CN106127949A - A kind of automatic saler system based on cloud network - Google Patents

A kind of automatic saler system based on cloud network Download PDF

Info

Publication number
CN106127949A
CN106127949A CN201610561844.2A CN201610561844A CN106127949A CN 106127949 A CN106127949 A CN 106127949A CN 201610561844 A CN201610561844 A CN 201610561844A CN 106127949 A CN106127949 A CN 106127949A
Authority
CN
China
Prior art keywords
cloud network
music
network
link
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201610561844.2A
Other languages
Chinese (zh)
Inventor
不公告发明人
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201610561844.2A priority Critical patent/CN106127949A/en
Publication of CN106127949A publication Critical patent/CN106127949A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F9/00Details other than those peculiar to special kinds or types of apparatus
    • G07F9/002Vending machines being part of a centrally controlled network of vending machines
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F11/00Coin-freed apparatus for dispensing, or the like, discrete articles
    • G07F11/72Auxiliary equipment, e.g. for lighting cigars, opening bottles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/18Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Alarm Systems (AREA)

Abstract

A kind of automatic saler system based on cloud network, including vending machine, wireless receiver, Music on Demand device, touch screen, camera head, theftproof lock, statistic unit of selling goods, cloud network and security postures map system;Described wireless receiver, Music on Demand device, touch screen, camera head, theftproof lock and statistic unit of selling goods are arranged on vending machine, described touch screen be connected with Music on Demand device and statistic unit of selling goods respectively, client can carry out Music on Demand by touch screen, and Music on Demand device is transferred the music of user's program request in music libraries by cloud network and played out;Client can also buy the article in vending machine by touch screen simultaneously, and buying complete statistic unit of selling goods will be sent sales information to cloud network by wireless receiver every time;Video information near vending machine is sent to cloud network and supplies manager's background monitoring by camera head, and theftproof lock is provided with induction apparatus, sends when theftproof lock is opened and reports to the police to cloud network.

Description

A kind of automatic saler system based on cloud network
Technical field
The present invention relates to automatic vending machine process field, be specifically related to a kind of automatic saler system based on cloud network.
Background technology
Vending machine is a kind of conventional communal facility in people's daily life, and its efficient and convenient property is the most popular.So And, present vending machine seldom has cloud music playback function, seldom has complete remote security system, the most remotely takes the photograph Picture, remote anti-theft etc., the realization of these functions can not the most only this locality realize because management personnel can not 24 hours on sale By cargo aircraft.This just requires storage and the process utilizing cloud network to enter relevant information, to alleviate the investment of home server.Separately Outward, how to ensure the safety of the cloud network information, be also a critically important problem.
Summary of the invention
For the problems referred to above, the present invention provides a kind of automatic saler system based on cloud network.
The purpose of this automatic saler system realizes by the following technical solutions:
A kind of automatic saler system based on cloud network, including vending machine, wireless receiver, Music on Demand device, Touch screen, camera head, theftproof lock, statistic unit of selling goods, cloud network and security postures map system;Described wireless data transceiving Device, Music on Demand device, touch screen, camera head, theftproof lock and statistic unit of selling goods are arranged on vending machine, described touch screen Be connected with Music on Demand device and statistic unit of selling goods respectively, client can carry out Music on Demand, Music on Demand device by touch screen Transfer the music of user's program request in music libraries by cloud network to play out;Client can also buy vending machine by touch screen simultaneously In article, buying complete statistic unit of selling goods will be sent sales information to cloud net by wireless receiver every time Network, sends to manager backstage after cloud network statistics processes, and relevant information is monitored by manager;Camera head will be sold Video information near cargo aircraft is sent to cloud network and supplies manager's background monitoring, theftproof lock is provided with induction apparatus, works as theftproof lock Send when being opened and report to the police to cloud network;Described cloud network includes multiple network node and link, for data message calculating and Store to provide and support;Described security postures map system is for generating visual security postures map for cloud network, with convenient The safety information of cloud network is monitored.
The having the beneficial effect that of this automatic saler system utilize cloud network for vending machine add cloud Music on Demand function and Remote shooting, anti-theft alarm function, improve amusement and the security performance of automatic vending machine, alleviate the investment of home server Cost.
Accompanying drawing explanation
The invention will be further described to utilize accompanying drawing, but the embodiment in accompanying drawing does not constitute any limit to the present invention System, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to obtain according to the following drawings Other accompanying drawing.
Fig. 1 is the structured flowchart of a kind of automatic saler system based on cloud network;
Fig. 2 is the structured flowchart of safety military posture map system;
Fig. 3 is the security postures map example after generating.
Reference: wireless receiver-1;Music on Demand device-2;Touch screen-3;Camera head-4;Statistics of selling goods is single Unit-5;Cloud network-6;Security postures map system-7;Theftproof lock-8;Geographical background figure generation module-100;Safety information acquisition Module-200;Data base's generation module-300;Roller warning generation module-400;Security postures value estimation block-500;Main Map generation module-600.
Detailed description of the invention
The invention will be further described with the following Examples.
Application scenarios 1:
A kind of based on cloud network automatic saler system as shown in Figure 1, including vending machine, wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8, statistic unit 5 of selling goods, cloud network 6 and security postures map system 7;Described wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8 and statistic unit 5 of selling goods are equal Be arranged on vending machine, described touch screen 3 be connected with Music on Demand device 2 and statistic unit 5 of selling goods respectively, client can by touch Touching screen 3 and carry out Music on Demand, Music on Demand device 2 is adjusted 6 to take the music of user's program request in music libraries by cloud network and is played out;With Time client can also buy the article in vending machine by touch screen 3, buy complete statistic unit 5 of selling goods will be by sales letter every time Breath is sent to cloud network 6 by wireless receiver 1, sends to manager backstage after cloud network 6 statistical disposition, management Relevant information is monitored by member;Video information near vending machine is sent to cloud network 6 for manager backstage by camera head 4 Monitoring, theftproof lock 8 is provided with induction apparatus, sends when theftproof lock 8 is opened and reports to the police to cloud network 6;Described cloud network 6 includes Multiple network node and link, calculating and storage for data message provide and support;Described security postures map system 7 is used for Cloud network 6 generates visual security postures map, to facilitate the safety information to cloud network 6 to be monitored.
The having the beneficial effect that of this automatic saler system utilize cloud network for vending machine add cloud Music on Demand function and Remote shooting, anti-theft alarm function, improve amusement and the security performance of automatic vending machine, alleviate the investment of home server Cost.
Preferably, described theftproof lock 8 is finger-print cipher induction lock.
Preferably, described camera head 4 is adjustable-angle photographic head.Described Music on Demand device 2 can use common tool There is the program-requesting software of network interface.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information, The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2, T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously In, when same node is had reached 2 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 5 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1 T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest, B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours Node and the safe condition of link, generate security postures map.
In this embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security It is comprehensive that information data gathers;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls phase Answer function to carry out the filtration of warning information, polymerization, be simultaneous for the background event that is likely to occur or substantially do not hinder safe Event, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces prison Depending on the interference of personnel, on the other hand in order to avoid security breaches, this kind of security incident is put in temporary store, when occurring 2 Regarding as new security incident time more than secondary, the misdetection rate of now security incident is less than 5 ‰, and this makes the security row of military posture map Higher for verity, this improves the credibility of military posture map from another point of view;Devise new network safety situation and calculate public affairs Formula, considers the security postures of node and link simultaneously, it is contemplated that the impact of many factors;Maximum by P ' (t) and B ' (t) Pressure is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is one Determine degree and inhibit the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
Consider the impact of the dynamically change of node and link in this embodiment, relative to present discrete type node and For link performance condition express method, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3 +J4Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Application scenarios 2:
A kind of based on cloud network automatic saler system as shown in Figure 1, including vending machine, wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8, statistic unit 5 of selling goods, cloud network 6 and security postures map system 7;Described wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8 and statistic unit 5 of selling goods are equal Be arranged on vending machine, described touch screen 3 be connected with Music on Demand device 2 and statistic unit 5 of selling goods respectively, client can by touch Touching screen 3 and carry out Music on Demand, Music on Demand device 2 is adjusted 6 to take the music of user's program request in music libraries by cloud network and is played out;With Time client can also buy the article in vending machine by touch screen 3, buy complete statistic unit 5 of selling goods will be by sales letter every time Breath is sent to cloud network 6 by wireless receiver 1, sends to manager backstage after cloud network 6 statistical disposition, management Relevant information is monitored by member;Video information near vending machine is sent to cloud network 6 for manager backstage by camera head 4 Monitoring, theftproof lock 8 is provided with induction apparatus, sends when theftproof lock 8 is opened and reports to the police to cloud network 6;Described cloud network 6 includes Multiple network node and link, calculating and storage for data message provide and support;Described security postures map system 7 is used for Cloud network 6 generates visual security postures map, to facilitate the safety information to cloud network 6 to be monitored.
The having the beneficial effect that of this automatic saler system utilize cloud network for vending machine add cloud Music on Demand function and Remote shooting, anti-theft alarm function, improve amusement and the security performance of automatic vending machine, alleviate the investment of home server Cost.
Preferably, described theftproof lock 8 is finger-print cipher induction lock.
Preferably, described camera head 4 is adjustable-angle photographic head.Described Music on Demand device 2 can use common tool There is the program-requesting software of network interface.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information, The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2, T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously In, when same node is had reached 3 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 6 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1 T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest, B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours Node and the safe condition of link, generate security postures map.
In this embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security It is comprehensive that information data gathers;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls phase Answer function to carry out the filtration of warning information, polymerization, be simultaneous for the background event that is likely to occur or substantially do not hinder safe Event, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces prison Depending on the interference of personnel, on the other hand in order to avoid security breaches, this kind of security incident is put in temporary store, when occurring 3 Regarding as new security incident time more than secondary, the misdetection rate of now security incident is less than 6 ‰, and this makes the security row of military posture map Higher for verity, this improves the credibility of military posture map from another point of view;Devise new network safety situation and calculate public affairs Formula, considers the security postures of node and link simultaneously, it is contemplated that the impact of many factors;Maximum by P ' (t) and B ' (t) Pressure is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is one Determine degree and inhibit the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
Consider the impact of the dynamically change of node and link in this embodiment, relative to present discrete type node and For link performance condition express method, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3 +J4Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Application scenarios 3:
A kind of based on cloud network automatic saler system as shown in Figure 1, including vending machine, wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8, statistic unit 5 of selling goods, cloud network 6 and security postures map system 7;Described wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8 and statistic unit 5 of selling goods are equal Be arranged on vending machine, described touch screen 3 be connected with Music on Demand device 2 and statistic unit 5 of selling goods respectively, client can by touch Touching screen 3 and carry out Music on Demand, Music on Demand device 2 is adjusted 6 to take the music of user's program request in music libraries by cloud network and is played out;With Time client can also buy the article in vending machine by touch screen 3, buy complete statistic unit 5 of selling goods will be by sales letter every time Breath is sent to cloud network 6 by wireless receiver 1, sends to manager backstage after cloud network 6 statistical disposition, management Relevant information is monitored by member;Video information near vending machine is sent to cloud network 6 for manager backstage by camera head 4 Monitoring, theftproof lock 8 is provided with induction apparatus, sends when theftproof lock 8 is opened and reports to the police to cloud network 6;Described cloud network 6 includes Multiple network node and link, calculating and storage for data message provide and support;Described security postures map system 7 is used for Cloud network 6 generates visual security postures map, to facilitate the safety information to cloud network 6 to be monitored.
The having the beneficial effect that of this automatic saler system utilize cloud network for vending machine add cloud Music on Demand function and Remote shooting, anti-theft alarm function, improve amusement and the security performance of automatic vending machine, alleviate the investment of home server Cost.
Preferably, described theftproof lock 8 is finger-print cipher induction lock.
Preferably, described camera head 4 is adjustable-angle photographic head.Described Music on Demand device 2 can use common tool There is the program-requesting software of network interface.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information, The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2, T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously In, when same node is had reached 4 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 7 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1 T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest, B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours Node and the safe condition of link, generate security postures map.
In this embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security It is comprehensive that information data gathers;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls phase Answer function to carry out the filtration of warning information, polymerization, be simultaneous for the background event that is likely to occur or substantially do not hinder safe Event, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces prison Depending on the interference of personnel, on the other hand in order to avoid security breaches, this kind of security incident is put in temporary store, when occurring 4 Regarding as new security incident time more than secondary, the misdetection rate of now security incident is less than 7 ‰, and this makes the security row of military posture map Higher for verity, this improves the credibility of military posture map from another point of view;Devise new network safety situation and calculate public affairs Formula, considers the security postures of node and link simultaneously, it is contemplated that the impact of many factors;Maximum by P ' (t) and B ' (t) Pressure is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is one Determine degree and inhibit the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
Consider the impact of the dynamically change of node and link in this embodiment, relative to present discrete type node and For link performance condition express method, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3 +J4Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Application scenarios 4:
A kind of based on cloud network automatic saler system as shown in Figure 1, including vending machine, wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8, statistic unit 5 of selling goods, cloud network 6 and security postures map system 7;Described wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8 and statistic unit 5 of selling goods are equal Be arranged on vending machine, described touch screen 3 be connected with Music on Demand device 2 and statistic unit 5 of selling goods respectively, client can by touch Touching screen 3 and carry out Music on Demand, Music on Demand device 2 is adjusted 6 to take the music of user's program request in music libraries by cloud network and is played out;With Time client can also buy the article in vending machine by touch screen 3, buy complete statistic unit 5 of selling goods will be by sales letter every time Breath is sent to cloud network 6 by wireless receiver 1, sends to manager backstage after cloud network 6 statistical disposition, management Relevant information is monitored by member;Video information near vending machine is sent to cloud network 6 for manager backstage by camera head 4 Monitoring, theftproof lock 8 is provided with induction apparatus, sends when theftproof lock 8 is opened and reports to the police to cloud network 6;Described cloud network 6 includes Multiple network node and link, calculating and storage for data message provide and support;Described security postures map system 7 is used for Cloud network 6 generates visual security postures map, to facilitate the safety information to cloud network 6 to be monitored.
The having the beneficial effect that of this automatic saler system utilize cloud network for vending machine add cloud Music on Demand function and Remote shooting, anti-theft alarm function, improve amusement and the security performance of automatic vending machine, alleviate the investment of home server Cost.
Preferably, described theftproof lock 8 is finger-print cipher induction lock.
Preferably, described camera head 4 is adjustable-angle photographic head.Described Music on Demand device 2 can use common tool There is the program-requesting software of network interface.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information, The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2, T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously In, when same node is had reached 5 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 8 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1 T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest, B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours Node and the safe condition of link, generate security postures map.
In this embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security It is comprehensive that information data gathers;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls phase Answer function to carry out the filtration of warning information, polymerization, be simultaneous for the background event that is likely to occur or substantially do not hinder safe Event, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces prison Depending on the interference of personnel, on the other hand in order to avoid security breaches, this kind of security incident is put in temporary store, when occurring 5 Regarding as new security incident time more than secondary, the misdetection rate of now security incident is less than 8 ‰, and this makes the security row of military posture map Higher for verity, this improves the credibility of military posture map from another point of view;Devise new network safety situation and calculate public affairs Formula, considers the security postures of node and link simultaneously, it is contemplated that the impact of many factors;Maximum by P ' (t) and B ' (t) Pressure is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is one Determine degree and inhibit the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
Consider the impact of the dynamically change of node and link in this embodiment, relative to present discrete type node and For link performance condition express method, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3 +J4Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Application scenarios 5:
A kind of based on cloud network automatic saler system as shown in Figure 1, including vending machine, wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8, statistic unit 5 of selling goods, cloud network 6 and security postures map system 7;Described wireless receiver 1, Music on Demand device 2, touch screen 3, camera head 4, theftproof lock 8 and statistic unit 5 of selling goods are equal Be arranged on vending machine, described touch screen 3 be connected with Music on Demand device 2 and statistic unit 5 of selling goods respectively, client can by touch Touching screen 3 and carry out Music on Demand, Music on Demand device 2 is adjusted 6 to take the music of user's program request in music libraries by cloud network and is played out;With Time client can also buy the article in vending machine by touch screen 3, buy complete statistic unit 5 of selling goods will be by sales letter every time Breath is sent to cloud network 6 by wireless receiver 1, sends to manager backstage after cloud network 6 statistical disposition, management Relevant information is monitored by member;Video information near vending machine is sent to cloud network 6 for manager backstage by camera head 4 Monitoring, theftproof lock 8 is provided with induction apparatus, sends when theftproof lock 8 is opened and reports to the police to cloud network 6;Described cloud network 6 includes Multiple network node and link, calculating and storage for data message provide and support;Described security postures map system 7 is used for Cloud network 6 generates visual security postures map, to facilitate the safety information to cloud network 6 to be monitored.
The having the beneficial effect that of this automatic saler system utilize cloud network for vending machine add cloud Music on Demand function and Remote shooting, anti-theft alarm function, improve amusement and the security performance of automatic vending machine, alleviate the investment of home server Cost.
Preferably, described theftproof lock 8 is finger-print cipher induction lock.
Preferably, described camera head 4 is adjustable-angle photographic head.Described Music on Demand device 2 can use common tool There is the program-requesting software of network interface.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information, The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2, T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously In, when same node is had reached 6 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 9 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1 T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest, B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours Node and the safe condition of link, generate security postures map.
In this embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security It is comprehensive that information data gathers;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls phase Answer function to carry out the filtration of warning information, polymerization, be simultaneous for the background event that is likely to occur or substantially do not hinder safe Event, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces prison Depending on the interference of personnel, on the other hand in order to avoid security breaches, this kind of security incident is put in temporary store, when occurring 6 Regarding as new security incident time more than secondary, the misdetection rate of now security incident is less than 9 ‰, and this makes the security row of military posture map Higher for verity, this improves the credibility of military posture map from another point of view;Devise new network safety situation and calculate public affairs Formula, considers the security postures of node and link simultaneously, it is contemplated that the impact of many factors;Maximum by P ' (t) and B ' (t) Pressure is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is one Determine degree and inhibit the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
Consider the impact of the dynamically change of node and link in this embodiment, relative to present discrete type node and For link performance condition express method, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3 +J4Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Last it should be noted that, above example is only in order to illustrate technical scheme, rather than the present invention is protected Protecting the restriction of scope, although having made to explain to the present invention with reference to preferred embodiment, those of ordinary skill in the art should Work as understanding, technical scheme can be modified or equivalent, without deviating from the reality of technical solution of the present invention Matter and scope.

Claims (3)

1. an automatic saler system based on cloud network, is characterized in that, including vending machine, wireless receiver, music Dibbler, touch screen, camera head, theftproof lock, statistic unit of selling goods, cloud network and security postures map system;Described wireless Data collector, Music on Demand device, touch screen, camera head, theftproof lock and statistic unit of selling goods are arranged on vending machine, institute Stating touch screen and be connected with Music on Demand device and statistic unit of selling goods respectively, client can carry out Music on Demand, sound by touch screen Happy dibbler is transferred the music of user's program request in music libraries by cloud network and is played out;Client can also be purchased by touch screen simultaneously Buying the article in vending machine, buying complete statistic unit of selling goods will be sent sales information by wireless receiver every time To cloud network, sending to manager backstage after cloud network statistics processes, relevant information is monitored by manager;Shooting dress Put the video information near by vending machine and be sent to cloud network confession manager's background monitoring, theftproof lock is provided with induction apparatus, when Send when theftproof lock is opened and report to the police to cloud network;Described cloud network includes multiple network node and link, for data message Calculate and store to provide and support;Described security postures map system is used for generating visual security postures map for cloud network, To facilitate the safety information to cloud network to be monitored.
A kind of automatic saler system based on cloud network the most according to claim 1, is characterized in that, described theftproof lock is Finger-print cipher induction lock.
A kind of automatic saler system based on cloud network the most according to claim 2, is characterized in that, described camera head For adjustable-angle photographic head.
CN201610561844.2A 2016-07-14 2016-07-14 A kind of automatic saler system based on cloud network Withdrawn CN106127949A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610561844.2A CN106127949A (en) 2016-07-14 2016-07-14 A kind of automatic saler system based on cloud network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610561844.2A CN106127949A (en) 2016-07-14 2016-07-14 A kind of automatic saler system based on cloud network

Publications (1)

Publication Number Publication Date
CN106127949A true CN106127949A (en) 2016-11-16

Family

ID=57283895

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610561844.2A Withdrawn CN106127949A (en) 2016-07-14 2016-07-14 A kind of automatic saler system based on cloud network

Country Status (1)

Country Link
CN (1) CN106127949A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107145736A (en) * 2017-05-04 2017-09-08 上海博历机械科技有限公司 A kind of Traditional Chinese Medicine experts online intelligent diagnosis system based on information reservation

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107145736A (en) * 2017-05-04 2017-09-08 上海博历机械科技有限公司 A kind of Traditional Chinese Medicine experts online intelligent diagnosis system based on information reservation

Similar Documents

Publication Publication Date Title
CN106209856B (en) Method for generating big data security posture map based on trusted computing
CN103581186B (en) A kind of network security situational awareness method and system
US20160308725A1 (en) Integrated Community And Role Discovery In Enterprise Networks
CN106899691A (en) A kind of Intelligent internet of things monitoring system and method based on cloud platform
CN104346571B (en) Security breaches management method, system and equipment
CN106791655B (en) A kind of method for processing video frequency and device
CN108471429A (en) A kind of network attack alarm method and system
CN108881265A (en) A kind of network attack detecting method and system based on artificial intelligence
CN111080968B (en) Linkage control early warning method and system for accidental occurrence of solitary old people
CN108881263A (en) A kind of network attack result detection method and system
CN110839031B (en) Malicious user behavior intelligent detection system based on reinforcement learning
CN110445801B (en) Situation sensing method and system of Internet of things
CN103514694A (en) Intrusion detection monitoring system
CN101090334A (en) Method for solving mass alarm in NIDS
KR102234514B1 (en) Artificial intelligence method and system for integrated it monitoring
CN104202576B (en) A kind of intelligent video analysis system
CN107330414A (en) Act of violence monitoring method
CN109361728B (en) Hierarchical event reporting system and method based on multi-source sensing data relevance
CN103036743B (en) A kind of detection method of TCP heartbeat behavior of wooden horse of stealing secret information
CN106205188A (en) A kind of based on parking stall, visual parking lot release management system
CN106982415A (en) The monitoring system and monitoring method of people streams in public places density
CN106302412A (en) A kind of intelligent checking system for the test of information system crushing resistance and detection method
CN105959184A (en) Smart indoor air purification system
CN106127949A (en) A kind of automatic saler system based on cloud network
CN106210088A (en) A kind of contamination analysis platform of multi-source data

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C04 Withdrawal of patent application after publication (patent law 2001)
WW01 Invention patent application withdrawn after publication

Application publication date: 20161116