CN103618652A - Audit and depth analysis system and audit and depth analysis method of business data - Google Patents
Audit and depth analysis system and audit and depth analysis method of business data Download PDFInfo
- Publication number
- CN103618652A CN103618652A CN201310691075.4A CN201310691075A CN103618652A CN 103618652 A CN103618652 A CN 103618652A CN 201310691075 A CN201310691075 A CN 201310691075A CN 103618652 A CN103618652 A CN 103618652A
- Authority
- CN
- China
- Prior art keywords
- network
- business
- business information
- task
- rule
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses an audit and depth analysis system and an audit and depth analysis method of business data. The system comprises a network receiving unit and a processing unit, wherein the network receiving unit is used for receiving a network data packet; the processing unit is used for receiving the network data packet to form metadata including an applicant, request time, a target system and business data, extracting business information according to the business information extraction rule, carrying out correlation analysis on the business information according to correlation analysis knowledge, and maintaining an extraction rule base and a correlation analysis knowledge base. The method comprises the following steps: building a knowledge base including the business information extraction rule and business information; receiving the network data packet, extracting the metadata and storing the metadata into the knowledge base; reading the extraction rule according to the metadata, and extracting the business information according to the extraction rule. The audit and depth analysis system and the audit and depth analysis method have the beneficial effects that depth utilization of the network data packet is achieved by different business information extraction rules and business information, and correlation analysis of the business data and other business data is achieved on the basis of metadata updating of the knowledge base.
Description
Technical field
The present invention relates to areas of information technology, be specifically related to a kind of business datum be audited and system and the method thereof of depth analysis.
Background technology
In government bodies, finance, public security, finance, card Securities, medical ,Shui, telecom operators and some other large enterprise, all need a large amount of business datums to process, in prior art, business data processing is divided into artificial treatment and computer is processed, artificial treatment speed is slow, and existing computer is processed and is confined to business datum to carry out data statistics and data extraction.But the fast development along with economic society, in order further to excavate the commercial value of business datum, the association analysis or the association analysis between business datum itself that realize between business datum and other related data are necessary, must be outside simple data analysis, the degree of depth is excavated business datum.
Summary of the invention
In view of this, the audit of a kind of business datum provided by the invention and depth analysis system and method thereof, the degree of depth is excavated using value and the commercial value of business datum.
For achieving the above object, the technical solution used in the present invention is:
The audit of business datum and a depth analysis system, comprising:
Network receiving element, in order to receiving network data bag;
Processing unit, receiving network data bag, to form the metadata that comprises claimant, request time, goal systems and business datum, is processed metadata according to business information extracting rule, extracts business information; And according to association analysis knowledge, business information is carried out to association analysis; All kinds of business information based in a certain unit are comprehensively analyzed and excavated;
Maintenance unit, safeguards and upgrades business information extracting rule and business information;
Memory cell, storage service information extraction rule, association analysis knowledge, business information and association analysis result.
By different extracting rules, business data packet is carried out to different processing, extract business information; According to association analysis knowledge, to all kinds of business information depth analysis based in a certain unit with associated.
Further, also comprise:
Pretreatment unit, receives the network packet that network receiving element transmits, and packet is carried out to application protocol analysis, protocol algorithm processing and business datum and filter, and the network packet after processing is sent to processing unit.By preliminary treatment, reduce the pressure of processing unit, reduce its workload.
Further, described network receiving element comprises network identification system and network data probe system, network identification system is for supervisory user state to be confirmed whether allowing user data to pass through, and network data probe system is caught network packet according to default packet capturing rule.Carry out on the one hand authentication and confirm to realize claimant, by two systems, realize on the other hand the efficient utilization of resource.
Further, memory cell is with unified memory interface integrated database management system and distributed storage framework.Can be deployed on cheap hardware, also can provide high transmission rates visit data, be applicable to the applied analysis of following super large data set.
The audit of business datum and a depth analysis method, comprise the following steps:
501: build the knowledge base that comprises business information extracting rule and business information;
502: receiving network data bag, forms the metadata being comprised of claimant, request time, goal systems and business datum and deposit knowledge base in;
503: according to metadata, read extracting rule;
504: according to extracting rule, extract business information.
By different business information extracting rule related network packet and business information, can carry out different excavations to network packet, thereby can realize according to demand the association analysis of network packet and processing.
Further, the state of business information extracting rule be divided into test, activity, freeze, inefficacy four-stage.The knowledge of knowledge base is answered real-time update, must set up and enter and escape mechanism, makes knowledge base become a dynamic storehouse.
Further, in step 102-104, task is processed and is completed by task scheduling unit and task processing unit, and assigned tasks, monitor task, withdrawal task and confirmation task are responsible in task scheduling unit.Guarantee that task processes discal patch puts Chu in order, effective fast.
Further, task scheduling unit becomes Task-decomposing the set of subtask, to be distributed at least one task processing unit, and carry out the timing management of subtask, the processing of subtask is divided into parallel processing and serial process, the state of task and subtask be divided into preparation, ready, process, complete and regain.Guarantee carrying out fast of complex task.
Further, knowledge base also comprises rule definition, regular validation verification and regulation management.Business information extracting rule itself is also dynamic, practical.
Beneficial effect of the present invention is: by different business information extracting rule and business information, accomplish the deep exploitation to network packet.Metadata updates based on knowledge base, realizes the association analysis of business datum and other business datum.
Accompanying drawing explanation
Fig. 1 is the audit of business datum of the present invention and the flow chart of depth analysis method;
Fig. 2 is the audit of business datum of the present invention and the structured flowchart of depth analysis system;
Fig. 3 is the audit of business datum of the present invention and the concrete enforcement figure of depth analysis system.
Embodiment
Below in conjunction with accompanying drawing, technical scheme of the present invention is described, obviously, accompanying drawing is described is only a part of the present invention rather than whole embodiment.
As shown in Figure 2, the audit of business datum provided by the invention and depth analysis system, the necessary unit of system is processing unit, memory cell, network receiving element and maintenance unit, further, in order to alleviate the pressure of processing unit, can also design a pretreatment unit.
Wherein, the network of network receiving element not refers in particular to the Internet, should do the understanding of broad sense, comprises various forms of Intranets and other existing network forms.Network receiving element consists of network identification system and network data probe system, and they undertake respectively different task.Network ID authentication subsystem is positioned in network backbone, and task service request all must be through this subsystem.The connection of subsystem inside is controlled engine and is used for controlling user, and its real-time and User Status monitoring module communication, determines whether to allow user data to pass through; If user is login not, connect control engine and automatically user's request is jumped to login audit interface, by user, input log-on message; For the user who enters for the first time network, can enter subscriber information management module, registration and managing personal information; Black, white list is that optimization system function arranges for system effectiveness is provided; Bypass is for guaranteeing the compatibility of whole system, and when soft and hardware fault appears in network ID authentication subsystem, bypass module starts makes packet can directly pass through this equipment.Network data probe system is positioned on the mirror image of the main switching equipment of unit, according to default packet capturing rule, catches network packet, and the filtration through packet capturing rule, can mask extraneous data bag, mitigation system pressure; Packet capturing rule be take IP bag as target, can set source IP, source port, Target IP and target port; In addition, consider in routine work, the wink property the sent out feature of service request, in network data probe system, is provided with jumbo network data Buffer Pool, play the effect that peak clipping presses down paddy, when network traffic data is larger, the resource of network data probe system is mainly used to packet capturing, when network traffic data hour, the resource of network data probe system can be used for carrying out packet integration, realizes making full use of of resource.
Pretreatment unit designs with distributed way, its Core Feature is that network packet is carried out to preliminary treatment, alleviate the pressure of Business treatment, mainly comprise application protocol analysis engine, protocol algorithm module (http, DES, MD5 etc.) and business datum filter engine.Application protocol analytics engine invocation protocol algoritic module, the packet of catching for network data probe subsystem carries out aftertreatment, as https message is deciphered, resolved, verifies MD5 or the SHA signature of catching network packet for cipher protocols such as DES, RC2, RC5; After application protocol is parsed, all becoming packet expressly, submit business datum filter engine to, the packet of catching is carried out to secondary cleaning, filter out and the packets such as CSS, the Javascript of independent of service, picture, after pretreatment unit, from the packet of network acquisition, be only left the plaintext bag of traffic aided, can greatly alleviate subsequent treatment pressure.In order to realize the reduction of the enciphered datas such as https, native system embedded digital certificate repository, imports data certificate, realizes decryption work.In addition, pretreatment unit can consist of many processors, so built-in task management module, and wherein task scheduling engine is core, realizes in polyprocessor concurrent working.The module of task management simultaneously, according to the running status when pretreating machine, is coordinated the work of other processor.
Business information processing unit is the core of native system, mainly realizes extraction and the association analysis of business information.Main handling process comprises that business information is extracted, effectiveness of information is verified, Chinese character code is changed and association analysis.When business information is extracted, first with rule base communication, obtain the rule of active state, then according to Rule Extraction business information; Extract after business information, verify the validity of information, as inconsistent with expection, should produce warning, by keeper, the validity of business data packet or rule is confirmed; If contain Chinese information in the business information of extracting, to carry out Chinese character code conversion, the Chinese unification of the codings such as GBK, GB18030, Unicode is converted to utf-8 form; Finally, to to information extraction, carry out association according to association analysis knowledge base, wherein user status table provides information word by network ID authentication subsystem, mainly comprise < personnel, IP, period > tlv triple, associated for operating personnel and business datum.Business Rule Management subsystem is to be mainly used in rule to safeguard, the distribution of rule simultaneously., keeper can utilize regular validity monitoring tool, verifies that whether current rule is with imitating.If goal systems changes, cannot be by checking when information extraction, Service Processing Unit will send regular Failure Alarm to regulation management subsystem so, and regulation management subsystem is received after warning, this rule state is set to " freezing ", and stops the distribution of this rule.Business information is processed and is adopted Distributed Design, by dispatcher, realizes task distribution, condition monitoring and management, and processor regularly reports and submits state information to dispatcher.
System provided by the invention, data storage cell can be integrated with data base management system (Oracle, SqlServer, Mysql) and distributed storage framework (hadoop) by unified memory interface.Wherein, data base management system be take tables of data as unit, with sql like language, carries out association, analysis, technology maturation; Distributed storage framework has the feature of high fault tolerance, and design is used for being deployed on cheap hardware, and data that provide high transmission rates to visit, are applicable to the applied analysis of following super large data set.
As shown in Figure 1, the audit of a kind of business datum provided by the invention and depth analysis method, comprise the following steps:
501: build the knowledge base that comprises business information extracting rule and business information;
502: receiving network data bag, forms the metadata being comprised of claimant, request time, goal systems and business datum and deposit knowledge base in;
503: according to metadata, read extracting rule;
504: according to extracting rule, extract business information.
Analytical method provided by the invention, its core innovative point is: business information is analyzed, by information extraction rule base, extracted business datum; The definition of business information extracting rule, maintenance and implementation algorithm; Based on correlation rule knowledge base, all kinds of business information of association analysis, form the metadata being comprised of operator, goal systems, time, business datum; The definition of association knowledge and, maintenance and implementation algorithm; Adopt distributed computing, realize the schedulability of " service information analysis " and " association analysis " task, on physical equipment, realize load balancing; Distributed data interface is provided, supports large data analysis.
Preferred in addition, business datum receives by network, therefore when network receives data, also should comprise Ip packet capture; The network packet reduction of the transport layer protocols such as http (s); Network ID authentication; Reality identity, ip, period association algorithm; The information gathering of related service system.
Method provided by the invention, in step 502, service information analysis engine is from business datum reduction interface receiving network data bag, according to network packet feature, judgement class of business, according to class of business, from rule base, read the active rule subset that is applicable to this business, by regular subset, extract business datum.If analysis engine in running, finds that extracting rule has problem, may be due to many reasons, as not strong in: operation system upgrading, rule applicability etc., by asynchronous mechanism, notify keeper, by keeper, rule base is safeguarded.
Business information extracting rule, is described by abstract logical language, the information such as the applicable business of definition, extracting parameter locating information, m odel validity checking.According to different business, different depth analysis demands, edits different requirement rules.Knowledge base comprises the summation of miscellaneous service information extraction rule.In Fig. 1, used two box indicating flow processs of rule base and knowledge base, in practical application the summation of extracting rule and the summation of business information can store with together with also can be separated, arrange according to the actual requirements.Rule is divided into movable and freezes by its effective status, when service information analysis engine is submitted rule query request to, rule base return all be applicable to this business, the rule in active state; When a rule is when inapplicable, this rule state can be adjusted into and freeze, this rule will not come into force; Rule base also comprises the instruments such as rule definition, validation verification, regulation management, by keeper, is safeguarded.
In step 504, association analysis comprises and realizes the associated of < business datum > and < operating personnel, time and business information >.Here, business information is determined according to demand, has both needed to analyze and excavate the value of which kind of direction of network packet, chooses the business information of this direction network packet is carried out to association with depth analysis according to extracting rule.Business information can be the summation of business datum, can be also out of Memory.
While receiving packet by network, when network packet is reduced, can extract the operating time of network packet and initiate IP, in order to determine operating personnel, mainly pass through network authentication method, authentication gateway is started working from cutting time point day, record the state of each IP address, if 1 IP does not initiate transaction through authentication, authentication gateway is tackled the communication of this IP, automatically jump to authentication interface, by operating personnel, input authentication information, realize < IP, period > is associated with < operating personnel >'s.Association for operating personnel, depending on different target system, can be optimized, as goal systems self has authentication module, and can provide the record of authentication and communication session, according to the record of <sessionid, operating personnel >, can the operating personnel of authentication gateway be confirmed and be revised so.< business datum > is associated with < business information >'s, mainly depends on knowledge base.
Knowledge in knowledge base, is concluded, is summed up by business personnel, by keeper, is safeguarded.Knowledge adopts and preferably adopts problem reduction approach statement, and from associated objects, backward inference, is transformed to subproblem set and sub-subproblem set by conversion initial problem, until last reduction is an ordinary primitive problem set.There is equally the problem of life cycle in knowledge, is divided into test, activity, freezes, the stage such as inefficacy, and the testing period is mainly controlled by business personnel, confirm association knowledge whether effectively, whether reach re-set target; After confirming the validity, mark knowledge is active state, and association analysis engine, according to knowledge, carries out business datum association process; With anything, knowledge also has applicability problem, and when goal systems and interconnected system generation change thereof, keeper is adjusted into frozen state knowledge, effectively the confirming and adjusting knowledge by business personnel; When relating to the module of knowledge or system and stop serving, knowledge is inapplicable, is adjusted into failure state.
When business diagnosis and association analysis, preferably adopt distributed treatment algorithm, by task scheduling main frame and task processing host, cooperated.First, the task to business diagnosis and association analysis is set up task list in dispatching host machine, task processing host is to dispatching host machine submit applications, by dispatching host machine assigned tasks, after task processing host is finished the work, submit result to, dispatching host machine during to disposition row confirm.Dispatching host machine task scheduling, is also responsible for the running status of each task processing host of monitoring except being responsible for, and when task processing host occurs that abnormal, performance reduces, dispatching host machine is regained task, changes by other task processing host and completes; Simultaneously, dispatching host machine is also responsible for decomposition and the subtask timing management of task, when a task is separated as computable subtask, between subtask, there are parallel and two kinds of relations of serial, for Serial Relation, by dispatching host machine, be responsible for, only, in the completed situation of front sequence task, just distribute postorder task.For guaranteeing task uniformity for the treatment of and continuity, we introduce state machine concept in task is processed, task status be divided into preparation, ready, process, complete, five states such as withdrawal, mission bit stream and state thereof are stored with database.Distributed task scheduling is processed back-up system and is carried out transactional recovery, and while there is the situations such as power-off when system, after restarting, dispatcher can be carried out rollback and recovery operation according to the state of task in database, guarantees the consistency of system mode.
Aspect data storage, the invention provides unified memory interface, the data of generation can store in traditional Database Systems, also can store the distributed system of hadoop and so on into.This makes technical approach and the System Framework of later data excavation and science decision more flexible.Each application units, can carry out data mining to the data that generate, and extract valuable business information, and on this basis, by selecting different Mathematical Modelings, quantize calculating, for market prediction and science decision provide fact basis.
As shown in Figure 3, be the present invention in specific embodiment , China for public security system, the existing business system that public security system is divided into has more than 60, these operation system overwhelming majority are all the Web application systems based on http and https, and they are used by different categories within police force, army unit, business sections.These operation systems all can not realize overall UNICOM and audit, can not reach the Ministry of Public Security and about < <, strengthen the requirement of the notice > > of information system application audit.If rectified and improved, the developer of a part of system cannot contact, and does not possess transformation condition; Other system all will be transformed according to unified rule, affects regular traffic, the transformation cycle is long, cost is high.
Business datum correlation analysis system provided by the invention and method thereof adopt the framework of basic network, the business datum audit of a kind of packet Network Based (stream) and the method for business datum depth analysis, do not need present information system and network to transform, any plug-in unit or Agent need to be installed in the server of original information system, just can reach the requirement of the Ministry of Public Security to operation system audit, abundant data mining capability is also provided simultaneously.In the present embodiment, the operating audit function of correlation analysis system can refine to operation rank, and its metadata is: who, when, in which system, carried out what operation, what content of operation is, meets the requirement of the Ministry of Public Security completely.On the basis of audit function, correlation analysis system provides abundant data mining capability, for example, because data mining capability is combined with business closely: combine related cases and pay close attention to rank with runaway convict.
Before correlation analysis system, for the work of combining related cases of a case, mainly by house organ, but due to the restriction in categories within police force and region, the clue of combining related cases source is not comprehensive.If use correlation analysis system provided by the invention, a certain policeman is in cracking of cases process, and while utilizing information system inquiry suspect or case related personnel, its operation note all can associated analytical system be audited and arrived.Correlation analysis system, automatically according to checked person's information, is retrieved all policemen that inquired about this people in data warehouse, according to time and region sequence, forms case clue, by inner OA system, is pushed to the policeman that case is undertaken.For example, the A police officer in local police station processes case together, by the information of having inquired about Zhang San in online runaway convict storehouse, king police officer will receive portion " case clue file " in OA system so subsequently, wherein prompting " the B police officer of prohibition of drug army unit also inquired about Zhang San's information before three days in prohibition of drug system ".The concrete application of the association analysis automatic prompting function of combining related cases has been realized cross-system, across the clue of categories within police force, cross-region, has been collected.
Also as, in public security work, how improving case handling efficiency is the matter of utmost importance of public security work.Runaway convict at correlation analysis system pays close attention to rank, just can play exploration effect.Runaway convict pays close attention to rank, and can to take national runaway convict storehouse be basic data, the extracting rule of correlation analysis system provided by the invention of take is key data, by weights Processing Algorithm, runaway convict is sorted, filter out of greatest concern and active runaway convict, as the emphasis of work.Wherein, runaway convict's weights Main Basis concern policeman professional level, concern (inquiry) number of times, time calculate, as runaway convict Li Si was inquired about once in last week by chief, by the total team leader of the prohibition of drug, in this week, inquired about twice, by the people's police of basic unit, inquired about 11 times, its rank is forward, the emphasis that each categories within police force and the policeman of basic unit can be work Zhang Qiangzuo when circular.
The description of technique scheme has only embodied the preferred technical solution of the present invention, and be not exhaustively, obviously, according to above-described embodiment, analogize, the technical program is also applied to the industry-by-industries such as government, public security, traffic police, finance, finance, card Securities, the tax, telecom operators, medical treatment, health, insurance, enterprise, electric power, the energy, territory, or limit the invention to disclosed form.Based on embodiments of the invention, the other forms of technical scheme that anyone obtains under the prerequisite of not making creative work, no matter it is in structure or which kind of is made change in form, within all belonging to protection scope of the present invention.
Claims (9)
1. the audit of business datum and a depth analysis system, is characterized in that, comprising:
Network receiving element, in order to receiving network data bag;
Processing unit, receiving network data bag, to form the metadata that comprises claimant, request time, goal systems and business datum, is processed metadata according to business information extracting rule, extracts business information; And according to association analysis knowledge, business information is carried out to association analysis;
Maintenance unit, safeguards and upgrades business information extracting rule storehouse and association analysis knowledge base;
Memory cell, storage service information extraction rule, association analysis knowledge, business information and association analysis result.
2. analytical system according to claim 1, is characterized in that, also comprises:
Pretreatment unit, receives the network packet that network receiving element transmits, and packet is carried out to application protocol analysis, protocol algorithm processing and business datum and filter, and the network packet after processing is sent to processing unit.
3. analytical system according to claim 1, it is characterized in that, described network receiving element comprises network identification system and network data probe system, network identification system is for supervisory user state to be confirmed whether allowing user data to pass through, and network data probe system is caught network packet according to default packet capturing rule.
4. analytical system according to claim 1, is characterized in that, memory cell is with unified memory interface integrated database management system and distributed storage framework.
5. a business datum association analysis method, is characterized in that, comprises the following steps:
501: build the knowledge base that comprises business information extracting rule and business information;
502: receiving network data bag, forms the metadata being comprised of claimant, request time, goal systems and business datum and deposit knowledge base in;
503: according to metadata, read extracting rule;
504: according to extracting rule, extract business information.
6. analytical method according to claim 5, is characterized in that, the state of extracting rule is divided into test, activity, freezes, inefficacy four-stage.
7. analytical method according to claim 5, is characterized in that, in step 102-104, task is processed and completed by task scheduling unit and task processing unit, and assigned tasks, monitor task, withdrawal task and confirmation task are responsible in task scheduling unit.
8. analytical method according to claim 7, it is characterized in that, task scheduling unit becomes Task-decomposing the set of subtask, to be distributed at least one task processing unit, and carry out the timing management of subtask, the processing of subtask is divided into parallel processing and serial process, the state of task and subtask be divided into preparation, ready, process, complete and regain.
9. analytical method according to claim 5, is characterized in that, knowledge base also comprises rule definition, regular validation verification and regulation management.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310691075.4A CN103618652B (en) | 2013-12-17 | 2013-12-17 | A kind of audit of business datum and depth analysis system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310691075.4A CN103618652B (en) | 2013-12-17 | 2013-12-17 | A kind of audit of business datum and depth analysis system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103618652A true CN103618652A (en) | 2014-03-05 |
| CN103618652B CN103618652B (en) | 2018-03-20 |
Family
ID=50169356
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310691075.4A Expired - Fee Related CN103618652B (en) | 2013-12-17 | 2013-12-17 | A kind of audit of business datum and depth analysis system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103618652B (en) |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105160038A (en) * | 2015-10-10 | 2015-12-16 | 广东卓维网络有限公司 | Data analysis method and system based on audit database |
| CN104077224B (en) * | 2014-07-04 | 2017-01-04 | 用友网络科技股份有限公司 | Software function analyzes System and method for |
| CN106656971A (en) * | 2016-10-14 | 2017-05-10 | 福建星瑞格软件有限公司 | Service behavior data acquisition system |
| CN106878029A (en) * | 2015-12-14 | 2017-06-20 | 任子行网络技术股份有限公司 | A kind of network data auditing system and method |
| CN107277076A (en) * | 2017-08-21 | 2017-10-20 | 中国科学院文献情报中心 | The authentication method and device of a kind of network legal power |
| CN107508721A (en) * | 2017-08-01 | 2017-12-22 | 南京云利来软件科技有限公司 | A kind of collecting method based on metadata |
| CN108197177A (en) * | 2017-12-21 | 2018-06-22 | 北京三快在线科技有限公司 | Monitoring method, device, storage medium and the computer equipment of business object |
| CN108804408A (en) * | 2017-04-27 | 2018-11-13 | 安徽富驰信息技术有限公司 | Information extraction system based on domain-specialist knowledge system and information extraction method |
| CN109151090A (en) * | 2018-04-13 | 2019-01-04 | 国家计算机网络与信息安全管理中心 | IP address association analysis method and analysis system based on Internet basic resource |
| CN109656963A (en) * | 2018-12-18 | 2019-04-19 | 深圳前海微众银行股份有限公司 | Metadata acquisition methods, device, equipment and computer readable storage medium |
| CN110532025A (en) * | 2019-08-30 | 2019-12-03 | 上海复深蓝软件股份有限公司 | Data processing method, device, equipment and storage medium based on micro services framework |
| CN111612437A (en) * | 2020-06-03 | 2020-09-01 | 云南电网有限责任公司 | Audit operation guidance method and device |
| CN113486191A (en) * | 2021-06-25 | 2021-10-08 | 北京计算机技术及应用研究所 | Confidential electronic file fixed decryption method |
| CN114201753A (en) * | 2021-12-03 | 2022-03-18 | 中国长江三峡集团有限公司 | Industrial production network data analysis method based on business behaviors |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7702617B2 (en) * | 2002-10-31 | 2010-04-20 | International Business Machines Corporation | System and method for distributed querying and presentation of information from heterogeneous data sources |
| CN102611565B (en) * | 2011-10-18 | 2015-07-08 | 深圳供电局有限公司 | Regular-expression-based alarm correlation analysis method for monitoring system |
| CN103164400A (en) * | 2011-12-08 | 2013-06-19 | 中国移动通信集团浙江有限公司 | Method, device and system of correlation analysis |
-
2013
- 2013-12-17 CN CN201310691075.4A patent/CN103618652B/en not_active Expired - Fee Related
Cited By (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104077224B (en) * | 2014-07-04 | 2017-01-04 | 用友网络科技股份有限公司 | Software function analyzes System and method for |
| CN105160038B (en) * | 2015-10-10 | 2017-04-19 | 广东卓维网络有限公司 | Data analysis method and system based on audit database |
| CN105160038A (en) * | 2015-10-10 | 2015-12-16 | 广东卓维网络有限公司 | Data analysis method and system based on audit database |
| CN106878029A (en) * | 2015-12-14 | 2017-06-20 | 任子行网络技术股份有限公司 | A kind of network data auditing system and method |
| CN106878029B (en) * | 2015-12-14 | 2019-11-22 | 任子行网络技术股份有限公司 | A kind of network data auditing system and method |
| CN106656971A (en) * | 2016-10-14 | 2017-05-10 | 福建星瑞格软件有限公司 | Service behavior data acquisition system |
| CN108804408A (en) * | 2017-04-27 | 2018-11-13 | 安徽富驰信息技术有限公司 | Information extraction system based on domain-specialist knowledge system and information extraction method |
| CN107508721A (en) * | 2017-08-01 | 2017-12-22 | 南京云利来软件科技有限公司 | A kind of collecting method based on metadata |
| CN107508721B (en) * | 2017-08-01 | 2018-11-02 | 南京云利来软件科技有限公司 | A kind of collecting method based on metadata |
| CN107277076B (en) * | 2017-08-21 | 2020-07-14 | 中国科学院文献情报中心 | Network authority authentication method and device |
| CN107277076A (en) * | 2017-08-21 | 2017-10-20 | 中国科学院文献情报中心 | The authentication method and device of a kind of network legal power |
| CN108197177A (en) * | 2017-12-21 | 2018-06-22 | 北京三快在线科技有限公司 | Monitoring method, device, storage medium and the computer equipment of business object |
| CN108197177B (en) * | 2017-12-21 | 2019-12-17 | 北京三快在线科技有限公司 | Business object monitoring method and device, storage medium and computer equipment |
| CN109151090B (en) * | 2018-04-13 | 2022-03-25 | 国家计算机网络与信息安全管理中心 | IP address correlation analysis method and analysis system based on Internet basic resources |
| CN109151090A (en) * | 2018-04-13 | 2019-01-04 | 国家计算机网络与信息安全管理中心 | IP address association analysis method and analysis system based on Internet basic resource |
| CN109656963A (en) * | 2018-12-18 | 2019-04-19 | 深圳前海微众银行股份有限公司 | Metadata acquisition methods, device, equipment and computer readable storage medium |
| CN110532025A (en) * | 2019-08-30 | 2019-12-03 | 上海复深蓝软件股份有限公司 | Data processing method, device, equipment and storage medium based on micro services framework |
| CN110532025B (en) * | 2019-08-30 | 2021-01-05 | 上海复深蓝软件股份有限公司 | Data processing method, device and equipment based on micro-service architecture and storage medium |
| CN111612437A (en) * | 2020-06-03 | 2020-09-01 | 云南电网有限责任公司 | Audit operation guidance method and device |
| CN111612437B (en) * | 2020-06-03 | 2023-09-26 | 云南电网有限责任公司 | Audit operation guiding method and device |
| CN113486191A (en) * | 2021-06-25 | 2021-10-08 | 北京计算机技术及应用研究所 | Confidential electronic file fixed decryption method |
| CN113486191B (en) * | 2021-06-25 | 2024-04-05 | 北京计算机技术及应用研究所 | Secret-related electronic file fixed decryption method |
| CN114201753A (en) * | 2021-12-03 | 2022-03-18 | 中国长江三峡集团有限公司 | Industrial production network data analysis method based on business behaviors |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103618652B (en) | 2018-03-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103618652A (en) | Audit and depth analysis system and audit and depth analysis method of business data | |
| CN103701783B (en) | Preprocessing unit, data processing system consisting of same, and processing method | |
| CN110134674B (en) | Currency credit big data monitoring and analyzing system | |
| CN104615852B (en) | The method for order and the raising source service efficiency of registering for guarantee online booking | |
| CN112765245A (en) | Electronic government affair big data processing platform | |
| CN107220142B (en) | Method and device for executing data recovery operation | |
| CN111787090B (en) | Intelligent treatment platform based on block chain technology | |
| CN105631026A (en) | Security data analysis system | |
| CN111090779A (en) | Cloud storage and retrieval analysis method for case-handling exploration evidence-taking data | |
| CN106778253A (en) | Threat context aware information security Initiative Defense model based on big data | |
| CN108459919A (en) | A kind of distributed transaction processing method and device | |
| CN107644340A (en) | Risk Identification Method, client device and risk recognition system | |
| CN103118036A (en) | Cloud end based intelligent security protection system and method | |
| CN108092936A (en) | A kind of Host Supervision System based on plug-in architecture | |
| CN107506408A (en) | To the method and system of magnanimity event distribution formula association matching | |
| CN111046000A (en) | Government data exchange sharing oriented security supervision metadata organization method | |
| CN110008694A (en) | A kind of application security control method, device, equipment and readable storage medium storing program for executing | |
| CN108833442A (en) | A kind of distributed network security monitoring device and its method | |
| CN107733738A (en) | A kind of computer network cloud management system | |
| CN107302583A (en) | A kind of automation operation management method that data integration is realized based on Kylo | |
| Wang et al. | Construction of Audit Internal Control Intelligent System Based on Blockchain and Cloud Storage | |
| CN204731786U (en) | Adopt the large data analysis system of computing machine verification code technology | |
| CN110759191B (en) | Elevator control method based on 5G smart park | |
| EP2698966B1 (en) | Tracking end-users in web databases | |
| CN112581129A (en) | Block chain transaction data management method and device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information |
Inventor after: Shao Yonggang Inventor after: Fan Zhongwei Inventor before: Shao Yonggang Inventor before: Fan Zhongwei Inventor before: Li Ying |
|
| COR | Change of bibliographic data | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180320 Termination date: 20201217 |