CN102413011A - Local area network (LAN) security evaluation method and system - Google Patents
Local area network (LAN) security evaluation method and system Download PDFInfo
- Publication number
- CN102413011A CN102413011A CN2011103696374A CN201110369637A CN102413011A CN 102413011 A CN102413011 A CN 102413011A CN 2011103696374 A CN2011103696374 A CN 2011103696374A CN 201110369637 A CN201110369637 A CN 201110369637A CN 102413011 A CN102413011 A CN 102413011A
- Authority
- CN
- China
- Prior art keywords
- information
- security
- network
- user terminal
- lan
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000011156 evaluation Methods 0.000 title claims abstract description 18
- 238000001514 detection method Methods 0.000 claims abstract description 74
- 238000000034 method Methods 0.000 claims abstract description 30
- 241000700605 Viruses Species 0.000 claims description 77
- 238000012217 deletion Methods 0.000 claims description 12
- 230000037430 deletion Effects 0.000 claims description 12
- 239000000284 extract Substances 0.000 claims description 12
- 238000004140 cleaning Methods 0.000 claims description 6
- 230000008520 organization Effects 0.000 claims description 6
- 238000009434 installation Methods 0.000 claims description 5
- 238000000605 extraction Methods 0.000 claims description 3
- 230000000875 corresponding effect Effects 0.000 description 14
- 230000002155 anti-virotic effect Effects 0.000 description 10
- 230000003612 virological effect Effects 0.000 description 10
- 238000004891 communication Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 6
- 238000007726 management method Methods 0.000 description 6
- 230000006378 damage Effects 0.000 description 5
- 230000036541 health Effects 0.000 description 5
- 230000004044 response Effects 0.000 description 3
- 208000027418 Wounds and injury Diseases 0.000 description 2
- 230000009471 action Effects 0.000 description 2
- 230000000840 anti-viral effect Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 239000012141 concentrate Substances 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 208000014674 injury Diseases 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 241000272525 Anas platyrhynchos Species 0.000 description 1
- 241001494479 Pecora Species 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 230000002950 deficient Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000012467 final product Substances 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000003071 parasitic effect Effects 0.000 description 1
- SBNFWQZLDJGRLK-UHFFFAOYSA-N phenothrin Chemical compound CC1(C)C(C=C(C)C)C1C(=O)OCC1=CC=CC(OC=2C=CC=CC=2)=C1 SBNFWQZLDJGRLK-UHFFFAOYSA-N 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 1
Images
Landscapes
- Small-Scale Networks (AREA)
Abstract
The invention provides a local area network (LAN) security evaluation method and system. Terminals in an LAN comprise a control terminal and a user terminal, and the method comprises the steps of: triggering security detection on the user terminal in the LAN; reporting security detection data corresponding to the user terminal to the control terminal by the user terminal; and generating security evaluation information of the current LAN by the control terminal according to the received security detection data. The method and system provided by the invention can be used for completely and truly feeding back the security state of an enterprise network.
Description
Technical field
The application relates to the technical field of computer security, particularly relates to a kind of method of LAN safety assessment and the system of a kind of LAN safety assessment.
Background technology
Antivirus software is also claimed anti-viral software or antivirus software, is the one type of software that is used to eliminate computer virus, Trojan Horse and Malware.The common integrated monitoring identification of antivirus software, virus scan and functions such as removing and auto-update; The antivirus software that has also has functions such as data recovery; Be that the computer system of defense (comprises antivirus software; Fire compartment wall, the killing program of Trojan Horse and other Malwares, intrusion prevention system etc.) important component part.
Along with networks development; Antivirus software not only only provides service (being commonly called as " individual's version ") to the individual equipment terminal; Increasing antivirus software manufacturer begins to local area network (LAN) (like enterprise network) integrity service (being commonly called as " enterprise version " or " network edition ") to be provided; Because traditional antivirus software, mainly be to lay particular emphasis on to eliminate computer virus and Trojan Horse, so the enterprise version of these antivirus softwares or the network edition lay particular emphasis on equally and show and the virus of management enterprise network and the situation of wooden horse.Yet; Along with the deep development of the Internet, Cyberthreat shifts to terminal security from security boundary, and virus and wooden horse are not to have threatened the main mode of computer security already; And the picture plug-in unit; Rogue software, malice such as distort at emerging harm pattern, and becoming anti-viral software needs the difficult problem that at first solves.
Moreover, mainly be through on the inner terminal of enterprise network, the antivirus software client being installed respectively, the viral load and the viral extent of injury of enterprise network are carried out the security evaluation of network in the prior art, and obtain relevant scoring or detect data.For the viral load and the viral extent of injury, although this method can embody enterprise network safety of environment situation to a certain extent, the utmost point is not comprehensive, can't be as the true mark post of judging the enterprise network security situation.Because the appearance of virus belongs to the category of remedying afterwards; Be an engineering of mending the fold after the sheep is lost, enterprise network at this time is in the hole, and these networks all belong to the network environment of failing; Mark or detect for such network, meaning is all little again.
Therefore, need the urgent technical problem that solves of those skilled in the art to be exactly at present: to propose a kind of mechanism of LAN safety assessment, in order to feed back the safe condition of enterprise network comprehensively, truly.
Summary of the invention
The application's technical problem to be solved provides a kind of method and system of LAN safety assessment, in order to feed back the safe condition of enterprise network comprehensively, truly.
In order to address the above problem, the application discloses a kind of method of LAN safety assessment, and the terminal in the said local area network (LAN) comprises control terminal and user terminal, and described method comprises:
Trigger the safety detection of user terminal in the local area network (LAN);
The safety detection data that said user terminal is corresponding with it report to control terminal;
Said control terminal generates the security assessment information of current local area network (LAN) according to the safety detection data that received.
Preferably, described method also comprises:
Said control terminal issues security strategy according to said security assessment information to relevant user terminals, carries out said security strategy by corresponding user terminal.
Preferably, the safety detection of user terminal comprises in the said local area network (LAN):
Virus detects, and wooden horse detects, and security breaches detect, and plug-in unit detects, and system rubbish detects, and system configuration detects, and software security detects, and/or network is shared and detected;
Said safety detection data comprise:
Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, the system configuration error message, dangerous software information, and/or network is shared information.
Preferably, said safety detection data also comprise:
Said user terminal is according to said Virus Info, wooden horse information, safety loophole information, malicious plugins information; System rubbish information, system configuration error message, dangerous software information; And/or network is shared information, according to presetting the safe grading parameters that scoring rule generates;
Said security assessment information comprises the network-wide security grading parameters, and, network-wide security information summary sheet, said control terminal comprises according to the step that the safety detection data that received generate the security assessment information of current local area network (LAN):
Said control terminal is added up the safe grading parameters of each user terminal to send up that is received, and generates the network-wide security grading parameters of current local area network (LAN);
The Virus Info of each user terminal that said control terminal tissue is received, wooden horse information, safety loophole information; Malicious plugins information, system rubbish information, system configuration error message; Dangerous software information; And/or network is shared information, generates the network-wide security information summary sheet of current local area network (LAN).
Preferably; Said security assessment information comprises the safe grading parameters of each user terminal, the network-wide security grading parameters, and; Network-wide security information summary sheet, said control terminal comprises according to the step that the safety detection data that received generate the security assessment information of current local area network (LAN):
Said control terminal is according to said Virus Info, wooden horse information, safety loophole information, malicious plugins information; System rubbish information, system configuration error message, dangerous software information; And/or network is shared information, according to presetting the safe grading parameters that scoring rule calculates each user terminal;
Said control terminal is added up the safe grading parameters of said user terminal, generates the network-wide security grading parameters of current local area network (LAN);
Said control terminal is organized the Virus Info of said user terminal, wooden horse information, safety loophole information, malicious plugins information; System rubbish information, system configuration error message, dangerous software information; And/or network is shared information, generates the network-wide security information summary sheet of current local area network (LAN).
Preferably, said security assessment information also comprises the network-wide security rank, and said control terminal also comprises according to the step that the safety detection data that received generate the security assessment information of current local area network (LAN):
Said control terminal is confirmed the network-wide security rank of current local area network (LAN) according to the network-wide security grading parameters of current local area network (LAN) according to preset level definition.
Preferably, described method also comprises:
Control terminal is showed said security assessment information.
Preferably, described method also comprises:
Control terminal writes said security assessment information in the daily record.
Preferably, said control terminal issues security strategy according to said security assessment information to relevant user terminals, and the step of being carried out said security strategy by corresponding user terminal comprises:
Said control terminal generates security strategy according to said security assessment information, and said security strategy comprises the sign at relative users terminal, and, the security strategy file;
Said control terminal sends security strategy to user terminal and extracts notice;
Said user terminal extracts notice according to said security strategy, downloads the corresponding security strategy file according to user terminal identification from control terminal;
Said user terminal is installed said security strategy file.
Preferably, when said security assessment information comprised Virus Info, said security strategy file comprised that virus reads, the information that virus deletion and/or virus are isolated;
When said security assessment information comprised wooden horse information, said security strategy file comprised that wooden horse reads, the information that wooden horse deletion and/or wooden horse are isolated;
When said security assessment information comprised safety loophole information, said security strategy file comprised the information that patch is downloaded and installed;
When said security assessment information comprises malicious plugins information, said security strategy file comprises the information that plug-in unit reads and deletes;
When said security assessment information comprises system rubbish information, said security strategy file comprises the information of system rubbish cleaning;
When said security assessment information comprised the system configuration error message, said security strategy file comprises to be revised or the reset system configuration, and/or, the information of read/write registration table continuous item;
When said security assessment information comprises dangerous software information, said security strategy file comprises the information that reads and delete of said software;
Share information when said security assessment information comprises network, said security strategy file comprises the information that reads and delete that said network is shared.
The application embodiment also discloses a kind of system of LAN safety assessment, and the terminal in the said local area network (LAN) comprises control terminal and user terminal, and described system comprises:
Trigger module is used to trigger the safety detection of user terminal in the local area network (LAN);
Be positioned at the data reporting module of user terminal, be used for that user terminal is carried out the safety detection data that said safety detection obtains and report to control terminal;
Be positioned at the security evaluation module of control terminal, be used for generating the security assessment information of current local area network (LAN) according to the safety detection data that received.
Preferably, described system also comprises:
Be positioned at the policy distribution module of control terminal, be used for issuing security strategy to relevant user terminals according to said security assessment information;
Be positioned at the policy enforcement module of user terminal, be used for carrying out said security strategy in relevant user terminals.
Preferably, the safety detection of user terminal comprises in the said local area network (LAN):
Virus detects, and wooden horse detects, and security breaches detect, and plug-in unit detects, and system rubbish detects, and system configuration detects, and software security detects, and/or network is shared and detected;
Said safety detection data comprise:
Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, the system configuration error message, dangerous software information, and/or network is shared information.
Preferably, said safety detection data also comprise:
Said user terminal is according to said Virus Info, wooden horse information, safety loophole information, malicious plugins information; System rubbish information, system configuration error message, dangerous software information; And/or network is shared information, according to presetting the safe grading parameters that scoring rule generates;
Said security assessment information comprises the network-wide security grading parameters, and, network-wide security information summary sheet, the said security evaluation module that is positioned at control terminal comprises:
Score value is added up submodule, is used to add up the safe grading parameters of each user terminal to send up that is received, and generates the network-wide security grading parameters of current local area network (LAN);
The data organization submodule is used to organize the Virus Info of each user terminal that is received, wooden horse information; Safety loophole information, malicious plugins information, system rubbish information; The system configuration error message, dangerous software information, and/or; Network is shared information, generates the network-wide security information summary sheet of current local area network (LAN).
Preferably, said security assessment information comprises the safe grading parameters of each user terminal, the network-wide security grading parameters, and, network-wide security information summary sheet, the said security evaluation module that is positioned at control terminal comprises:
Score submodule in terminal is used for according to said Virus Info wooden horse information; Safety loophole information, malicious plugins information, system rubbish information; The system configuration error message, dangerous software information, and/or; Network is shared information, according to presetting the safe grading parameters that scoring rule calculates each user terminal;
Score value is added up submodule, is used to add up the safe grading parameters of said user terminal, generates the network-wide security grading parameters of current local area network (LAN);
The data organization submodule is used to organize the Virus Info of said user terminal, wooden horse information; Safety loophole information, malicious plugins information, system rubbish information; The system configuration error message, dangerous software information, and/or; Network is shared information, generates the network-wide security information summary sheet of current local area network (LAN).
Preferably, said security assessment information also comprises the network-wide security rank, and the said security evaluation module that is positioned at control terminal also comprises:
Safe class is confirmed submodule, is used for the network-wide security grading parameters according to current local area network (LAN), confirms the network-wide security rank of current local area network (LAN) according to preset level definition.
Preferably, the said policy distribution module that is positioned at control terminal comprises:
Strategy generates submodule, is used for generating security strategy according to said security assessment information, and said security strategy comprises the sign at relative users terminal, and, the security strategy file;
Strategy sends submodule, is used for said control terminal and sends security strategy extraction notice to user terminal;
The said policy enforcement module that is positioned at user terminal comprises:
Strategy extracts submodule, is used for said user terminal and extracts notice according to said security strategy, downloads the corresponding security strategy file according to user terminal identification from control terminal;
The policy installation submodule is used at said user terminal said security strategy file being installed.
Preferably, when said security assessment information comprised Virus Info, said security strategy file comprised that virus reads, the information that virus deletion and/or virus are isolated;
When said security assessment information comprised wooden horse information, said security strategy file comprised that wooden horse reads, the information that wooden horse deletion and/or wooden horse are isolated;
When said security assessment information comprised safety loophole information, said security strategy file comprised the information that patch is downloaded and installed;
When said security assessment information comprises malicious plugins information, said security strategy file comprises the information that plug-in unit reads and deletes;
When said security assessment information comprises system rubbish information, said security strategy file comprises the information of system rubbish cleaning;
When said security assessment information comprised the system configuration error message, said security strategy file comprises to be revised or the reset system configuration, and/or, the information of read/write registration table continuous item;
When said security assessment information comprises dangerous software information, said security strategy file comprises the information that reads and delete of said software;
Share information when said security assessment information comprises network, said security strategy file comprises the information that reads and delete that said network is shared
Compared with prior art, the application comprises following advantage:
The application is no longer only with viral load and the viral threaten degree sole criterion as the LAN security evaluation; For LAN has been realized safe obviate; Forbid in the thing, the omnibearing protection of killing afterwards, and for the safety detection of LAN; Contain many aspects, like the virus status in the local area network (LAN); Wooden horse situation in the local area network (LAN); Patch situation in the local area network (LAN); Plug-in unit situation in the local area network (LAN); System rubbish situation in the local area network (LAN); Various system configuration situations in the local area network (LAN); Diverse network in the local area network (LAN) is shared situation etc., thereby can obtain security evaluation data accurately, can feed back the safe condition of enterprise network comprehensively, truly.
Moreover; Use the application embodiment; The data to all user terminal to send up of local area network (LAN) of unifying control terminal gather and analyze, and provide the security assessment information of the general safety situation of a reaction local area network (LAN), and the network of relation administrative staff can understand every user terminal safe condition in the local area network (LAN) in real time through the security assessment information that said control terminal provides; And; Said control terminal can also adopt virus killing according to the situation of each user terminal safety, patch installing, and means such as health check-up guarantee that each terminal all is in the best safety state; In addition, can also concentrate to issue unified security strategy, for example regularly health check-up, regularly patch installing, starting up's items of unified management terminal computer etc. have effectively alleviated network management personnel's workload, have promoted user experience.
Description of drawings
Fig. 1 is the flow chart of steps of method embodiment of the application's a kind of LAN safety assessment;
Fig. 2 is the structured flowchart of system embodiment of the application's a kind of LAN safety assessment.
Embodiment
For above-mentioned purpose, the feature and advantage that make the application can be more obviously understandable, the application is done further detailed explanation below in conjunction with accompanying drawing and embodiment.
With reference to Fig. 1, show the flow chart of steps of method embodiment of the application's a kind of LAN safety assessment, the terminal in the said local area network (LAN) comprises control terminal and user terminal, present embodiment specifically can comprise the steps:
The safety detection of user terminal in step 101, the triggering local area network (LAN);
Need to prove; In application embodiment; Said control terminal is meant and is used to control the terminal that other user terminal carries out safety detection in the local area network (LAN), and said user terminal is meant the instruction of response control terminal in the local area network (LAN), the terminal of carrying out data interaction with control terminal.In practical application; Can be at control terminal deployment server proxy module; In user terminal deployment software client and communication module,, realize the controlled function of local area network (LAN) inner control terminal to user terminal with the framework of similar C/S (client/server); And, the control response of user terminal and communication function.
In concrete the realization, said local area network (LAN) can be Intranet, and the operation of the safety detection of user terminal can trigger through following three kinds of modes in the said local area network (LAN):
First kind, according to the setting of the start detection trigger of control terminal, user terminal triggers safety detection automatically when each start;
Second kind, carry out the setting that end trigger detects according to the security strategy of control terminal, user terminal triggers safety detection at every turn after executing security strategy;
The third, the detection instruction that user terminal response control terminal issues triggers safety detection.
Certainly, above-mentioned triggering mode is only as example, and it all is feasible that those skilled in the art adopt any triggering mode according to actual conditions, and the application embodiment does not limit this.
As the concrete example of using of the application embodiment, the safety detection of user terminal can comprise in the said local area network (LAN):
(1) virus detects, and promptly detects the virus status in the active user terminal.
Particularly, virus is meant establishment or the destruction computer function that in computer program, inserts or destroys data, influence computer use and a set of computer instructions or program code that can self-replacation.Virus has characteristics such as parasitics, infectiousness, latency, disguise, destructiveness and ignitionability.
When in detecting the active user terminal, having virus, can obtain the safety detection data about Virus Info, said Virus Info specifically can comprise viral load, Virus Type, viral position, viral attribute or the like.
(2) wooden horse detects, and promptly detects the wooden horse situation in the active user terminal.
Particularly, wooden horse is a kind of duplicity program through camouflage, and it is carried out through self being pretended to attract user's download, thereby destroys or steal user's vital document and data.Wooden horse is with general viral different; It can self-reproduction, does not remove to infect alternative document " painstakingly " yet, and its main effect is to open by kind of the door of person's computer to executing kind of a wooden horse person; The other side can be damaged arbitrarily, steal your file, even remote control user's computer.
When in detecting the active user terminal, having wooden horse, can obtain the safety detection data about wooden horse information, said wooden horse information specifically can comprise wooden horse quantity, wooden horse position or the like.
(3) security breaches detect, and promptly detect the security breaches situation in hardware, system and the software in the active user terminal.
Particularly, leak is the defective that on the concrete realization of hardware, software, agreement or system safety strategy, exists, thereby the assailant can be visited or the destruction system under undelegated situation.It is the not shielded entrance that stays unintentionally of restricted computer, assembly, application program or other online resources.Leak can have influence on soft hardware equipment very on a large scale, comprises system itself and support programs thereof, network client and server software, network router and security firewall etc.
When in detecting the active user terminal, having security breaches; Can obtain the safety detection data about safety loophole information, said safety loophole information specifically can comprise the type of security breaches, the attribute of security breaches, the quantity of security breaches, occurrence positions of security breaches or the like.
(4) plug-in unit detects, and promptly detects the plug-in security situation in the active user terminal.
Particularly, plug-in unit is the program that a kind of application programming interfaces of following certain standard are write out.A lot of softwares all have plug-in unit, and plug-in unit has countless versions.For example in IE, behind the plug-in unit that installation is correlated with, the WEB browser can directly call plug-in card program, is used to handle the file of particular type.Some plug-in card program can help the more convenient browsing internet of user or call the online miscellaneous function; Also there is subprogram it is called and is ad ware (Adware) or spyware (Spyware); This type of malicious plugins sequential monitoring user's internet behavior, and report to the founder of plug-in card program to recorded data, to reach advertisement delivery; Steal recreation or illegal objective such as account No. password, promptly promptly find the malicious plugins in the user terminal for the main purpose of the detection of plug-in security situation.
When in detecting the active user terminal, having malicious plugins; Can obtain the safety detection data about malicious plugins information, said malicious plugins information specifically can comprise the type of malicious plugins, the attribute of malicious plugins, the quantity of malicious plugins, position of malicious plugins or the like.
(5) system rubbish detects, and promptly detects the system rubbish situation in the active user terminal.
Particularly, system rubbish is exactly the no longer general designation of the file of needs of system.Browsed webpage like the user, the program Stub File that uninstalls again after the installation and the key assignments of registration table.These all are the files like water off a duck's back to system, can only increase burden to system, so be referred to as system rubbish.
When in detecting the active user terminal, having system rubbish, can obtain the safety detection data about system rubbish information, said system rubbish information specifically can comprise the type of system rubbish, position of system rubbish or the like.
(6) system configuration detects, and promptly detects the dangerous situation of the system configuration in the active user terminal.
When there is dangerous configuration in the system in detecting the active user terminal; Be provided with when low like the safe class of current operation system; Can obtain the safety detection data about the system configuration error message, said system configuration error message specifically can comprise situation of the dangerous setting of system configuration or the like.
(7) software security detects, and promptly detects institute's installed software safe condition in the active user terminal.
When there is the software of the safety danger side of body in the system in detecting the active user terminal; As the software etc. of going fishing; Can obtain the safety detection data about dangerous software information, said dangerous software information specifically can comprise dbase, software danger side of body type, software positional information or the like.
(8) network is shared and is detected, and promptly detects the situation that network is shared in the active user terminal.
Network is shared and is meant the resource on the network, comprises hardware and software, the characteristic that any network user of mandate can use.In detecting the active user terminal, there is a network shareware; During network shared device etc.; Can obtain the safety detection data of the information of sharing about network, the shared information of said network specifically can comprise software type that the shared dbase of network, network sharing equipment title, network are shared or the like.
Certainly; The method of above-mentioned safety detection and the safety detection data that obtained are all only as example; Those skilled in the art adopt other safety detection method according to actual conditions, and it all is feasible obtaining other various required safety detection data, and the application embodiment does not limit this.
In concrete the realization, the safety detection data that user terminal will pass through the correspondence of safety detection acquisition report to control terminal through its inner communication module of disposing.
In a kind of preferred embodiment of the application, said user terminal can also be according to said Virus Info, wooden horse information; Safety loophole information, malicious plugins information, system rubbish information; The system configuration error message, dangerous software information, and/or; Network is shared information, according to presetting the safe grading parameters that scoring rule calculates the active user terminal; That is to say that in the present embodiment, said safety detection data also comprise the safe grading parameters at active user terminal.
For example, the scoring rule that presets does, it is 100 minutes that full marks are set, and above-mentioned arbitrary dangerous project information occurs and then detains 10 fens, if current detection goes out two dangerous projects, then safe grading parameters is 80 minutes.
In this case, said step 103 specifically can comprise following substep:
Substep S11, said control terminal are added up the safe grading parameters of each user terminal to send up that is received, and generate the network-wide security grading parameters of current local area network (LAN);
For example, said control terminal is averaged, with the network-wide security grading parameters of this mean value as current local area network (LAN) after the safe grading parameters of each user terminal to send up of being received is sued for peace then.
The Virus Info of each user terminal that substep S12, said control terminal tissue are received, wooden horse information, safety loophole information; Malicious plugins information, system rubbish information, system configuration error message; Dangerous software information; And/or network is shared information, generates the network-wide security information summary sheet of current local area network (LAN).
In the present embodiment, control terminal adopts the network-wide security grading parameters, and network-wide security information summary sheet is as the sign of current LAN safety appreciation information.
In the application's another kind of preferred embodiment, the safe grading parameters of said each user terminal also can be unifiedly calculated by control terminal, and promptly said step 103 can comprise following substep:
Substep S21, said control terminal be according to said Virus Info, wooden horse information, safety loophole information; Malicious plugins information, system rubbish information, system configuration error message; Dangerous software information; And/or network is shared information, according to presetting the safe grading parameters that scoring rule calculates each user terminal;
Substep S22, said control terminal are added up the safe grading parameters of said user terminal, generate the network-wide security grading parameters of current local area network (LAN);
Substep S23, said control terminal are organized the Virus Info of said user terminal, wooden horse information, safety loophole information; Malicious plugins information, system rubbish information, system configuration error message; Dangerous software information; And/or network is shared information, generates the network-wide security information summary sheet of current local area network (LAN).
In the present embodiment, control terminal adopts the safe grading parameters of each user terminal, the network-wide security grading parameters, and network-wide security information summary sheet is as the sign of current LAN safety appreciation information.
Those skilled in the art also can adopt the security assessment information of other form; For example; Press fixed form according to the safety detection data and generate the network-wide security assessment report; How many safe grading parameters that in said network-wide security assessment report, specifies current local area network (LAN) is, which potential safety hazard each user terminal exists, and provides corresponding suggestion for operation.
In concrete the realization, can also divide level of security to the safe condition of current local area network (LAN).Promptly more preferably, said security assessment information can also comprise the network-wide security rank, and in this case, said step 103 can also comprise following substep:
Substep 30, said control terminal are confirmed the network-wide security rank of current local area network (LAN) according to the network-wide security grading parameters of current local area network (LAN) according to preset level definition.
For example, preset level definition is:
More than 90 minutes: healthy network;
60 to 90 minutes: the inferior health network;
Below 60 minutes: unhealthy network.
If calculating the network-wide security grading parameters that obtains current local area network (LAN) is 95 minutes, confirm that then its network-wide security rank is healthy network; If calculating the network-wide security grading parameters that obtains current local area network (LAN) is 80 minutes, confirm that then its network-wide security rank is the inferior health network; If calculating the network-wide security grading parameters that obtains current local area network (LAN) is 55 minutes, confirm that then its network-wide security rank is unhealthy network.
In the application's preferred embodiment; Said control terminal can also adopt shows said security assessment information; And, said security assessment information is write the mode in the daily record, said security assessment information is notified to the network of relation administrative staff; The network management personnel sooner, better, more fully finds the problem in the local area network (LAN) with help, and in time addresses these problems.
In concrete the application; The network of relation administrative staff can confirm security strategy according to said security assessment information; Also can generate security strategy automatically according to said security assessment information by control terminal; Be issued to relevant user terminals then, carry out corresponding security strategy, to remove security risk by each user terminal.
In a kind of preferred embodiment of the application, can also comprise the steps:
Security strategy is meant in certain safety zone (safety zone typically refers to a series of processing and the communication resource that belong to certain tissue), is used for the set of rule of all security-related activities.
As the concrete a kind of example used of present embodiment, said step 104 specifically can comprise following substep:
Substep S41, said control terminal generate security strategy according to said security assessment information, and said security strategy comprises the sign at relative users terminal, and, the security strategy file;
Substep S42, said control terminal send security strategy to user terminal and extract notice;
Substep S43, said user terminal extract notice according to said security strategy, download the corresponding security strategy file according to user terminal identification from control terminal;
Substep S44, said user terminal are installed said security strategy file.
For example, comprise the Virus Info of the 2nd user terminal in the current safety appreciation information, the wooden horse information of the 5th user terminal; And; The safety loophole information of the 8th user terminal comprises so control terminal generates corresponding security strategy: to the security strategy file of the checking and killing virus of the 2nd user terminal, to the security strategy file of the wooden horse killing of the 5th user terminal; And, the security strategy file of installing to the patch of the 8th user terminal.The communication module of each user terminal is gone to control terminal; The user terminal identification that contrast is write down in the security strategy is downloaded the corresponding security strategy file, and promptly the 2nd user terminal downloads is to the security strategy file of checking and killing virus; The 5th user terminal downloads arrives the security strategy file of wooden horse killing; The 8th the security strategy file that user terminal downloads is installed to patch, above-mentioned then each user terminal is carried out the corresponding security strategy file respectively, to remove dangerous project.
More specifically, when said security assessment information comprised Virus Info, said security strategy file can comprise that virus reads, the information that virus deletion and/or virus are isolated;
When said security assessment information comprised wooden horse information, said security strategy file can comprise that wooden horse reads, the information that wooden horse deletion and/or wooden horse are isolated;
When said security assessment information comprised safety loophole information, said security strategy file can comprise the information that patch is downloaded and installed;
When said security assessment information comprises malicious plugins information, said security strategy file can comprise the information that plug-in unit reads and deletes;
When said security assessment information comprises system rubbish information, said security strategy file can comprise the information of system rubbish cleaning;
When said security assessment information comprised the system configuration error message, said security strategy file can comprise to be revised or the reset system configuration, and/or, the information of read/write registration table continuous item;
When said security assessment information comprises dangerous software information, said security strategy file can comprise the information that reads and delete of said software;
Share information when said security assessment information comprises network, said security strategy file can comprise the information that reads and delete that said network is shared.
In concrete the realization; Said control terminal can also be in local area network (LAN) each user terminal concentrate and issue unified security strategy; For example regularly health check-up, regularly patch installing, starting up's item of unified management terminal computer etc.; Effectively to alleviate network management personnel's workload, promoted user experience.
Need to prove; For aforesaid method embodiment, for simple description, so it all is expressed as a series of combination of actions; But those skilled in the art should know; The application does not receive the restriction of described sequence of movement, because according to the application, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, the embodiment described in the specification all belongs to preferred embodiment, and related action and module might not be that the application is necessary.
With reference to Fig. 2, show the structured flowchart of system embodiment of the application's a kind of LAN safety assessment, the terminal in the said local area network (LAN) comprises control terminal and user terminal, present embodiment specifically can comprise with lower module:
Be positioned at the data reporting module 202 of user terminal, be used for that user terminal is carried out the safety detection data that said safety detection obtains and report to control terminal;
Be positioned at the security evaluation module 203 of control terminal, be used for generating the security assessment information of current local area network (LAN) according to the safety detection data that received.
In concrete the realization, the safety detection of the interior user terminal of said local area network (LAN) can comprise: virus detects, and wooden horse detects, and security breaches detect, the plug-in unit detection, and system rubbish detects, and system configuration detects, and software security detects, and/or network is shared detection etc.; In this case, said safety detection data can comprise: Virus Info, and wooden horse information, safety loophole information, malicious plugins information, system rubbish information, the system configuration error message, dangerous software information, and/or network is shared information etc.
In a kind of preferred embodiment of the application, said safety detection data can also comprise:
Said user terminal is according to said Virus Info, wooden horse information, safety loophole information, malicious plugins information; System rubbish information, system configuration error message, dangerous software information; And/or network is shared information, according to presetting the safe grading parameters that scoring rule generates;
Said security assessment information comprises the network-wide security grading parameters, and, network-wide security information summary sheet, in the present embodiment, the said security evaluation module 203 that is positioned at control terminal can comprise following submodule:
Score value is added up submodule, is used to add up the safe grading parameters of each user terminal to send up that is received, and generates the network-wide security grading parameters of current local area network (LAN);
The data organization submodule is used to organize the Virus Info of each user terminal that is received, wooden horse information; Safety loophole information, malicious plugins information, system rubbish information; The system configuration error message, dangerous software information, and/or; Network is shared information, generates the network-wide security information summary sheet of current local area network (LAN).
In a kind of preferred embodiment of the application; Said security assessment information can comprise the safe grading parameters of each user terminal; The network-wide security grading parameters, and, network-wide security information summary sheet; In this case, the said security evaluation module 203 that is positioned at control terminal can comprise following submodule:
Score submodule in terminal is used for according to said Virus Info wooden horse information; Safety loophole information, malicious plugins information, system rubbish information; The system configuration error message, dangerous software information, and/or; Network is shared information, according to presetting the safe grading parameters that scoring rule calculates each user terminal;
Score value is added up submodule, is used to add up the safe grading parameters of said user terminal, generates the network-wide security grading parameters of current local area network (LAN);
The data organization submodule is used to organize the Virus Info of said user terminal, wooden horse information; Safety loophole information, malicious plugins information, system rubbish information; The system configuration error message, dangerous software information, and/or; Network is shared information, generates the network-wide security information summary sheet of current local area network (LAN).
More preferably, said security assessment information can also comprise the network-wide security rank, and the said security evaluation module that is positioned at control terminal can also comprise following submodule:
Safe class is confirmed submodule, is used for the network-wide security grading parameters according to current local area network (LAN), confirms the network-wide security rank of current local area network (LAN) according to preset level definition.
In concrete the realization, the application embodiment can also comprise like lower module:
Be positioned at the display module of control terminal, be used for showing said security assessment information at control terminal;
And/or,
Be positioned at the logger module of control terminal, be used for said security assessment information is write the daily record of control terminal.
In a kind of preferred embodiment of the application, described system can also comprise like lower module:
Be positioned at the policy distribution module 204 of control terminal, be used for issuing security strategy to relevant user terminals according to said security assessment information;
Be positioned at the policy enforcement module 205 of user terminal, be used for carrying out said security strategy in relevant user terminals.
As the concrete a kind of example used of the application embodiment, the said policy distribution module 204 that is positioned at control terminal can comprise following submodule:
Strategy generates submodule, is used for generating security strategy according to said security assessment information, and said security strategy comprises the sign at relative users terminal, and, the security strategy file;
Strategy sends submodule, is used for said control terminal and sends security strategy extraction notice to user terminal;
The said policy enforcement module 205 that is positioned at user terminal can comprise following submodule:
Strategy extracts submodule, is used for said user terminal and extracts notice according to said security strategy, downloads the corresponding security strategy file according to user terminal identification from control terminal;
The policy installation submodule is used at said user terminal said security strategy file being installed.
In concrete the realization, when said security assessment information comprised Virus Info, said security strategy file can comprise that virus reads, the information that virus deletion and/or virus are isolated;
When said security assessment information comprised wooden horse information, said security strategy file can comprise that wooden horse reads, the information that wooden horse deletion and/or wooden horse are isolated;
When said security assessment information comprised safety loophole information, said security strategy file can comprise the information that patch is downloaded and installed;
When said security assessment information comprises malicious plugins information, said security strategy file can comprise the information that plug-in unit reads and deletes;
When said security assessment information comprises system rubbish information, said security strategy file can comprise the information of system rubbish cleaning;
When said security assessment information comprised the system configuration error message, said security strategy file can comprise to be revised or the reset system configuration, and/or, the information of read/write registration table continuous item;
When said security assessment information comprises dangerous software information, said security strategy file can comprise the information that reads and delete of said software;
Share information when said security assessment information comprises network, said security strategy file can comprise the information that reads and delete that said network is shared.
For system embodiment, because it is similar basically with method embodiment, so description is fairly simple, relevant part gets final product referring to the part explanation of method embodiment.
The application can be used in numerous general or special purpose computingasystem environment or the configuration.For example: personal computer, server computer, handheld device or portable set, plate equipment, multicomputer system, the system based on microprocessor, set top box, programmable consumer-elcetronics devices, network PC, minicom, mainframe computer, comprise DCE of above any system or equipment or the like.
The application can describe in the general context of the computer executable instructions of being carried out by computer, for example program module.Usually, program module comprises the routine carrying out particular task or realize particular abstract, program, object, assembly, data structure or the like.Also can in DCE, put into practice the application, in these DCEs, by through communication network connected teleprocessing equipment execute the task.In DCE, program module can be arranged in this locality and the remote computer storage medium that comprises memory device.
More than method and the system of a kind of LAN safety assessment of a kind of LAN safety assessment to the application provided; Carried out detailed introduction; Used concrete example among this paper the application's principle and execution mode are set forth, the explanation of above embodiment just is used to help to understand the application's method and core concept thereof; Simultaneously, for one of ordinary skill in the art, according to the application's thought, the part that on embodiment and range of application, all can change, in sum, this description should not be construed as the restriction to the application.
Claims (18)
1. the method for a LAN safety assessment is characterized in that, the terminal in the said local area network (LAN) comprises control terminal and user terminal, and described method comprises:
Trigger the safety detection of user terminal in the local area network (LAN);
The safety detection data that said user terminal is corresponding with it report to control terminal;
Said control terminal generates the security assessment information of current local area network (LAN) according to the safety detection data that received.
2. the method for claim 1 is characterized in that, also comprises:
Said control terminal issues security strategy according to said security assessment information to relevant user terminals, carries out said security strategy by corresponding user terminal.
3. according to claim 1 or claim 2 method is characterized in that, the safety detection of user terminal comprises in the said local area network (LAN):
Virus detects, and wooden horse detects, and security breaches detect, and plug-in unit detects, and system rubbish detects, and system configuration detects, and software security detects, and/or network is shared and detected;
Said safety detection data comprise:
Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, the system configuration error message, dangerous software information, and/or network is shared information.
4. method as claimed in claim 3 is characterized in that, said safety detection data also comprise:
Said user terminal is according to said Virus Info, wooden horse information, safety loophole information, malicious plugins information; System rubbish information, system configuration error message, dangerous software information; And/or network is shared information, according to presetting the safe grading parameters that scoring rule generates;
Said security assessment information comprises the network-wide security grading parameters, and, network-wide security information summary sheet, said control terminal comprises according to the step that the safety detection data that received generate the security assessment information of current local area network (LAN):
Said control terminal is added up the safe grading parameters of each user terminal to send up that is received, and generates the network-wide security grading parameters of current local area network (LAN);
The Virus Info of each user terminal that said control terminal tissue is received, wooden horse information, safety loophole information; Malicious plugins information, system rubbish information, system configuration error message; Dangerous software information; And/or network is shared information, generates the network-wide security information summary sheet of current local area network (LAN).
5. method as claimed in claim 3; It is characterized in that; Said security assessment information comprises the safe grading parameters of each user terminal, the network-wide security grading parameters, and; Network-wide security information summary sheet, said control terminal comprises according to the step that the safety detection data that received generate the security assessment information of current local area network (LAN):
Said control terminal is according to said Virus Info, wooden horse information, safety loophole information, malicious plugins information; System rubbish information, system configuration error message, dangerous software information; And/or network is shared information, according to presetting the safe grading parameters that scoring rule calculates each user terminal;
Said control terminal is added up the safe grading parameters of said user terminal, generates the network-wide security grading parameters of current local area network (LAN);
Said control terminal is organized the Virus Info of said user terminal, wooden horse information, safety loophole information, malicious plugins information; System rubbish information, system configuration error message, dangerous software information; And/or network is shared information, generates the network-wide security information summary sheet of current local area network (LAN).
6. like claim 4 or 5 described methods, it is characterized in that said security assessment information also comprises the network-wide security rank, said control terminal also comprises according to the step that the safety detection data that received generate the security assessment information of current local area network (LAN):
Said control terminal is confirmed the network-wide security rank of current local area network (LAN) according to the network-wide security grading parameters of current local area network (LAN) according to preset level definition.
7. method as claimed in claim 6 is characterized in that, also comprises:
Control terminal is showed said security assessment information.
8. method as claimed in claim 7 is characterized in that, also comprises:
Control terminal writes said security assessment information in the daily record.
9. method as claimed in claim 2 is characterized in that said control terminal issues security strategy according to said security assessment information to relevant user terminals, and the step of being carried out said security strategy by corresponding user terminal comprises:
Said control terminal generates security strategy according to said security assessment information, and said security strategy comprises the sign at relative users terminal, and, the security strategy file;
Said control terminal sends security strategy to user terminal and extracts notice;
Said user terminal extracts notice according to said security strategy, downloads the corresponding security strategy file according to user terminal identification from control terminal;
Said user terminal is installed said security strategy file.
10. method as claimed in claim 9 is characterized in that, when said security assessment information comprised Virus Info, said security strategy file comprised that virus reads, the information that virus deletion and/or virus are isolated;
When said security assessment information comprised wooden horse information, said security strategy file comprised that wooden horse reads, the information that wooden horse deletion and/or wooden horse are isolated;
When said security assessment information comprised safety loophole information, said security strategy file comprised the information that patch is downloaded and installed;
When said security assessment information comprises malicious plugins information, said security strategy file comprises the information that plug-in unit reads and deletes;
When said security assessment information comprises system rubbish information, said security strategy file comprises the information of system rubbish cleaning;
When said security assessment information comprised the system configuration error message, said security strategy file comprises to be revised or the reset system configuration, and/or, the information of read/write registration table continuous item;
When said security assessment information comprises dangerous software information, said security strategy file comprises the information that reads and delete of said software;
Share information when said security assessment information comprises network, said security strategy file comprises the information that reads and delete that said network is shared.
11. the system of a LAN safety assessment is characterized in that the terminal in the said local area network (LAN) comprises control terminal and user terminal, described system comprises:
Trigger module is used to trigger the safety detection of user terminal in the local area network (LAN);
Be positioned at the data reporting module of user terminal, be used for that user terminal is carried out the safety detection data that said safety detection obtains and report to control terminal;
Be positioned at the security evaluation module of control terminal, be used for generating the security assessment information of current local area network (LAN) according to the safety detection data that received.
12. system as claimed in claim 11 is characterized in that, also comprises:
Be positioned at the policy distribution module of control terminal, be used for issuing security strategy to relevant user terminals according to said security assessment information;
Be positioned at the policy enforcement module of user terminal, be used for carrying out said security strategy in relevant user terminals.
13., it is characterized in that the safety detection of user terminal comprises in the said local area network (LAN) like claim 11 or 12 described systems:
Virus detects, and wooden horse detects, and security breaches detect, and plug-in unit detects, and system rubbish detects, and system configuration detects, and software security detects, and/or network is shared and detected;
Said safety detection data comprise:
Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, the system configuration error message, dangerous software information, and/or network is shared information.
14. system as claimed in claim 13 is characterized in that, said safety detection data also comprise:
Said user terminal is according to said Virus Info, wooden horse information, safety loophole information, malicious plugins information; System rubbish information, system configuration error message, dangerous software information; And/or network is shared information, according to presetting the safe grading parameters that scoring rule generates;
Said security assessment information comprises the network-wide security grading parameters, and, network-wide security information summary sheet, the said security evaluation module that is positioned at control terminal comprises:
Score value is added up submodule, is used to add up the safe grading parameters of each user terminal to send up that is received, and generates the network-wide security grading parameters of current local area network (LAN);
The data organization submodule is used to organize the Virus Info of each user terminal that is received, wooden horse information; Safety loophole information, malicious plugins information, system rubbish information; The system configuration error message, dangerous software information, and/or; Network is shared information, generates the network-wide security information summary sheet of current local area network (LAN).
15. system as claimed in claim 13 is characterized in that, said security assessment information comprises the safe grading parameters of each user terminal, the network-wide security grading parameters, and, network-wide security information summary sheet, the said security evaluation module that is positioned at control terminal comprises:
Score submodule in terminal is used for according to said Virus Info wooden horse information; Safety loophole information, malicious plugins information, system rubbish information; The system configuration error message, dangerous software information, and/or; Network is shared information, according to presetting the safe grading parameters that scoring rule calculates each user terminal;
Score value is added up submodule, is used to add up the safe grading parameters of said user terminal, generates the network-wide security grading parameters of current local area network (LAN);
The data organization submodule is used to organize the Virus Info of said user terminal, wooden horse information; Safety loophole information, malicious plugins information, system rubbish information; The system configuration error message, dangerous software information, and/or; Network is shared information, generates the network-wide security information summary sheet of current local area network (LAN).
16. like claim 14 or 15 described systems, it is characterized in that said security assessment information also comprises the network-wide security rank, the said security evaluation module that is positioned at control terminal also comprises:
Safe class is confirmed submodule, is used for the network-wide security grading parameters according to current local area network (LAN), confirms the network-wide security rank of current local area network (LAN) according to preset level definition.
17. system as claimed in claim 12 is characterized in that, the said policy distribution module that is positioned at control terminal comprises:
Strategy generates submodule, is used for generating security strategy according to said security assessment information, and said security strategy comprises the sign at relative users terminal, and, the security strategy file;
Strategy sends submodule, is used for said control terminal and sends security strategy extraction notice to user terminal;
The said policy enforcement module that is positioned at user terminal comprises:
Strategy extracts submodule, is used for said user terminal and extracts notice according to said security strategy, downloads the corresponding security strategy file according to user terminal identification from control terminal;
The policy installation submodule is used at said user terminal said security strategy file being installed.
18. system as claimed in claim 17 is characterized in that, when said security assessment information comprised Virus Info, said security strategy file comprised that virus reads, the information that virus deletion and/or virus are isolated;
When said security assessment information comprised wooden horse information, said security strategy file comprised that wooden horse reads, the information that wooden horse deletion and/or wooden horse are isolated;
When said security assessment information comprised safety loophole information, said security strategy file comprised the information that patch is downloaded and installed;
When said security assessment information comprises malicious plugins information, said security strategy file comprises the information that plug-in unit reads and deletes;
When said security assessment information comprises system rubbish information, said security strategy file comprises the information of system rubbish cleaning;
When said security assessment information comprised the system configuration error message, said security strategy file comprises to be revised or the reset system configuration, and/or, the information of read/write registration table continuous item;
When said security assessment information comprises dangerous software information, said security strategy file comprises the information that reads and delete of said software;
Share information when said security assessment information comprises network, said security strategy file comprises the information that reads and delete that said network is shared.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110369637.4A CN102413011B (en) | 2011-11-18 | 2011-11-18 | A kind of method and system of LAN safety assessment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110369637.4A CN102413011B (en) | 2011-11-18 | 2011-11-18 | A kind of method and system of LAN safety assessment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102413011A true CN102413011A (en) | 2012-04-11 |
| CN102413011B CN102413011B (en) | 2015-09-30 |
Family
ID=45914873
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110369637.4A Active CN102413011B (en) | 2011-11-18 | 2011-11-18 | A kind of method and system of LAN safety assessment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102413011B (en) |
Cited By (30)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102904780A (en) * | 2012-10-29 | 2013-01-30 | 苏州山石网络有限公司 | Method and device for detecting network health degree |
| CN102945340A (en) * | 2012-10-23 | 2013-02-27 | 北京神州绿盟信息安全科技股份有限公司 | Information object detection method and system |
| CN103152218A (en) * | 2013-01-30 | 2013-06-12 | 北京奇虎科技有限公司 | Method and device for inspecting and restoring computer network state |
| CN103347005A (en) * | 2013-06-19 | 2013-10-09 | 北京奇虎科技有限公司 | Data report control method, client end device and server device |
| CN103368965A (en) * | 2013-07-18 | 2013-10-23 | 北京随方信息技术有限公司 | Working method for mapping network safety norms to attribution requirements corresponding to network |
| CN104008038A (en) * | 2014-05-08 | 2014-08-27 | 百度在线网络技术(北京)有限公司 | Method and device for detecting and evaluating software |
| CN104077532A (en) * | 2014-06-20 | 2014-10-01 | 中标软件有限公司 | Linux virtualization platform safety detection method and system |
| CN104182690A (en) * | 2014-03-04 | 2014-12-03 | 无锡天脉聚源传媒科技有限公司 | Method and device for monitoring safety state |
| CN104268475A (en) * | 2014-09-30 | 2015-01-07 | 北京奇虎科技有限公司 | Application running system |
| CN104268476A (en) * | 2014-09-30 | 2015-01-07 | 北京奇虎科技有限公司 | Application running method |
| CN104486764A (en) * | 2014-12-03 | 2015-04-01 | 北京奇虎科技有限公司 | Wireless network detection method, server and wireless network sensor |
| CN104579769A (en) * | 2014-12-30 | 2015-04-29 | 北京奇虎科技有限公司 | Method, device and system of terminal management |
| CN104978257A (en) * | 2015-07-17 | 2015-10-14 | 北京奇虎科技有限公司 | Computer device elastic scoring method and computer device elastic scoring device |
| CN105262777A (en) * | 2015-11-13 | 2016-01-20 | 北京奇虎科技有限公司 | Local area network (LAN)-based security detection method and device |
| CN105554026A (en) * | 2016-01-12 | 2016-05-04 | 中北大学 | Electronic record information security management system |
| CN105721407A (en) * | 2014-12-05 | 2016-06-29 | 北京神州泰岳信息安全技术有限公司 | Method and device for business system security evaluation |
| CN106330851A (en) * | 2015-07-10 | 2017-01-11 | 腾讯科技(深圳)有限公司 | Mobile terminal security information obtaining method and device and mobile terminal security information issuing method and device based on cloud service |
| CN106856478A (en) * | 2016-12-29 | 2017-06-16 | 北京奇虎科技有限公司 | A kind of safety detection method and device based on LAN |
| CN107169357A (en) * | 2017-05-12 | 2017-09-15 | 北京金山安全管理系统技术有限公司 | Early warning display processing method, device, storage medium and processor |
| CN107193600A (en) * | 2017-05-24 | 2017-09-22 | 深信服科技股份有限公司 | A kind of patch management method, the first equipment, the first plug-in unit, system and fire wall |
| CN107623916A (en) * | 2017-09-07 | 2018-01-23 | 上海掌门科技有限公司 | A kind of method and apparatus for carrying out WiFi network security monitoring |
| CN107770125A (en) * | 2016-08-16 | 2018-03-06 | 深圳市深信服电子科技有限公司 | A kind of network security emergency response method and emergency response platform |
| CN107809321A (en) * | 2016-09-08 | 2018-03-16 | 南京联成科技发展股份有限公司 | A kind of security risk assessment and the implementation method of alarm generation |
| CN108112016A (en) * | 2016-11-24 | 2018-06-01 | 腾讯科技(深圳)有限公司 | Wireless LAN safety appraisal procedure and device |
| CN109511129A (en) * | 2017-09-15 | 2019-03-22 | 中国移动通信集团广东有限公司 | A kind of wireless network secure detection method and device |
| CN111770076A (en) * | 2020-06-24 | 2020-10-13 | 国网福建省电力有限公司 | Self-detection network security system and working method thereof |
| CN111885191A (en) * | 2020-07-30 | 2020-11-03 | 西安电子科技大学 | Computer network communication system |
| CN112417459A (en) * | 2020-11-19 | 2021-02-26 | 上海浦东发展银行股份有限公司 | Large-scale terminal equipment safety assessment method and system and computer equipment |
| CN115374445A (en) * | 2022-03-31 | 2022-11-22 | 国家计算机网络与信息安全管理中心 | Terminal system security assessment method, device and system based on cross-network scene |
| CN115567301A (en) * | 2022-09-28 | 2023-01-03 | 宋舒涵 | Information security authentication transmission method and system based on local area network |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1694454A (en) * | 2005-05-10 | 2005-11-09 | 西安交通大学 | Active network safety loophole detector |
| CN1874219A (en) * | 2006-04-06 | 2006-12-06 | 华为技术有限公司 | Method for updating security related information in associated response system |
| CN101127633A (en) * | 2006-08-15 | 2008-02-20 | 华为技术有限公司 | A method and system for secure control of mobile station |
| CN101459652A (en) * | 2007-12-13 | 2009-06-17 | 中芯国际集成电路制造(上海)有限公司 | Anti-virus method and system for LAN |
| CN101562609A (en) * | 2009-05-27 | 2009-10-21 | 西北大学 | VPN network security loophole detection and global admittance controlling system |
| CN101894230A (en) * | 2010-07-14 | 2010-11-24 | 国网电力科学研究院 | Static and dynamic analysis technology-based host system security evaluation method |
| CN101950338A (en) * | 2010-09-14 | 2011-01-19 | 中国科学院研究生院 | Bug repair method based on hierarchical bug threat assessment |
| CN102035803A (en) * | 2009-09-29 | 2011-04-27 | 上海艾融信息科技有限公司 | Method, system and device for adjusting application security strategy |
| CN102082659A (en) * | 2009-12-01 | 2011-06-01 | 厦门市美亚柏科信息股份有限公司 | Vulnerability scanning system oriented to safety assessment and processing method thereof |
| US20110185166A1 (en) * | 2010-01-28 | 2011-07-28 | Microsoft Corporation | Slider Control for Security Grouping and Enforcement |
| CN102158480A (en) * | 2011-03-04 | 2011-08-17 | 北京星网锐捷网络技术有限公司 | Method, system and device for controlling system service recovery |
| CN102170431A (en) * | 2011-03-25 | 2011-08-31 | 中国电子科技集团公司第三十研究所 | Host risk evaluation method and device |
-
2011
- 2011-11-18 CN CN201110369637.4A patent/CN102413011B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1694454A (en) * | 2005-05-10 | 2005-11-09 | 西安交通大学 | Active network safety loophole detector |
| CN1874219A (en) * | 2006-04-06 | 2006-12-06 | 华为技术有限公司 | Method for updating security related information in associated response system |
| CN101127633A (en) * | 2006-08-15 | 2008-02-20 | 华为技术有限公司 | A method and system for secure control of mobile station |
| CN101459652A (en) * | 2007-12-13 | 2009-06-17 | 中芯国际集成电路制造(上海)有限公司 | Anti-virus method and system for LAN |
| CN101562609A (en) * | 2009-05-27 | 2009-10-21 | 西北大学 | VPN network security loophole detection and global admittance controlling system |
| CN102035803A (en) * | 2009-09-29 | 2011-04-27 | 上海艾融信息科技有限公司 | Method, system and device for adjusting application security strategy |
| CN102082659A (en) * | 2009-12-01 | 2011-06-01 | 厦门市美亚柏科信息股份有限公司 | Vulnerability scanning system oriented to safety assessment and processing method thereof |
| US20110185166A1 (en) * | 2010-01-28 | 2011-07-28 | Microsoft Corporation | Slider Control for Security Grouping and Enforcement |
| CN101894230A (en) * | 2010-07-14 | 2010-11-24 | 国网电力科学研究院 | Static and dynamic analysis technology-based host system security evaluation method |
| CN101950338A (en) * | 2010-09-14 | 2011-01-19 | 中国科学院研究生院 | Bug repair method based on hierarchical bug threat assessment |
| CN102158480A (en) * | 2011-03-04 | 2011-08-17 | 北京星网锐捷网络技术有限公司 | Method, system and device for controlling system service recovery |
| CN102170431A (en) * | 2011-03-25 | 2011-08-31 | 中国电子科技集团公司第三十研究所 | Host risk evaluation method and device |
Non-Patent Citations (2)
| Title |
|---|
| 毛欣欣 等: "《一种基于CVSS的网络脆弱性评估系统》", 《电子技术》 * |
| 范强 等: "《局域网内电脑设备安全设置和安全加固》", 《信息安全与通信保密》 * |
Cited By (47)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102945340A (en) * | 2012-10-23 | 2013-02-27 | 北京神州绿盟信息安全科技股份有限公司 | Information object detection method and system |
| CN102945340B (en) * | 2012-10-23 | 2016-04-20 | 北京神州绿盟信息安全科技股份有限公司 | information object detection method and system |
| CN102904780B (en) * | 2012-10-29 | 2015-12-16 | 山石网科通信技术有限公司 | The method of Sampling network health degree and device |
| CN102904780A (en) * | 2012-10-29 | 2013-01-30 | 苏州山石网络有限公司 | Method and device for detecting network health degree |
| CN103152218A (en) * | 2013-01-30 | 2013-06-12 | 北京奇虎科技有限公司 | Method and device for inspecting and restoring computer network state |
| CN103347005A (en) * | 2013-06-19 | 2013-10-09 | 北京奇虎科技有限公司 | Data report control method, client end device and server device |
| CN103347005B (en) * | 2013-06-19 | 2016-08-10 | 北京奇虎科技有限公司 | A kind of control method that data report and client device and server apparatus |
| CN103368965A (en) * | 2013-07-18 | 2013-10-23 | 北京随方信息技术有限公司 | Working method for mapping network safety norms to attribution requirements corresponding to network |
| CN104182690B (en) * | 2014-03-04 | 2017-04-12 | 无锡天脉聚源传媒科技有限公司 | Method and device for monitoring safety state |
| CN104182690A (en) * | 2014-03-04 | 2014-12-03 | 无锡天脉聚源传媒科技有限公司 | Method and device for monitoring safety state |
| CN104008038A (en) * | 2014-05-08 | 2014-08-27 | 百度在线网络技术(北京)有限公司 | Method and device for detecting and evaluating software |
| CN104008038B (en) * | 2014-05-08 | 2017-06-20 | 百度在线网络技术(北京)有限公司 | The evaluating method and device of software |
| CN104077532B (en) * | 2014-06-20 | 2017-08-25 | 中标软件有限公司 | A kind of Linux virtual platforms safety detection method and system |
| CN104077532A (en) * | 2014-06-20 | 2014-10-01 | 中标软件有限公司 | Linux virtualization platform safety detection method and system |
| CN104268476A (en) * | 2014-09-30 | 2015-01-07 | 北京奇虎科技有限公司 | Application running method |
| CN104268475A (en) * | 2014-09-30 | 2015-01-07 | 北京奇虎科技有限公司 | Application running system |
| CN104268475B (en) * | 2014-09-30 | 2017-06-20 | 北京奇虎科技有限公司 | A kind of system for running application program |
| CN104268476B (en) * | 2014-09-30 | 2017-06-23 | 北京奇虎科技有限公司 | A kind of method for running application program |
| CN104486764A (en) * | 2014-12-03 | 2015-04-01 | 北京奇虎科技有限公司 | Wireless network detection method, server and wireless network sensor |
| CN105721407A (en) * | 2014-12-05 | 2016-06-29 | 北京神州泰岳信息安全技术有限公司 | Method and device for business system security evaluation |
| CN104579769A (en) * | 2014-12-30 | 2015-04-29 | 北京奇虎科技有限公司 | Method, device and system of terminal management |
| US10554673B2 (en) | 2015-07-10 | 2020-02-04 | Tencent Technology (Shenzhen) Company Limited | Methods and apparatuses for obtaining and delivering mobile terminal security information based on a cloud service |
| CN106330851A (en) * | 2015-07-10 | 2017-01-11 | 腾讯科技(深圳)有限公司 | Mobile terminal security information obtaining method and device and mobile terminal security information issuing method and device based on cloud service |
| CN104978257B (en) * | 2015-07-17 | 2018-06-12 | 北京奇安信科技有限公司 | Computing device elasticity methods of marking and device |
| CN104978257A (en) * | 2015-07-17 | 2015-10-14 | 北京奇虎科技有限公司 | Computer device elastic scoring method and computer device elastic scoring device |
| WO2017080424A1 (en) * | 2015-11-13 | 2017-05-18 | 北京奇虎科技有限公司 | Security detection method and apparatus based on local area network |
| CN105262777A (en) * | 2015-11-13 | 2016-01-20 | 北京奇虎科技有限公司 | Local area network (LAN)-based security detection method and device |
| CN105554026A (en) * | 2016-01-12 | 2016-05-04 | 中北大学 | Electronic record information security management system |
| CN107770125A (en) * | 2016-08-16 | 2018-03-06 | 深圳市深信服电子科技有限公司 | A kind of network security emergency response method and emergency response platform |
| CN107809321A (en) * | 2016-09-08 | 2018-03-16 | 南京联成科技发展股份有限公司 | A kind of security risk assessment and the implementation method of alarm generation |
| CN108112016B (en) * | 2016-11-24 | 2020-11-17 | 腾讯科技(深圳)有限公司 | Wireless local area network security assessment method and device |
| CN108112016A (en) * | 2016-11-24 | 2018-06-01 | 腾讯科技(深圳)有限公司 | Wireless LAN safety appraisal procedure and device |
| CN106856478A (en) * | 2016-12-29 | 2017-06-16 | 北京奇虎科技有限公司 | A kind of safety detection method and device based on LAN |
| CN107169357A (en) * | 2017-05-12 | 2017-09-15 | 北京金山安全管理系统技术有限公司 | Early warning display processing method, device, storage medium and processor |
| CN107193600A (en) * | 2017-05-24 | 2017-09-22 | 深信服科技股份有限公司 | A kind of patch management method, the first equipment, the first plug-in unit, system and fire wall |
| WO2019047693A1 (en) * | 2017-09-07 | 2019-03-14 | 上海掌门科技有限公司 | Method and device for carrying out wifi network security monitoring |
| CN107623916B (en) * | 2017-09-07 | 2020-08-14 | 上海掌门科技有限公司 | Method and equipment for WiFi network security monitoring |
| CN107623916A (en) * | 2017-09-07 | 2018-01-23 | 上海掌门科技有限公司 | A kind of method and apparatus for carrying out WiFi network security monitoring |
| CN109511129A (en) * | 2017-09-15 | 2019-03-22 | 中国移动通信集团广东有限公司 | A kind of wireless network secure detection method and device |
| CN111770076A (en) * | 2020-06-24 | 2020-10-13 | 国网福建省电力有限公司 | Self-detection network security system and working method thereof |
| CN111885191A (en) * | 2020-07-30 | 2020-11-03 | 西安电子科技大学 | Computer network communication system |
| CN112417459A (en) * | 2020-11-19 | 2021-02-26 | 上海浦东发展银行股份有限公司 | Large-scale terminal equipment safety assessment method and system and computer equipment |
| CN112417459B (en) * | 2020-11-19 | 2022-10-28 | 上海浦东发展银行股份有限公司 | Large-scale terminal equipment safety assessment method and system and computer equipment |
| CN115374445A (en) * | 2022-03-31 | 2022-11-22 | 国家计算机网络与信息安全管理中心 | Terminal system security assessment method, device and system based on cross-network scene |
| CN115374445B (en) * | 2022-03-31 | 2024-03-08 | 国家计算机网络与信息安全管理中心 | Terminal system security assessment method, device and system based on cross-network scene |
| CN115567301A (en) * | 2022-09-28 | 2023-01-03 | 宋舒涵 | Information security authentication transmission method and system based on local area network |
| CN115567301B (en) * | 2022-09-28 | 2023-10-17 | 宋舒涵 | Information security authentication transmission method and system based on local area network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102413011B (en) | 2015-09-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102413011A (en) | Local area network (LAN) security evaluation method and system | |
| US7269851B2 (en) | Managing malware protection upon a computer network | |
| US10027689B1 (en) | Interactive infection visualization for improved exploit detection and signature generation for malware and malware families | |
| KR101514984B1 (en) | Detecting system for detecting Homepage spreading Virus and Detecting method thereof | |
| Zheng et al. | DroidRay: a security evaluation system for customized android firmwares | |
| CN102945348B (en) | Fileinfo collection method and device | |
| CN106664297B (en) | Method for detecting attacks on an operating environment connected to a communication network | |
| CN102945349B (en) | unknown file processing method and device | |
| CN101924762A (en) | Cloud security-based active defense method | |
| CN108023860B (en) | Web application protection method and system and Web application firewall | |
| US10579797B2 (en) | Program integrity monitoring and contingency management system and method | |
| CN102171657A (en) | Simplified communication of a reputation score for an entity | |
| Bhandari et al. | DRACO: DRoid analyst combo an android malware analysis framework | |
| CN103294955B (en) | Macrovirus checking and killing method and system | |
| CN104268476A (en) | Application running method | |
| CN104268475A (en) | Application running system | |
| KR100961149B1 (en) | Method for detecting malicious site, method for gathering information of malicious site, apparatus, system, and recording medium having computer program recorded | |
| CN114760089A (en) | Safety protection method and device for web server | |
| US10489593B2 (en) | Mitigation of malicious actions associated with graphical user interface elements | |
| Mohata et al. | Mobile malware detection techniques | |
| US10880316B2 (en) | Method and system for determining initial execution of an attack | |
| CN114826662B (en) | Custom rule protection method, device, equipment and readable storage medium | |
| CN105978908A (en) | Non-real-time information website security protection method and apparatus | |
| US9491193B2 (en) | System and method for antivirus protection | |
| KR101923054B1 (en) | Wire and wireless gateway for detecting malignant action autonomously based on signature and method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: BEIJING QIHU TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: QIZHI SOFTWARE (BEIJING) CO., LTD. Effective date: 20150902 Owner name: QIZHI SOFTWARE (BEIJING) CO., LTD. Effective date: 20150902 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20150902 Address after: 100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park) Applicant after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Applicant after: Qizhi software (Beijing) Co.,Ltd. Address before: The 4 layer 100016 unit of Beijing city Chaoyang District Jiuxianqiao Road No. 14 Building C Applicant before: Qizhi software (Beijing) Co.,Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20161213 Address after: 100015 Jiuxianqiao Chaoyang District Beijing Road No. 10, building 15, floor 17, layer 1701-26, 3 Patentee after: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. Address before: 100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Deng Zhenbo Inventor after: Meng Jun Inventor after: Liu Xuezhong Inventor after: Sun Xiaoqing Inventor after: Huang Jianting Inventor after: Yu Xinwei Inventor after: Zhao Huaqiang Inventor after: Wang Lin Inventor before: Deng Zhenbo Inventor before: Sun Xiaoqing Inventor before: Huang Jianting Inventor before: Yu Xinwei Inventor before: Zhao Huaqiang Inventor before: Wang Lin |
|
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Patentee after: Qianxin Technology Group Co.,Ltd. Address before: 100015 15, 17 floor 1701-26, 3 building, 10 Jiuxianqiao Road, Chaoyang District, Beijing. Patentee before: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20201225 Address after: 100044 2nd floor, building 1, yard 26, Xizhimenwai South Road, Xicheng District, Beijing Patentee after: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. Patentee after: Qianxin Technology Group Co.,Ltd. Address before: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Patentee before: Qianxin Technology Group Co.,Ltd. |
|
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 2nd Floor, Building 1, Yard 26, Xizhimenwai South Road, Xicheng District, Beijing, 100032 Patentee after: Qianxin Wangshen information technology (Beijing) Co.,Ltd. Patentee after: Qianxin Technology Group Co.,Ltd. Address before: 100044 2nd floor, building 1, yard 26, Xizhimenwai South Road, Xicheng District, Beijing Patentee before: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. Patentee before: Qianxin Technology Group Co.,Ltd. |