CN116886370A - Protection system for network security authentication - Google Patents

Protection system for network security authentication Download PDF

Info

Publication number
CN116886370A
CN116886370A CN202310888856.6A CN202310888856A CN116886370A CN 116886370 A CN116886370 A CN 116886370A CN 202310888856 A CN202310888856 A CN 202310888856A CN 116886370 A CN116886370 A CN 116886370A
Authority
CN
China
Prior art keywords
network
processed
intrusion
virus
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310888856.6A
Other languages
Chinese (zh)
Other versions
CN116886370B (en
Inventor
魏书山
陈志峰
曹伟祺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Waner Technology Co ltd
Original Assignee
Guangdong Waner Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Waner Technology Co ltd filed Critical Guangdong Waner Technology Co ltd
Priority to CN202310888856.6A priority Critical patent/CN116886370B/en
Publication of CN116886370A publication Critical patent/CN116886370A/en
Application granted granted Critical
Publication of CN116886370B publication Critical patent/CN116886370B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Abstract

The application discloses a protection system for network security authentication, which relates to the technical field of network security and comprises a network access detection unit, a characteristic comparison unit, a network intrusion virus characteristic database, a network intrusion characteristic analysis unit, a virtual operation system, a network management end and a network access authentication unit; the network access detection unit is used for extracting and detecting the data characteristics before accessing the network to form the network information to be processed; the feature comparison unit is used for comparing the features extracted before the network to be processed is accessed with the data in the network intrusion virus feature database, and confirming the security of the network to be processed; the virtual operation system is used for carrying out bearing operation on the network to be processed, and the security of the actual operation of the network to be processed is obtained. The application avoids the invasion of hidden viruses to the system, reduces the probability of invading the system, can greatly improve the security of network authentication, and has better system protection.

Description

Protection system for network security authentication
Technical Field
The application relates to the technical field of network security, in particular to a protection system for network security authentication.
Background
With the development of society and the progress of the internet, network access is a mode of data acquisition and transmission, but at the same time, there is a great hidden danger in network access, and the network access system may be invaded and attacked by virus.
The prior art has the following defects: the characteristics of viruses are various, viruses with certain similarity are difficult to identify, the viruses cannot be verified in safety, safety authentication before network access is difficult to carry out, the system for accessing the network has no effective network safety protection, and when virus characteristic comparison is carried out, priority comparison selection is not carried out, so that the processing efficiency of virus comparison is difficult to improve.
Disclosure of Invention
The application aims to provide a protection system for network security authentication, which is used for solving the defects in the background technology.
In order to achieve the above object, the present application provides the following technical solutions: the protection system for network security authentication comprises a network access detection unit, a feature comparison unit, a network intrusion virus feature database, a network intrusion feature analysis unit, a virtual operation system, a network management end and a network access authentication unit;
the network access detection unit is used for extracting and detecting data characteristics before accessing the network to form network information to be processed;
the feature comparison unit is used for comparing the features extracted before the network to be processed is accessed with the data in the network intrusion virus feature database, and confirming the security of the network to be processed;
the virtual operation system is used for carrying out bearing operation on the network to be processed, so as to obtain the safety of the actual operation of the network to be processed;
the network intrusion characteristic analysis unit is used for extracting characteristics of dangerous network intrusion data to be processed and analyzing virus characteristic parts;
the network intrusion virus characteristic database is used for recording network intrusion virus characteristics as a comparison item;
the network management end is used for adding virus characteristics and manually analyzing and extracting the virus characteristics in dangerous network intrusion data to be processed;
the network access authentication unit is used for accessing and authenticating the network in the safe state confirmed by the virtual operation system operation.
In a preferred embodiment, the network information to be processed is formed in the following manner:
acquiring needed network information to be processed, extracting all the network data characteristics to be processed, and extracting the data characteristics of a plurality of networks to be processed and connecting data in series when a plurality of network linkage conditions to be processed exist;
and a plurality of networks to be processed are chained to form a detection item, and the collection and classification of the data characteristics are carried out according to the detection item to form the network information to be processed.
In a preferred embodiment, the method for confirming the security of the network to be processed is as follows:
acquiring network information to be processed, further carrying out data comparison in a network intrusion virus characteristic database according to the characteristics of the network data to be processed, and obtaining dangerous virus characteristics of the network data to be processed by taking characteristic data in the network intrusion virus characteristic database as comparison items, thereby forming a virus characteristic similarity block;
the similarity of the virus characteristic similar blocks is analyzed, and then dangerous marks are carried out, wherein the similarity analysis flow of the virus characteristic similar blocks is as follows:
acquiring virus characteristic similar block data and combining a comparison item to perform characteristic coincidence comparison to obtain a virus characteristic coincidence part and a virus characteristic distinction part, wherein the virus characteristic coincidence part adopts a red font mark, and the virus characteristic distinction part adopts a yellow font mark; according to the overlapping part, similarity analysis is obtained, the network to be processed is judged to be in a safe state or a dangerous state, and then a dangerous state and virus characteristic similarity block is prompted and displayed to a network management end, and the network management end judges the safety of the network to be processed;
and according to the data characteristics of the network to be processed, carrying out data comparison in a network intrusion virus characteristic database, and judging that the network is in a safe state if the virus characteristics are not present.
In a preferred embodiment, the verification mode of the actual operation security of the network to be processed is that;
the method comprises the steps of obtaining a security state to-be-processed network judged by a feature comparison unit, and accessing the to-be-processed network into a virtual operation system for operation;
when the security problem of network attack intrusion does not occur in the virtual operation system, the network to be processed is confirmed to be in a security state;
when the security problem of network attack intrusion occurs in the virtual operation system of the network to be processed, confirming that the network to be processed is in a dangerous state, and simultaneously acquiring process data of the network to be processed in the attack intrusion virtual operation system to form dangerous network intrusion data to be processed;
setting an observation period T, acquiring the network times of the network to be processed entering the virtual operation system, and simultaneously acquiring the times of dangerous states of the virtual operation system during simulation operation to obtain a network intrusion hiding index, wherein the calculation formula is as follows:
wherein, the liquid crystal display device comprises a liquid crystal display device,concealing the index, n, for network intrusion w Simulating the number of times of dangerous state occurrence for the virtual operation system, n z For the number of times the network to be processed enters the virtual operation system for operation, it should be noted that n w The larger the value is +.>The larger the value is, the stronger the index of representing network intrusion is, the more importance is required to be paid to network security authentication, and then the similarity threshold is adjusted, so that viruses with stronger hiding property are prevented from avoiding judgment of the feature comparison unit, and the network intrusion detection system has better protection property.
In a preferred embodiment, the virus signature is analyzed in the following manner: acquiring dangerous network intrusion data to be processed and feeding back the data to a network management end, analyzing the characteristics of the dangerous network intrusion data to be processed through the network management end, and extracting the characteristics of network intrusion viruses;
storing the network intrusion virus characteristics into a network intrusion virus characteristic database to form an updated network intrusion virus characteristic database, and immediately starting the intrusion virtual operation system to clear data to an original state after confirming the network intrusion virus characteristics through a network management end.
In a preferred embodiment, the contrast is formed in the following manner:
and storing the network intrusion virus characteristics acquired according to the network intrusion virus characteristic analysis unit into a network intrusion virus characteristic database to be used as an active network intrusion virus characteristic database.
In a preferred embodiment, virus characteristics can be manually input through a network management end, and the virus characteristics are stored into a network intrusion virus characteristic database to be used as a passive network intrusion virus characteristic database;
when the data of the network data to be processed is compared in the network intrusion virus characteristic database through the characteristic comparison unit, the active network intrusion virus characteristic database is used as a primary comparison database, and when the same virus characteristics are not matched in the active network intrusion virus characteristic database, the data is compared in the passive network intrusion virus characteristic database, and the passive network intrusion virus characteristic database is used as a secondary comparison database.
In a preferred embodiment, a virtual running system and a network to be processed with a security state confirmed by a feature comparison unit are obtained, and the network to be processed is further converted into an access network to be subjected to trust marking, so that network security authentication is formed.
In the technical scheme, the application has the technical effects and advantages that:
1. the application can simulate the operation of the virtual network before the network security authentication access, monitor the security of the network operation, avoid the invasion of the hidden virus to the system, reduce the probability of invading the system, greatly improve the security of the network authentication and have better system protection;
2. the application can greatly improve the processing efficiency of the virus characteristic comparison data and ensure the accuracy of the virus characteristic comparison result.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings required for the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments described in the present application, and other drawings may be obtained according to these drawings for a person having ordinary skill in the art.
Fig. 1 is a system block diagram of the present application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments of the present application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
An embodiment 1, referring to fig. 1, is a protection system for network security authentication, including a network access detection unit, a feature comparison unit, a network intrusion virus feature database, a network intrusion feature analysis unit, a virtual operation system, a network management end and a network access authentication unit;
the network access detection unit is used for extracting and detecting data characteristics before accessing the network to form network information to be processed;
the method for forming the network information to be processed comprises the following steps:
acquiring needed network information to be processed, extracting all data characteristics of the network to be processed, and extracting the data characteristics of the networks to be processed and connecting data in series when a plurality of network linkage conditions to be processed exist (a network access exists in a plurality of linkage networks);
a plurality of networks to be processed are chained to form a detection item, and data characteristics are collected and classified according to the detection item to form network information to be processed;
the feature comparison unit is used for comparing the features extracted before the network to be processed is accessed with the data in the network intrusion virus feature database, and confirming the security of the network to be processed;
the method for confirming the security of the network to be processed is as follows:
acquiring network information to be processed, further carrying out data comparison in a network intrusion virus characteristic database according to the characteristics of the network data to be processed, and obtaining dangerous virus characteristics of the network data to be processed by taking characteristic data in the network intrusion virus characteristic database as a comparison item, thereby forming a virus characteristic similar block (network data characteristics to be processed);
the similarity of the virus characteristic similar blocks is analyzed, and then dangerous marks are carried out, wherein the similarity analysis flow of the virus characteristic similar blocks is as follows:
acquiring virus characteristic similar block data and combining a comparison item to perform characteristic coincidence comparison (the virus characteristic similar block data and the comparison item data are subjected to coincidence characteristic corresponding comparison) so as to obtain a coincidence part and a distinguishing part of the virus characteristic, wherein the coincidence part of the virus characteristic adopts a red font mark, and the distinguishing part of the virus characteristic adopts a yellow font mark; and obtaining similarity analysis according to the overlapping part, wherein the obtaining formula is as follows:wherein μ is feature similarity, ε j E for the continuous code number of the network characteristics to be processed and the coincidence of the comparison items s The number of significant codes for the comparison term for the virus signature;
setting a similarity threshold, and judging that the network to be processed is in a safe state when the similarity threshold is not exceeded, and verifying by a feature comparison unit; when the similarity threshold value is exceeded, judging that the network to be processed is in a dangerous state, further prompting and displaying a dangerous state and virus characteristic similarity block to a network management end, and judging the safety of the network to be processed by the network management end;
according to the data characteristics of the network to be processed, performing data comparison in a network intrusion virus characteristic database, and judging that the network is in a safe state if no virus characteristics exist;
the virtual operation system is used for carrying out bearing operation on the network to be processed, so as to obtain the safety of the actual operation of the network to be processed;
the verification mode of the actual operation safety of the network to be processed is as follows;
the method comprises the steps of obtaining a security state to-be-processed network judged by a feature comparison unit, and accessing the to-be-processed network into a virtual operation system for operation;
when the security problem of network attack intrusion does not occur in the virtual operation system, the network to be processed is confirmed to be in a security state;
when the security problem of network attack intrusion occurs in the virtual operation system of the network to be processed, confirming that the network to be processed is in a dangerous state, and simultaneously acquiring process data of the network to be processed in the attack intrusion virtual operation system to form dangerous network intrusion data to be processed;
setting an observation period T, acquiring the network times of the network to be processed entering the virtual operation system, and simultaneously acquiring the times of dangerous states of the virtual operation system during simulation operation to obtain a network intrusion hiding index, wherein the calculation formula is as follows:
wherein, the liquid crystal display device comprises a liquid crystal display device,concealing the index, n, for network intrusion w Simulating the number of times of dangerous state occurrence for the virtual operation system, n z For the number of times the network to be processed enters the virtual operation system for operation, it should be noted that n w The larger the value is +.>The larger the value is, the representing the network intrusion hiding indexThe stronger the network security authentication is, the more importance is required, the similarity threshold is adjusted, the virus with stronger concealment is prevented from avoiding the judgment of the feature comparison unit, and the better protection is achieved;
the virtual network operation simulation can be carried out before the network security authentication access, the security of the network operation is monitored, the intrusion of hidden viruses to the system is avoided, the probability of the intrusion of the system is reduced, the security of the network authentication can be greatly improved, and the system protection is good;
the network intrusion characteristic analysis unit is used for extracting characteristics of dangerous network intrusion data to be processed and analyzing virus characteristic parts;
acquiring dangerous network intrusion data to be processed and feeding back the data to a network management end, analyzing the characteristics of the dangerous network intrusion data to be processed through the network management end, and extracting the characteristics of network intrusion viruses;
storing the network intrusion virus characteristics into a network intrusion virus characteristic database to form an updated network intrusion virus characteristic database, and immediately starting the intrusion virtual operation system to clear data to an original state (system initial download operation state) after confirming the network intrusion virus characteristics through a network management end.
In embodiment 2, referring to fig. 1, the network intrusion virus feature database is used for recording network intrusion virus features as comparison items;
the contrast item is formed in the following manner:
storing the network intrusion virus characteristics acquired according to the network intrusion virus characteristic analysis unit into a network intrusion virus characteristic database to be used as an active network intrusion virus characteristic database;
the virus characteristics (viruses of the system which are not currently invaded by the network) can be manually input through the network management end, and the virus characteristics are stored into a network invasion virus characteristic database to be used as a passive network invasion virus characteristic database;
when the data of the network data to be processed is compared in the network intrusion virus characteristic database through the characteristic comparison unit, the active network intrusion virus characteristic database is used as a first-level comparison database, and when the same virus characteristics are not matched in the active network intrusion virus characteristic database (when similar virus characteristics appear in the active network intrusion virus characteristic database, the data are also required to be transferred into a passive network intrusion virus characteristic database for comparison), and then the data are compared in the passive network intrusion virus characteristic database, and the passive network intrusion virus characteristic database is used as a second-level comparison database;
because the active network intrusion virus characteristic database is the main stream virus of the attack system virus, the active network intrusion virus characteristic database is used as a primary comparison database, so that the processing efficiency of virus characteristic comparison data can be greatly improved, and meanwhile, the accuracy of virus characteristic comparison results can be ensured;
the network management end is used for adding virus characteristics and manually analyzing and extracting the virus characteristics in dangerous network intrusion data to be processed (manually adding the virus characteristics into a network intrusion virus characteristic database);
the network access authentication unit is used for accessing and authenticating the network in the safe state confirmed by the virtual operation system operation;
and acquiring a virtual operation system and a network to be processed, the security state of which is confirmed through the feature comparison unit, and further converting the network to be processed into an access network to carry out trust marking, thereby forming network security authentication.
The foregoing is merely illustrative of the present application, and the present application is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (8)

1. A protection system for network security authentication, characterized in that: the system comprises a network access detection unit, a characteristic comparison unit, a network intrusion virus characteristic database, a network intrusion characteristic analysis unit, a virtual operation system, a network management end and a network access authentication unit;
the network access detection unit is used for extracting and detecting data characteristics before accessing the network to form network information to be processed;
the feature comparison unit is used for comparing the features extracted before the network to be processed is accessed with the data in the network intrusion virus feature database, and confirming the security of the network to be processed;
the virtual operation system is used for carrying out bearing operation on the network to be processed, so as to obtain the safety of the actual operation of the network to be processed;
the network intrusion characteristic analysis unit is used for extracting characteristics of dangerous network intrusion data to be processed and analyzing virus characteristic parts;
the network intrusion virus characteristic database is used for recording network intrusion virus characteristics as a comparison item;
the network management end is used for adding virus characteristics and manually analyzing and extracting the virus characteristics in dangerous network intrusion data to be processed;
the network access authentication unit is used for accessing and authenticating the network in the safe state confirmed by the virtual operation system operation.
2. A protection system for network security authentication as defined in claim 1, wherein: the method for forming the network information to be processed comprises the following steps:
acquiring needed network information to be processed, extracting all the network data characteristics to be processed, and extracting the data characteristics of a plurality of networks to be processed and connecting data in series when a plurality of network linkage conditions to be processed exist;
and a plurality of networks to be processed are chained to form a detection item, and the collection and classification of the data characteristics are carried out according to the detection item to form the network information to be processed.
3. A protection system for network security authentication as defined in claim 2, wherein: the method for confirming the security of the network to be processed is as follows:
acquiring network information to be processed, further carrying out data comparison in a network intrusion virus characteristic database according to the characteristics of the network data to be processed, and obtaining dangerous virus characteristics of the network data to be processed by taking characteristic data in the network intrusion virus characteristic database as comparison items, thereby forming a virus characteristic similarity block;
the similarity of the virus characteristic similar blocks is analyzed, and then dangerous marks are carried out, wherein the similarity analysis flow of the virus characteristic similar blocks is as follows:
acquiring virus characteristic similar block data and combining a comparison item to perform characteristic coincidence comparison to obtain a virus characteristic coincidence part and a virus characteristic distinction part, wherein the virus characteristic coincidence part adopts a red font mark, and the virus characteristic distinction part adopts a yellow font mark; according to the overlapping part, similarity analysis is obtained, the network to be processed is judged to be in a safe state or a dangerous state, and then a dangerous state and virus characteristic similarity block is prompted and displayed to a network management end, and the network management end judges the safety of the network to be processed;
and according to the data characteristics of the network to be processed, carrying out data comparison in a network intrusion virus characteristic database, and judging that the network is in a safe state if the virus characteristics are not present.
4. A protection system for network security authentication as defined in claim 3, wherein: the verification mode of the actual operation safety of the network to be processed is as follows;
the method comprises the steps of obtaining a security state to-be-processed network judged by a feature comparison unit, and accessing the to-be-processed network into a virtual operation system for operation;
when the security problem of network attack intrusion does not occur in the virtual operation system, the network to be processed is confirmed to be in a security state;
when the security problem of network attack intrusion occurs in the virtual operation system of the network to be processed, the network to be processed is confirmed to be in a dangerous state, and meanwhile, the process data of the network to be processed in the attack intrusion virtual operation system is acquired to form dangerous network intrusion data to be processed.
5. The protection system for network security authentication of claim 4, wherein: the virus characteristic part is analyzed in the following way: acquiring dangerous network intrusion data to be processed and feeding back the data to a network management end, analyzing the characteristics of the dangerous network intrusion data to be processed through the network management end, and extracting the characteristics of network intrusion viruses;
storing the network intrusion virus characteristics into a network intrusion virus characteristic database to form an updated network intrusion virus characteristic database, and immediately starting the intrusion virtual operation system to clear data to an original state after confirming the network intrusion virus characteristics through a network management end.
6. The protection system for network security authentication of claim 5, wherein: the contrast item is formed in the following manner:
and storing the network intrusion virus characteristics acquired according to the network intrusion virus characteristic analysis unit into a network intrusion virus characteristic database to be used as an active network intrusion virus characteristic database.
7. A protection system for network security authentication as defined in claim 6, wherein: the virus characteristics can be manually input through the network management end, and the virus characteristics are stored into a network intrusion virus characteristic database to be used as a passive network intrusion virus characteristic database;
when the data of the network data to be processed is compared in the network intrusion virus characteristic database through the characteristic comparison unit, the active network intrusion virus characteristic database is used as a primary comparison database, and when the same virus characteristics are not matched in the active network intrusion virus characteristic database, the data is compared in the passive network intrusion virus characteristic database, and the passive network intrusion virus characteristic database is used as a secondary comparison database.
8. The protection system for network security authentication of claim 4, wherein: and acquiring a virtual operation system and a network to be processed, the security state of which is confirmed through the feature comparison unit, and further converting the network to be processed into an access network to carry out trust marking, thereby forming network security authentication.
CN202310888856.6A 2023-07-19 2023-07-19 Protection system for network security authentication Active CN116886370B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310888856.6A CN116886370B (en) 2023-07-19 2023-07-19 Protection system for network security authentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310888856.6A CN116886370B (en) 2023-07-19 2023-07-19 Protection system for network security authentication

Publications (2)

Publication Number Publication Date
CN116886370A true CN116886370A (en) 2023-10-13
CN116886370B CN116886370B (en) 2023-12-08

Family

ID=88269524

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310888856.6A Active CN116886370B (en) 2023-07-19 2023-07-19 Protection system for network security authentication

Country Status (1)

Country Link
CN (1) CN116886370B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050071650A1 (en) * 2003-09-29 2005-03-31 Jo Su Hyung Method and apparatus for security engine management in network nodes
WO2010017679A1 (en) * 2008-08-15 2010-02-18 北京启明星辰信息技术股份有限公司 Method and device for intrusion detection
US20160148201A1 (en) * 2014-11-26 2016-05-26 Buy It Mobility Networks Inc. Intelligent authentication process
CN107493300A (en) * 2017-09-20 2017-12-19 河北师范大学 Network security protection system
CN110677415A (en) * 2019-09-29 2020-01-10 信阳农林学院 Network information safety protection system
CN112187792A (en) * 2020-09-27 2021-01-05 安徽斯跑特科技有限公司 Network information safety protection system based on internet
CN113656799A (en) * 2021-08-18 2021-11-16 浙江国利网安科技有限公司 Industrial control virus analysis method, device, storage medium and equipment
US11539671B1 (en) * 2021-11-17 2022-12-27 Uab 360 It Authentication scheme in a virtual private network

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050071650A1 (en) * 2003-09-29 2005-03-31 Jo Su Hyung Method and apparatus for security engine management in network nodes
WO2010017679A1 (en) * 2008-08-15 2010-02-18 北京启明星辰信息技术股份有限公司 Method and device for intrusion detection
US20160148201A1 (en) * 2014-11-26 2016-05-26 Buy It Mobility Networks Inc. Intelligent authentication process
CN107493300A (en) * 2017-09-20 2017-12-19 河北师范大学 Network security protection system
CN110677415A (en) * 2019-09-29 2020-01-10 信阳农林学院 Network information safety protection system
CN112187792A (en) * 2020-09-27 2021-01-05 安徽斯跑特科技有限公司 Network information safety protection system based on internet
CN113656799A (en) * 2021-08-18 2021-11-16 浙江国利网安科技有限公司 Industrial control virus analysis method, device, storage medium and equipment
US11539671B1 (en) * 2021-11-17 2022-12-27 Uab 360 It Authentication scheme in a virtual private network

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
杨青;: "基于蜜罐的网络动态取证系统研究", 山东科学, no. 05 *
石琦: "桌面云网络准入控制技术研究", 网络与信息安全 *
许伦彰;: "虚拟蜜罐技术在校园网安全中的应用", 保密科学技术, no. 06 *

Also Published As

Publication number Publication date
CN116886370B (en) 2023-12-08

Similar Documents

Publication Publication Date Title
KR102047782B1 (en) Method and apparatus for recognizing cyber threats using correlational analytics
Azeez et al. Identifying phishing attacks in communication networks using URL consistency features
CN109922065B (en) Quick identification method for malicious website
CN114021040B (en) Method and system for alarming and protecting malicious event based on service access
CN103577323B (en) Based on the software plagiarism detection method of dynamic keyword instruction sequence birthmark
CN109257393A (en) XSS attack defence method and device based on machine learning
WO2021017318A1 (en) Cross-site scripting attack protection method and apparatus, device and storage medium
CN116781430B (en) Network information security system and method for gas pipe network
CN113904861B (en) Encryption traffic safety detection method and device
CN112199677A (en) Data processing method and device
CN113904834B (en) XSS attack detection method based on machine learning
CN105468972B (en) A kind of mobile terminal document detection method
CN112600828B (en) Attack detection and protection method and device for power control system based on data message
CN112287345B (en) Trusted edge computing system based on intelligent risk detection
Bai et al. Dynamic k-gram based software birthmark
CN116886370B (en) Protection system for network security authentication
CN116389148B (en) Network security situation prediction system based on artificial intelligence
KR20070077517A (en) Profile-based web application intrusion detection system and the method
CN109889527B (en) Network security protection system based on big data and protection method thereof
CN115134159B (en) Safety alarm analysis optimization method
CN115174205B (en) Network space safety real-time monitoring method, system and computer storage medium
CN111784404A (en) Abnormal asset identification method based on behavior variable prediction
CN116707924A (en) Network security detection method and system based on big data analysis
CN116467697A (en) Data association system based on information security network defense
CN108573148B (en) Confusion encryption script identification method based on lexical analysis

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant