CN106127949A - A kind of automatic saler system based on cloud network - Google Patents
A kind of automatic saler system based on cloud network Download PDFInfo
- Publication number
- CN106127949A CN106127949A CN201610561844.2A CN201610561844A CN106127949A CN 106127949 A CN106127949 A CN 106127949A CN 201610561844 A CN201610561844 A CN 201610561844A CN 106127949 A CN106127949 A CN 106127949A
- Authority
- CN
- China
- Prior art keywords
- cloud network
- music
- network
- link
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F9/00—Details other than those peculiar to special kinds or types of apparatus
- G07F9/002—Vending machines being part of a centrally controlled network of vending machines
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F11/00—Coin-freed apparatus for dispensing, or the like, discrete articles
- G07F11/72—Auxiliary equipment, e.g. for lighting cigars, opening bottles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/18—Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Alarm Systems (AREA)
Abstract
A kind of automatic saler system based on cloud network, including vending machine, wireless receiver, Music on Demand device, touch screen, camera head, theftproof lock, statistic unit of selling goods, cloud network and security postures map system;Described wireless receiver, Music on Demand device, touch screen, camera head, theftproof lock and statistic unit of selling goods are arranged on vending machine, described touch screen be connected with Music on Demand device and statistic unit of selling goods respectively, client can carry out Music on Demand by touch screen, and Music on Demand device is transferred the music of user's program request in music libraries by cloud network and played out;Client can also buy the article in vending machine by touch screen simultaneously, and buying complete statistic unit of selling goods will be sent sales information to cloud network by wireless receiver every time;Video information near vending machine is sent to cloud network and supplies manager's background monitoring by camera head, and theftproof lock is provided with induction apparatus, sends when theftproof lock is opened and reports to the police to cloud network.
Description
Technical field
The present invention relates to automatic vending machine process field, be specifically related to a kind of automatic saler system based on cloud network.
Background technology
Vending machine is a kind of conventional communal facility in people's daily life, and its efficient and convenient property is the most popular.So
And, present vending machine seldom has cloud music playback function, seldom has complete remote security system, the most remotely takes the photograph
Picture, remote anti-theft etc., the realization of these functions can not the most only this locality realize because management personnel can not 24 hours on sale
By cargo aircraft.This just requires storage and the process utilizing cloud network to enter relevant information, to alleviate the investment of home server.Separately
Outward, how to ensure the safety of the cloud network information, be also a critically important problem.
Summary of the invention
For the problems referred to above, the present invention provides a kind of automatic saler system based on cloud network.
The purpose of this automatic saler system realizes by the following technical solutions:
A kind of automatic saler system based on cloud network, including vending machine, wireless receiver, Music on Demand device,
Touch screen, camera head, theftproof lock, statistic unit of selling goods, cloud network and security postures map system;Described wireless data transceiving
Device, Music on Demand device, touch screen, camera head, theftproof lock and statistic unit of selling goods are arranged on vending machine, described touch screen
Be connected with Music on Demand device and statistic unit of selling goods respectively, client can carry out Music on Demand, Music on Demand device by touch screen
Transfer the music of user's program request in music libraries by cloud network to play out;Client can also buy vending machine by touch screen simultaneously
In article, buying complete statistic unit of selling goods will be sent sales information to cloud net by wireless receiver every time
Network, sends to manager backstage after cloud network statistics processes, and relevant information is monitored by manager;Camera head will be sold
Video information near cargo aircraft is sent to cloud network and supplies manager's background monitoring, theftproof lock is provided with induction apparatus, works as theftproof lock
Send when being opened and report to the police to cloud network;Described cloud network includes multiple network node and link, for data message calculating and
Store to provide and support;Described security postures map system is for generating visual security postures map for cloud network, with convenient
The safety information of cloud network is monitored.
The having the beneficial effect that of this automatic saler system utilize cloud network for vending machine add cloud Music on Demand function and
Remote shooting, anti-theft alarm function, improve amusement and the security performance of automatic vending machine, alleviate the investment of home server
Cost.
Accompanying drawing explanation
The invention will be further described to utilize accompanying drawing, but the embodiment in accompanying drawing does not constitute any limit to the present invention
System, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to obtain according to the following drawings
Other accompanying drawing.
Fig. 1 is the structured flowchart of a kind of automatic saler system based on cloud network;
Fig. 2 is the structured flowchart of safety military posture map system;
Fig. 3 is the security postures map example after generating.
Reference: wireless receiver-1;Music on Demand device-2;Touch screen-3;Camera head-4;Statistics of selling goods is single
Unit-5;Cloud network-6;Security postures map system-7;Theftproof lock-8;Geographical background figure generation module-100;Safety information acquisition
Module-200;Data base's generation module-300;Roller warning generation module-400;Security postures value estimation block-500;Main
Map generation module-600.
Detailed description of the invention
The invention will be further described with the following Examples.
Application scenarios 1:
A kind of based on cloud network automatic saler system as shown in Figure 1, including vending machine, wireless receiver 1,
Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8, statistic unit 5 of selling goods, cloud network 6 and security postures map system
7;Described wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8 and statistic unit 5 of selling goods are equal
Be arranged on vending machine, described touch screen 3 be connected with Music on Demand device 2 and statistic unit 5 of selling goods respectively, client can by touch
Touching screen 3 and carry out Music on Demand, Music on Demand device 2 is adjusted 6 to take the music of user's program request in music libraries by cloud network and is played out;With
Time client can also buy the article in vending machine by touch screen 3, buy complete statistic unit 5 of selling goods will be by sales letter every time
Breath is sent to cloud network 6 by wireless receiver 1, sends to manager backstage after cloud network 6 statistical disposition, management
Relevant information is monitored by member;Video information near vending machine is sent to cloud network 6 for manager backstage by camera head 4
Monitoring, theftproof lock 8 is provided with induction apparatus, sends when theftproof lock 8 is opened and reports to the police to cloud network 6;Described cloud network 6 includes
Multiple network node and link, calculating and storage for data message provide and support;Described security postures map system 7 is used for
Cloud network 6 generates visual security postures map, to facilitate the safety information to cloud network 6 to be monitored.
The having the beneficial effect that of this automatic saler system utilize cloud network for vending machine add cloud Music on Demand function and
Remote shooting, anti-theft alarm function, improve amusement and the security performance of automatic vending machine, alleviate the investment of home server
Cost.
Preferably, described theftproof lock 8 is finger-print cipher induction lock.
Preferably, described camera head 4 is adjustable-angle photographic head.Described Music on Demand device 2 can use common tool
There is the program-requesting software of network interface.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter
Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and
Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background
Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background
On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described
Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security
Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information,
The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by
Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit
It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server
Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report
Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2,
T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes
Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node
The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar
Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar
The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current
Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar
Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI
Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's
When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add
Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously
In, when same node is had reached 2 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification
Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A
Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 5 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police
Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links
Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node
Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t
Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than
When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1
T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target
The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be
Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain
Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest,
B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when
When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link
Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked
Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be
It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root
According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours
Node and the safe condition of link, generate security postures map.
In this embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security
It is comprehensive that information data gathers;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls phase
Answer function to carry out the filtration of warning information, polymerization, be simultaneous for the background event that is likely to occur or substantially do not hinder safe
Event, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces prison
Depending on the interference of personnel, on the other hand in order to avoid security breaches, this kind of security incident is put in temporary store, when occurring 2
Regarding as new security incident time more than secondary, the misdetection rate of now security incident is less than 5 ‰, and this makes the security row of military posture map
Higher for verity, this improves the credibility of military posture map from another point of view;Devise new network safety situation and calculate public affairs
Formula, considers the security postures of node and link simultaneously, it is contemplated that the impact of many factors;Maximum by P ' (t) and B ' (t)
Pressure is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is one
Determine degree and inhibit the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net
Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed
The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold
The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2;
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number
According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will
The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width
Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4;
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
Consider the impact of the dynamically change of node and link in this embodiment, relative to present discrete type node and
For link performance condition express method, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3 +J4Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Application scenarios 2:
A kind of based on cloud network automatic saler system as shown in Figure 1, including vending machine, wireless receiver 1,
Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8, statistic unit 5 of selling goods, cloud network 6 and security postures map system
7;Described wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8 and statistic unit 5 of selling goods are equal
Be arranged on vending machine, described touch screen 3 be connected with Music on Demand device 2 and statistic unit 5 of selling goods respectively, client can by touch
Touching screen 3 and carry out Music on Demand, Music on Demand device 2 is adjusted 6 to take the music of user's program request in music libraries by cloud network and is played out;With
Time client can also buy the article in vending machine by touch screen 3, buy complete statistic unit 5 of selling goods will be by sales letter every time
Breath is sent to cloud network 6 by wireless receiver 1, sends to manager backstage after cloud network 6 statistical disposition, management
Relevant information is monitored by member;Video information near vending machine is sent to cloud network 6 for manager backstage by camera head 4
Monitoring, theftproof lock 8 is provided with induction apparatus, sends when theftproof lock 8 is opened and reports to the police to cloud network 6;Described cloud network 6 includes
Multiple network node and link, calculating and storage for data message provide and support;Described security postures map system 7 is used for
Cloud network 6 generates visual security postures map, to facilitate the safety information to cloud network 6 to be monitored.
The having the beneficial effect that of this automatic saler system utilize cloud network for vending machine add cloud Music on Demand function and
Remote shooting, anti-theft alarm function, improve amusement and the security performance of automatic vending machine, alleviate the investment of home server
Cost.
Preferably, described theftproof lock 8 is finger-print cipher induction lock.
Preferably, described camera head 4 is adjustable-angle photographic head.Described Music on Demand device 2 can use common tool
There is the program-requesting software of network interface.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter
Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and
Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background
Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background
On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described
Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security
Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information,
The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by
Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit
It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server
Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report
Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2,
T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes
Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node
The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar
Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar
The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current
Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar
Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI
Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's
When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add
Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously
In, when same node is had reached 3 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification
Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A
Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 6 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police
Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links
Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node
Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t
Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than
When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1
T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target
The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be
Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain
Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest,
B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when
When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link
Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked
Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be
It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root
According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours
Node and the safe condition of link, generate security postures map.
In this embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security
It is comprehensive that information data gathers;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls phase
Answer function to carry out the filtration of warning information, polymerization, be simultaneous for the background event that is likely to occur or substantially do not hinder safe
Event, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces prison
Depending on the interference of personnel, on the other hand in order to avoid security breaches, this kind of security incident is put in temporary store, when occurring 3
Regarding as new security incident time more than secondary, the misdetection rate of now security incident is less than 6 ‰, and this makes the security row of military posture map
Higher for verity, this improves the credibility of military posture map from another point of view;Devise new network safety situation and calculate public affairs
Formula, considers the security postures of node and link simultaneously, it is contemplated that the impact of many factors;Maximum by P ' (t) and B ' (t)
Pressure is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is one
Determine degree and inhibit the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net
Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed
The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold
The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2;
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number
According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will
The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width
Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4;
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
Consider the impact of the dynamically change of node and link in this embodiment, relative to present discrete type node and
For link performance condition express method, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3 +J4Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Application scenarios 3:
A kind of based on cloud network automatic saler system as shown in Figure 1, including vending machine, wireless receiver 1,
Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8, statistic unit 5 of selling goods, cloud network 6 and security postures map system
7;Described wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8 and statistic unit 5 of selling goods are equal
Be arranged on vending machine, described touch screen 3 be connected with Music on Demand device 2 and statistic unit 5 of selling goods respectively, client can by touch
Touching screen 3 and carry out Music on Demand, Music on Demand device 2 is adjusted 6 to take the music of user's program request in music libraries by cloud network and is played out;With
Time client can also buy the article in vending machine by touch screen 3, buy complete statistic unit 5 of selling goods will be by sales letter every time
Breath is sent to cloud network 6 by wireless receiver 1, sends to manager backstage after cloud network 6 statistical disposition, management
Relevant information is monitored by member;Video information near vending machine is sent to cloud network 6 for manager backstage by camera head 4
Monitoring, theftproof lock 8 is provided with induction apparatus, sends when theftproof lock 8 is opened and reports to the police to cloud network 6;Described cloud network 6 includes
Multiple network node and link, calculating and storage for data message provide and support;Described security postures map system 7 is used for
Cloud network 6 generates visual security postures map, to facilitate the safety information to cloud network 6 to be monitored.
The having the beneficial effect that of this automatic saler system utilize cloud network for vending machine add cloud Music on Demand function and
Remote shooting, anti-theft alarm function, improve amusement and the security performance of automatic vending machine, alleviate the investment of home server
Cost.
Preferably, described theftproof lock 8 is finger-print cipher induction lock.
Preferably, described camera head 4 is adjustable-angle photographic head.Described Music on Demand device 2 can use common tool
There is the program-requesting software of network interface.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter
Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and
Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background
Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background
On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described
Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security
Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information,
The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by
Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit
It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server
Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report
Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2,
T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes
Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node
The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar
Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar
The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current
Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar
Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI
Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's
When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add
Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously
In, when same node is had reached 4 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification
Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A
Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 7 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police
Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links
Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node
Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t
Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than
When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1
T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target
The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be
Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain
Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest,
B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when
When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link
Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked
Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be
It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root
According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours
Node and the safe condition of link, generate security postures map.
In this embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security
It is comprehensive that information data gathers;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls phase
Answer function to carry out the filtration of warning information, polymerization, be simultaneous for the background event that is likely to occur or substantially do not hinder safe
Event, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces prison
Depending on the interference of personnel, on the other hand in order to avoid security breaches, this kind of security incident is put in temporary store, when occurring 4
Regarding as new security incident time more than secondary, the misdetection rate of now security incident is less than 7 ‰, and this makes the security row of military posture map
Higher for verity, this improves the credibility of military posture map from another point of view;Devise new network safety situation and calculate public affairs
Formula, considers the security postures of node and link simultaneously, it is contemplated that the impact of many factors;Maximum by P ' (t) and B ' (t)
Pressure is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is one
Determine degree and inhibit the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net
Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed
The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold
The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2;
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number
According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will
The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width
Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4;
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
Consider the impact of the dynamically change of node and link in this embodiment, relative to present discrete type node and
For link performance condition express method, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3 +J4Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Application scenarios 4:
A kind of based on cloud network automatic saler system as shown in Figure 1, including vending machine, wireless receiver 1,
Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8, statistic unit 5 of selling goods, cloud network 6 and security postures map system
7;Described wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8 and statistic unit 5 of selling goods are equal
Be arranged on vending machine, described touch screen 3 be connected with Music on Demand device 2 and statistic unit 5 of selling goods respectively, client can by touch
Touching screen 3 and carry out Music on Demand, Music on Demand device 2 is adjusted 6 to take the music of user's program request in music libraries by cloud network and is played out;With
Time client can also buy the article in vending machine by touch screen 3, buy complete statistic unit 5 of selling goods will be by sales letter every time
Breath is sent to cloud network 6 by wireless receiver 1, sends to manager backstage after cloud network 6 statistical disposition, management
Relevant information is monitored by member;Video information near vending machine is sent to cloud network 6 for manager backstage by camera head 4
Monitoring, theftproof lock 8 is provided with induction apparatus, sends when theftproof lock 8 is opened and reports to the police to cloud network 6;Described cloud network 6 includes
Multiple network node and link, calculating and storage for data message provide and support;Described security postures map system 7 is used for
Cloud network 6 generates visual security postures map, to facilitate the safety information to cloud network 6 to be monitored.
The having the beneficial effect that of this automatic saler system utilize cloud network for vending machine add cloud Music on Demand function and
Remote shooting, anti-theft alarm function, improve amusement and the security performance of automatic vending machine, alleviate the investment of home server
Cost.
Preferably, described theftproof lock 8 is finger-print cipher induction lock.
Preferably, described camera head 4 is adjustable-angle photographic head.Described Music on Demand device 2 can use common tool
There is the program-requesting software of network interface.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter
Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and
Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background
Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background
On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described
Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security
Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information,
The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by
Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit
It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server
Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report
Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2,
T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes
Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node
The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar
Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar
The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current
Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar
Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI
Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's
When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add
Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously
In, when same node is had reached 5 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification
Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A
Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 8 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police
Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links
Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node
Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t
Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than
When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1
T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target
The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be
Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain
Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest,
B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when
When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link
Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked
Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be
It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root
According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours
Node and the safe condition of link, generate security postures map.
In this embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security
It is comprehensive that information data gathers;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls phase
Answer function to carry out the filtration of warning information, polymerization, be simultaneous for the background event that is likely to occur or substantially do not hinder safe
Event, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces prison
Depending on the interference of personnel, on the other hand in order to avoid security breaches, this kind of security incident is put in temporary store, when occurring 5
Regarding as new security incident time more than secondary, the misdetection rate of now security incident is less than 8 ‰, and this makes the security row of military posture map
Higher for verity, this improves the credibility of military posture map from another point of view;Devise new network safety situation and calculate public affairs
Formula, considers the security postures of node and link simultaneously, it is contemplated that the impact of many factors;Maximum by P ' (t) and B ' (t)
Pressure is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is one
Determine degree and inhibit the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net
Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed
The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold
The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2;
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number
According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will
The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width
Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4;
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
Consider the impact of the dynamically change of node and link in this embodiment, relative to present discrete type node and
For link performance condition express method, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3 +J4Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Application scenarios 5:
A kind of based on cloud network automatic saler system as shown in Figure 1, including vending machine, wireless receiver 1,
Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8, statistic unit 5 of selling goods, cloud network 6 and security postures map system
7;Described wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8 and statistic unit 5 of selling goods are equal
Be arranged on vending machine, described touch screen 3 be connected with Music on Demand device 2 and statistic unit 5 of selling goods respectively, client can by touch
Touching screen 3 and carry out Music on Demand, Music on Demand device 2 is adjusted 6 to take the music of user's program request in music libraries by cloud network and is played out;With
Time client can also buy the article in vending machine by touch screen 3, buy complete statistic unit 5 of selling goods will be by sales letter every time
Breath is sent to cloud network 6 by wireless receiver 1, sends to manager backstage after cloud network 6 statistical disposition, management
Relevant information is monitored by member;Video information near vending machine is sent to cloud network 6 for manager backstage by camera head 4
Monitoring, theftproof lock 8 is provided with induction apparatus, sends when theftproof lock 8 is opened and reports to the police to cloud network 6;Described cloud network 6 includes
Multiple network node and link, calculating and storage for data message provide and support;Described security postures map system 7 is used for
Cloud network 6 generates visual security postures map, to facilitate the safety information to cloud network 6 to be monitored.
The having the beneficial effect that of this automatic saler system utilize cloud network for vending machine add cloud Music on Demand function and
Remote shooting, anti-theft alarm function, improve amusement and the security performance of automatic vending machine, alleviate the investment of home server
Cost.
Preferably, described theftproof lock 8 is finger-print cipher induction lock.
Preferably, described camera head 4 is adjustable-angle photographic head.Described Music on Demand device 2 can use common tool
There is the program-requesting software of network interface.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter
Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and
Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background
Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background
On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described
Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security
Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information,
The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by
Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit
It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server
Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report
Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2,
T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes
Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node
The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar
Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar
The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current
Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar
Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI
Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's
When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add
Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously
In, when same node is had reached 6 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification
Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A
Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 9 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police
Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links
Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node
Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t
Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than
When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1
T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target
The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be
Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain
Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest,
B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when
When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link
Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked
Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be
It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root
According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours
Node and the safe condition of link, generate security postures map.
In this embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security
It is comprehensive that information data gathers;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls phase
Answer function to carry out the filtration of warning information, polymerization, be simultaneous for the background event that is likely to occur or substantially do not hinder safe
Event, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces prison
Depending on the interference of personnel, on the other hand in order to avoid security breaches, this kind of security incident is put in temporary store, when occurring 6
Regarding as new security incident time more than secondary, the misdetection rate of now security incident is less than 9 ‰, and this makes the security row of military posture map
Higher for verity, this improves the credibility of military posture map from another point of view;Devise new network safety situation and calculate public affairs
Formula, considers the security postures of node and link simultaneously, it is contemplated that the impact of many factors;Maximum by P ' (t) and B ' (t)
Pressure is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is one
Determine degree and inhibit the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net
Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed
The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold
The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2;
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number
According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will
The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width
Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4;
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
Consider the impact of the dynamically change of node and link in this embodiment, relative to present discrete type node and
For link performance condition express method, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3 +J4Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Last it should be noted that, above example is only in order to illustrate technical scheme, rather than the present invention is protected
Protecting the restriction of scope, although having made to explain to the present invention with reference to preferred embodiment, those of ordinary skill in the art should
Work as understanding, technical scheme can be modified or equivalent, without deviating from the reality of technical solution of the present invention
Matter and scope.
Claims (3)
1. an automatic saler system based on cloud network, is characterized in that, including vending machine, wireless receiver, music
Dibbler, touch screen, camera head, theftproof lock, statistic unit of selling goods, cloud network and security postures map system;Described wireless
Data collector, Music on Demand device, touch screen, camera head, theftproof lock and statistic unit of selling goods are arranged on vending machine, institute
Stating touch screen and be connected with Music on Demand device and statistic unit of selling goods respectively, client can carry out Music on Demand, sound by touch screen
Happy dibbler is transferred the music of user's program request in music libraries by cloud network and is played out;Client can also be purchased by touch screen simultaneously
Buying the article in vending machine, buying complete statistic unit of selling goods will be sent sales information by wireless receiver every time
To cloud network, sending to manager backstage after cloud network statistics processes, relevant information is monitored by manager;Shooting dress
Put the video information near by vending machine and be sent to cloud network confession manager's background monitoring, theftproof lock is provided with induction apparatus, when
Send when theftproof lock is opened and report to the police to cloud network;Described cloud network includes multiple network node and link, for data message
Calculate and store to provide and support;Described security postures map system is used for generating visual security postures map for cloud network,
To facilitate the safety information to cloud network to be monitored.
A kind of automatic saler system based on cloud network the most according to claim 1, is characterized in that, described theftproof lock is
Finger-print cipher induction lock.
A kind of automatic saler system based on cloud network the most according to claim 2, is characterized in that, described camera head
For adjustable-angle photographic head.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610561844.2A CN106127949A (en) | 2016-07-14 | 2016-07-14 | A kind of automatic saler system based on cloud network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610561844.2A CN106127949A (en) | 2016-07-14 | 2016-07-14 | A kind of automatic saler system based on cloud network |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106127949A true CN106127949A (en) | 2016-11-16 |
Family
ID=57283895
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610561844.2A Withdrawn CN106127949A (en) | 2016-07-14 | 2016-07-14 | A kind of automatic saler system based on cloud network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106127949A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107145736A (en) * | 2017-05-04 | 2017-09-08 | 上海博历机械科技有限公司 | A kind of Traditional Chinese Medicine experts online intelligent diagnosis system based on information reservation |
-
2016
- 2016-07-14 CN CN201610561844.2A patent/CN106127949A/en not_active Withdrawn
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107145736A (en) * | 2017-05-04 | 2017-09-08 | 上海博历机械科技有限公司 | A kind of Traditional Chinese Medicine experts online intelligent diagnosis system based on information reservation |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106209856B (en) | Method for generating big data security posture map based on trusted computing | |
CN103581186B (en) | A kind of network security situational awareness method and system | |
US20160308725A1 (en) | Integrated Community And Role Discovery In Enterprise Networks | |
CN106899691A (en) | A kind of Intelligent internet of things monitoring system and method based on cloud platform | |
CN104346571B (en) | Security breaches management method, system and equipment | |
CN106791655B (en) | A kind of method for processing video frequency and device | |
CN108471429A (en) | A kind of network attack alarm method and system | |
CN108881265A (en) | A kind of network attack detecting method and system based on artificial intelligence | |
CN111080968B (en) | Linkage control early warning method and system for accidental occurrence of solitary old people | |
CN108881263A (en) | A kind of network attack result detection method and system | |
CN110839031B (en) | Malicious user behavior intelligent detection system based on reinforcement learning | |
CN110445801B (en) | Situation sensing method and system of Internet of things | |
CN103514694A (en) | Intrusion detection monitoring system | |
CN101090334A (en) | Method for solving mass alarm in NIDS | |
KR102234514B1 (en) | Artificial intelligence method and system for integrated it monitoring | |
CN104202576B (en) | A kind of intelligent video analysis system | |
CN107330414A (en) | Act of violence monitoring method | |
CN109361728B (en) | Hierarchical event reporting system and method based on multi-source sensing data relevance | |
CN103036743B (en) | A kind of detection method of TCP heartbeat behavior of wooden horse of stealing secret information | |
CN106205188A (en) | A kind of based on parking stall, visual parking lot release management system | |
CN106982415A (en) | The monitoring system and monitoring method of people streams in public places density | |
CN106302412A (en) | A kind of intelligent checking system for the test of information system crushing resistance and detection method | |
CN105959184A (en) | Smart indoor air purification system | |
CN106127949A (en) | A kind of automatic saler system based on cloud network | |
CN106210088A (en) | A kind of contamination analysis platform of multi-source data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C04 | Withdrawal of patent application after publication (patent law 2001) | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20161116 |