CN102413011B - A kind of method and system of LAN safety assessment - Google Patents
A kind of method and system of LAN safety assessment Download PDFInfo
- Publication number
- CN102413011B CN102413011B CN201110369637.4A CN201110369637A CN102413011B CN 102413011 B CN102413011 B CN 102413011B CN 201110369637 A CN201110369637 A CN 201110369637A CN 102413011 B CN102413011 B CN 102413011B
- Authority
- CN
- China
- Prior art keywords
- information
- security
- user terminal
- network
- local area
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 238000001514 detection method Methods 0.000 claims abstract description 77
- 241000700605 Viruses Species 0.000 claims description 72
- 238000012217 deletion Methods 0.000 claims description 18
- 230000037430 deletion Effects 0.000 claims description 18
- 238000011156 evaluation Methods 0.000 claims description 16
- 239000000284 extract Substances 0.000 claims description 15
- 230000003612 virological effect Effects 0.000 claims description 15
- 230000006870 function Effects 0.000 claims description 11
- 238000004891 communication Methods 0.000 claims description 10
- 238000004140 cleaning Methods 0.000 claims description 6
- 238000003745 diagnosis Methods 0.000 claims description 6
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 claims description 6
- 238000002955 isolation Methods 0.000 claims description 6
- 230000008520 organization Effects 0.000 claims description 6
- 230000004044 response Effects 0.000 claims description 5
- 238000009434 installation Methods 0.000 claims description 4
- 230000002155 anti-virotic effect Effects 0.000 description 10
- 230000006378 damage Effects 0.000 description 5
- 230000036541 health Effects 0.000 description 5
- 208000027418 Wounds and injury Diseases 0.000 description 2
- 230000009471 action Effects 0.000 description 2
- 230000000840 anti-viral effect Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 208000014674 injury Diseases 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 241000272525 Anas platyrhynchos Species 0.000 description 1
- 241001494479 Pecora Species 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000003071 parasitic effect Effects 0.000 description 1
- SBNFWQZLDJGRLK-UHFFFAOYSA-N phenothrin Chemical compound CC1(C)C(C=C(C)C)C1C(=O)OCC1=CC=CC(OC=2C=CC=CC=2)=C1 SBNFWQZLDJGRLK-UHFFFAOYSA-N 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 1
Abstract
This application provides the method and system of a kind of LAN safety assessment, the terminal in described local area network (LAN) comprises control terminal and user terminal, and described method comprises: the safety detection triggering user terminal in local area network (LAN); The safety detection data of its correspondence are reported to control terminal by described user terminal; Described control terminal is according to the security assessment information of received safety detection data genaration current local area network.The application can feed back the safe condition of enterprise network comprehensively, truly.
Description
Technical field
The application relates to the technical field of computer security, particularly relates to the method for a kind of LAN safety assessment and the system of a kind of LAN safety assessment.
Background technology
Antivirus software, also claiming anti-viral software or antivirus software, is the class software for eliminating computer virus, Trojan Horse and Malware.The usual integrated monitoring identification of antivirus software, virus scan and the function such as removing and auto-update, some antivirus softwares are also with functions such as date restoring, that computer system of defense (comprises antivirus software, fire compartment wall, the killing program of Trojan Horse and other Malwares, intrusion prevention system etc.) important component part.
Along with the development of network, antivirus software is not only only to individual equipment Terminal for service (being commonly called as " individual version "), increasing antivirus software manufacturer starts to provide integrity service (being commonly called as " enterprise version " or " network edition ") to local area network (LAN) (as enterprise network), due to traditional antivirus software, mainly lay particular emphasis on and eliminate computer virus and Trojan Horse, therefore the enterprise version of these antivirus softwares or the network edition lay particular emphasis on displaying and the virus of management enterprise network and the situation of wooden horse equally.But, along with the deep development of the Internet, Cyberthreat shifts from security boundary to terminal security, virus and wooden horse are not threaten the major way of computer security already, and picture plug-in unit, rogue software, malice such as to distort at the emerging disaster-causing mode, becomes the difficult problem that anti-viral software needs first to solve.
Moreover, mainly by installing antivirus software client respectively in the terminal of enterprise network inside in prior art, the viral load of enterprise network and the viral extent of injury are carried out to the security evaluation of network, and obtain relevant scoring or detect data.For viral load and the viral extent of injury, although this method can embody the safe condition of business network environment to a certain extent, pole is not comprehensive, cannot as the true mark post judging enterprise network security situation.Because the appearance of virus belongs to the category of post, a just engineering of mending the fold after the sheep is lost, enterprise network is at this time in the hole, and these networks all belong to the network environment of failing, to such network to carry out marking or detecting again, meaning is all little.
Therefore, the technical problem needing those skilled in the art urgently to solve at present is exactly: the mechanism proposing the assessment of a kind of LAN safety, in order to feed back the safe condition of enterprise network comprehensively, truly.
Summary of the invention
Technical problems to be solved in this application are to provide the method and system of a kind of LAN safety assessment, in order to feed back the safe condition of enterprise network comprehensively, truly.
In order to solve the problem, this application discloses the method for a kind of LAN safety assessment, the terminal in described local area network (LAN) comprises control terminal and user terminal, and described method comprises:
Trigger the safety detection of user terminal in local area network (LAN);
The safety detection data of its correspondence are reported to control terminal by described user terminal;
Described control terminal is according to the security assessment information of received safety detection data genaration current local area network.
Preferably, described method, also comprises:
Described control terminal issues security strategy according to described security assessment information to corresponding user terminal, performs described security strategy by corresponding user terminal.
Preferably, in described local area network (LAN), the safety detection of user terminal comprises:
Viral diagnosis, trojan horse detection, security breaches detect, and plug-in unit detects, and system rubbish detects, and system configuration detects, and software security detects, and/or network is shared and detected;
Described safety detection data comprise:
Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information.
Preferably, described safety detection data also comprise:
Described user terminal according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, the safe grading parameters generated according to preset scoring rule;
Described security assessment information comprises network-wide security grading parameters, and, network-wide security information summary sheet, described control terminal comprises according to the step of the security assessment information of received safety detection data genaration current local area network:
Described control terminal adds up the safe grading parameters of each user terminal to send up received, and generates the network-wide security grading parameters of current local area network;
The Virus Info of each user terminal that described control terminal tissue receives, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, generate the network-wide security information summary sheet of current local area network.
Preferably, described security assessment information comprises the safe grading parameters of each user terminal, network-wide security grading parameters, and, network-wide security information summary sheet, described control terminal comprises according to the step of the security assessment information of received safety detection data genaration current local area network:
Described control terminal according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, calculate the safe grading parameters of each user terminal according to preset scoring rule;
Described control terminal adds up the safe grading parameters of described user terminal, generates the network-wide security grading parameters of current local area network;
Described control terminal organizes the Virus Info of described user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, generate the network-wide security information summary sheet of current local area network.
Preferably, described security assessment information also comprises network-wide security rank, and described control terminal also comprises according to the step of the security assessment information of received safety detection data genaration current local area network:
Described control terminal according to the network-wide security grading parameters of current local area network, according to the network-wide security rank of level definition determination current local area network preset.
Preferably, described method, also comprises:
Control terminal shows described security assessment information.
Preferably, described method, also comprises:
Control terminal is by described security assessment information write daily record.
Preferably, described control terminal issues security strategy according to described security assessment information to corresponding user terminal, and the step being performed described security strategy by corresponding user terminal comprises:
Described control terminal generates security strategy according to described security assessment information, and described security strategy comprises the mark of relative users terminal, and, Java.policy;
Described control terminal sends security strategy to user terminal and extracts notice;
Described user terminal extracts notice according to described security strategy, downloads corresponding Java.policy according to user terminal identification from control terminal;
Described user terminal installs described Java.policy.
Preferably, when described security assessment information comprises Virus Info, described Java.policy comprises virus and reads, the information of virus deletion and/or virus isolation;
When described security assessment information comprises wooden horse information, described Java.policy comprises wooden horse and reads, the information that wooden horse is deleted and/or wooden horse is isolated;
When described security assessment information comprises safety loophole information, described Java.policy comprises the information that patch is downloaded and installed;
When described security assessment information comprises malicious plugins information, described Java.policy comprises the information that plug-in unit reads and deletes;
When described security assessment information comprises system rubbish information, described Java.policy comprises the information of system rubbish cleaning;
When described security assessment information comprises system configuration error message, described Java.policy comprises amendment or reset system configuration, and/or, the information of read/write registration table continuous item;
When described security assessment information comprises dangerous software information, described Java.policy comprises the reading of described software and the information of deletion;
Share information when described security assessment information comprises network, described Java.policy comprises the information of reading that described network shares and deletion.
The embodiment of the present application also discloses the system of a kind of LAN safety assessment, and the terminal in described local area network (LAN) comprises control terminal and user terminal, and described system comprises:
Trigger module, for triggering the safety detection of user terminal in local area network (LAN);
Be positioned at the data reporting module of user terminal, the safety detection data obtained for user terminal being performed described safety detection report to control terminal;
Be positioned at the security evaluation module of control terminal, for the security assessment information according to received safety detection data genaration current local area network.
Preferably, described system, also comprises:
Be positioned at the policy distribution module of control terminal, for issuing security strategy according to described security assessment information to corresponding user terminal;
Be positioned at the policy enforcement module of user terminal, for performing described security strategy in corresponding user terminal.
Preferably, in described local area network (LAN), the safety detection of user terminal comprises:
Viral diagnosis, trojan horse detection, security breaches detect, and plug-in unit detects, and system rubbish detects, and system configuration detects, and software security detects, and/or network is shared and detected;
Described safety detection data comprise:
Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information.
Preferably, described safety detection data also comprise:
Described user terminal according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, the safe grading parameters generated according to preset scoring rule;
Described security assessment information comprises network-wide security grading parameters, and, network-wide security information summary sheet, described in be positioned at control terminal security evaluation module comprise:
Point Data-Statistics submodule, for adding up the safe grading parameters of received each user terminal to send up, generates the network-wide security grading parameters of current local area network;
Organization of Data submodule, for organizing the Virus Info of received each user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, generates the network-wide security information summary sheet of current local area network.
Preferably, described security assessment information comprises the safe grading parameters of each user terminal, network-wide security grading parameters, and, network-wide security information summary sheet, described in be positioned at control terminal security evaluation module comprise:
Terminal score submodule, for according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, calculates the safe grading parameters of each user terminal according to preset scoring rule;
Dividing Data-Statistics submodule, for adding up the safe grading parameters of described user terminal, generating the network-wide security grading parameters of current local area network;
Organization of Data submodule, for organizing the Virus Info of described user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, generates the network-wide security information summary sheet of current local area network.
Preferably, described security assessment information also comprises network-wide security rank, described in be positioned at control terminal security evaluation module also comprise:
Safe class determination submodule, for the network-wide security grading parameters according to current local area network, according to the network-wide security rank of the level definition determination current local area network preset.
Preferably, the policy distribution module being positioned at control terminal described in comprises:
Strategy generating submodule, for generating security strategy according to described security assessment information, described security strategy comprises the mark of relative users terminal, and, Java.policy;
Strategy sends submodule, sends security strategy extract notice for described control terminal to user terminal;
The described policy enforcement module being positioned at user terminal comprises:
Strategy extracts submodule, extracts notice for described user terminal according to described security strategy, downloads corresponding Java.policy according to user terminal identification from control terminal;
Policy installation submodule, for installing described Java.policy at described user terminal.
Preferably, when described security assessment information comprises Virus Info, described Java.policy comprises virus and reads, the information of virus deletion and/or virus isolation;
When described security assessment information comprises wooden horse information, described Java.policy comprises wooden horse and reads, the information that wooden horse is deleted and/or wooden horse is isolated;
When described security assessment information comprises safety loophole information, described Java.policy comprises the information that patch is downloaded and installed;
When described security assessment information comprises malicious plugins information, described Java.policy comprises the information that plug-in unit reads and deletes;
When described security assessment information comprises system rubbish information, described Java.policy comprises the information of system rubbish cleaning;
When described security assessment information comprises system configuration error message, described Java.policy comprises amendment or reset system configuration, and/or, the information of read/write registration table continuous item;
When described security assessment information comprises dangerous software information, described Java.policy comprises the reading of described software and the information of deletion;
Share information when described security assessment information comprises network, described Java.policy comprises the information of reading that described network shares and deletion
Compared with prior art, the application comprises following advantage:
The application is no longer only using viral load and viral threat degree as the sole criterion of LAN security evaluation, for LAN achieves safe obviate, forbid in thing, the omnibearing protection of killing afterwards, and for the safety detection of LAN, contain many aspects, as the virus status in local area network (LAN); Wooden horse situation in local area network (LAN); Patch situation in local area network (LAN); Plug-in unit situation in local area network (LAN); System rubbish situation in local area network (LAN); Various system configuration situations in local area network (LAN); Various networks in local area network (LAN) share situation etc., thus can obtain security evaluation data accurately, can feed back the safe condition of enterprise network comprehensively, truly.
Moreover, application the embodiment of the present application, the data that control terminal can unify all user terminal to send up of local area network carry out gathering and analyzing, and provide the security assessment information of the general safety situation of a reaction local area network (LAN), the security assessment information that network of relation administrative staff can be provided by described control terminal understands every platform user terminal safe condition in local area network (LAN) in real time, and, described control terminal can also adopt virus killing according to the situation of each user terminal safety, patch installing, the means such as health check-up ensure that each terminal is in best safety state; In addition, can also concentrate and issue unified security strategy, such as timing health check-up, timing patch installing, starting up's item etc. of unified management terminal computer, effectively alleviates the workload of network management personnel, improves Consumer's Experience.
Accompanying drawing explanation
Fig. 1 is the flow chart of steps of the embodiment of the method for a kind of LAN safety assessment of the application;
Fig. 2 is the structured flowchart of the system embodiment of a kind of LAN safety assessment of the application.
Embodiment
For enabling above-mentioned purpose, the feature and advantage of the application more become apparent, below in conjunction with the drawings and specific embodiments, the application is described in further detail.
With reference to Fig. 1, show the flow chart of steps of the embodiment of the method for a kind of LAN safety assessment of the application, the terminal in described local area network (LAN) comprises control terminal and user terminal, and the present embodiment specifically can comprise the steps:
The safety detection of user terminal in step 101, triggering local area network (LAN);
It should be noted that, in application embodiment, described control terminal refers to the terminal of carrying out safety detection in local area network (LAN) for controlling other user terminal, and described user terminal refers to the instruction of response limiting terminal in local area network (LAN), carries out the terminal of data interaction with control terminal.In actual applications, can at control terminal deployment server proxy module, in user terminal deployment software client and communication module, with the framework of similar C/S (client/server), to realize in local area network (LAN) control terminal to the controlling functions of user terminal, and, the control response of user terminal and communication function.
In specific implementation, described local area network (LAN) can be Intranet, and in described local area network (LAN), the safety detection operation of user terminal can be triggered by following three kinds of modes:
The first, according to the setting of the start detection trigger of control terminal, user terminal is when starting shooting at every turn, and automatic triggering secure detects;
The second, performs the setting of end trigger detection according to the security strategy of control terminal, user terminal after executing security strategy at every turn, and triggering secure detects;
The third, the detection instruction that user terminal response limiting terminal issues, triggering secure detects.
Certainly, above-mentioned triggering mode is only used as example, and those skilled in the art adopt any one triggering mode to be feasible according to actual conditions, and the embodiment of the present application is not restricted this.
The safety detection data of its correspondence are reported to control terminal by step 102, described user terminal;
As the example of the embodiment of the present application embody rule, in described local area network (LAN), the safety detection of user terminal can comprise:
(1) Viral diagnosis, namely detects the virus status in active user's terminal.
Specifically, virus refers to establishment or the destruction computer function that inserts in computer program or destroys data, affect computer use and can one group of computer instruction of self-replacation or program code.Virus has the features such as parasitics, infectiousness, latency, disguise, destructiveness and ignitionability.
When existence virus in active user's terminal being detected, can obtain the safety detection data about Virus Info, described Virus Info specifically can comprise viral load, Virus Type, viral site, viral attribute etc.
(2) trojan horse detection, namely detects the wooden horse situation in active user's terminal.
Specifically, wooden horse is a kind of duplicity program through camouflage, and it by attracting user to download execution self camouflage, thus destroys or steal vital document and the data of user.Wooden horse is different from general virus, it can not self-reproduction, also " deliberately " does not go to infect alternative document, and its Main Function opens by kind of a door for person's computer to executing kind of a wooden horse person, make the other side can damage arbitrarily, steal your file, even the computer of remote control user.
When detect there is wooden horse in active user's terminal time, can obtain the safety detection data about wooden horse information, described wooden horse information specifically can comprise wooden horse quantity, wooden horse position etc.
(3) security breaches detect, and namely detect the security vulnerability state in hardware, system and the software in active user's terminal.
Specifically, leak is the defect existed in the specific implementation or System Security Policy of hardware, software, agreement, thus assailant can be enable to access or destruction system in undelegated situation.It is the not shielded entrance stayed unintentionally of restricted computer, assembly, application program or other online dictionary.Leak can have influence on a wide range of soft hardware equipment, comprises system itself and support programs thereof, network client and server software, network router and security firewall etc.
When detect there are security breaches in active user's terminal time, can obtain the safety detection data about safety loophole information, described safety loophole information specifically can comprise the type of security breaches, the attribute, the quantity of security breaches, the occurrence positions of security breaches etc. of security breaches.
(4) plug-in unit detects, and namely detects the plug-in security situation in active user's terminal.
Specifically, plug-in unit is the program that a kind of application programming interfaces following certain specification are write out.A lot of software has plug-in unit, and plug-in unit has countless versions.Such as in IE, after installing relevant plug-in unit, web browser directly can call plug-in card program, for the treatment of the file of particular type.Some plug-in card program can help the more convenient browsing internet of user or call online miscellaneous function, also subprogram is had to be it is called as ad ware (Adware) or spyware (Spyware), the internet behavior of this type of malicious plugins sequential monitoring user, and recorded data is reported to the founder of plug-in card program, to reach input advertisement, steal game or the illegal objective such as account No. password, namely namely the main purpose of the detection of plug-in security situation is found to the malicious plugins in user terminal.
When detect there is malicious plugins in active user's terminal time, can obtain the safety detection data about malicious plugins information, described malicious plugins information specifically can comprise the type of malicious plugins, the attribute, the quantity of malicious plugins, the position of malicious plugins etc. of malicious plugins.
(5) system rubbish detects, and namely detects the system rubbish situation in active user's terminal.
Specifically, system rubbish is exactly the general designation of the file that system no longer needs.Webpage as browsed in user, the program Stub File uninstalled again after installation and the key assignments of registration table.These are all the files like water off a duck's back to system, can only increase burden to system, so be referred to as system rubbish.
When detect there is system rubbish in active user's terminal time, can obtain the safety detection data about system rubbish information, described system rubbish information specifically can comprise the type of system rubbish, the position of system rubbish etc.
(6) system configuration detects, and namely detects the dangerous situation of the system configuration in active user's terminal.
When detecting that the system in active user's terminal exists dangerous configuration, when safe class as current operation system arranges too low, can obtain the safety detection data about system configuration error message, described system configuration error message specifically can comprise situation of the dangerous setting of system configuration etc.
(7) software security detects, and namely detects the software security situation of installing in active user's terminal.
When there is the software of the safety danger side of body in the system in active user's terminal that detects, as software etc. of going fishing, can obtain the safety detection data about dangerous software information, described dangerous software information specifically can comprise dbase, software danger side of body type, software positional information etc.
(8) network is shared and is detected, and namely detects the situation that in active user's terminal, network is shared.
Network shares the resource referred on network, comprises hardware and software, the feature that any network user of mandate can use.Network shareware is there is in active user's terminal when detecting, during network shared device etc., the safety detection data sharing information about network can be obtained, described network shares information specifically can comprise dbase that network shares, network is shared device name, software type that network is shared etc.
Certainly, the method of above-mentioned safety detection and the safety detection data obtained all only are used as example, those skilled in the art adopt other safety detection method according to actual conditions, and it is all feasible for obtaining other various required safety detection data, and the embodiment of the present application is not restricted this.
In specific implementation, the safety detection data of the correspondence obtained through safety detection are reported to control terminal by the communication module of its On-premise by user terminal.
Step 103, described control terminal are according to the security assessment information of received safety detection data genaration current local area network.
In a preferred embodiment of the present application, described user terminal can also according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, calculates the safe grading parameters of active user's terminal according to preset scoring rule; That is, in the present embodiment, described safety detection data also comprise the safe grading parameters of active user's terminal.
Such as, preset scoring rule is, arranging full marks is 100 points, and occur that above-mentioned arbitrary dangerous project information then detains 10 points, if current detection goes out two dangerous projects, then safe grading parameters is 80 points.
In this case, described step 103 specifically can comprise following sub-step:
Sub-step S11, described control terminal add up the safe grading parameters of each user terminal to send up received, and generate the network-wide security grading parameters of current local area network;
Such as, then the safe grading parameters of described control terminal to received each user terminal to send up average after suing for peace, using the network-wide security grading parameters of this mean value as current local area network.
The Virus Info of each user terminal that sub-step S12, described control terminal tissue receive, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, generate the network-wide security information summary sheet of current local area network.
In the present embodiment, control terminal adopts network-wide security grading parameters, and network-wide security information summary sheet is as the sign of current local area network security assessment information.
In another preferred embodiment of the present application, the safe grading parameters of described each user terminal also can be unifiedly calculated by control terminal, and namely described step 103 can comprise following sub-step:
Sub-step S21, described control terminal are according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, calculate the safe grading parameters of each user terminal according to preset scoring rule;
Sub-step S22, described control terminal add up the safe grading parameters of described user terminal, generate the network-wide security grading parameters of current local area network;
Sub-step S23, described control terminal organize the Virus Info of described user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, generate the network-wide security information summary sheet of current local area network.
In the present embodiment, control terminal adopts the safe grading parameters of each user terminal, network-wide security grading parameters, and network-wide security information summary sheet is as the sign of current local area network security assessment information.
Those skilled in the art also can adopt the security assessment information of other form, such as, press fixed form according to safety detection data and generate network-wide security assessment report, the safe grading parameters describing current local area network in described network-wide security assessment report in detail is how many, which potential safety hazard there is in each user terminal, and provide corresponding suggestion for operation.
In specific implementation, level of security can also be divided to the safe condition of current local area network.Namely more preferably, described security assessment information can also comprise network-wide security rank, and in this case, described step 103 can also comprise following sub-step:
Sub-step 30, described control terminal according to the network-wide security grading parameters of current local area network, according to the network-wide security rank of level definition determination current local area network preset.
Such as, the level definition preset is:
More than 90 points: healthy network;
60 to 90 points: inferior health network;
Less than 60 points: unhealthy network.
If calculating the network-wide security grading parameters obtaining current local area network is 95 points, then determine that its network-wide security rank is healthy network; If calculating the network-wide security grading parameters obtaining current local area network is 80 points, then determine that its network-wide security rank is inferior health network; If calculating the network-wide security grading parameters obtaining current local area network is 55 points, then determine that its network-wide security rank is unhealthy network.
In the preferred embodiment of the application, described control terminal can also adopt shows described security assessment information, and, by the mode in described security assessment information write daily record, described security assessment information is informed to network of relation administrative staff, the problem sooner, better, more fully finding in local area network (LAN) to help network management personnel, and address these problems in time.
In a particular application, network of relation administrative staff can according to described security assessment information determination security strategy, also automatically security strategy can be generated by control terminal according to described security assessment information, then corresponding user terminal is issued to, corresponding security strategy is performed, to remove security risk by each user terminal.
In a preferred embodiment of the present application, can also comprise the steps:
Step 104, described control terminal issue security strategy according to described security assessment information to corresponding user terminal, perform described security strategy by corresponding user terminal.
Security strategy refers in certain safety zone (safety zone typically refers to a series of process and the communication resource that belong to certain tissue), for the set of rule of all security-related activities.
As a kind of example of the present embodiment embody rule, described step 104 specifically can comprise following sub-step:
Sub-step S41, described control terminal generate security strategy according to described security assessment information, and described security strategy comprises the mark of relative users terminal, and, Java.policy;
Sub-step S42, described control terminal send security strategy to user terminal and extract notice;
Sub-step S43, described user terminal extract notice according to described security strategy, download corresponding Java.policy according to user terminal identification from control terminal;
Sub-step S44, described user terminal install described Java.policy.
Such as, current safety appreciation information comprises the Virus Info of the 2nd user terminal, the wooden horse information of the 5th user terminal, and, the safety loophole information of the 8th user terminal, comprises so control terminal generates corresponding security strategy: for the Java.policy of the checking and killing virus of the 2nd user terminal, for the Java.policy of the wooden horse killing of the 5th user terminal, and, the Java.policy that the patch for the 8th user terminal is installed.The communication module of each user terminal goes to control terminal, the user terminal identification recorded in contrast security strategy, download corresponding Java.policy, namely the 2nd user terminal downloads is to the Java.policy of checking and killing virus, 5th user terminal downloads is to the Java.policy of wooden horse killing, 8th Java.policy that user terminal downloads is installed to patch, then above-mentioned each user terminal performs corresponding Java.policy respectively, to remove dangerous project.
More specifically, when described security assessment information comprises Virus Info, described Java.policy can comprise virus and read, the information of virus deletion and/or virus isolation;
When described security assessment information comprises wooden horse information, described Java.policy can comprise wooden horse and read, the information that wooden horse is deleted and/or wooden horse is isolated;
When described security assessment information comprises safety loophole information, described Java.policy can comprise the information that patch is downloaded and installed;
When described security assessment information comprises malicious plugins information, described Java.policy can comprise the information that plug-in unit reads and deletes;
When described security assessment information comprises system rubbish information, described Java.policy can comprise the information of system rubbish cleaning;
When described security assessment information comprises system configuration error message, described Java.policy can comprise amendment or reset system configuration, and/or, the information of read/write registration table continuous item;
When described security assessment information comprises dangerous software information, described Java.policy can comprise the reading of described software and the information of deletion;
Share information when described security assessment information comprises network, described Java.policy can comprise the information of reading that described network shares and deletion.
In specific implementation, described control terminal can also be concentrated to each user terminal in local area network (LAN) and issue unified security strategy, such as timing health check-up, timing patch installing, starting up's item etc. of unified management terminal computer, effectively to alleviate the workload of network management personnel, improve Consumer's Experience.
It should be noted that, for aforesaid embodiment of the method, in order to simple description, therefore it is all expressed as a series of combination of actions, but those skilled in the art should know, the application is not by the restriction of described sequence of movement, because according to the application, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, the embodiment described in specification all belongs to preferred embodiment, and involved action and module might not be that the application is necessary.
With reference to Fig. 2, show the structured flowchart of the system embodiment of a kind of LAN safety assessment of the application, the terminal in described local area network (LAN) comprises control terminal and user terminal, and the present embodiment specifically can comprise with lower module:
Trigger module 201, for triggering the safety detection of user terminal in local area network (LAN);
Be positioned at the data reporting module 202 of user terminal, the safety detection data obtained for user terminal being performed described safety detection report to control terminal;
Be positioned at the security evaluation module 203 of control terminal, for the security assessment information according to received safety detection data genaration current local area network.
In specific implementation, in described local area network (LAN), the safety detection of user terminal can comprise: Viral diagnosis, trojan horse detection, and security breaches detect, and plug-in unit detects, and system rubbish detects, and system configuration detects, and software security detects, and/or network is shared and detected; In this case, described safety detection data can comprise: Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information etc.
In a preferred embodiment of the present application, described safety detection data can also comprise:
Described user terminal according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, the safe grading parameters generated according to preset scoring rule;
Described security assessment information comprises network-wide security grading parameters, and, network-wide security information summary sheet, in the present embodiment, described in be positioned at control terminal security evaluation module 203 can comprise following submodule:
Point Data-Statistics submodule, for adding up the safe grading parameters of received each user terminal to send up, generates the network-wide security grading parameters of current local area network;
Organization of Data submodule, for organizing the Virus Info of received each user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, generates the network-wide security information summary sheet of current local area network.
In a preferred embodiment of the present application, described security assessment information can comprise the safe grading parameters of each user terminal, network-wide security grading parameters, and, network-wide security information summary sheet, in this case, the security evaluation module 203 being positioned at control terminal described in can comprise following submodule:
Terminal score submodule, for according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, calculates the safe grading parameters of each user terminal according to preset scoring rule;
Dividing Data-Statistics submodule, for adding up the safe grading parameters of described user terminal, generating the network-wide security grading parameters of current local area network;
Organization of Data submodule, for organizing the Virus Info of described user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, generates the network-wide security information summary sheet of current local area network.
More preferably, described security assessment information can also comprise network-wide security rank, described in be positioned at control terminal security evaluation module can also comprise following submodule:
Safe class determination submodule, for the network-wide security grading parameters according to current local area network, according to the network-wide security rank of the level definition determination current local area network preset.
In specific implementation, the embodiment of the present application can also comprise as lower module:
Be positioned at the display module of control terminal, for showing described security assessment information at control terminal;
And/or,
Be positioned at the logger module of control terminal, for described security assessment information being write in the daily record of control terminal.
In a preferred embodiment of the present application, described system can also comprise as lower module:
Be positioned at the policy distribution module 204 of control terminal, for issuing security strategy according to described security assessment information to corresponding user terminal;
Be positioned at the policy enforcement module 205 of user terminal, for performing described security strategy in corresponding user terminal.
As a kind of example of the embodiment of the present application embody rule, described in be positioned at control terminal policy distribution module 204 can comprise following submodule:
Strategy generating submodule, for generating security strategy according to described security assessment information, described security strategy comprises the mark of relative users terminal, and, Java.policy;
Strategy sends submodule, sends security strategy extract notice for described control terminal to user terminal;
The described policy enforcement module 205 being positioned at user terminal can comprise following submodule:
Strategy extracts submodule, extracts notice for described user terminal according to described security strategy, downloads corresponding Java.policy according to user terminal identification from control terminal;
Policy installation submodule, for installing described Java.policy at described user terminal.
In specific implementation, when described security assessment information comprises Virus Info, described Java.policy can comprise virus and read, the information of virus deletion and/or virus isolation;
When described security assessment information comprises wooden horse information, described Java.policy can comprise wooden horse and read, the information that wooden horse is deleted and/or wooden horse is isolated;
When described security assessment information comprises safety loophole information, described Java.policy can comprise the information that patch is downloaded and installed;
When described security assessment information comprises malicious plugins information, described Java.policy can comprise the information that plug-in unit reads and deletes;
When described security assessment information comprises system rubbish information, described Java.policy can comprise the information of system rubbish cleaning;
When described security assessment information comprises system configuration error message, described Java.policy can comprise amendment or reset system configuration, and/or, the information of read/write registration table continuous item;
When described security assessment information comprises dangerous software information, described Java.policy can comprise the reading of described software and the information of deletion;
Share information when described security assessment information comprises network, described Java.policy can comprise the information of reading that described network shares and deletion.
For system embodiment, due to itself and embodiment of the method basic simlarity, so description is fairly simple, relevant part illustrates see the part of embodiment of the method.
The application can be used in numerous general or special purpose computing system environment or configuration.Such as: personal computer, server computer, handheld device or portable set, laptop device, multicomputer system, system, set top box, programmable consumer-elcetronics devices, network PC, minicom, mainframe computer, the distributed computing environment (DCE) comprising above any system or equipment etc. based on microprocessor.
The application can describe in the general context of computer executable instructions, such as program module.Usually, program module comprises the routine, program, object, assembly, data structure etc. that perform particular task or realize particular abstract data type.Also can put into practice the application in a distributed computing environment, in these distributed computing environment (DCE), be executed the task by the remote processing devices be connected by communication network.In a distributed computing environment, program module can be arranged in the local and remote computer-readable storage medium comprising memory device.
Above to the system that method and a kind of LAN safety of a kind of LAN safety assessment that the application provides are assessed, be described in detail, apply specific case herein to set forth the principle of the application and execution mode, the explanation of above embodiment is just for helping method and the core concept thereof of understanding the application; Meanwhile, for one of ordinary skill in the art, according to the thought of the application, all will change in specific embodiments and applications, in sum, this description should not be construed as the restriction to the application.
Claims (16)
1. a method for LAN safety assessment, it is characterized in that, the terminal in described local area network (LAN) comprises control terminal and user terminal, and described local area network (LAN) is Intranet; At control terminal deployment server proxy module, in user terminal deployment software client and communication module, to realize in local area network (LAN) control terminal to the controlling functions of user terminal, and, the control response of user terminal and communication function;
Described method comprises:
Trigger the safety detection of user terminal in local area network (LAN);
The safety detection data of its correspondence are reported to control terminal by described user terminal;
Described control terminal is according to the security assessment information of received safety detection data genaration current local area network;
Wherein, in described local area network (LAN), the safety detection of user terminal comprises:
Viral diagnosis, trojan horse detection, plug-in unit detects, and system rubbish detects, and/or software security detects;
Described safety detection data comprise:
Virus Info, wooden horse information, malicious plugins information, system rubbish information, and/or, dangerous software information;
Described security assessment information comprises the safe grading parameters of each user terminal, and described control terminal comprises according to the step of the security assessment information of received safety detection data genaration current local area network:
Described control terminal according to described Virus Info, wooden horse information, malicious plugins information, system rubbish information, and/or dangerous software information, calculates the safe grading parameters of each user terminal according to preset scoring rule.
2. the method for claim 1, is characterized in that, also comprises:
Described control terminal issues security strategy according to described security assessment information to corresponding user terminal, performs described security strategy by corresponding user terminal.
3. the method for claim 1, is characterized in that, described safety detection data also comprise:
Described user terminal according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, the safe grading parameters generated according to preset scoring rule;
Described security assessment information comprises network-wide security grading parameters, and, network-wide security information summary sheet, described control terminal comprises according to the step of the security assessment information of received safety detection data genaration current local area network:
Described control terminal adds up the safe grading parameters of each user terminal to send up received, and generates the network-wide security grading parameters of current local area network;
The Virus Info of each user terminal that described control terminal tissue receives, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, generate the network-wide security information summary sheet of current local area network.
4. the method for claim 1, it is characterized in that, described security assessment information also comprises network-wide security grading parameters, and, network-wide security information summary sheet, described control terminal comprises according to the step of the security assessment information of received safety detection data genaration current local area network:
Described control terminal adds up the safe grading parameters of described user terminal, generates the network-wide security grading parameters of current local area network;
Described control terminal organizes the Virus Info of described user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, generate the network-wide security information summary sheet of current local area network.
5. the method as described in claim 3 or 4, is characterized in that, described security assessment information also comprises network-wide security rank, and described control terminal also comprises according to the step of the security assessment information of received safety detection data genaration current local area network:
Described control terminal according to the network-wide security grading parameters of current local area network, according to the network-wide security rank of level definition determination current local area network preset.
6. method as claimed in claim 5, is characterized in that, also comprise:
Control terminal shows described security assessment information.
7. method as claimed in claim 6, is characterized in that, also comprise:
Control terminal is by described security assessment information write daily record.
8. method as claimed in claim 2, it is characterized in that, described control terminal issues security strategy according to described security assessment information to corresponding user terminal, and the step being performed described security strategy by corresponding user terminal comprises:
Described control terminal generates security strategy according to described security assessment information, and described security strategy comprises the mark of relative users terminal, and, Java.policy;
Described control terminal sends security strategy to user terminal and extracts notice;
Described user terminal extracts notice according to described security strategy, downloads corresponding Java.policy according to user terminal identification from control terminal;
Described user terminal installs described Java.policy.
9. method as claimed in claim 8, is characterized in that, when described security assessment information comprises Virus Info, described Java.policy comprises virus and reads, the information of virus deletion and/or virus isolation;
When described security assessment information comprises wooden horse information, described Java.policy comprises wooden horse and reads, the information that wooden horse is deleted and/or wooden horse is isolated;
When described security assessment information comprises safety loophole information, described Java.policy comprises the information that patch is downloaded and installed;
When described security assessment information comprises malicious plugins information, described Java.policy comprises the information that plug-in unit reads and deletes;
When described security assessment information comprises system rubbish information, described Java.policy comprises the information of system rubbish cleaning;
When described security assessment information comprises system configuration error message, described Java.policy comprises amendment or reset system configuration, and/or, the information of read/write registration table continuous item;
When described security assessment information comprises dangerous software information, described Java.policy comprises the reading of described software and the information of deletion;
Share information when described security assessment information comprises network, described Java.policy comprises the information of reading that described network shares and deletion.
10. a system for LAN safety assessment, it is characterized in that, the terminal in described local area network (LAN) comprises control terminal and user terminal, and described local area network (LAN) is Intranet; At control terminal deployment server proxy module, in user terminal deployment software client and communication module, to realize in local area network (LAN) control terminal to the controlling functions of user terminal, and, the control response of user terminal and communication function;
Described system comprises:
Trigger module, for triggering the safety detection of user terminal in local area network (LAN);
Be positioned at the data reporting module of user terminal, the safety detection data obtained for user terminal being performed described safety detection report to control terminal;
Be positioned at the security evaluation module of control terminal, for the security assessment information according to received safety detection data genaration current local area network;
Wherein, in described local area network (LAN), the safety detection of user terminal comprises:
Viral diagnosis, trojan horse detection, plug-in unit detects, and system rubbish detects, and/or software security detects;
Described safety detection data comprise:
Virus Info, wooden horse information, malicious plugins information, system rubbish information, and/or, dangerous software information;
Described security assessment information comprises the safe grading parameters of each user terminal, described in be positioned at control terminal security evaluation module comprise:
Terminal score submodule, for according to described Virus Info, wooden horse information, malicious plugins information, system rubbish information, and/or dangerous software information, calculates the safe grading parameters of each user terminal according to preset scoring rule.
11. systems as claimed in claim 10, is characterized in that, also comprise:
Be positioned at the policy distribution module of control terminal, for issuing security strategy according to described security assessment information to corresponding user terminal;
Be positioned at the policy enforcement module of user terminal, for performing described security strategy in corresponding user terminal.
12. systems as claimed in claim 10, it is characterized in that, described safety detection data also comprise:
Described user terminal according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, the safe grading parameters generated according to preset scoring rule;
Described security assessment information comprises network-wide security grading parameters, and, network-wide security information summary sheet, described in be positioned at control terminal security evaluation module comprise:
Point Data-Statistics submodule, for adding up the safe grading parameters of received each user terminal to send up, generates the network-wide security grading parameters of current local area network;
Organization of Data submodule, for organizing the Virus Info of received each user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, generates the network-wide security information summary sheet of current local area network.
13. systems as claimed in claim 10, it is characterized in that, described security assessment information also comprises network-wide security grading parameters, and, network-wide security information summary sheet, described in be positioned at control terminal security evaluation module also comprise:
Dividing Data-Statistics submodule, for adding up the safe grading parameters of described user terminal, generating the network-wide security grading parameters of current local area network;
Organization of Data submodule, for organizing the Virus Info of described user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, generates the network-wide security information summary sheet of current local area network.
14. systems as described in claim 12 or 13, it is characterized in that, described security assessment information also comprises network-wide security rank, described in be positioned at control terminal security evaluation module also comprise:
Safe class determination submodule, for the network-wide security grading parameters according to current local area network, according to the network-wide security rank of the level definition determination current local area network preset.
15. systems as claimed in claim 11, is characterized in that, described in be positioned at control terminal policy distribution module comprise:
Strategy generating submodule, for generating security strategy according to described security assessment information, described security strategy comprises the mark of relative users terminal, and, Java.policy;
Strategy sends submodule, sends security strategy extract notice for described control terminal to user terminal;
The described policy enforcement module being positioned at user terminal comprises:
Strategy extracts submodule, extracts notice for described user terminal according to described security strategy, downloads corresponding Java.policy according to user terminal identification from control terminal;
Policy installation submodule, for installing described Java.policy at described user terminal.
16. systems as claimed in claim 15, is characterized in that, when described security assessment information comprises Virus Info, described Java.policy comprises virus and reads, the information of virus deletion and/or virus isolation;
When described security assessment information comprises wooden horse information, described Java.policy comprises wooden horse and reads, the information that wooden horse is deleted and/or wooden horse is isolated;
When described security assessment information comprises safety loophole information, described Java.policy comprises the information that patch is downloaded and installed;
When described security assessment information comprises malicious plugins information, described Java.policy comprises the information that plug-in unit reads and deletes;
When described security assessment information comprises system rubbish information, described Java.policy comprises the information of system rubbish cleaning;
When described security assessment information comprises system configuration error message, described Java.policy comprises amendment or reset system configuration, and/or, the information of read/write registration table continuous item;
When described security assessment information comprises dangerous software information, described Java.policy comprises the reading of described software and the information of deletion;
Share information when described security assessment information comprises network, described Java.policy comprises the information of reading that described network shares and deletion.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110369637.4A CN102413011B (en) | 2011-11-18 | 2011-11-18 | A kind of method and system of LAN safety assessment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110369637.4A CN102413011B (en) | 2011-11-18 | 2011-11-18 | A kind of method and system of LAN safety assessment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102413011A CN102413011A (en) | 2012-04-11 |
| CN102413011B true CN102413011B (en) | 2015-09-30 |
Family
ID=45914873
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110369637.4A Active CN102413011B (en) | 2011-11-18 | 2011-11-18 | A kind of method and system of LAN safety assessment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102413011B (en) |
Families Citing this family (30)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102945340B (en) * | 2012-10-23 | 2016-04-20 | 北京神州绿盟信息安全科技股份有限公司 | information object detection method and system |
| CN102904780B (en) * | 2012-10-29 | 2015-12-16 | 山石网科通信技术有限公司 | The method of Sampling network health degree and device |
| CN103152218B (en) * | 2013-01-30 | 2016-12-28 | 北京奇虎科技有限公司 | Computer network state-detection and restorative procedure and device |
| CN103347005B (en) * | 2013-06-19 | 2016-08-10 | 北京奇虎科技有限公司 | A kind of control method that data report and client device and server apparatus |
| CN103368965B (en) * | 2013-07-18 | 2018-04-17 | 北京随方信息技术有限公司 | A kind of method of work that network security specification is mapped as to the attribute specification corresponding to network |
| CN104182690B (en) * | 2014-03-04 | 2017-04-12 | 无锡天脉聚源传媒科技有限公司 | Method and device for monitoring safety state |
| CN104008038B (en) * | 2014-05-08 | 2017-06-20 | 百度在线网络技术(北京)有限公司 | The evaluating method and device of software |
| CN104077532B (en) * | 2014-06-20 | 2017-08-25 | 中标软件有限公司 | A kind of Linux virtual platforms safety detection method and system |
| CN104268476B (en) * | 2014-09-30 | 2017-06-23 | 北京奇虎科技有限公司 | A kind of method for running application program |
| CN104268475B (en) * | 2014-09-30 | 2017-06-20 | 北京奇虎科技有限公司 | A kind of system for running application program |
| CN104486764A (en) * | 2014-12-03 | 2015-04-01 | 北京奇虎科技有限公司 | Wireless network detection method, server and wireless network sensor |
| CN105721407A (en) * | 2014-12-05 | 2016-06-29 | 北京神州泰岳信息安全技术有限公司 | Method and device for business system security evaluation |
| CN104579769A (en) * | 2014-12-30 | 2015-04-29 | 北京奇虎科技有限公司 | Method, device and system of terminal management |
| CN106330851B (en) | 2015-07-10 | 2019-12-20 | 腾讯科技(深圳)有限公司 | Mobile terminal security information acquisition and distribution method and device based on cloud service |
| CN104978257B (en) * | 2015-07-17 | 2018-06-12 | 北京奇安信科技有限公司 | Computing device elasticity methods of marking and device |
| CN105262777A (en) * | 2015-11-13 | 2016-01-20 | 北京奇虎科技有限公司 | Local area network (LAN)-based security detection method and device |
| CN105554026A (en) * | 2016-01-12 | 2016-05-04 | 中北大学 | Electronic record information security management system |
| CN107770125A (en) * | 2016-08-16 | 2018-03-06 | 深圳市深信服电子科技有限公司 | A kind of network security emergency response method and emergency response platform |
| CN107809321B (en) * | 2016-09-08 | 2020-03-24 | 南京联成科技发展股份有限公司 | Method for realizing safety risk evaluation and alarm generation |
| CN108112016B (en) * | 2016-11-24 | 2020-11-17 | 腾讯科技(深圳)有限公司 | Wireless local area network security assessment method and device |
| CN106856478A (en) * | 2016-12-29 | 2017-06-16 | 北京奇虎科技有限公司 | A kind of safety detection method and device based on LAN |
| CN107169357A (en) * | 2017-05-12 | 2017-09-15 | 北京金山安全管理系统技术有限公司 | Early warning display processing method, device, storage medium and processor |
| CN107193600A (en) * | 2017-05-24 | 2017-09-22 | 深信服科技股份有限公司 | A kind of patch management method, the first equipment, the first plug-in unit, system and fire wall |
| CN107623916B (en) * | 2017-09-07 | 2020-08-14 | 上海掌门科技有限公司 | Method and equipment for WiFi network security monitoring |
| CN109511129A (en) * | 2017-09-15 | 2019-03-22 | 中国移动通信集团广东有限公司 | A kind of wireless network secure detection method and device |
| CN111770076A (en) * | 2020-06-24 | 2020-10-13 | 国网福建省电力有限公司 | Self-detection network security system and working method thereof |
| CN111885191B (en) * | 2020-07-30 | 2021-08-17 | 西安电子科技大学 | Computer network communication system |
| CN112417459B (en) * | 2020-11-19 | 2022-10-28 | 上海浦东发展银行股份有限公司 | Large-scale terminal equipment safety assessment method and system and computer equipment |
| CN115374445B (en) * | 2022-03-31 | 2024-03-08 | 国家计算机网络与信息安全管理中心 | Terminal system security assessment method, device and system based on cross-network scene |
| CN115567301B (en) * | 2022-09-28 | 2023-10-17 | 宋舒涵 | Information security authentication transmission method and system based on local area network |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1694454A (en) * | 2005-05-10 | 2005-11-09 | 西安交通大学 | Active network safety loophole detector |
| CN1874219A (en) * | 2006-04-06 | 2006-12-06 | 华为技术有限公司 | Method for updating security related information in associated response system |
| CN101127633A (en) * | 2006-08-15 | 2008-02-20 | 华为技术有限公司 | A method and system for secure control of mobile station |
| CN101894230A (en) * | 2010-07-14 | 2010-11-24 | 国网电力科学研究院 | Static and dynamic analysis technology-based host system security evaluation method |
| CN102035803A (en) * | 2009-09-29 | 2011-04-27 | 上海艾融信息科技有限公司 | Method, system and device for adjusting application security strategy |
| CN102158480A (en) * | 2011-03-04 | 2011-08-17 | 北京星网锐捷网络技术有限公司 | Method, system and device for controlling system service recovery |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101459652B (en) * | 2007-12-13 | 2012-02-01 | 中芯国际集成电路制造(上海)有限公司 | Anti-virus method and system for LAN |
| CN101562609B (en) * | 2009-05-27 | 2012-06-27 | 西北大学 | VPN network security loophole detection and global admittance controlling system |
| CN102082659B (en) * | 2009-12-01 | 2014-07-23 | 厦门市美亚柏科信息股份有限公司 | Vulnerability scanning system oriented to safety assessment and processing method thereof |
| US20110185166A1 (en) * | 2010-01-28 | 2011-07-28 | Microsoft Corporation | Slider Control for Security Grouping and Enforcement |
| CN101950338A (en) * | 2010-09-14 | 2011-01-19 | 中国科学院研究生院 | Bug repair method based on hierarchical bug threat assessment |
| CN102170431A (en) * | 2011-03-25 | 2011-08-31 | 中国电子科技集团公司第三十研究所 | Host risk evaluation method and device |
-
2011
- 2011-11-18 CN CN201110369637.4A patent/CN102413011B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1694454A (en) * | 2005-05-10 | 2005-11-09 | 西安交通大学 | Active network safety loophole detector |
| CN1874219A (en) * | 2006-04-06 | 2006-12-06 | 华为技术有限公司 | Method for updating security related information in associated response system |
| CN101127633A (en) * | 2006-08-15 | 2008-02-20 | 华为技术有限公司 | A method and system for secure control of mobile station |
| CN102035803A (en) * | 2009-09-29 | 2011-04-27 | 上海艾融信息科技有限公司 | Method, system and device for adjusting application security strategy |
| CN101894230A (en) * | 2010-07-14 | 2010-11-24 | 国网电力科学研究院 | Static and dynamic analysis technology-based host system security evaluation method |
| CN102158480A (en) * | 2011-03-04 | 2011-08-17 | 北京星网锐捷网络技术有限公司 | Method, system and device for controlling system service recovery |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102413011A (en) | 2012-04-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102413011B (en) | A kind of method and system of LAN safety assessment | |
| US8627475B2 (en) | Early detection of potential malware | |
| KR101514984B1 (en) | Detecting system for detecting Homepage spreading Virus and Detecting method thereof | |
| Zhongyang et al. | DroidAlarm: an all-sided static analysis tool for Android privilege-escalation malware | |
| Zheng et al. | DroidRay: a security evaluation system for customized android firmwares | |
| Sun et al. | Design and implementation of an android host-based intrusion prevention system | |
| US20140053267A1 (en) | Method for identifying malicious executables | |
| KR101899589B1 (en) | System and method for authentication about safety software | |
| CA2777831C (en) | Detecting and responding to malware using link files | |
| Berthome et al. | Repackaging android applications for auditing access to private data | |
| CN103294955B (en) | Macrovirus checking and killing method and system | |
| Fass et al. | Doublex: Statically detecting vulnerable data flows in browser extensions at scale | |
| Perrotta et al. | Botnet in the browser: Understanding threats caused by malicious browser extensions | |
| Ibrahim et al. | SafetyNOT: on the usage of the SafetyNet attestation API in Android | |
| Andriatsimandefitra et al. | Capturing android malware behaviour using system flow graph | |
| KR100961149B1 (en) | Method for detecting malicious site, method for gathering information of malicious site, apparatus, system, and recording medium having computer program recorded | |
| Wu et al. | An overview of mobile malware and solutions | |
| Kazdagli et al. | Morpheus: Benchmarking computational diversity in mobile malware | |
| US10880316B2 (en) | Method and system for determining initial execution of an attack | |
| KR20120124638A (en) | Malignant code detecting system and method based on action | |
| US20110197253A1 (en) | Method and System of Responding to Buffer Overflow Vulnerabilities | |
| Shalev et al. | WatchIT: Who watches your IT guy? | |
| Chakraborty | A comparison study of computer virus and detection techniques | |
| Aysan et al. | " Do You Want to Install an Update of This Application?" A Rigorous Analysis of Updated Android Applications | |
| Zhang et al. | Android Application Security: A Semantics and Context-Aware Approach |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: BEIJING QIHU TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: QIZHI SOFTWARE (BEIJING) CO., LTD. Effective date: 20150902 Owner name: QIZHI SOFTWARE (BEIJING) CO., LTD. Effective date: 20150902 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20150902 Address after: 100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park) Applicant after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Applicant after: Qizhi software (Beijing) Co.,Ltd. Address before: The 4 layer 100016 unit of Beijing city Chaoyang District Jiuxianqiao Road No. 14 Building C Applicant before: Qizhi software (Beijing) Co.,Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20161213 Address after: 100015 Jiuxianqiao Chaoyang District Beijing Road No. 10, building 15, floor 17, layer 1701-26, 3 Patentee after: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. Address before: 100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
| CB03 | Change of inventor or designer information |
Inventor after: Deng Zhenbo Inventor after: Meng Jun Inventor after: Liu Xuezhong Inventor after: Sun Xiaoqing Inventor after: Huang Jianting Inventor after: Yu Xinwei Inventor after: Zhao Huaqiang Inventor after: Wang Lin Inventor before: Deng Zhenbo Inventor before: Sun Xiaoqing Inventor before: Huang Jianting Inventor before: Yu Xinwei Inventor before: Zhao Huaqiang Inventor before: Wang Lin |
|
| CB03 | Change of inventor or designer information | ||
| CP03 | Change of name, title or address |
Address after: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Patentee after: Qianxin Technology Group Co.,Ltd. Address before: 100015 15, 17 floor 1701-26, 3 building, 10 Jiuxianqiao Road, Chaoyang District, Beijing. Patentee before: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. |
|
| CP03 | Change of name, title or address | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20201225 Address after: 100044 2nd floor, building 1, yard 26, Xizhimenwai South Road, Xicheng District, Beijing Patentee after: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. Patentee after: Qianxin Technology Group Co.,Ltd. Address before: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Patentee before: Qianxin Technology Group Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| CP03 | Change of name, title or address |
Address after: 2nd Floor, Building 1, Yard 26, Xizhimenwai South Road, Xicheng District, Beijing, 100032 Patentee after: Qianxin Wangshen information technology (Beijing) Co.,Ltd. Patentee after: Qianxin Technology Group Co.,Ltd. Address before: 100044 2nd floor, building 1, yard 26, Xizhimenwai South Road, Xicheng District, Beijing Patentee before: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. Patentee before: Qianxin Technology Group Co.,Ltd. |
|
| CP03 | Change of name, title or address |