Active CN116886370B (en) | 2023-07-19 | 2023-07-19 | Protection system for network security authentication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116886370B (en) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050071650A1 (en) * | 2003-09-29 | 2005-03-31 | Jo Su Hyung | Method and apparatus for security engine management in network nodes |
WO2010017679A1 (en) * | 2008-08-15 | 2010-02-18 | 北京启明星辰信息技术股份有限公司 | Method and device for intrusion detection |
US20160148201A1 (en) * | 2014-11-26 | 2016-05-26 | Buy It Mobility Networks Inc. | Intelligent authentication process |
CN107493300A (en) * | 2017-09-20 | 2017-12-19 | 河北师范大学 | Network security protection system |
CN110677415A (en) * | 2019-09-29 | 2020-01-10 | 信阳农林学院 | Network information safety protection system |
CN112187792A (en) * | 2020-09-27 | 2021-01-05 | 安徽斯跑特科技有限公司 | Network information safety protection system based on internet |
CN113656799A (en) * | 2021-08-18 | 2021-11-16 | 浙江国利网安科技有限公司 | Industrial control virus analysis method, device, storage medium and equipment |
US11539671B1 (en) * | 2021-11-17 | 2022-12-27 | Uab 360 It | Authentication scheme in a virtual private network |
-
2023
- 2023-07-19 CN CN202310888856.6A patent/CN116886370B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050071650A1 (en) * | 2003-09-29 | 2005-03-31 | Jo Su Hyung | Method and apparatus for security engine management in network nodes |
WO2010017679A1 (en) * | 2008-08-15 | 2010-02-18 | 北京启明星辰信息技术股份有限公司 | Method and device for intrusion detection |
US20160148201A1 (en) * | 2014-11-26 | 2016-05-26 | Buy It Mobility Networks Inc. | Intelligent authentication process |
CN107493300A (en) * | 2017-09-20 | 2017-12-19 | 河北师范大学 | Network security protection system |
CN110677415A (en) * | 2019-09-29 | 2020-01-10 | 信阳农林学院 | Network information safety protection system |
CN112187792A (en) * | 2020-09-27 | 2021-01-05 | 安徽斯跑特科技有限公司 | Network information safety protection system based on internet |
CN113656799A (en) * | 2021-08-18 | 2021-11-16 | 浙江国利网安科技有限公司 | Industrial control virus analysis method, device, storage medium and equipment |
US11539671B1 (en) * | 2021-11-17 | 2022-12-27 | Uab 360 It | Authentication scheme in a virtual private network |
Non-Patent Citations (3)
Title |
---|
杨青;: "基于蜜罐的网络动态取证系统研究", 山东科学, no. 05 * |
石琦: "桌面云网络准入控制技术研究", 网络与信息安全 * |
许伦彰;: "虚拟蜜罐技术在校园网安全中的应用", 保密科学技术, no. 06 * |
Also Published As
Publication number | Publication date |
---|---|
CN116886370B (en) | 2023-12-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR102047782B1 (en) | Method and apparatus for recognizing cyber threats using correlational analytics | |
Azeez et al. | Identifying phishing attacks in communication networks using URL consistency features | |
CN109922065B (en) | Quick identification method for malicious website | |
CN114021040B (en) | Method and system for alarming and protecting malicious event based on service access | |
CN103577323B (en) | Based on the software plagiarism detection method of dynamic keyword instruction sequence birthmark | |
CN109257393A (en) | XSS attack defence method and device based on machine learning | |
WO2021017318A1 (en) | Cross-site scripting attack protection method and apparatus, device and storage medium | |
CN116781430B (en) | Network information security system and method for gas pipe network | |
CN113904861B (en) | Encryption traffic safety detection method and device | |
CN112199677A (en) | Data processing method and device | |
CN113904834B (en) | XSS attack detection method based on machine learning | |
CN105468972B (en) | A kind of mobile terminal document detection method | |
CN112600828B (en) | Attack detection and protection method and device for power control system based on data message | |
CN112287345B (en) | Trusted edge computing system based on intelligent risk detection | |
Bai et al. | Dynamic k-gram based software birthmark | |
CN116886370B (en) | Protection system for network security authentication | |
CN116389148B (en) | Network security situation prediction system based on artificial intelligence | |
KR20070077517A (en) | Profile-based web application intrusion detection system and the method | |
CN109889527B (en) | Network security protection system based on big data and protection method thereof | |
CN115134159B (en) | Safety alarm analysis optimization method | |
CN115174205B (en) | Network space safety real-time monitoring method, system and computer storage medium | |
CN111784404A (en) | Abnormal asset identification method based on behavior variable prediction | |
CN116707924A (en) | Network security detection method and system based on big data analysis | |
CN116467697A (en) | Data association system based on information security network defense | |
CN108573148B (en) | Confusion encryption script identification method based on lexical analysis |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |