CN105429996A - Method for intelligently finding and locating address translation equipment - Google Patents

Method for intelligently finding and locating address translation equipment Download PDF

Info

Publication number
CN105429996A
CN105429996A CN201510940543.6A CN201510940543A CN105429996A CN 105429996 A CN105429996 A CN 105429996A CN 201510940543 A CN201510940543 A CN 201510940543A CN 105429996 A CN105429996 A CN 105429996A
Authority
CN
China
Prior art keywords
equipment
information
net
suspicious
net equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510940543.6A
Other languages
Chinese (zh)
Other versions
CN105429996B (en
Inventor
杨玲
傅如毅
蒋行杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Yuanwang Information Co Ltd
Original Assignee
Zhejiang Yuanwang Information Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Yuanwang Information Co Ltd filed Critical Zhejiang Yuanwang Information Co Ltd
Priority to CN201510940543.6A priority Critical patent/CN105429996B/en
Publication of CN105429996A publication Critical patent/CN105429996A/en
Application granted granted Critical
Publication of CN105429996B publication Critical patent/CN105429996B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/52Network services specially adapted for the location of the user terminal

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a method for intelligently finding and locating address translation equipment. Monitoring equipment hardware bypasses on a core switch of a management and control network; a core monitoring program, a data analyzing program and an equipment scanning program are embedded in the monitoring equipment hardware; the core monitoring program is used for mirroring all communication data packets passing through the core switch to a local server in real time; the data analyzing program is used for unpacking the communication data packets mirrored to the local server, acquiring characteristic information and analyzing the IP address of suspicious NET equipment; and the equipment scanning program is used for independently scanning the suspicious NET equipment and directly obtaining information of the suspicious NET equipment. The method for intelligently finding and locating the address translation equipment disclosed by the invention has the function of independently finding the NET equipment; by means of characteristic modelling analysis and a similarity weighted algorithm, the high-efficiency controllability and the manageability of a network boundary can be realized; the network stability is improved; and the information security in a special network environment can be enhanced.

Description

A kind of method of intelligence discovery and positioning address conversion equipment
[technical field]
The present invention relates to the technical field that dedicated network border control controls, particularly a kind of method of intelligence discovery and positioning address conversion equipment.
[background technology]
While the deep development and technological progress of network application, the network security threats such as unauthorized access, malicious attack, virus propagation are also more and more serious.More and more huger in scale, under the ad hoc network environment that structure becomes increasingly complex, a lot of user is equipment access or escape supervision conveniently, terminal computer is linked in the middle of management and control network privately by address-translating device (NET equipment), and unauthorized access intranet resources.And the network monitoring management means of present stage cannot find this type of access behavior timely and effectively, more cannot the terminal equipment of access be positioned and be controlled, and this unlawful practice changes whole topology of networks, whole network is made to be in imperfect supervision state, thus the situation of change of network boundary structure cannot be grasped in time, there is great potential safety hazard in intranet resources information, very easily brings adverse consequences.
In order to improve network security, strengthen the information security under ad hoc network environment, stop the problem of privately being built Webweb and unauthorized device access by NET equipment, Strengthening Management person is to the controllability on dedicated network border and pipe, and the automatic identification realized NET equipment and location, position, be necessary a kind of method proposing intelligence discovery and positioning address conversion equipment.
[summary of the invention]
The object of the invention is to overcome above-mentioned the deficiencies in the prior art, a kind of method of intelligence discovery and positioning address conversion equipment is provided, it is intended to solve NET equipment in prior art and privately builds Webweb and unauthorized device access, the controllability on dedicated network border and the poor technical problem of pipe.
For achieving the above object, the present invention proposes a kind of method of intelligence discovery and positioning address conversion equipment, it is based on bypass monitoring equipment hardware on management and control server switch, described monitoring equipment hardware inside embeds core monitoring facilities, DAP and device scan program, described core monitoring facilities will pass through all communication data packet mirror images of core switch to home server in real time, described DAP is unpacked and acquisition characteristics information to the communication data packet of mirror image to home server, by existing NET apparatus characteristic analytical model, modeling and feature difference analysis are carried out to gathered data characteristic information, analyze the IP address of suspicious NET equipment, described device scan program is carried out from main scanning suspicious NET equipment, the information of the suspicious NET equipment of direct acquisition, concrete steps are as follows:
A), mirror image obtains network packet: the hardware-initiated core monitoring facilities of the monitoring equipment of bypass on core switch, will be a to home server by all communication data packet mirror images of core switch;
B), communication data packet is resolved: the DAP in monitoring equipment hardware to be unpacked analysis to mirror image to the communication data packet of home server, and the characteristic information of collection communication packet, described characteristic information comprises request source IP address, source port, destination interface, communication protocol type;
C), analytical characteristic information: DAP is according to the communication data of existing NET apparatus characteristic analytical model to collection, comprise the protocol information of communication data, IP address, port numbers and content characteristic information, carry out modeling and feature difference analysis, analyze suspicious NET IP address of equipment;
D), device scan: to analyze and after locking the IP address of suspicious NET equipment, the device scan program of monitoring equipment hardware inside initiatively scans the suspicious NET equipment of this IP address, the directly relevant information of this suspicious NET equipment of acquisition;
E), equipment confirmation is carried out: this device type of hardware characteristics validation of information obtained by device scan, if confirm as NET equipment, goes to step G); If really admit a fault NET equipment, then return back to step e);
F), again check: the current NET equipment be identified is contrasted with historical data, if this NET apparatus characteristic information repeatedly occurs, carry out similarity weights accumulation process; If this NET apparatus characteristic information did not occur in the historical data, carried out the process of similarity weights regressive;
G), accurately identify NET equipment: calculated by the assignment of the similarity weights to NET equipment, improve and find the accuracy of NET equipment.
As preferably, described step B) in communication protocol type comprise host-host protocol and application layer protocol.
As preferably, described step C) in feature difference analysis comprise application protocol difference analysis, operating system difference analysis and application characteristic difference analysis.
As preferably, described step D) in the relevant information of suspicious NET equipment comprise the system information of suspicious NET equipment, hardware information and manufacturer's information.
As preferably, described step e) in the information of suspicious NET equipment comprise device systems information, hardware information, go out manufacturer's information.
As preferably, described step e) in equipment be confirmed to be by current NET facility information with unconfirmed before the relevant information of this equipment that obtains mate.
As preferably, described match objects comprises OS Type, port, protocol type characteristic information.
Beneficial effect of the present invention: compared with prior art, the method of a kind of intelligence discovery provided by the invention and positioning address conversion equipment, tool has the following advantages: 1. NET automatic device discovery: legacy network devices management major part is the mode manually put on record based on assets, passive and can not dynamic supervision, and this method can by content analyses such as communication data packet characteristic informations in administration network, automatic discovery and location NET equipment, realize network boundary dynamic supervision object; 2. apparatus characteristic modeling analysis: utilize network packet analytical technology, feature modeling analytical technology, carries out large aggregation of data analysis to the communication data feature changed through NET equipment, Timeliness coverage NET equipment; 3. Similarity-Weighted algorithm: by the superposition of feature, the comparison of historical data and calculating, realize calculating the assignment of NET unit affinity degree, improves the accuracy found, accurately and early can reject NET equipment.The method of a kind of intelligence discovery of the present invention and positioning address conversion equipment, realizes efficient controllability and the pipe on dedicated network border, strengthens the information security under ad hoc network environment.
Feature of the present invention and advantage will be described in detail by reference to the accompanying drawings by embodiment.
[accompanying drawing explanation]
Fig. 1 is the schematic flow sheet of the method for a kind of intelligence discovery of the present invention and positioning address conversion equipment.
[embodiment]
For making the object, technical solutions and advantages of the present invention clearly understand, below by accompanying drawing and embodiment, the present invention is further elaborated.But should be appreciated that, specific embodiment described herein, only in order to explain the present invention, is not limited to scope of the present invention.In addition, in the following description, the description to known features and technology is eliminated, to avoid unnecessarily obscuring concept of the present invention.
Consult Fig. 1, the embodiment of the present invention provides a kind of method of intelligence discovery and positioning address conversion equipment, it is based on bypass monitoring equipment hardware on management and control server switch, described monitoring equipment hardware inside embeds core monitoring facilities, DAP and device scan program, described core monitoring facilities will pass through all communication data packet mirror images of core switch to home server in real time, described DAP is unpacked and acquisition characteristics information to the communication data packet of mirror image to home server, by existing NET apparatus characteristic analytical model, modeling and feature difference analysis are carried out to gathered data characteristic information, and analyze the IP address of suspicious NET equipment, described device scan program is carried out from main scanning suspicious NET equipment, the information of the suspicious NET equipment of direct acquisition.
The dynamic supervision of administration network boundary is realized by core monitoring facilities, improving current legacy network devices management major part is the mode manually put on record based on assets, passive and can not the present situation of dynamic supervision, improve the real-time of network supervision, improve the stability of dedicated network, realize resolving all data by DAP, after screening investigation one by one, analyze the IP address of suspicious NET equipment, by device scan program, the equipment belonging to suspicious IP address is carried out from main scanning, by determining whether current equipment is NET equipment after coupling.Core monitoring facilities, DAP and device scan program three interlock, automatically monitor, analyze and locate, and realizes efficient controllability and the pipe on dedicated network border, strengthen the information security under ad hoc network environment.
Concrete steps are as follows:
A), mirror image acquisition network packet: the hardware-initiated core monitoring facilities of the monitoring equipment of bypass on core switch, all communication data packet mirror images that will pass through core switch are a to home server.
B), communication data packet is resolved: the DAP in monitoring equipment hardware to be unpacked analysis to mirror image to the communication data packet of home server, and the characteristic information of collection communication packet, described characteristic information comprises request source IP address, source port, destination interface, communication protocol type.
Wherein, communication protocol type comprises host-host protocol and application layer protocol.
C), analytical characteristic information: DAP is according to the communication data of existing NET apparatus characteristic analytical model to collection, comprise the protocol information of communication data, IP address, port numbers and content characteristic information, carry out modeling and feature difference analysis, analyze suspicious NET IP address of equipment.
Wherein, feature difference analysis comprises application protocol difference analysis, operating system difference analysis and application characteristic difference analysis.According to different application protocol results, different operating system results and different characteristic results, then carry out large aggregation of data arrangement, analyze the characteristic information of the system of specific IP address, agreement and application.
Utilize network packet analytical technology, feature modeling analytical technology; large aggregation of data analysis is carried out to the communication data characteristic information changed through NET equipment; and according to otherness judged result Timeliness coverage NET equipment; improve the promptness of NET device discovery; prevent the significant data in dedicated network from revealing, improve the safeguard protection of network.
D), device scan: to analyze and after locking the IP address of suspicious NET equipment, the device scan program of monitoring equipment hardware inside initiatively scans the suspicious NET equipment of this IP address, the directly relevant information of this suspicious NET equipment of acquisition.
Wherein, the relevant information of suspicious NET equipment comprises the system information of suspicious NET equipment, hardware information and manufacturer's information.
E), equipment confirmation is carried out: this device type of hardware characteristics validation of information obtained by device scan, if confirm as NET equipment, goes to step G); If really admit a fault NET equipment, then return back to step e).
Wherein, the information of suspicious NET equipment comprises device systems information, hardware information, goes out manufacturer's information.
Further, equipment be confirmed to be by current NET facility information with unconfirmed before the relevant information of this equipment that obtains mate, match objects comprises OS Type, port, protocol type characteristic information.
F), again check: the current NET equipment be identified is contrasted with historical data, if this NET apparatus characteristic information repeatedly occurs, carry out similarity weights accumulation process; If this NET apparatus characteristic information did not occur in the historical data, carried out the process of similarity weights regressive.
G), accurately identify NET equipment: calculated by the assignment of the similarity weights to NET equipment, improve and find the accuracy of NET equipment.
By Similarity-Weighted algorithm, the superposition of characteristic information, the comparison of historical data and calculating are carried out to NET equipment, realize calculating the assignment of NET unit affinity degree, the dubiety of similarity weights higher then NET equipment is larger, once this NET equipment accesses administration network again, just can identify it according to its similarity weights in the past, and be rejected in time, improve the accuracy of NET device discovery, the situation preventing fish that has escape the net and pick by mistake.
The hardware monitoring device that bypass the present invention proposes on management and control server switch, just can easily efficiently automatically find and identify NET equipment, and accuracy of identification is high, the NET equipment in prior art that solves builds Webweb and unauthorized device access privately, the controllability on dedicated network border and the poor problem of pipe, improve the fail safe of administration network.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all any amendments done within the spirit and principles in the present invention, equivalent replacement or improvement etc., all should be included within protection scope of the present invention.

Claims (7)

1. the method for an intelligence discovery and positioning address conversion equipment, it is based on bypass monitoring equipment hardware on management and control server switch, described monitoring equipment hardware inside embeds core monitoring facilities, DAP and device scan program, described core monitoring facilities will pass through all communication data packet mirror images of core switch to home server in real time, described DAP is unpacked and acquisition characteristics information to the communication data packet of mirror image to home server, by existing NET apparatus characteristic analytical model, modeling and feature difference analysis are carried out to gathered data characteristic information, and analyze the IP address of suspicious NET equipment, described device scan program is carried out from main scanning suspicious NET equipment, the information of the suspicious NET equipment of direct acquisition, it is characterized in that: concrete steps are as follows:
A), mirror image obtains network packet: the hardware-initiated core monitoring facilities of the monitoring equipment of bypass on core switch, will be a to home server by all communication data packet mirror images of core switch;
B), communication data packet is resolved: the DAP in monitoring equipment hardware to be unpacked analysis to mirror image to the communication data packet of home server, and the characteristic information of collection communication packet, described characteristic information comprises request source IP address, source port, destination interface, communication protocol type;
C), analytical characteristic information: DAP is according to the communication data of existing NET apparatus characteristic analytical model to collection, comprise the protocol information of communication data, IP address, port numbers and content characteristic information, carry out modeling and feature difference analysis, analyze suspicious NET IP address of equipment;
D), device scan: to analyze and after locking the IP address of suspicious NET equipment, the device scan program of monitoring equipment hardware inside initiatively scans the suspicious NET equipment of this IP address, the directly relevant information of this suspicious NET equipment of acquisition;
E), equipment confirmation is carried out: reaffirm the characteristic information content that device scan program obtains, and confirm this device type, if confirm as NET equipment, go to step G); If really admit a fault NET equipment, then return back to step e);
F), again check: the current NET equipment be identified is contrasted with historical data, if this NET apparatus characteristic information repeatedly occurs, carry out similarity weights accumulation process; If this NET apparatus characteristic information did not occur in the historical data, carried out the process of similarity weights regressive;
G), accurately identify NET equipment: calculated by the assignment of the similarity weights to NET equipment, improve and find the accuracy of NET equipment.
2. a kind of intelligence as claimed in claim 1 finds and the method for positioning address conversion equipment, it is characterized in that: described step B) in communication protocol type comprise host-host protocol and application layer protocol.
3. a kind of intelligence as claimed in claim 1 finds and the method for positioning address conversion equipment, it is characterized in that: described step C) in feature difference analysis comprise application protocol difference analysis, operating system difference analysis and application characteristic difference analysis.
4. a kind of intelligence as claimed in claim 1 finds and the method for positioning address conversion equipment, it is characterized in that: described step D) in the relevant information of suspicious NET equipment comprise the system information of suspicious NET equipment, hardware information and manufacturer's information.
5. a kind of intelligence as claimed in claim 1 finds and the method for positioning address conversion equipment, it is characterized in that: described step e) in the information of suspicious NET equipment comprise device systems information, hardware information, go out manufacturer's information.
6. a kind of intelligence as claimed in claim 1 finds and the method for positioning address conversion equipment, it is characterized in that: described step e) middle equipment be confirmed to be by current NET facility information with unconfirmed before the relevant information of this equipment that obtains mate.
7. the method for a kind of intelligence discovery as claimed in claim 6 and positioning address conversion equipment, is characterized in that: described match objects comprises OS Type, port, protocol type characteristic information.
CN201510940543.6A 2015-12-15 2015-12-15 A method of intelligence discovery and positioning address conversion equipment Active CN105429996B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510940543.6A CN105429996B (en) 2015-12-15 2015-12-15 A method of intelligence discovery and positioning address conversion equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510940543.6A CN105429996B (en) 2015-12-15 2015-12-15 A method of intelligence discovery and positioning address conversion equipment

Publications (2)

Publication Number Publication Date
CN105429996A true CN105429996A (en) 2016-03-23
CN105429996B CN105429996B (en) 2019-05-31

Family

ID=55507937

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510940543.6A Active CN105429996B (en) 2015-12-15 2015-12-15 A method of intelligence discovery and positioning address conversion equipment

Country Status (1)

Country Link
CN (1) CN105429996B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107222330A (en) * 2017-04-26 2017-09-29 浙江远望信息股份有限公司 A kind of intelligent identifying system request and the method for response sensitive content
CN107454202A (en) * 2017-07-11 2017-12-08 浙江远望信息股份有限公司 A kind of NAT borders based on http protocol analysis find method
CN107483651A (en) * 2017-07-11 2017-12-15 浙江远望信息股份有限公司 A kind of NAT borders based on terminal time change find method
CN108173834A (en) * 2017-12-25 2018-06-15 北京计算机技术及应用研究所 Terminal fingerprints technology identifies " all-purpose card " network terminal
CN110120948A (en) * 2019-05-06 2019-08-13 四川英得赛克科技有限公司 Based on wireless and cable data stream similarity analysis illegal external connection monitoring method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030014424A1 (en) * 1999-07-08 2003-01-16 Cohesia Corporation Representation, management, filtering and synthesis of technical content
CN1812373A (en) * 2005-01-28 2006-08-02 三星电子株式会社 Communication system, method and apparatus for providing mirroring service in the communication system
CN1909504A (en) * 2006-01-11 2007-02-07 郑凯 Method for controlling LAN host machine public net message based on by-pass interception technology
CN101212338A (en) * 2006-12-30 2008-07-02 上海复旦光华信息科技股份有限公司 Detecting probe interlock based network security event tracking system and method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030014424A1 (en) * 1999-07-08 2003-01-16 Cohesia Corporation Representation, management, filtering and synthesis of technical content
CN1812373A (en) * 2005-01-28 2006-08-02 三星电子株式会社 Communication system, method and apparatus for providing mirroring service in the communication system
CN1909504A (en) * 2006-01-11 2007-02-07 郑凯 Method for controlling LAN host machine public net message based on by-pass interception technology
CN101212338A (en) * 2006-12-30 2008-07-02 上海复旦光华信息科技股份有限公司 Detecting probe interlock based network security event tracking system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
高骥翔: "基于网络流量特征的NAT识别方法", 《中国优秀硕士学位论文全文数据库信息科技辑》 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107222330A (en) * 2017-04-26 2017-09-29 浙江远望信息股份有限公司 A kind of intelligent identifying system request and the method for response sensitive content
CN107454202A (en) * 2017-07-11 2017-12-08 浙江远望信息股份有限公司 A kind of NAT borders based on http protocol analysis find method
CN107483651A (en) * 2017-07-11 2017-12-15 浙江远望信息股份有限公司 A kind of NAT borders based on terminal time change find method
CN108173834A (en) * 2017-12-25 2018-06-15 北京计算机技术及应用研究所 Terminal fingerprints technology identifies " all-purpose card " network terminal
CN110120948A (en) * 2019-05-06 2019-08-13 四川英得赛克科技有限公司 Based on wireless and cable data stream similarity analysis illegal external connection monitoring method

Also Published As

Publication number Publication date
CN105429996B (en) 2019-05-31

Similar Documents

Publication Publication Date Title
CN108183895B (en) Network asset information acquisition system
CN107659543B (en) Protection method for APT (android packet) attack of cloud platform
CN107135093B (en) Internet of things intrusion detection method and detection system based on finite automaton
CN105493060B (en) Sweet end Active Network Security
CN105429996A (en) Method for intelligently finding and locating address translation equipment
KR101883400B1 (en) detecting methods and systems of security vulnerability using agentless
CN106603507A (en) Method and system for automatically completing network security self checking
CN103746992B (en) Based on reverse intruding detection system and method thereof
CN107295010A (en) A kind of enterprise network security management cloud service platform system and its implementation
CN109167794B (en) Attack detection method for network system security measurement
CN114679292B (en) Honeypot identification method, device, equipment and medium based on network space mapping
CN111510463B (en) Abnormal behavior recognition system
CN109587156A (en) Abnormal network access connection identification and blocking-up method, system, medium and equipment
CN105447385B (en) A kind of applied database honey jar detected at many levels realizes system and method
CN114422255A (en) Cloud security simulation detection system and detection method
JP2023550974A (en) Image-based malicious code detection method and device and artificial intelligence-based endpoint threat detection and response system using the same
CN104486320A (en) Intranet sensitive information disclosure evidence collection system and method based on honeynet technology
CN106650425A (en) Method and device for controlling security sandbox
CN106603339B (en) Simulate the test macro and test method of wan environment
CN111970233A (en) Analysis and identification method for network violation external connection scene
CN113965355B (en) Illegal IP (Internet protocol) intra-provincial network plugging method and device based on SOC (system on chip)
CN108234431A (en) A kind of backstage logs in behavioral value method and detection service device
CN112422486B (en) SDK-based safety protection method and device
CN112688899A (en) In-cloud security threat detection method and device, computing equipment and storage medium
CN110493254A (en) Industrial Yunan County's overall evaluating method and device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant