CN102253948A - Method and device for searching information in multi-source information system - Google Patents
Method and device for searching information in multi-source information system Download PDFInfo
- Publication number
- CN102253948A CN102253948A CN2010101818512A CN201010181851A CN102253948A CN 102253948 A CN102253948 A CN 102253948A CN 2010101818512 A CN2010101818512 A CN 2010101818512A CN 201010181851 A CN201010181851 A CN 201010181851A CN 102253948 A CN102253948 A CN 102253948A
- Authority
- CN
- China
- Prior art keywords
- search
- database
- information
- user
- content
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides a method for searching information in a multi-source information system, relates to the field of information management and solves the problem that a plurality of description information associations for the same object cannot be searched in the prior art. The method comprises the following steps of: acquiring a searching sequence and searching contents set by a user for multiple kinds of description information of the same object; and searching by using corresponding searching contents in a database where the description information is stored according to the searching sequence set by the user. The technical scheme can be applied to the searching of the information.
Description
Technical field
The present invention relates to field of information management, relate in particular to a kind of in the multi-source information system method and apparatus of search information.
Background technology
The develop rapidly of Internet for the propagation and the utilization of information brings great convenience, has also brought the huge challenge of information security simultaneously.In order to alleviate serious day by day safety problem, more and more enterprises and mechanism have disposed fire wall, intruding detection system (Intrusion Detection Systems, IDS), a series of Network Security Device such as vulnerability scanning equipment, flow detection equipment, effectively reduce the security risk of enterprise, but brought safety-relevant data dispersion, volume of event to be difficult to problems such as processing greatly simultaneously.
With a buffer overflow attack is example, the detection data relevant with this attack may be distributed in the daily record of fire wall, IDS, flow detection equipment, may be present in the daily record of Hole Detection equipment simultaneously with by the relevant information of attack main frame, the daily record of each checkout equipment is all deposited in the independent database, the type of database also has nothing in common with each other, and this has just brought very big inconvenience for safety analysis personnel's log analysis.Whether for example whether the safety analysis personnel according to buffer overflow attack of alarm decision of IDS during success, need arrive first in the daily record of fire wall this attack of search and be blocked by fire wall; If block, then need whether to have corresponding leak on the ferret out main frame in the daily record of Hole Detection equipment.Because the daily record relevant with this warning is distributed in the different databases, this just needs the safety analysis personnel to search for repeatedly in different databases, and the event analysis process becomes complicated and wastes time and energy.How making full use of the multi-source security log, realize detection and analysis to attack, reduce the complexity of event analysis, is the technical matters that present network safety filed is badly in need of solution.
In order to address the above problem, (Security Operations Center SOC) waits product to obtain application more and more widely to safety management platform.The principle of work of SOC product is the warning message that gathers the multi-source safety equipment, the daily record that is dispersed in a plurality of databases is concentrated in the same database, the association search of the basic enterprising behaviour part that gathers in daily record, wherein association search is in dissimilar security logs, searches the whole log informations relevant with search key.This scheme can solve data source to a certain extent and disperse the difficulty that causes to event analysis, but have the following disadvantages: at first, because data volume is excessive, or the reason in the service management, be difficult to the data that all are relevant and be aggregated in the same database in a lot of application scenarios, the event analysis process still might need to visit the data in a plurality of disparate databases; Secondly, even all data have been aggregated in the same database, because an event analysis process need comprises a plurality of steps, the safety analysis personnel still need to write a plurality of structuring search (SQL) statements, in a plurality of tables of data, carry out repeated searching, just can obtain the result of needs, and write, organize the process of SQL statement still very complicated, increase the weight of the operation maintenance cost of database, prolonged the development time of database.
Summary of the invention
The invention provides a kind of in the multi-source information system method and apparatus of search information, solving in the prior art can't be to the problem of a plurality of descriptor association searches of same things.
To achieve the above object of the invention, the invention provides following technical scheme:
A kind of in the multi-source information system method of search information, comprising:
Obtain search order and the search content of user for a plurality of descriptors settings of same things;
According to the search order that described user is provided with, in storing the database of this descriptor, adopt corresponding search content to search for.
Further, described method has following characteristics: the described user of obtaining is the search order and the search content of a plurality of descriptors settings of same things, comprising:
When detecting described user and need retrieve, send to described user and to comprise the search order of asking every kind of information and the dialog box of search content;
Receive described user and fill in dialog box after finishing.
Further, described method has following characteristics: described search content comprises the content of search key, the source and the Search Results of search key.
Further, described method has following characteristics: the described search order that is provided with according to described user, and in storing the database of this descriptor, adopt corresponding search content to search for, comprising:
If a plurality of descriptors of described same things are not stored in the same database, obtain the identity information of the database that is used to store this descriptor;
Adopt the identity information of described database, discern the described database that is used to store this descriptor;
According to the search order that described user is provided with, in the database that identification obtains, adopt corresponding search content to search for.
A kind of in the multi-source information system device of search information, comprising:
Acquisition module is used to obtain search order and the search content of user for a plurality of descriptors settings of same things;
Search module is used for the search order according to described user's setting, adopts corresponding search content to search in storing the database of this descriptor.
Further, described device has following characteristics: described acquisition module comprises:
Transmitting element is used for when detecting described user and need retrieve, and sends to described user to comprise the search order of asking every kind of information and the dialog box of search content;
Receiving element is used to receive described user and fills in dialog box after finishing.
Further, described method has following characteristics: the search content when described search module is searched for comprises the content of search key, the source and the Search Results of search key.
Further, described device has following characteristics: described search module comprises:
Acquiring unit is used for when a plurality of descriptors of described same things are not stored in same database, obtains the identity information of the database that is used to store this descriptor;
Recognition unit links to each other with described acquiring unit, is used to adopt the identity information of the database that described acquiring unit obtains, and discerns the described database that is used to store this descriptor;
Search unit links to each other with described recognition unit, is used for the search order according to described user's setting, adopts corresponding search content to search in the database that described recognition unit identification obtains.
Technical scheme provided by the invention, when the user carries out association search, by man-machine interaction, the user is arranged on search order and the search content in each database between disparate databases, be implemented in the search between a plurality of databases, need not to develop the script file that is used for association search between database, reduced the operation cost of system; Search for according to search key and Search Results that the user clearly indicates, improve search accuracy, reduced the complexity of search, the raising system is to the processing speed of search; Owing to only need exploitation one personal-machine interaction page, be used to search order and the search key in each database and the Search Results of asking the user to add database, implementation is simple and convenient.
Description of drawings
Fig. 1 be provided by the invention in the multi-source information system structural representation of the system embodiment of search information;
Fig. 2 is the structural representation of middle acquisition module 101 embodiment illustrated in fig. 1;
Fig. 3 is the structural representation of middle search module 102 embodiment illustrated in fig. 1;
Fig. 4 be provided by the invention in the multi-source information system schematic flow sheet of the method embodiment of search information;
Fig. 5 is search order and the search content information page structure synoptic diagram that obtains the user to every kind of information setting provided by the invention;
Fig. 6 is a page synoptic diagram of setting up incidence relation between the subquery point provided by the invention.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with the accompanying drawings and the specific embodiments.
Fig. 1 among the present invention in the multi-source information system structural representation of the device embodiment of search information.Device embodiment shown in Figure 1 mainly comprises acquisition module 101 and search module 102, wherein
Wherein the multi-source information system comprises the descriptor of number of different types, this different kinds of information is meant the information that same things is described from different aspects, describe with concrete application example, comprise multiple checkout equipment as network safety system, the security log of each checkout equipment is exactly different descriptor, below is described with the safety management to a website.
Below described device is described further:
Fig. 2 is the structural representation of middle acquisition module 101 embodiment illustrated in fig. 1.Acquisition module 101 comprises in embodiment illustrated in fig. 2:
Transmitting element 201 is used for when detecting described user and need retrieve, and sends to described user to comprise the search order of asking every kind of information and the dialog box of search content;
Receiving element 202 is used to receive described user and fills in dialog box after finishing.
Concrete, when the user searches for, described acquisition module 101 obtains the needs of user to this search with the form of dialog box, specifically obtains successively by following several pages:
1, be used to ask the user that the page of scope to be searched is set, scope wherein to be searched is made up of the information of number of different types;
In the page, at first list multiple information, after treating that the user therefrom chooses the information of required detection, generate corresponding query point, comprising initial query point and a plurality of subquery point, wherein the number of subquery point is the kind sum of information, for example, select 3 descriptor, then generated 3 sub-query point.
2, be used to ask the user that search order and search content to each descriptor are set, wherein search content comprises the content of search key, the source and the Search Results of search key;
Since search information can centralized stores in a total data storehouse, a total data storehouse promptly is set, this total data storehouse can obtain from the database of only depositing specific security log; Also can be stored in different databases respectively, a database is only stored a kind of customizing messages.Below respectively above-mentioned two kinds of situations are introduced:
Below be that example describes with the management of a sub-query point, other subquery points are similar, repeat no more.
Situation one is that the security log centralized stores of checkout equipment is in a total data storehouse
The request user is to each subquery point definition search order and search content in the page, wherein search order is that the user is according to self needs, define the inquiry of which step execution to this subquery point, wherein search content comprises the content of search key, the source and the Search Results of search key, wherein the content of search key can be the Search Results that obtains for the starting condition of search from the information of searching for.If be the Search Results that obtains in the information of searching for, also need to spell out this Search Results and obtain from that search information this moment, thereby the relation between the clear and definite descriptor is set up the related information of descriptor, thereby realize association search.
Situation two is not all to be stored in same database for the security log of checkout equipment
For ease of the position of locator data, the page of situation two not only comprises the full content of situation one page, also comprises the database at definition subquery point place.When the user when search order and search content are set, also to be provided for storing the identity information of this database of information, number as database.
Preferably, present embodiment adopts the discrete form canned data, compare with employing concentrated form (being the total data storehouse) management, need not the transmission of information between the database, under the prerequisite that guarantees data security, saved the use of the network bandwidth, adopt the mode of database numbering and search order to obtain access order again to database, realize the search between the integration across database, be provided between the database program of association search with user in the prior art and compare, be easier to user's operation and use.
Fig. 3 is the structural representation of middle search module 102 embodiment illustrated in fig. 1.Search module 102 comprises in embodiment illustrated in fig. 3:
Acquiring unit 301 is used for when a plurality of descriptors of described same things are not stored in same database, obtains the identity information of the database that is used to store this descriptor;
Search unit links to each other with described recognition unit 302, is used for the search order according to described user's setting, adopts corresponding search content to search in the database that described recognition unit 302 identifications obtain.
Concrete, after acquisition module 101 obtained search order and search key, described search module was searched for information successively according to the search order that acquisition module 101 obtains, in search procedure, search for corresponding search content according to the search key that acquisition module 101 obtains.The method of searching for according to search key and search content in the prior art all is applicable to the present invention, repeats no more herein.
Fig. 4 among the present invention in the multi-source information system schematic flow sheet of the method embodiment of search information.In conjunction with device embodiment shown in Figure 1, this method comprises:
Optionally, before step 401, the strategy that can set in advance according to system or user, the information that selection portion is divided type from a plurality of descriptors of same things asks the user that this scope to be searched is provided with search order and search content as scope to be searched again.
Further, in step 401, search content comprises the content of search key, the source and the Search Results of search key, if wherein in the search key of the first information except comprising known search key, also comprise obtaining Search Results after second information search, need the user that this search key is set this moment and after second information search, obtain, thereby set up the first information and second information incidence relation.
Further,, also need the identify label in user setup data storehouse, thereby guarantee that quick identification is to database if each descriptor is stored in respectively in the corresponding database.
Below with provided by the invention in the multi-source information system method application example schematic flow sheet of search information.In conjunction with method embodiment shown in Figure 4, below being that example describes to this application example:
For example, the security log of 3 kinds of safety detecting systems is arranged, be numbered A, B and C respectively, be followed successively by webpage and hang horse monitoring system, domain name monitoring system and network flow monitoring system.
Network security analyst need be known and is subjected to certain to be hung the user scope that the horse website is attacked in the customer group; When having detected the user, the multi-source information system need search for, then eject dialog box, also enumerate local whole safety detecting system in this dialog box, the user need in this can actual needs to select the safety detecting system searched for, it is scope to be searched, wherein allow the user to select that all or part of safety detecting system in this example, is that example describe to select whole search modules as scope to be searched in the described search system; After selecting scope to be searched, the information that the user searches for according to actual needs, determine the search order of each safety detecting system, because this example is to be subjected to certain to be hung the user scope that the horse website is attacked among the search subscriber group, then the search order in this example is the security log of the security log → network flow monitoring system of the webpage security log → domain name monitoring system of hanging the horse monitoring system.
The scope of determining according to the user to be searched, system generates start node, this start node comprises an input parameter, name is called webaddress, type is a character string type, and adds three sub-query nodes, and the attribute of each subquery node is: sequence number (promptly carrying out the order of search), database-name, database numbering (when above-mentioned security log is not stored in same database, do not exist, otherwise do not need), the content of search key, the source and the Search Results of search key.
Below each subquery point is introduced:
Subquery node 1: the search key that webpage is hung the database (be designated hereinafter simply as and hang horse time period Data panel) of horse monitoring system is a web site url, as
Http:// www.a.com, Search Results is start time and concluding time;
As shown in Figure 5, the attribute at the page comprises: sequence number is 1, and DSN is for hanging the horse time period, and input parameter is a station address, is labeled as webaddress, and type is a character string type; Output parameter is start time and concluding time, is labeled as begintime and endtime, and type is the date type; The SQL statement of inquiry is: select min (time) as begintime, max (time) as endtime fromwebsite_trojan_event where home_page=webaddress;
Subquery node 2: the search key of the database of domain name monitoring system is web site url and webpage is hung the Search Results of horse monitoring system that i.e. start time and concluding time, Search Results is the IP address of this web site url;
Attribute at the page comprises: sequence number is 2, and DSN is domain name Monitoring Data source, and input parameter is webaddress, and type is a character string type; Begintime, endtime, type is the date type; Output parameter is the IP address, is labeled as ip, and type is a character string type; The SQL statement of inquiry is: selectip from dnsmonitor where time between begimime and endtime anddnsname=webaddress.Wherein begintime, endtime are the Search Results of subquery point 1, also need to set up the incidence relation of two sub-query point, as shown in Figure 6.
Subquery node 3: the search key of the database of network flow monitoring system is the IP address of web site url, and start time and concluding time, Search Results is for the IP address of this web site url of visit, as 192.168.1.1.
Attribute at the page comprises: sequence number is 3, and DSN is network flow Monitoring Data source, and input parameter is ip, and type is a character string type; Begintime, endtime, type is the date type; Output parameter is an IP address list, is labeled as srcip, and type is a character string type; The SQL statement of inquiry is: selectdistinct srcip from v_netflow t where eventtime between begintime and endtimeand dstip=ip and dstport=80.
After user's setting was finished, the multi-source information system adopted the search key and the search order of each database correspondence according to the search order of database, and above-mentioned three databases are searched for.
The search key of hanging the database of horse monitoring system at webpage is a web site url, as
Http:// www.a.com, from the Search Results that obtains, obtain start time and concluding time, as 2010-1-1~2010-1-2, obtain the time that wooden horse is implanted in this website;
Search key at the database of domain name monitoring system is
Http:// www.a.comAnd 2010-1-1~2010-1-2 is search key, and Search Results is the IP address of this web site url, obtains the IP address of adopting when wooden horse is implanted in this website;
The search key of the database of network flow monitoring system is the IP address and the 2010-1-1~2010-1-2 of web site url, Search Results is the IP address of this web site url of visit, obtains visiting IP address user IP address, this website at the implantation wooden horse during this period of time.
In above-mentioned three search procedures, carry out the query task of subquery node 1: hang on the Ma Jianceshuojuyuan at page or leaf, the input parameter with in the SQL statement of definition in the subquery node 1 replaces with concrete parameter according to internodal incidence relation.Carry out SQL statement: select min (time) asbegintime, max (time) as endtime from website_trojan_event where home_page='
Www.a.com', and with begintime, endtime as output parameter, suppose that Query Result is respectively " 2010-1-1 " and " 2010-1-2 ";
Carry out the query task of subquery node 2: on domain name Monitoring Data source, the input parameter with in the SQL statement of definition in the subquery node 2 replaces with concrete parameter according to internodal incidence relation.Carry out SQL statement: select ip from dnsmonitor where time between ' 2010-1-1 ' and ' 2010-1-2 ' and dnsname='
Www.a.com', and with ip as output parameter, suppose that Query Result is for " 192.168.1.1 ";
Carry out the query task of subquery node 3: on network flow Monitoring Data source, the input parameter with in the SQL statement of definition in the subquery node 3 replaces with concrete parameter according to internodal incidence relation.Carry out SQL statement: select distinct srcip from v_netflow t where eventtime between ' 2010-1-1 ' and ' 2010-1-2 ' and dstip=' 192.168.1.1 ' and dstport=80, and with Query Result srcip as final output.
If the security log of above-mentioned three safety detecting systems is scattered, when selecting to need the database of search, also need the user that the identify label of this database is set, as database numbering etc., unlike the prior art be, when searching for, need not to converge to a total data storehouse that is used for providing the search information function, reduced the transmission that aims at day between database and the total data storehouse, reduce the cost of service management, simultaneously, realize comparing, be easier to user's operation with in the database of a plurality of dispersions, developing the script that is used for association search in the prior art.
The method that the embodiment of the invention provides is not limited to this, for a plurality of descriptors of describing same things, and a plurality of descriptors exist information common factor (Search Results that is some descriptions is the search key of another search information) or cause-effect relationship, both can think that these a plurality of descriptors formed the multi-source information system, just can adopt method provided by the invention.For example, in the bank management system, for a user, multi-source information comprises accounts information and business information, and when needs obtained the maximum consuming capacity of assesses user, just need analyze storage this moment to accounts information and business information.
The method that present embodiment provides, when the user carries out association search, by man-machine interaction, search order and the search key in each database and the Search Results in request user setup data storehouse, be implemented in the search between a plurality of databases, need not to develop the script file that is used for association search between database, reduced the operation cost of system; Search for according to search key and Search Results that the user clearly indicates, reduced the complexity of search, the raising system is to the processing speed of search; Owing to only need exploitation one personal-machine interaction page, be used to search order and the search key in each database and the Search Results of asking the user to add database, implementation is simple and convenient.
One of ordinary skill in the art will appreciate that all or part of step that realizes the foregoing description is to instruct relevant hardware to finish by program, described program can be stored in a kind of computer-readable recording medium, this program comprises one of step or its combination of method embodiment when carrying out.
In addition, each functional unit in each embodiment of the present invention can adopt the form of hardware to realize, also can adopt the form of software function module to realize.If described integrated module realizes with the form of software function module and during as independently production marketing or use, also can be stored in the computer read/write memory medium.
The above-mentioned storage medium of mentioning can be a ROM (read-only memory), disk or CD etc.
The above; only be the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, anyly is familiar with those skilled in the art in the technical scope that the present invention discloses; can expect easily changing or replacing, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the described protection domain of claim.
Claims (8)
1. the method for a search information in the multi-source information system is characterized in that, comprising:
Obtain search order and the search content of user for a plurality of descriptors settings of same things;
According to the search order that described user is provided with, in storing the database of this descriptor, adopt corresponding search content to search for.
2. method according to claim 1 is characterized in that, described search order and the search content that obtains the user for a plurality of descriptors settings of same things comprises:
When detecting described user and need retrieve, send to described user and to comprise the search order of asking every kind of information and the dialog box of search content;
Receive described user and fill in dialog box after finishing.
3. method according to claim 1 is characterized in that, described search content comprises the content of search key, the source and the Search Results of search key.
4. method according to claim 1 is characterized in that, the described search order that is provided with according to described user adopts corresponding search content to search in storing the database of this descriptor, comprising:
If a plurality of descriptors of described same things are not stored in the same database, obtain the identity information of the database that is used to store this descriptor;
Adopt the identity information of described database, discern the described database that is used to store this descriptor;
According to the search order that described user is provided with, in the database that identification obtains, adopt corresponding search content to search for.
5. the device of a search information in the multi-source information system is characterized in that, comprising:
Acquisition module is used to obtain search order and the search content of user for a plurality of descriptors settings of same things;
Search module is used for the search order according to described user's setting, adopts corresponding search content to search in storing the database of this descriptor.
6. device according to claim 5 is characterized in that, described acquisition module comprises:
Transmitting element is used for when detecting described user and need retrieve, and sends to described user to comprise the search order of asking every kind of information and the dialog box of search content;
Receiving element is used to receive described user and fills in dialog box after finishing.
7. device according to claim 5 is characterized in that, the search content when described search module is searched for comprises the content of search key, the source and the Search Results of search key.
8. device according to claim 5 is characterized in that, described search module comprises:
Acquiring unit is used for when a plurality of descriptors of described same things are not stored in same database, obtains the identity information of the database that is used to store this descriptor;
Recognition unit links to each other with described acquiring unit, is used to adopt the identity information of the database that described acquiring unit obtains, and discerns the described database that is used to store this descriptor;
Search unit links to each other with described recognition unit, is used for the search order according to described user's setting, adopts corresponding search content to search in the database that described recognition unit identification obtains.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010181851 CN102253948B (en) | 2010-05-19 | 2010-05-19 | Method and device for searching information in multi-source information system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010181851 CN102253948B (en) | 2010-05-19 | 2010-05-19 | Method and device for searching information in multi-source information system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102253948A true CN102253948A (en) | 2011-11-23 |
| CN102253948B CN102253948B (en) | 2013-06-19 |
Family
ID=44981219
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 201010181851 Expired - Fee Related CN102253948B (en) | 2010-05-19 | 2010-05-19 | Method and device for searching information in multi-source information system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102253948B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102831136A (en) * | 2012-01-16 | 2012-12-19 | 中新力合股份有限公司 | Information storage and search method |
| CN103412913A (en) * | 2013-08-05 | 2013-11-27 | 北京永信至诚科技有限公司 | Associated search method and associated search system |
| CN103744897A (en) * | 2013-12-24 | 2014-04-23 | 华为技术有限公司 | Associated search method and associated search system for fault information, and network management system |
| CN106446261A (en) * | 2016-10-17 | 2017-02-22 | 广东小天才科技有限公司 | Content searching method and device based on multiple platform interfaces |
| CN106933853A (en) * | 2015-12-30 | 2017-07-07 | 阿里巴巴集团控股有限公司 | A kind of files passe processing method and processing device |
| CN109194605A (en) * | 2018-07-02 | 2019-01-11 | 中国科学院信息工程研究所 | A kind of suspected threat index Proactive authentication method and system based on open source information |
| CN113157996A (en) * | 2020-01-23 | 2021-07-23 | 久瓴(上海)智能科技有限公司 | Document information processing method and device, computer equipment and readable storage medium |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101105796A (en) * | 2007-08-06 | 2008-01-16 | 无敌科技(西安)有限公司 | Trans-word library inquiry method |
-
2010
- 2010-05-19 CN CN 201010181851 patent/CN102253948B/en not_active Expired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101105796A (en) * | 2007-08-06 | 2008-01-16 | 无敌科技(西安)有限公司 | Trans-word library inquiry method |
Non-Patent Citations (3)
| Title |
|---|
| 夏雪: "综合报警关联技术在网络安全管理平台中的运用", 《中国优秀硕士学位论文全文数据库》 * |
| 王彦博等: "面向网络态势感知的多源异构日志传感器设计", 《传感器与微系统》 * |
| 陈龙等: "融合多源日志辅助取证的事件场景关联方法", 《重庆邮电大学学报(自然科学版)》 * |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102831136A (en) * | 2012-01-16 | 2012-12-19 | 中新力合股份有限公司 | Information storage and search method |
| CN103412913A (en) * | 2013-08-05 | 2013-11-27 | 北京永信至诚科技有限公司 | Associated search method and associated search system |
| CN103412913B (en) * | 2013-08-05 | 2018-02-27 | 北京永信至诚科技股份有限公司 | A kind of association search method and system |
| CN103744897A (en) * | 2013-12-24 | 2014-04-23 | 华为技术有限公司 | Associated search method and associated search system for fault information, and network management system |
| CN106933853A (en) * | 2015-12-30 | 2017-07-07 | 阿里巴巴集团控股有限公司 | A kind of files passe processing method and processing device |
| CN106446261A (en) * | 2016-10-17 | 2017-02-22 | 广东小天才科技有限公司 | Content searching method and device based on multiple platform interfaces |
| CN106446261B (en) * | 2016-10-17 | 2020-01-14 | 广东小天才科技有限公司 | Content searching method and device based on multi-platform interface |
| CN109194605A (en) * | 2018-07-02 | 2019-01-11 | 中国科学院信息工程研究所 | A kind of suspected threat index Proactive authentication method and system based on open source information |
| CN109194605B (en) * | 2018-07-02 | 2020-08-25 | 中国科学院信息工程研究所 | Active verification method and system for suspicious threat indexes based on open source information |
| CN113157996A (en) * | 2020-01-23 | 2021-07-23 | 久瓴(上海)智能科技有限公司 | Document information processing method and device, computer equipment and readable storage medium |
| CN113157996B (en) * | 2020-01-23 | 2022-09-16 | 久瓴(上海)智能科技有限公司 | Document information processing method and device, computer equipment and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102253948B (en) | 2013-06-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20230041672A1 (en) | Enterprise data processing | |
| Khare et al. | Big data in IoT | |
| CN102253948B (en) | Method and device for searching information in multi-source information system | |
| CN107087001B (en) | distributed internet important address space retrieval system | |
| CN103942639B (en) | Policy management system and its method for policy consultation service system | |
| WO2019182670A1 (en) | Endpoint process state collector | |
| CN110795257A (en) | Method, device and equipment for processing multi-cluster operation records and storage medium | |
| CN105550228A (en) | Intelligent storage device and storage and take-out identification method and system based on intelligent storage device | |
| CN103902646A (en) | Distributed task managing system and method | |
| CN101681340A (en) | Unobtrusive methods and systems for collecting information transmitted over a network | |
| US8515944B2 (en) | Sensor network managing apparatus and method thereof | |
| CN110990447B (en) | Data exploration method, device, equipment and storage medium | |
| US20070016960A1 (en) | NTO input validation technique | |
| CN109905288A (en) | A kind of application service classification method and device | |
| CN103226609A (en) | Searching method for WEB focus searching system | |
| CN109657119A (en) | A kind of web crawlers detection method based on access log IP analysis | |
| CN107491463A (en) | The optimization method and system of data query | |
| US7480651B1 (en) | System and method for notification of group membership changes in a directory service | |
| CN108876314B (en) | Career professional ability traceable method and platform | |
| CN102855297B (en) | A kind of method of control data transmission and connector | |
| US8538935B2 (en) | One-to-one and one-to-many relationships in databases | |
| CN103902725A (en) | Method and device for acquiring search engine optimization information | |
| CN110110524A (en) | Vulnerability scanning and maintaining method for computing equipment system | |
| CN112367340B (en) | Intranet asset risk assessment method, device, equipment and medium | |
| KR20200066428A (en) | A unit and method for processing rule based action |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130619 Termination date: 20190519 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |