CN117834304B - Autonomous controllable master control network safety protection system - Google Patents

Autonomous controllable master control network safety protection system Download PDF

Info

Publication number
CN117834304B
CN117834304B CN202410248222.9A CN202410248222A CN117834304B CN 117834304 B CN117834304 B CN 117834304B CN 202410248222 A CN202410248222 A CN 202410248222A CN 117834304 B CN117834304 B CN 117834304B
Authority
CN
China
Prior art keywords
access
information
verification
hierarchy
requester
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202410248222.9A
Other languages
Chinese (zh)
Other versions
CN117834304A (en
Inventor
余业祥
何春
朱彬
杨斌
任华彬
魏光燏
陈�峰
黄柳
蒙博宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhongkong Wind Energy Control Technology Beijing Co ltd
Dongfang Electric Wind Power Co Ltd
Original Assignee
Zhongkong Wind Energy Control Technology Beijing Co ltd
Dongfang Electric Wind Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhongkong Wind Energy Control Technology Beijing Co ltd, Dongfang Electric Wind Power Co Ltd filed Critical Zhongkong Wind Energy Control Technology Beijing Co ltd
Priority to CN202410248222.9A priority Critical patent/CN117834304B/en
Publication of CN117834304A publication Critical patent/CN117834304A/en
Application granted granted Critical
Publication of CN117834304B publication Critical patent/CN117834304B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides an autonomous controllable master control network safety protection system, which relates to the technical field of network safety and is used for: storing the data of the multiple security levels in the memories of the industrial controllers of the multiple levels respectively; the industrial controller requests data access among different levels, and the same level can directly request access; the different levels are verified by a main control computer; if the higher hierarchy is accessed, the request party is allowed to send access request information after the verification is passed through the verification of the main control computer; the requested party verifies the access request information and, if the verification of the online key in the access request information is passed, the requested party is allowed to access the data in the memory. According to the invention, the access request from the inside of the industrial controller network can be verified, so that the data with higher security level can not be accessed randomly, the risk of diffusing and divulging the data with higher security level is reduced, and the reliability and controllability of the network are improved.

Description

Autonomous controllable master control network safety protection system
Technical Field
The invention relates to the technical field of network security, in particular to an autonomous controllable master control network security protection system.
Background
In the related art, CN114584345A relates to a method, a device and equipment for processing security of a rail transit network, designs a security and credibility protection mechanism for computing a mobile edge of urban rail transit, and constructs a security protection system crossing cloud computing and mobile edge computing depth, which can effectively resist DDoS attack, so that attack flow is prevented from being out of the urban rail transit system. In addition, the position of the attack equipment in the urban rail transit system is considered to be continuously changed along with the movement of the attack equipment, the identity information of the normal equipment is frequently used, and the attack traffic is detected by utilizing the information measurement, so that the attack traffic is detected more accurately and more rapidly at the edge of the urban rail network.
CN109040083a discloses an information security protection system and protection method thereof applied to rail transit, the system comprises a control center, a monitoring module, a cloud server, a control terminal, an alarm module and a mobile terminal, the control center is respectively connected with the monitoring module, the cloud server and the control terminal, the control center is connected with the cloud server through any one of wired connection and wireless connection, is used for receiving and transmitting network data with the cloud server, the control center is connected with an analysis processing module through a communication module, is connected with the alarm module for receiving the information after analysis processing through the analysis processing module, and is also connected with the mobile terminal through a wireless network or a GPRS network. The information safety protection system and the method applied to the rail transit are convenient to adjust and control, can timely alarm the information safety, and ensure the safety of the rail transit information.
Therefore, the related art only provides a security protection method for external access traffic, however, inside a controller network composed of a plurality of controllers of the rail transit, there are also different security level data, wherein some of the higher security level data is not easy to be directly accessed and loaded by all the controllers, but for access requests from inside the controller network, the related art does not provide a security protection means to verify the security of the requests, resulting in the risk of diffusing and disclosure of the higher security level data.
The information disclosed in the background section of the application is only for enhancement of understanding of the general background of the application and should not be taken as an acknowledgement or any form of suggestion that this information forms the prior art already known to a person skilled in the art.
Disclosure of Invention
The invention provides an autonomous controllable master control network safety protection system, which can solve the technical problems that an access request from the inside of an industrial controller network is difficult to verify, and data with higher security level is in risk of being diffused and divulged.
According to the present invention, there is provided an autonomously controllable master control network security protection system comprising:
the hierarchical division module is used for dividing the industrial controller network into a plurality of hierarchies, wherein the industrial controllers of different hierarchies are indirectly connected through a main control computer, and the industrial controllers of the same hierarchy are directly connected;
the data storage module is used for respectively storing the data with multiple security levels in the memories of the industrial controllers with multiple levels, wherein the memory of the industrial controller with one level stores the data with one security level, and the serial number of the security level is consistent with the serial number of the level;
a request access module, configured to, when an industrial controller in an ith hierarchy requests access to data in a memory of an industrial controller in a jth hierarchy, if i=j, cause a requester to generate access request information and send the access request information to a requested party, where the industrial controller in the ith hierarchy is the requester, the industrial controller in the jth hierarchy is the requested party, the access request information includes an online key of the requested party and address information of the requested party, i and j are both positive integers, and i and j are both less than or equal to the number n of hierarchies;
The verification information module is used for enabling the requester to generate verification information and sending the verification information to the main control computer if i is not equal to j, wherein the verification information comprises a hierarchy to which the requester belongs and a hierarchy to which the requested party belongs;
The verification passing information module is used for enabling the main control computer to send verification passing information to the requester if i is more than j and allowing the requester to send the access request information to the requested party;
a verification coefficient determining module for enabling the main control computer to make the main control computer according to the formula if i < j Determining a verification coefficient V;
The information collection instruction module is used for enabling the main control computer to generate an information collection instruction according to the verification coefficient V and sending the information collection instruction to the requester;
The information to be checked module is used for enabling the requester to collect information to be checked according to the information collection instruction, generating an information set to be checked according to the information to be checked and sending the information set to the main control computer;
The security verification result module is used for enabling the main control computer to conduct security verification according to the verification coefficient V and the information set to be verified to obtain a security verification result;
The permission sending module is used for allowing the request to send the access request information to the requested party if the security verification result is that the security verification is passed;
And the permission access module is used for allowing the requester to access the data in the memory if the requester passes the verification of the online key.
The technical effects are as follows: according to the invention, the hierarchical connection structure can provide better isolation and control, and prevent potential security threats from spreading in the network. The use of security level management can effectively protect sensitive data from unauthorized access. Different verification modes are adopted according to the hierarchy of the requesting party and the requested party. The main control computer plays a core control role, can autonomously carry out security verification and access control decision, maintain the security of the network, and realize autonomous controllable management of the network, so that the data with high security level cannot be randomly accessed, the risk of diffusing and divulging the data with high security level is reduced, and the reliability and controllability of the network are improved. When the first access record collection times are determined, the access success rate can be weighted through the verification coefficient and the data caliber of the access success rate, the accuracy and the reliability of the weighted average success rate are improved, the first access record collection times are obtained based on the average success rate and the total access times, more access records which access higher security data are included in the collected access records and are accessed successfully, and the quality and the reference value of the collected access records are improved. In determining the number of times of the second access record, the number of times of the second access record may be determined using a ratio of the third number of times and the fourth number of times. And when the final access record collection times are determined, the success rate of accessing the industrial controllers of the higher hierarchy by referring to the industrial controllers of other hierarchies can be referred to, so that the access record collection times can represent the overall access success rate of the industrial controller network, and the access records collected according to the access record collection times can better reflect the access modes and behaviors among the industrial controllers, thereby enabling the collected access records to have more reference value. When the target access records are selected, continuous target access records can be obtained, the requester is prevented from autonomously selecting the access records, the effectiveness of security verification is improved, more target access records with reference value can be selected from the continuous target access records based on the first condition, the second condition and the third condition, the accuracy of security verification is improved, and the data security is improved. When the security verification is carried out, a plurality of factors such as the behavior feature vector, the malicious behavior feature vector, the number of access behaviors, the time interval and the like are comprehensively considered, the similarity of the access behaviors and the preset malicious behavior feature set and the risk of the cheating behaviors can be comprehensively considered, and the access risk can be more comprehensively evaluated. The system can identify and filter potential malicious access behaviors, improve the safety and reliability of the system and protect the data and privacy of the system.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention as claimed. Other features and aspects of the present invention will become apparent from the following detailed description of exemplary embodiments, which proceeds with reference to the accompanying drawings.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present invention, and that other embodiments may be obtained according to these drawings without inventive effort to a person skilled in the art;
Fig. 1 schematically illustrates a block diagram of an autonomously controllable master network security protection system in accordance with an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The technical scheme of the invention is described in detail below by specific examples. The following embodiments may be combined with each other, and some embodiments may not be repeated for the same or similar concepts or processes.
Fig. 1 schematically illustrates a block diagram of an autonomously controllable master network security protection system according to an embodiment of the present invention, the system comprising:
the hierarchical division module is used for dividing the industrial controller network into a plurality of hierarchies, wherein the industrial controllers of different hierarchies are indirectly connected through a main control computer, and the industrial controllers of the same hierarchy are directly connected;
the data storage module is used for respectively storing the data with multiple security levels in the memories of the industrial controllers with multiple levels, wherein the memory of the industrial controller with one level stores the data with one security level, and the serial number of the security level is consistent with the serial number of the level;
a request access module, configured to, when an industrial controller in an ith hierarchy requests access to data in a memory of an industrial controller in a jth hierarchy, if i=j, cause a requester to generate access request information and send the access request information to a requested party, where the industrial controller in the ith hierarchy is the requester, the industrial controller in the jth hierarchy is the requested party, the access request information includes an online key of the requested party and address information of the requested party, i and j are both positive integers, and i and j are both less than or equal to the number n of hierarchies;
The verification information module is used for enabling the requester to generate verification information and sending the verification information to the main control computer if i is not equal to j, wherein the verification information comprises a hierarchy to which the requester belongs and a hierarchy to which the requested party belongs;
The verification passing information module is used for enabling the main control computer to send verification passing information to the requester if i is more than j and allowing the requester to send the access request information to the requested party;
a verification coefficient determining module for enabling the main control computer to make the main control computer according to the formula if i < j Determining a verification coefficient V;
The information collection instruction module is used for enabling the main control computer to generate an information collection instruction according to the verification coefficient V and sending the information collection instruction to the requester;
The information to be checked module is used for enabling the requester to collect information to be checked according to the information collection instruction, generating an information set to be checked according to the information to be checked and sending the information set to the main control computer;
The security verification result module is used for enabling the main control computer to conduct security verification according to the verification coefficient V and the information set to be verified to obtain a security verification result;
The permission sending module is used for allowing the request to send the access request information to the requested party if the security verification result is that the security verification is passed;
And the permission access module is used for allowing the requester to access the data in the memory if the requester passes the verification of the online key.
According to the autonomous controllable master control network safety protection system provided by the embodiment of the invention, the layered connection structure can provide better isolation and control, and potential safety threats are prevented from being transmitted in the network. The use of security level management can effectively protect sensitive data from unauthorized access. Different verification modes are adopted according to the hierarchy of the requesting party and the requested party. The main control computer plays a core control role, can autonomously carry out security verification and access control decision, maintain the security of the network, and realize autonomous controllable management of the network, so that the data with high security level cannot be randomly accessed, the risk of diffusing and divulging the data with high security level is reduced, and the reliability and controllability of the network are improved.
According to one embodiment of the invention, in a split hierarchy module, an industrial controller network is split into multiple hierarchies, i.e., multiple slices. The different levels of industrial controllers can be isolated such that data and communications are tightly controlled between levels. By indirectly connecting to the host computer, more centralized and controllable network management, such as monitoring, policy control, security auditing, etc., may be provided. Direct connections between industrial controllers at the same level may enable more efficient and direct communication, reducing latency and complexity.
According to one embodiment of the invention, in the data storage module, each level of industrial controller has its own memory for storing data of a particular security level. The serial number of the security level is consistent with the serial number of the hierarchy, e.g., the industrial controller of the first hierarchy stores data of the first security level, the industrial controller of the second hierarchy stores data of the second security level, and so on.
According to one embodiment of the invention, in the request access module, when a certain industrial controller requests access to data in the memory of another industrial controller, for example, the industrial controller in the ith hierarchy is the requestor, the access to data in the memory of the industrial controller in the jth hierarchy is requested. The industrial controller in the j-th hierarchy is the requested party, maintaining the required data. When a requestor needs to access the memory of the requested party, an access request message is generated. The access request information includes the online key and address information of the requested party for determining the validity of the request and for accurately locating the requested party. If i=j, the access is the mutual access between the industrial controllers of the same hierarchy, and as described above, the industrial controllers of the same hierarchy are directly connected, so that the requester can directly send the access request information to the requested party, the requested party verifies the online key in the access request information, and the requester can be allowed to access the data in the memory after the verification is passed.
In the authentication information module, the requestor generates an authentication information if the requestor and the requested are in different hierarchical levels, according to one embodiment of the present invention. The purpose of the authentication information is to provide hierarchical information of the requesting party and the requested party. The requesting party sends the generated verification information to the main control computer, and the main control computer processes and coordinates the data access requests among different hierarchies, namely, the requesting party is verified based on hierarchy information of the requesting party and the requested party.
According to one embodiment of the present invention, in the authentication passing information module, if the requester is located at a higher hierarchy, the access request can be regarded as that the industrial controller with a higher security level accesses the data with a lower security level, so that the master control computer can directly allow the requester to send the access request information to the requested party, and after the online key in the access request information is authenticated by the requested party, the data in the memory of the requested party can be obtained.
According to one embodiment of the invention, in the verification coefficient determining module, when the requesting party is located at a lower hierarchy, the access request can be regarded as that the industrial controller with a lower security level accesses the data with a higher security level, in which case, the master computer does not directly allow the requesting party to send the access request information to the requested party, but needs to perform further security verification on the requesting party, after the security verification is passed, the requesting party is allowed to send the access request information to the requested party, and the requested party also verifies the online key in the access request information, and after the verification is passed, the requesting party can be allowed to access the data in the memory. That is, two verifications are needed to allow the requester to access the data in the memory, thereby improving the data security.
According to one embodiment of the invention, the host computer may be based on the formulaThe verification coefficient V is determined, and the master computer may perform security verification on the requestor based on the verification coefficient, which may be used to determine the severity of the verification.
According to one embodiment of the invention, in the information collection instruction module, the master control computer sends the generated information collection instruction to the requesting party so that the requesting party can collect data according to the instruction. The information collection instruction is used for informing the requester of data needing to be verified so that the requester can collect the data and send the data to the main control computer for security verification. By generating the information collection instruction according to the verification coefficient, the larger the verification coefficient is, the larger the security level difference between the requesting party and the requested party is, the more data needs to be collected, namely, the more strict the verification is. The smaller the verification coefficient, the less data needs to be collected, i.e., verification is relatively simple.
According to one embodiment of the present invention, the method for causing the master computer to generate an information collection instruction according to the verification coefficient V and send the information collection instruction to the requester includes: acquiring a first access record collection number according to the verification coefficient V, the first number of times that the industrial controller of the ith level accesses the industrial controller of the higher level in a preset time period before the current moment, and the second number of times that the access is successful; obtaining a second access record collection number according to the third number of times of accessing the industrial controllers of the higher hierarchy in a preset time period before the current moment and the fourth number of successful access of the industrial controllers of the other hierarchy except the ith hierarchy; obtaining access record collection times according to the first access record collection times and the second access record collection times; and generating an information collection instruction according to the access record collection times, and sending the information collection instruction to a requester.
According to one embodiment of the present invention, a first number of times the industrial controller of the i-th hierarchy accesses the industrial controller of the higher hierarchy and a second number of times the industrial controller of the i-th hierarchy is accessed successfully, and a third number of times the industrial controller of the other hierarchy other than the i-th hierarchy accesses the industrial controller of the higher hierarchy and a fourth number of times the industrial controller of the i-th hierarchy is accessed successfully are determined according to the access record in a preset time period before the current time. The preset time period may be set to 10 minutes, 20 minutes, etc., which is not limited in the present invention. And obtaining the first access record collection times by calculating the verification coefficient and the first times and the second times. And calculating the third times and the fourth times to obtain the second access record collection times. And generating an information collection instruction according to the access record collection times and sending the information collection instruction to a requester.
According to one embodiment of the present invention, according to the verification coefficient V, and the first number of times the i-th industrial controller accesses the higher-level industrial controller in a preset period of time before the current time, and the second number of times of access success, obtaining the first access record collection number includes: in the first times, determining a first proportion of times of accessing industrial controllers with the hierarchy number larger than j in a preset time period before the current moment by the industrial controller of the ith hierarchy; in the second times, determining a second proportion of times that the industrial controller of the ith hierarchy accesses the industrial controller with the hierarchy number larger than j and accesses successfully in a preset time period before the current moment; obtaining the first access record collection times according to formula (1)
(1),
Wherein,For the first time,/>For the second time,/>For the first proportion,/>In a second proportion,/>And requesting access to other industrial controllers for the total number of times of the requester within the preset time period.
According to one embodiment of the present invention, in equation (1),The success rate of accessing the industrial controller with the hierarchy number greater than j in the preset time period before the current moment is represented by the industrial controller with the hierarchy number greater than j in the preset time period before the current moment, and the success rate of effectively accessing the industrial controller with the hierarchy number greater than j in the preset time period before the current moment can be measured by the industrial controller with the hierarchy number greater than j in the i th moment. /(I)The success rate of accessing the industrial controller with the hierarchy number less than or equal to j in the preset time period before the current moment is represented by the industrial controller with the hierarchy number less than or equal to j in the preset time period before the current moment, and the success rate of effectively accessing the industrial controller with the hierarchy number less than or equal to j in the preset time period before the current moment can be measured by the industrial controller with the hierarchy number less than or equal to j. /(I)And carrying out weighted summation processing on the access success rate of the industrial controllers of the ith hierarchy to the industrial controllers with the hierarchy serial numbers larger than j in a preset time period before the current moment and the access success rate of the industrial controllers of the ith hierarchy to the industrial controllers with the hierarchy serial numbers smaller than or equal to j in the preset time period before the current moment through the verification coefficient, and multiplying the weighted summation result by the total number of times of requesting parties requesting to access other industrial controllers in the preset time period. The value may represent a product of a weighted average success rate of accessing the industrial controller of the higher hierarchy and a total number of accesses by the industrial controller of the ith hierarchy for a preset period of time before the current time, and may be used as the first access record collection number. Wherein the verification coefficient V is the relative difference between the ith level and the jth level,/>The success rate of accessing the industrial controller from the ith hierarchy to the jth hierarchy for the requester is the same as the data caliber, therefore, V is used asOn the other hand, the weight of (2) may be used/>, for exampleAs/>Is a weight of (a).
In this way, the access success rate can be weighted through the verification coefficient and the data caliber of the access success rate, the accuracy and the reliability of the weighted average success rate are improved, and the first access record collection times are obtained based on the average success rate and the total access times, so that the collected access records comprise more access records which access data with higher security level and are successful, and the quality and the reference value of the collected access records are improved.
According to one embodiment of the present invention, obtaining the second access record collection number according to the third number of accesses to the industrial controller of the higher hierarchy and the fourth number of accesses successful in the preset time period before the current time by the industrial controllers of the hierarchy other than the ith hierarchy includes: obtaining a second access record collection number according to equation (2)
(2),
Wherein,For the third time,/>For the fourth time,/>And requesting access to other industrial controllers for the total number of times of the requester within the preset time period.
According to one embodiment of the present invention, in equation (2),The ratio of the fourth number to the third number, i.e., the success rate of the industrial controllers of the other hierarchy than the ith hierarchy to access the industrial controllers of the higher hierarchy for a preset period of time before the current time, is expressed. /(I)The product of the success rate and the total number of times the requester requests to access other industrial controllers can be used as the second access record collection number.
In this way, the number of times of the second access record can be determined using the ratio of the third number of times and the fourth number of times. The success rate of accessing the industrial controllers of the higher hierarchy with reference to the industrial controllers of other hierarchies can be referred to when the final access record collection times are determined, so that the access record collection times can represent the overall access success rate of the industrial controller network, and the access records collected according to the access record collection times can better represent the access modes and behaviors among the industrial controllers, thereby enabling the collected access records to have more reference value.
According to one embodiment of the invention, the first access record collection number and the second access record collection number are weighted summed, i.e. the access record collection number is obtained. The weight is a ratio of the number of industrial controllers of the ith hierarchy to the number of industrial controllers of other hierarchies than the ith hierarchy, or a ratio of the total access amount of the industrial controllers of the ith hierarchy to the total access amount of the industrial controllers of other hierarchies than the ith hierarchy, which is not limited in the present invention. Further, an information collection instruction may be generated based on the number of access record collections and sent to the requesting party, causing the requesting party to collect the access records according to the number of access record collections.
According to one embodiment of the present invention, in the information module to be checked, the information set to be checked is a set of data collected by the requester according to the information collection instruction, for example, according to the number of collection of access records in the information collection instruction, the access data is collected, and the access data is grouped into the information set to be checked. The main control computer can receive information to be checked collected by the requesting party and carry out subsequent processing, verification or decision, for example, verification on the access record, and judge whether the requesting party has malicious behaviors.
According to one embodiment of the present invention, the method for making the requester collect information to be checked according to the information collection instruction, and generate an information set to be checked according to the information to be checked, and send the information set to the main control computer includes: the requester acquires the access record collection times according to the information collection instruction; selecting a plurality of continuous target access records from a plurality of access records in the preset time period according to access targets and access results of the plurality of access records of the requesting party in the preset time period and the access record collection times, wherein the number of the plurality of continuous target access records is consistent with the access record collection times; and obtaining an information set to be checked according to the continuous multiple target access records, and sending the information set to be checked to the main control computer.
According to one embodiment of the invention, the requestor may parse out the access record collection times based on a given information collection instruction. And a section of continuous access record is selected for subsequent checking and analysis, thereby being beneficial to monitoring the running state of the system. And according to the selected continuous target access record, the requester extracts the required information from the continuous target access record to generate an information set to be checked, and then the information set is sent to the main control computer for further checking and analysis. The continuous access records are selected, so that the automatic selection of the access records without malicious behaviors by the requester is prevented, and the security verification of the host computer is prevented from losing meaning, namely, the requester can be prevented from skipping the access records with malicious behaviors, and only the access records without malicious behaviors are selected, so that the host computer cannot detect the malicious behaviors of the requester, and the effective security verification cannot be performed.
According to one embodiment of the present invention, selecting a plurality of consecutive target access records from a plurality of access records within the preset time period according to access targets and access results of the plurality of access records within the preset time period by the requesting party and the access record collection times, includes: the first condition C1, the second condition C2 and the third condition C3 are obtained according to the formula (3),
(3),
Wherein,For the access record collection number, k is the sequence number of the first access record in the continuous multiple target access records, N is the total number of multiple access records within a preset time period,/>For the hierarchy to which the accessed party of the s-th access record belongs,/>For the t-th access record, the result of the access is/areIndicating success of the access,/>Indicating access failure, if is a conditional function, and max is a maximum function; and screening a plurality of continuous target access records from a plurality of access records within a preset time period according to the first condition C1, the second condition C2 and the third condition C3.
According to one embodiment of the present invention, in the first condition in equation (3)The method comprises the steps of selecting a plurality of continuous target access records, wherein the value range of k is 1 to N, and the sequence number of the last target access record of the plurality of continuous target access records is not more than N. The selected target access can be recorded within a valid range within a preset time period, and continuity can be ensured.
According to one embodiment of the invention, in the second condition,And when the hierarchy of the accessed party which indicates the s-th access record is more than or equal to j, the condition function value is 1, otherwise, the condition function value is 0.Representing that, within the range of values of k, successive calculations are performedAnd among the target access records, the number of access records with the accessed party level greater than or equal to j is satisfied, and the maximum value is taken, namely, the most continuous sequence of the access records with the accessed party level greater than or equal to j is found out from all possible sequences of continuous target access records. It is believed that the reference value of the access record to which the accessed party belongs at a level higher than or equal to j is higher, which is advantageous for analyzing the behavior of the requesting party when accessing data with a security level higher than or equal to j, and thus this condition can help to screen out more target access records with a higher reference value.
According to one embodiment of the invention, in a third condition,And when the access result of the t-th access record is successful, the condition function value is 1, otherwise, the condition function value is 0.The continuous/>, is calculated within the value range of kThe number of successfully accessed access records in the individual target access records, and/>Ratio of (2), i.e. continuous/>The individual target accesses record access success rate. I.e. find the one of the consecutive sequences of which the access success rate is highest among all possible consecutive target access records. In the access records that are accessed successfully, their behavior during the access process can be further analyzed, so that the access records that are accessed successfully have a higher reference value, and thus, the condition can help to screen out more target access records that have a higher reference value.
By the method, continuous target access records can be obtained, a requester is prevented from independently selecting the access records, the effectiveness of security verification is improved, more target access records with reference value can be selected from the continuous target access records based on the first condition, the second condition and the third condition, the accuracy of the security verification is improved, and the security of data is improved.
According to one embodiment of the present invention, in the security verification result module, the verification coefficient may reflect the severity of security verification, and the information set to be checked is related data collected by the requester according to the information collection instruction. The host computer uses this data for security verification to determine the security of the requestor.
According to one embodiment of the present invention, the security verification is performed by the master control computer according to the verification coefficient V and the information set to be checked, so as to obtain a security verification result, including: acquiring access moments of a plurality of continuous target access records in the information set to be checked; obtaining behavior feature vectors of access behaviors of a plurality of target access records through a trained behavior recognition model; and determining a security verification result according to the access time, the verification coefficient V and the behavior feature vector.
According to one embodiment of the invention, the access time refers to a specific point in time when the requestor makes an access. The access behaviors of the plurality of target access records can be analyzed and extracted by using a trained behavior recognition model, such as a neural network model, to obtain behavior feature vectors of the target access records. Behavior feature vectors are a numerical representation that is used to describe access behavior, including information on access patterns, operational behavior during access, access targets, and the like. According to the access time, the verification coefficient V and the behavior feature vector, the main control computer can perform security verification and determine a final security verification result.
According to one embodiment of the present invention, determining a security verification result according to the access time, the verification coefficient V, and the behavior feature vector includes: the access risk score R is obtained according to equation (4),
(4),
Wherein,Behavior feature vector of the y-th access behavior recorded for the x-th target access,/>For the z-th malicious behavior feature vector in the preset malicious behavior feature set,/>Z is the number of malicious behavior feature vectors in the malicious behavior feature set and is the number of access behaviors in the xth target access record,/>For accessing record collection times, Z is less than or equal to Z, y is less than or equal to/>,x≤/>And x, y, z,/>、/>And Z is a positive integer, max is a maximum function, if is a conditional function,/>Access time recorded for the x+1st target access,/>Accessing the recorded access time for the xth target,/>The time interval is preset; and under the condition that the access risk score R is smaller than or equal to a preset risk threshold value, determining the security verification result as verification passing.
According to one embodiment of the present invention, in equation (4),And if the maximum value of the similarity between the behavior feature vector of the y-th access behavior of the x-th target access record and the malicious behavior feature vector in the preset malicious behavior feature set is more than or equal to 1-V, the condition function value is 1, otherwise, the condition function value is 0. The more the hierarchy of the requester and the requested party is different, the more strict the security verification standard is, that is, if the hierarchy of the requester and the requested party is different less, the value of V is smaller, and the value of 1-V is larger, so that when the similarity between the behavior feature vector and the malicious behavior feature vector needs to be excessively larger, the condition function value is 1, that is, the behavior corresponding to the behavior feature vector is determined to be malicious, whereas if the hierarchy of the requester and the requested party is different less, the value of V is larger, and the value of 1-V is smaller, so that the similarity between the behavior feature vector and the malicious behavior feature vector only needs to be excessively smaller, that is, the condition function value is 1, that is, the behavior corresponding to the behavior feature vector is determined to be malicious, and therefore, when the hierarchy of the requester and the requested party is different more than the higher, that is, the criterion for the malicious behavior is determined to be malicious, that is only less suspicious, and therefore, the security verification standard is more strict. /(I)The number ratio of the number of the access behaviors determined to be malicious behaviors to the number of all the access behaviors is expressed, and the larger the number ratio is, the more malicious behaviors in the access behaviors are, the larger the access risk is, the smaller the value is, the fewer the malicious behaviors in the access behaviors are, and the smaller the access risk is.
In accordance with one embodiment of the present invention,And when the time interval between the access time of the (x+1) th target access record and the access time of the (x) th target access record is smaller than or equal to a preset time interval, the condition function value is 1, otherwise, the condition function value is 0. Judging whether the time interval between the continuous access records meets the preset requirement, thereby considering whether the access behavior is cheating, namely, the requester can intentionally and continuously perform access without malicious behavior for coping with the security verification for a plurality of times, and taking the access records as target access records for the security verification of a main control computer, wherein the behavior is usually continuous, namely, the time interval of each access record is very small and is far smaller than the time interval between the normal access records, so that the smaller preset time interval and the condition function can be set, judging whether each target access record is the cheating behavior coping with the security verification according to the time interval between the access moments, and judging the two target access records as the cheating behavior if the time interval of the two target access records is smaller than or equal to the preset time interval. Thus,/>The number of target access records that are determined to be a cheating act, i.e., the number of times of the cheating act. /(I)Representing the ratio of the number of cheating actions to the number of access records collected. The larger the value, the higher the cheating probability, the larger the access risk, the smaller the value, the lower the cheating probability, and the smaller the access risk.
According to the embodiment of the invention, the similarity of the access behaviors and the preset malicious behavior feature set and the risk of the cheating behaviors can be comprehensively considered by multiplying the two items, and the access risk score can be obtained and can be used for evaluating the access risk. If the access risk score R is less than or equal to the preset risk threshold, the similarity of the access behavior and the preset malicious behavior feature set is low, the cheating probability is low, and the security verification result can be determined to pass verification. So that the access behaviour of the requesting party is considered secure and not considered malicious or risky.
In this way, a plurality of factors such as the behavior feature vector, the malicious behavior feature vector, the number of access behaviors, the time interval and the like are comprehensively considered, the similarity of the access behaviors and the preset malicious behavior feature set and the risk of the cheating behaviors can be comprehensively considered, and the access risk can be more comprehensively evaluated. The system can identify and filter potential malicious access behaviors, improve the safety and reliability of the system and protect the data and privacy of the system.
According to one embodiment of the invention, in the permission sending module, the main control computer performs security verification on the information set to be checked, and obtains a security verification result. If the verification is passed, the data provided by the requester is indicated to be subjected to security verification, and the security requirement of the system is met. The requester is authorized to send access request information to the requested party on the premise that the security verification is passed.
In the access-enabled module, the requested party authenticates the requesting party using the online key, according to one embodiment of the invention. The key is included in the access request information and is shared between the requesting party and the requested party. The requested party uses the online key to confirm whether the requesting party is authorized and has the right to access the data in the memory. If the requested party successfully verifies the online key, i.e., the verification passes, the requested party allows the requested party to access the data in the memory. The requestor may perform a read, write, or other operation to obtain the desired data.
According to the autonomous controllable master control network safety protection system provided by the embodiment of the invention, the layered connection structure can provide better isolation and control, and potential safety threats are prevented from being transmitted in the network. The use of security level management can effectively protect sensitive data from unauthorized access. Different verification modes are adopted according to the hierarchy of the requesting party and the requested party. The main control computer plays a core control role, can autonomously carry out security verification and access control decision, maintain the security of the network, and realize autonomous controllable management of the network, so that the data with high security level cannot be randomly accessed, the risk of diffusing and divulging the data with high security level is reduced, and the reliability and controllability of the network are improved. When the first access record collection times are determined, the access success rate can be weighted through the verification coefficient and the data caliber of the access success rate, the accuracy and the reliability of the weighted average success rate are improved, the first access record collection times are obtained based on the average success rate and the total access times, more access records which access higher security data are included in the collected access records and are accessed successfully, and the quality and the reference value of the collected access records are improved. In determining the number of times of the second access record, the number of times of the second access record may be determined using a ratio of the third number of times and the fourth number of times. And when the final access record collection times are determined, the success rate of accessing the industrial controllers of the higher hierarchy by referring to the industrial controllers of other hierarchies can be referred to, so that the access record collection times can represent the overall access success rate of the industrial controller network, and the access records collected according to the access record collection times can better reflect the access modes and behaviors among the industrial controllers, thereby enabling the collected access records to have more reference value. When the target access records are selected, continuous target access records can be obtained, the requester is prevented from autonomously selecting the access records, the effectiveness of security verification is improved, more target access records with reference value can be selected from the continuous target access records based on the first condition, the second condition and the third condition, the accuracy of security verification is improved, and the data security is improved. When the security verification is carried out, a plurality of factors such as the behavior feature vector, the malicious behavior feature vector, the number of access behaviors, the time interval and the like are comprehensively considered, the similarity of the access behaviors and the preset malicious behavior feature set and the risk of the cheating behaviors can be comprehensively considered, and the access risk can be more comprehensively evaluated. The system can identify and filter potential malicious access behaviors, improve the safety and reliability of the system and protect the data and privacy of the system.
It will be appreciated by persons skilled in the art that the embodiments of the invention described above and shown in the drawings are by way of example only and are not limiting. The objects of the present invention have been fully and effectively achieved. The functional and structural principles of the present invention have been shown and described in the examples and embodiments of the invention may be modified or practiced without departing from the principles described.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and not for limiting the same; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some or all of the technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the invention.

Claims (7)

1. An autonomous controllable master control network security protection system, comprising:
the hierarchical division module is used for dividing the industrial controller network into a plurality of hierarchies, wherein the industrial controllers of different hierarchies are indirectly connected through a main control computer, and the industrial controllers of the same hierarchy are directly connected;
the data storage module is used for respectively storing the data of multiple security levels in the memories of the industrial controllers determining the levels of the verification coefficient module, wherein the memory of the industrial controller of one level stores the data of one security level, and the serial number of the security level is consistent with the serial number of the level;
a request access module, configured to, when an industrial controller in an ith hierarchy requests access to data in a memory of an industrial controller in a jth hierarchy, if i=j, cause a requester to generate access request information and send the access request information to a requested party, where the industrial controller in the ith hierarchy is the requester, the industrial controller in the jth hierarchy is the requested party, the access request information includes an online key of the requested party and address information of the requested party, i and j are both positive integers, and i and j are both less than or equal to the number n of hierarchies;
The verification information module is used for enabling the requester to generate verification information and sending the verification information to the main control computer if i is not equal to j, wherein the verification information comprises a hierarchy to which the requester belongs and a hierarchy to which the requested party belongs;
The verification passing information module is used for enabling the main control computer to send verification passing information to the requester if i is more than j and allowing the requester to send the access request information to the requested party;
a verification coefficient determining module for enabling the main control computer to make the main control computer according to the formula if i < j Determining a verification coefficient V;
The information collection instruction module is used for enabling the main control computer to generate an information collection instruction according to the verification coefficient V and sending the information collection instruction to the requester;
The information to be checked module is used for enabling the requester to collect information to be checked according to the information collection instruction, generating an information set to be checked according to the information to be checked and sending the information set to the main control computer;
The security verification result module is used for enabling the main control computer to conduct security verification according to the verification coefficient V and the information set to be verified to obtain a security verification result;
The permission sending module is used for allowing the request to send the access request information to the requested party if the security verification result is that the security verification is passed;
An access permission module for permitting the requestor to access data in the memory if the requestor passes the verification of the online key;
The main control computer is enabled to generate an information collection instruction according to the verification coefficient V and send the information collection instruction to a requester, and the method comprises the following steps:
acquiring a first access record collection number according to the verification coefficient V, the first number of times that the industrial controller of the ith level accesses the industrial controller of the higher level in a preset time period before the current moment, and the second number of times that the access is successful;
Obtaining a second access record collection number according to the third number of times of accessing the industrial controllers of the higher hierarchy in a preset time period before the current moment and the fourth number of successful access of the industrial controllers of the other hierarchy except the ith hierarchy;
Obtaining access record collection times according to the first access record collection times and the second access record collection times;
And generating an information collection instruction according to the access record collection times, and sending the information collection instruction to a requester.
2. The autonomous controllable master network security guard system of claim 1, wherein obtaining a first access record collection number from the verification coefficient V and a first number of accesses to an industrial controller of a higher hierarchy and a second number of accesses successful for a preset time period prior to a current time by an industrial controller of an ith hierarchy comprises:
In the first times, determining a first proportion of times of accessing industrial controllers with the hierarchy number larger than j in a preset time period before the current moment by the industrial controller of the ith hierarchy;
in the second times, determining a second proportion of times that the industrial controller of the ith hierarchy accesses the industrial controller with the hierarchy number larger than j and accesses successfully in a preset time period before the current moment;
According to the formula
Obtaining the first access record collection timesWherein/>For the first time,/>For the second time,/>For the first proportion,/>In a second proportion,/>And requesting access to other industrial controllers for the total number of times of the requester within the preset time period.
3. The autonomous controllable master network security guard system of claim 1, wherein obtaining the second access record collection number from the third number of accesses to the higher-level industrial controller and the fourth number of accesses successful for a preset period of time before the current time by the industrial controllers of the other levels than the i-th level comprises:
According to the formula
Obtaining a second access record collection numberWherein/>For the third time,/>For the fourth time,/>And requesting access to other industrial controllers for the total number of times of the requester within the preset time period.
4. The autonomous controllable master control network security protection system of claim 1, wherein causing the requestor to collect information to be checked according to the information collection instruction, and generate a set of information to be checked according to the information to be checked, and send the set of information to be checked to the master control computer comprises:
The requester acquires the access record collection times according to the information collection instruction;
Selecting a plurality of continuous target access records from a plurality of access records in the preset time period according to access targets and access results of the plurality of access records of the requesting party in the preset time period and the access record collection times, wherein the number of the plurality of continuous target access records is consistent with the access record collection times;
and obtaining an information set to be checked according to the continuous multiple target access records, and sending the information set to be checked to the main control computer.
5. The autonomous controllable master network security guard system of claim 4, wherein selecting a consecutive plurality of target access records from a plurality of access records within the preset time period based on access targets and access results of the plurality of access records by the requesting party within the preset time period and the access record collection times comprises:
According to the formula
A first condition C1, a second condition C2 and a third condition C3 are obtained, wherein,For the access record collection number, k is the sequence number of the first access record in the continuous multiple target access records, N is the total number of multiple access records within a preset time period,/>For the hierarchy to which the accessed party of the s-th access record belongs,/>For the access result of the t-th access record,Indicating success of the access,/>Indicating access failure, if is a conditional function, and max is a maximum function;
and screening a plurality of continuous target access records from a plurality of access records within a preset time period according to the first condition C1, the second condition C2 and the third condition C3.
6. The autonomous controllable master control network security protection system of claim 4, wherein the enabling the master control computer to perform security verification according to the verification coefficient V and the information set to be checked to obtain a security verification result comprises:
Acquiring access moments of a plurality of continuous target access records in the information set to be checked;
obtaining behavior feature vectors of access behaviors of a plurality of target access records through a trained behavior recognition model;
and determining a security verification result according to the access time, the verification coefficient V and the behavior feature vector.
7. The autonomous controllable master network security guard system of claim 6, wherein determining a security validation result based on the access time, the validation coefficient V, and the behavioral characteristic vector comprises:
According to the formula
An access risk score R is obtained, wherein,Behavior feature vector of the y-th access behavior recorded for the x-th target access,/>For the z-th malicious behavior feature vector in the preset malicious behavior feature set,/>Z is the number of malicious behavior feature vectors in the malicious behavior feature set and is the number of access behaviors in the xth target access record,/>For accessing record collection times, Z is less than or equal to Z, y is less than or equal to/>,x≤/>And x, y, z,/>、/>And Z is a positive integer, max is a maximum function, if is a conditional function,/>Access time recorded for the x+1st target access,/>The recorded access time is accessed for the x-th target,The time interval is preset;
And under the condition that the access risk score R is smaller than or equal to a preset risk threshold value, determining the security verification result as verification passing.
CN202410248222.9A 2024-03-05 2024-03-05 Autonomous controllable master control network safety protection system Active CN117834304B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410248222.9A CN117834304B (en) 2024-03-05 2024-03-05 Autonomous controllable master control network safety protection system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410248222.9A CN117834304B (en) 2024-03-05 2024-03-05 Autonomous controllable master control network safety protection system

Publications (2)

Publication Number Publication Date
CN117834304A CN117834304A (en) 2024-04-05
CN117834304B true CN117834304B (en) 2024-05-03

Family

ID=90521259

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410248222.9A Active CN117834304B (en) 2024-03-05 2024-03-05 Autonomous controllable master control network safety protection system

Country Status (1)

Country Link
CN (1) CN117834304B (en)

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103927489A (en) * 2014-04-22 2014-07-16 陈幼雷 System and method for trusted storage of data
CN108810144A (en) * 2018-06-14 2018-11-13 北京中飞艾维航空科技有限公司 A kind of data transmission method, server and storage medium
CN109525570A (en) * 2018-11-06 2019-03-26 东南大学 A kind of data hierarchy safety access control method of Cargo Oriented on Group client
WO2019213292A1 (en) * 2018-05-01 2019-11-07 Jordan Simons Distributed consent protecting data across systems and services
CN110505198A (en) * 2019-07-05 2019-11-26 中国平安财产保险股份有限公司 A kind of checking request method, apparatus, computer equipment and storage medium
EP3964974A1 (en) * 2020-08-21 2022-03-09 Bundesdruckerei GmbH Search in a database with graded search authorization
CN114239046A (en) * 2021-11-02 2022-03-25 广东电网有限责任公司 Data sharing method
WO2022118276A1 (en) * 2020-12-05 2022-06-09 Tengram Technologies Private Limited System and method for facilitating flexible and hierarchical storage and management of knowledge
CN115017526A (en) * 2022-06-21 2022-09-06 曙光信息产业(北京)有限公司 Database access method and device, electronic equipment and storage medium
CN115238299A (en) * 2021-04-22 2022-10-25 华为技术有限公司 Access control method based on security level, related device and system
CN117155605A (en) * 2023-07-28 2023-12-01 鹏城实验室 Network security architecture, network security implementation method, system and medium
CN117396891A (en) * 2021-06-04 2024-01-12 国际商业机器公司 Data distribution and security in a multi-tiered storage infrastructure

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10771240B2 (en) * 2018-06-13 2020-09-08 Dynamic Blockchains Inc Dynamic blockchain system and method for providing efficient and secure distributed data access, data storage and data transport
US20220158855A1 (en) * 2018-11-09 2022-05-19 Ares Technologies, Inc. Methods and systems for a distributed certificate authority
US11487899B2 (en) * 2020-10-27 2022-11-01 Capital One Services, Llc Automated tiered security for confidential information and confidential information sharing and methods thereof

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103927489A (en) * 2014-04-22 2014-07-16 陈幼雷 System and method for trusted storage of data
WO2019213292A1 (en) * 2018-05-01 2019-11-07 Jordan Simons Distributed consent protecting data across systems and services
CN108810144A (en) * 2018-06-14 2018-11-13 北京中飞艾维航空科技有限公司 A kind of data transmission method, server and storage medium
CN109525570A (en) * 2018-11-06 2019-03-26 东南大学 A kind of data hierarchy safety access control method of Cargo Oriented on Group client
CN110505198A (en) * 2019-07-05 2019-11-26 中国平安财产保险股份有限公司 A kind of checking request method, apparatus, computer equipment and storage medium
EP3964974A1 (en) * 2020-08-21 2022-03-09 Bundesdruckerei GmbH Search in a database with graded search authorization
WO2022118276A1 (en) * 2020-12-05 2022-06-09 Tengram Technologies Private Limited System and method for facilitating flexible and hierarchical storage and management of knowledge
CN115238299A (en) * 2021-04-22 2022-10-25 华为技术有限公司 Access control method based on security level, related device and system
CN117396891A (en) * 2021-06-04 2024-01-12 国际商业机器公司 Data distribution and security in a multi-tiered storage infrastructure
CN114239046A (en) * 2021-11-02 2022-03-25 广东电网有限责任公司 Data sharing method
CN115017526A (en) * 2022-06-21 2022-09-06 曙光信息产业(北京)有限公司 Database access method and device, electronic equipment and storage medium
CN117155605A (en) * 2023-07-28 2023-12-01 鹏城实验室 Network security architecture, network security implementation method, system and medium

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
Two-layered Access Control for Storage Area Network;Cai Tao等;《2009 EIGHTH INTERNATIONAL CONFERENCE ON GRID AND COOPERATIVE COMPUTING, PROCEEDINGS》;20090827;全文 *
云存储环境下访问控制机制研究;霍亮;《中国优秀硕士学位论文全文数据库》;20180316;全文 *
对象云存储中分类分级数据的访问控制方法;杨腾飞;申培松;田雪;冯荣权;;软件学报;20170930(第09期);全文 *
面向汽车的安全访问控制技术的研究;李允;《中国优秀硕士学位论文全文数据库》;20220831;全文 *

Also Published As

Publication number Publication date
CN117834304A (en) 2024-04-05

Similar Documents

Publication Publication Date Title
Tharewal et al. Intrusion detection system for industrial Internet of Things based on deep reinforcement learning
Iqbal et al. A feed-forward and pattern recognition ANN model for network intrusion detection
CN112966245A (en) Power grid information system access control method and system based on information measurement
WO2019194787A1 (en) Real-time entity anomaly detection
CN107169499A (en) A kind of Risk Identification Method and device
CN107317682A (en) A kind of identity identifying method and system
CN113094761B (en) Method for monitoring federated learning data tamper-proofing and related device
CN109831459A (en) Method, apparatus, storage medium and the terminal device of secure access
Pirozmand et al. Intrusion detection into cloud-fog-based iot networks using game theory
CN114091042A (en) Risk early warning method
Chen et al. Multi-level adaptive coupled method for industrial control networks safety based on machine learning
Rakhimberdiev et al. Prospects for the use of neural network models in the prevention of possible network attacks on modern banking information systems based on blockchain technology in the context of the digital economy
CN114090985A (en) Method and device for setting user operation permission in block chain and electronic equipment
Manoharan et al. Implementation of internet of things with blockchain using machine learning algorithm: Enhancement of security with blockchain
CN110458570B (en) Risk transaction management and configuration method and system thereof
Naoum et al. An enhancement of the replacement steady state genetic algorithm for intrusion detection
CN117834304B (en) Autonomous controllable master control network safety protection system
Xia et al. Confidence-aware collaborative detection mechanism for false data attacks in smart grids
Michailidis et al. Intrusion detection using evolutionary neural networks
CN112733170B (en) Active trust evaluation method based on evidence sequence extraction
Campanile et al. Towards the use of generative adversarial neural networks to attack online resources
CN110648048A (en) Applet signing event processing method, device, server and readable storage medium
Yin et al. A network security situation assessment model based on BP neural network optimized by DS evidence theory
Barik et al. Adversarial attack detection framework based on optimized weighted conditional stepwise adversarial network
Obimbo et al. Multiple SOFMs working cooperatively in a vote-based ranking system for network intrusion detection

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant