CN106131017A - Cloud computing information security visualization system based on trust computing - Google Patents

Cloud computing information security visualization system based on trust computing Download PDF

Info

Publication number
CN106131017A
CN106131017A CN201610554260.2A CN201610554260A CN106131017A CN 106131017 A CN106131017 A CN 106131017A CN 201610554260 A CN201610554260 A CN 201610554260A CN 106131017 A CN106131017 A CN 106131017A
Authority
CN
China
Prior art keywords
data
information
mail
trust
analysis
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610554260.2A
Other languages
Chinese (zh)
Other versions
CN106131017B (en
Inventor
陈祖斌
谢铭
胡继军
翁小云
袁勇
邓戈锋
莫英红
谢菁
张鹏
唐玲丽
黄连月
曾明霏
杭聪
贺冠博
王海
黎新
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangxi Power Grid Co Ltd
Original Assignee
何钟柱
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 何钟柱 filed Critical 何钟柱
Priority to CN201610554260.2A priority Critical patent/CN106131017B/en
Publication of CN106131017A publication Critical patent/CN106131017A/en
Application granted granted Critical
Publication of CN106131017B publication Critical patent/CN106131017B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/069Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/22Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks comprising specially adapted graphical user interfaces [GUI]

Abstract

The invention provides cloud computing information security visualization system based on trust computing, this visualization system is structure global trust environment on the basis of having the functional modules such as data mining, data identification, Data Dimensionality Reduction, and then set up a process storage from data mining to data, then the information security visualization system shown to trust data.From the beginning of the excavation of data, pretreatment module, the information analysis of trust data and the data of display module have been believable, this system is by brand-new block combiner and the algorithm of innovation, ensure that the credible and secure of the network information, achieving the credible quantization to information security and visualization assessment, the network security management for management personnel is provided convenience.

Description

Cloud computing information security visualization system based on trust computing
Technical field
The present invention relates to field of information security technology, in particular to cloud computing information security based on trust computing Visualization system.
Background technology
In recent years, social informatization constantly advances.Network application is more and more extensive, and network security problem is the most prominent Go out sternness.Network security visualization the most also becomes a field the most concerned, utilizes the visual characteristic of people, will The form of data graphically image represents, the information that user can be contained in more intuitive understanding data so that network management Safety problem present in network is judged by person, thus network condition is made analysis.
About the concept of trust computing, give defined below in ISO/IEC 15408 standard: one believable group The behavior of part, operation or process is predictable under any operating condition, and can resist application software, virus well And the destruction that certain Physical Interference causes.The basic ideas of trust computing be introduce safety chip on a hardware platform (can Letter console module) improve the safety of terminal system, say, that on each terminal platform, implant a root of trust, allow meter Calculation machine to operating system nucleus layer, more all builds trusting relationship from BIOS to application layer;Based on this, expand on network, Set up corresponding trust chain, hence into the computer immunity epoch.When terminal is under attack, self-protection, oneself can be realized Management and self-recovery.
Trust computing is that behavior safety is given birth to.According to China information security expert described in " software action " book, OK Should include for safety: the confidentiality of behavior, the integrity of behavior, the feature such as verity of behavior, in terms of military posture map, existing Study confidentiality and the verity of how guarantee information in the more formula of people, but for the integrity of behavior, especially may be used All the time there is many deficiencies in the complete information depending on changing.
Summary of the invention
It is an object of the invention to provide cloud computing information security visualization system based on trust computing, above-mentioned to solve Problem.
For solving above-mentioned technical problem, the technical solution used in the present invention is:
Cloud computing information security visualization system based on trust computing, it is characterised in that include the information being sequentially connected with Data-mining module, reliable information pretreatment module, information storage module and information analysis based on credible integrity and displaying Module;
Described information data excavates module, and certification carries out the hardware node in the network of information, it is judged that the network hardware Node credibility, sets up the trusting relationship of gathered information, obtains by the way of capturing network packet in LAN Original information data, described original information data include between IP sensitive information send detection data, mail-detection daily record data and Three kinds of data types of distributed denial of service attack data;
Described reliable information pretreatment module, carries out Data Dimensionality Reduction, identify and classify pretreatment, shape to original information data Becoming measurable quantized data, the structure for global trust environment provides basis;
Described information storage module, by storage after pretreated information data encryption to the corresponding position of cloud storage resource pool In putting, excavate module by information data, reliable information pretreatment module builds trust data platform jointly, and in trust data The secure and trusted realizing data on the basis of platform stores, and builds global trust environment;Described trust data platform also includes can Letter software system, described trusted software system provides the interface using trust data platform for operating system and application software, with Time provide integrity measurement to described trust data platform subsequent software, and the specific behavior of uncontrollable operating system is gone For audit and analysis;Described subsequent software includes that core loads software and uncontrollable operating system software;Described information data is dug Pick module is the starting point of chain-of-trust, and described information data excavates module, reliable information pretreatment module, information storage module and base Information analysis and display module in credible integrity generate and collectively form chain-of-trust, above-mentioned each system be provided with 3G module and Data transmit-receive application program, data are transmitted by 3G module, after 3G module powers on, described trust data platform carry out on Electro-detection;
Described information analysis based on credible integrity and display module, at the trust data platform base built On realize the extraction of information, analyze and show, provide visual trust data and figure to show for management personnel, it includes postal Part contact relation analysis shows that submodule, daily record number of times distributional analysis show that between submodule, IP, information sends relation analysis displaying Submodule, sensitive email relaying path analysis and show submodule and distributed denial of service attack data analysis and show submodule Block, particularly as follows:
(1) submodule is shown in mail contact relation analysis, for the mail-detection daily record of storage in cloud storage resource pool Data carry out extracting, analyze, process, and show a certain specify the time period in the sensitive mail contact relation that detects;Described postal Part contact relation analysis shows that submodule enables users to interact with interface by the calendar on design optional date, user Can arbitrarily select the time period to be checked, the following operation of concrete execution:
The time period selected according to user, the data in cloud storage resource pool are chosen by system, after choosing data With the form of dictionary, data are stored, through data being analyzed process, according to the transmitting-receiving corresponding relation of sensitive mail Generate corresponding matrix data model;Subsequently, by the form of chord figure, the transmitting-receiving of mail sensitive in the selected time period is closed System carries out visual presentation, and each different mailboxes are distributed in circle around, show email address at circular outside profile, if Having the transmission relation of sensitive information between different mailboxes, just do ribbon lines between two mailboxes, lines are thick One side represents the sender of mail, and the thin side of lines represents the recipient of mail;
(2) submodule is shown in the distributional analysis of daily record number of times, for carrying out according to time period and the daily record quantity that detects Classification and statistics, and show by the form of dendrogram, particularly as follows:
(2-1) log data set W of reception is divided into n time subset, i.e. W={W1, W2 according to the time period ..., Wj ..., Wn};
(2-2) be manually set m daily record quantitative levels, by each time subset Wj divide m level subset, i.e. W1j, W2j、…、Wij、…、Wmj;
(2-3) with log data set W as root, Wj is ground floor node, and Wij is second layer joint structure tree TW;
(2-5) calculating the value of each node in tree TW, wherein the value of leaf node is the value of this data element, non- The value of leaf node is equal to the value sum of all child nodes of its lower floor, and so far log data set W has been configured to a tree-shaped Data structure;
(2-6) dendrogram that the tree data structure of generation is mapped as on two dimensional surface;
(3) between IP, information sends relation analysis displaying submodule, for being pointed to the IP of cloud storage resource pool relevant position Between sensitive information send detection data carry out extracting, analyze, statistical disposition, shown by visual presentation form and interface alternation Sensitive information between IP different in certain period of time sends incidence relation;Between described IP, information sends relation analysis displaying Module use the time period select mechanism and scatterplot layout exhibition method, use joint form presentation-entity, lines presentation-entity it Between contact, represent that information between IP sends the degree of strength of incidence relation with size of node, have according to mouse click event Optionally carry out level displaying;Mouse-over there will be the details of correspondent entity, described details bag on node Including ID, discovery time, click entity can select all IP related with selected node;It is provided with search engine simultaneously System, the IP related information that user wants to check by inputting a certain IP to select;
The transmitting-receiving corresponding relation of described mail is obtained, particularly as follows: first pass through solution by the TCP closure obtaining mail The network packet that analysis obtains, obtains including source IP address, purpose IP address, source port, destination interface, the information of serial number, And with four-tuple 1{ source IP address, source port, purpose IP address, destination interface and the IP address of four-tuple 2:{ mesh, destination Mouthful, source IP address, source port indicate the both direction that TCP connects respectively, then by the application layer data of network packet according to Serial number sequentially writes in the journal file corresponding with TCP closure.
(4) sensitive email relaying path analysis and displaying submodule, for by analyzing and processing statistics mail-detection daily record Detection data in data and email relaying relation, show the road that a certain specific mail is forwarded between different mailboxes Footpath, particularly as follows:
First, user inputs the key word contained by mail header to be searched for or mail header, system in search box According to key word, mail header all of in mail record data is carried out fuzzy matching retrieval, if not retrieving defeated with user Enter the mail matched, then send information reminding user and re-enter;If being successfully retrieved relative recording, result just will be retrieved Showing user with the form of Table content, be that the title of each mail adds Cl ick event simultaneously, user clicks on target postal The title of part, backstage again carries out retrieval coupling, finds the forwarding record of this mail according to mail selected by user to mail record, And the article receiving and sending people every time forwarded is carried out statistic record with the form of dictionary, the data required for structure visual presentation;? After, show that the forward-path of mail is presented to user and provides interactive function with the form of a stacking dendrogram, if certain postal Case is afterbody recipient, then the summit of tree diagram is hollow display, if this email relaying is also given additionally by this mailbox One or several mailboxes, then the tree diagram node representing this mailbox is set to solid;Described Table content include mail ID, Mail header, mail time, mail originator and Email attachment number;
(5) distributed denial of service attack data analysis and displaying submodule, be used for extracting, analyze and show distributed refusing Service attack data absolutely, particularly as follows:
(5-1) distributed denial of service attack data analysis and displaying submodule are from the relevant position of cloud storage resource pool Extracting distributed denial of service attack data, use Hash table to store, in Hash table, keyword uses character string forms, word Symbol string forms by source IP, port numbers and according to the time label three selected by the time interval of user's setting, appoints in these three Anticipating when a newly-built element occurs different and newly-built element will be inserted in Hash table, each element is table in graphical Showing a node, the relation representing and being connected between main frame, the value that in Hash table, keyword is corresponding represents that this time connects communication Data total amount in activity;
(5-2) calculate the coordinate figure of all nodes, and then the point with coordinate information is drawn, and according to different need Ask carry out time interval, the adjustment of unit radius parameter that figure shows, the principle followed when wherein drawing is: host node With the line different colours between Centroid represents the size of amount of communication data in time interval, enter according to certain coefficient Row maps;Host node is made up of some concentric circulars, and the contrast intensity of color represents the port number related in this connection Amount.
Preferably, it is characterised in that described reliable information pretreatment module includes Data Dimensionality Reduction unit, data identification unit And data sorting unit, the structure for global trust environment provides basis, particularly as follows:
(1) Data Dimensionality Reduction unit, for using the PCA of improvement to eliminate the redundancy between original information data, fall The dimension of low original information data, particularly as follows:
1) N bar original information data to be analyzed is extracted, as matrix X=[x1,x2,…,xN], wherein xiBe i-th former Beginning information data;
2) meansigma methods of N bar original information data is solved:
x ‾ = 1 N Σ i = 1 N x i
3) the covariance matrix A of N bar original information data is solved:
A = 1 N Σ i = 1 N ( x i - x ‾ ) ( x i - x ‾ ) T
4) according to its main component element of eigenvalue calculation of covariance matrix A:
iiδi
Wherein μi, δiIt is respectively eigenvalue and characteristic of correspondence vector;
5) according to given precision ρ, by numerical computation method, front M eigenvalue of maximum is solved:
Σ i = 1 M μ i / Σ i = 1 N μ i ≥ ρ
Wherein, the span of M is
6) front M eigenvalue of maximum and characteristic of correspondence vector, order are taken
Φ=[δ12,…,δM], Γ=diag (μ12,…,μM)
Then there is A Φ=Φ Γ;
7) the new matrix Y=Φ of low-dimensional vector composition is calculatedTX;
(2) data identification unit, for the original information data after reducing dimension is identified detection, removes uncorrelated Information data, obtain relevant information data;
(3) data sorting unit, for classifying according to data type to relevant information data.
Preferably, described data identification unit includes being identified distributed denial of service attack data, particularly as follows:
1) the n bar original information data matrix after dimensionality reduction is set as Y '=ΦTX ', wherein X '=[x1,x2,…,xn], xj∈ X ', selection Db3 small echo is as analysis wavelet, and selects maximum decomposition scale, uses decomposition algorithm to carry out wavelet decomposition Y ' and obtains To matrix of wavelet coefficients, when j≤out to out, from matrix of wavelet coefficients, extract high frequency coefficient, calculate the variance of little coefficient After Ψ, according to [j, log2Ψ] fitting a straight line tries to achieve slope k, thus solves self similar parameter Hurst value H of network traffics:
H=(k-1)/2
2) the Hurst changing value Δ H=H the most in the same time tried to achieve by analysist-Ht-1, set threshold T, if Δ H > T, it is determined that distributed denial of service attack occurs, preserves corresponding original information data;If Δ H≤T, it is determined that distributed refusal takes Business is attacked and is not sent, and removes corresponding original information data.Technical scheme disclosed by the invention can include following useful effect Really:
1, Data Dimensionality Reduction unit, data identification unit and data sorting unit are set in reliable information pretreatment module, Original information data is carried out dimensionality reduction, identifies and classification process, thus realize different types of data are stored in cloud storage money In the diverse location in pond, source, it is beneficial to information analysis based on credible integrity and the display module extraction to corresponding data, enters one Step improves the speed of service of system;
2, utilize visual technology, be directed in network security detecting system sensitive information type in the network captured And transmission situation etc. carries out visual displaying, from five different angles, network security detection data are analyzed and open up Show, be that between the contact relation analysis displaying between each mailbox of the sensitive mail, IP and IP, sensitive information sends relation respectively Analyse from visual presentation, be directed to the analysis displaying of a certain specific mail forward-path between different mailboxes, daily record number of times Distributional analysis is shown with displaying and distributed denial of service attack data analysis, it is possible to provide accurately, in all directions in network Security log information, improves the credible integrity degree of whole system;
3, in submodule is shown in daily record number of times distributional analysis, construct one and be simultaneously based on daily record issuing time section sum The laminar dendrogram of amount grade, user can intuitively arrive according to issuing time and issue quantity and check that situation is issued in daily record; Show in submodule in mail contact relation analysis, by resolving and restructuring network packet, complete TCP can be obtained and connect letter Breath, and use stacking dendrogram to be shown, enable users to check that targeted mails is without the forwarding between mailbox clear and intuitively Situation, to facilitate management personnel to make corresponding judgement and decision-making;
4, distributed denial of service attack data analysis is with displaying submodule, signs based on the time and carries out distributed refusal clothes The extraction of business attack data, and the principle of graphic plotting is proposed, focus is concentrated on the conditioned basic of attack, and is not Monitoring when attacking after assailant has possessed all conditions and display, and can be to distributed denial of service attack pattern Carry out various dimensions to show, it addition, according to the adjustment of the different unit radius parameters that demand carries out time interval, figure shows, carry The performance that high user is mutual.
It should be appreciated that it is only exemplary that above general description and details hereinafter describe, can not be limited this Open.
Accompanying drawing explanation
Fig. 1 is the connection diagram of each module of the present invention;
Reference:
Information data excavates module 1, reliable information pretreatment module 2, information storage module 3, based on credible integrity Information analysis and display module 4, Data Dimensionality Reduction unit 21, data identification unit 22, data sorting unit 23, contact relation analysis Show that submodule 41, daily record number of times distributional analysis are shown between submodule 42, IP that information sends relation analysis and shown submodule 43, quick Sense email relaying path analysis and displaying submodule 44, distributed denial of service attack data analysis and displaying submodule 45.
Accompanying drawing herein is merged in description and constitutes the part of this specification, it is shown that meet the enforcement of the present invention Example, and for explaining the principle of the present invention together with description.
Detailed description of the invention
Below by specific embodiment and combine accompanying drawing the present invention is described in further detail.
Seeing Fig. 1, the present embodiment cloud computing based on trust computing information security visualization system, including be sequentially connected with Information data excavates module 1, reliable information pretreatment module 2, information storage module 3 and information analysis based on credible integrity With display module 4;
Described information data excavates module 1, and certification carries out the hardware node in the network of information, it is judged that the network hardware Node credibility, sets up the trusting relationship of gathered information, obtains by the way of capturing network packet in LAN Original information data, described original information data include between IP sensitive information send detection data, mail-detection daily record data and Three kinds of data types of distributed denial of service attack data;
Described reliable information pretreatment module 2, carries out Data Dimensionality Reduction, identify and classify pretreatment to original information data, Forming measurable quantized data, the structure for global trust environment provides basis;
Described information storage module 3, storage after pretreated information data encryption is corresponding to cloud storage resource pool In position, excavate module by information data, reliable information pretreatment module builds trust data platform jointly, and credible The secure and trusted realizing data on the basis of data platform stores, and builds global trust environment;Described trust data platform also wraps Including trusted software system, described trusted software system provides for operating system and application software and uses connecing of trust data platform Mouthful, described trust data platform subsequent software is provided integrity measurement, and the specific behavior to uncontrollable operating system simultaneously Carry out behavior auditing and analysis;Described subsequent software includes that core loads software and uncontrollable operating system software;Described information Data-mining module is the starting point of chain-of-trust, and described information data excavates module, reliable information pretreatment module, information storage mould Block and information analysis based on credible integrity generate with display module and collectively form chain-of-trust, and above-mentioned each system is provided with 3G Module and data transmit-receive application program, data are transmitted by 3G module, after 3G module powers on, by described trust data platform Carry out upper electro-detection;
Described information analysis based on credible integrity and display module 4, at the trust data platform base built Realizing the extraction of information on plinth, analyze and show, provide visual trust data and figure to show for management personnel, it includes Mail contact relation analysis shows that submodule 41, daily record number of times distributional analysis show that between submodule 42, IP, information sends relation Analysis is shown submodule 43, sensitive email relaying path analysis and shows submodule 44 and distributed denial of service attack data analysis With show submodule 45, particularly as follows:
(1) submodule 41 is shown in mail contact relation analysis, for the mail-detection day of storage in cloud storage resource pool Will data carry out extracting, analyze, process, and show a certain specify the time period in the sensitive mail contact relation that detects;Described Mail contact relation analysis shows that submodule 41 enables users to interact with interface by the calendar on design optional date, uses Family can arbitrarily select the time period to be checked, the following operation of concrete execution:
The time period selected according to user, the data in cloud storage resource pool are chosen by system, after choosing data With the form of dictionary, data are stored, through data being analyzed process, according to the transmitting-receiving corresponding relation of sensitive mail Generate corresponding matrix data model;Subsequently, by the form of chord figure, the transmitting-receiving of mail sensitive in the selected time period is closed System carries out visual presentation, and each different mailboxes are distributed in circle around, show email address at circular outside profile, if Having the transmission relation of sensitive information between different mailboxes, just do ribbon lines between two mailboxes, lines are thick One side represents the sender of mail, and the thin side of lines represents the recipient of mail;
(2) submodule 42 is shown in the distributional analysis of daily record number of times, for entering according to time period and the daily record quantity that detects Row classification and statistics, and show by the form of dendrogram, particularly as follows:
(2-1) log data set W of reception is divided into n time subset, i.e. W={W1, W2 according to the time period ..., Wj ..., Wn};
(2-2) be manually set m daily record quantitative levels, by each time subset Wj divide m level subset, i.e. W1j, W2j ..., Wij ..., Wmj, wherein the span of m is [4,8];
(2-3) with log data set W as root, Wj is ground floor node, and Wij is second layer joint structure tree TW;
(2-5) calculating the value of each node in tree TW, wherein the value of leaf node is the value of this data element, non- The value of leaf node is equal to the value sum of all child nodes of its lower floor, and so far log data set W has been configured to a tree-shaped Data structure;
(2-6) dendrogram that the tree data structure of generation is mapped as on two dimensional surface;
(3) between IP, information sends relation analysis displaying submodule 43, for being pointed to cloud storage resource pool relevant position Between IP sensitive information send detection data carry out extracting, analyze, statistical disposition, by visual presentation form and interface alternation exhibition Sensitive information between IP different in showing certain period of time sends incidence relation;Between described IP, information sends relation analysis displaying Submodule 43 uses the time period to select mechanism and scatterplot layout exhibition method, uses joint form presentation-entity, and lines represent real With size of node, contact between body, represents that between IP, information sends the degree of strength of incidence relation, according to click thing Part selectively carries out level displaying;Mouse-over there will be the details of correspondent entity, described detailed letter on node Breath includes that ID, discovery time, click entity will select all IP related with selected node, and only display should Sub-network figure, the most also shows its corresponding relation sending information with the form of word;It is provided with search mechanisms, user simultaneously The IP related information that a certain IP selects to want to check can be inputted;
(4) sensitive email relaying path analysis and displaying submodule 44, for by analyzing and processing statistics mail-detection day Detection data in will data and email relaying relation, show the road that a certain specific mail is forwarded between different mailboxes Footpath, particularly as follows:
First, user inputs the key word contained by mail header to be searched for or mail header, system in search box According to key word, mail header all of in mail record data is carried out fuzzy matching retrieval, if not retrieving defeated with user Enter the mail matched, then send information reminding user and re-enter;If being successfully retrieved relative recording, result just will be retrieved Showing user with the form of Table content, be that the title of each mail adds Click event simultaneously, user clicks on target postal The title of part, backstage again carries out retrieval coupling, finds the forwarding record of this mail according to mail selected by user to mail record, And the article receiving and sending people every time forwarded is carried out statistic record with the form of dictionary, the data required for structure visual presentation;? After, show that the forward-path of mail is presented to user and provides interactive function with the form of a stacking dendrogram, if certain postal Case is afterbody recipient, then the summit of tree diagram is hollow display, if this email relaying is also given additionally by this mailbox One or several mailboxes, then the tree diagram node representing this mailbox is set to solid;
(5) distributed denial of service attack data analysis with show submodule 45, be used for extracting, analyze and show distributed Denial of Service attack data, particularly as follows:
1) distributed denial of service attack data analysis and displaying submodule 45 are from the relevant position of cloud storage resource pool Extracting distributed denial of service attack data, use Hash table to store, in Hash table, keyword uses character string forms, word Symbol string forms by source IP, port numbers and according to the time label three selected by the time interval of user's setting, appoints in these three Anticipating when a newly-built element occurs different and newly-built element will be inserted in Hash table, each element is in the future graphical Being all a node in expression, the relation representing and being connected between main frame, the value that in Hash table, keyword is corresponding represents this time Connect the data total amount in communication activity;
2) calculate the coordinate figure of all nodes, and then the point with coordinate information is drawn, and according to different demands Carry out time interval, the adjustment of unit radius parameter that figure shows, the principle followed when wherein drawing is: host node and in Line between heart node represents the size of amount of communication data in time interval, maps according to certain coefficient, and communicate number Representing according to amount different colours, the expression amount of communication data that color is red is bigger;Host node is made up of some concentric circulars, face The contrast intensity of color represents the port number related in this connection.
Wherein, described reliable information pretreatment module 2 includes that Data Dimensionality Reduction unit 21, data identification unit 22 and data are divided Class unit 23, particularly as follows:
(1) Data Dimensionality Reduction unit 21, for use the PCA of improvement eliminate between original information data superfluous Remaining, reduce the dimension of original information data, the PCA of described improvement is:
1) N bar original information data to be analyzed is mentioned, as matrix X=[x1,x2,…,xN], wherein xiBe i-th former Beginning information data;
2) meansigma methods of N bar original information data is solved:
x ‾ = 1 N Σ i = 1 N x i
3) the covariance matrix M of N bar original information data is solved:
A = 1 N Σ i = 1 N ( x i - x ‾ ) ( x i - x ‾ ) T
4) according to the eigenvalue problem calculating main component element of covariance matrix A:
iiδi
Wherein μi, δiIt is respectively eigenvalue and the characteristic of correspondence vector of M;
5) according to given precision ρ, by numerical computation method, front M eigenvalue of maximum is solved:
Σ i = 1 M μ i / Σ i = 1 N μ i ≥ ρ
Wherein, the span of M is
6) front M eigenvalue of maximum and characteristic of correspondence vector, order are taken
Φ=[δ12,…,δM], Γ=diag (μ12,…,μM)
Then there is A Φ=Φ Γ;
7) the new matrix Y=Φ of low-dimensional vector composition is calculatedTX;
(2) data identification unit 22, for the original information data after reducing dimension is identified detection, remove not phase The information data closed, obtains relevant information data;
(3) data sorting unit 23, for classifying according to data type to relevant information data.
Wherein, described data identification unit 22 includes being identified distributed denial of service attack data, particularly as follows:
1) the K bar original information data matrix after dimensionality reduction is set as Y '=ΦTX ', wherein X '=[x1,x2,…,xK], xj∈ X ', selection Db3 small echo is as analysis wavelet, and selects maximum decomposition scale, uses decomposition algorithm to carry out wavelet decomposition Y ' and obtains To matrix of wavelet coefficients, when j≤out to out, from matrix of wavelet coefficients, extract high frequency coefficient, calculate the variance of little coefficient After Ψ, and according to [j, log2Ψ] fitting a straight line tries to achieve slope k, thus solves the self similar parameter Hurst value of network traffics H:
H=(k-1)/2
2) the Hurst changing value Δ H=H the most in the same time tried to achieve by analysist-Ht-1, set threshold T, if Δ H > T, it is determined that distributed denial of service attack occurs, preserves corresponding original information data;If Δ H≤T, it is determined that distributed refusal takes Business is attacked and is not sent, and removes corresponding original information data.
Wherein, the transmitting-receiving corresponding relation of described mail is obtained by the TCP closure obtaining mail, first passes through parsing The network packet obtained, obtains including source IP address, purpose IP address, source port, destination interface, the information of serial number, and With four-tuple 1: source IP address, source port, purpose IP address, destination interface and four-tuple 2: purpose IP address, destination interface, source IP address, source port, indicate the both direction that TCP connects respectively, then by the application layer data of network packet according to sequence In the journal file that number sequentially write is corresponding with TCP closure.
Wherein, described Table content includes mail ID, mail header, mail time, mail originator and Email attachment Number.
The present embodiment arranges Data Dimensionality Reduction unit 21, data identification unit 22 sum in reliable information pretreatment module 2 According to taxon 23, original information data is carried out dimensionality reduction, identifies and classification process, thus realize depositing different types of data Storage, in the diverse location of cloud storage resource pool, is beneficial to information analysis based on credible integrity with display module 4 to respective counts According to extraction, further increase the speed of service of system;Utilize visual technology, be directed in network security detecting system In the network captured, sensitive information type and transmission situation etc. carry out visual displaying, from five different angles to net Network safety detection data are analyzed and show, accurate, comprehensive and facilitate management personnel to make corresponding to judge and decision-making, carry The high credible integrity degree of whole system;The distributed denial of service attack data analysis arranged can be right with displaying submodule 45 Distributed denial of service attack pattern carries out various dimensions and shows, facilitates management personnel to make corresponding judgement and decision-making, improves The integrity degree of information, improves the credibility of system in terms of another;And carry out time interval according to different demands, figure shows The adjustment of the unit radius parameter shown, improves the performance that user is mutual;The present embodiment value m=4,The fortune of system Line speed improves 2%.
The foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, for the skill of this area For art personnel, the present invention can have various modifications and variations.All within the spirit and principles in the present invention, that is made any repaiies Change, equivalent, improvement etc., should be included within the scope of the present invention.

Claims (3)

1. cloud computing information security visualization system based on trust computing, it is characterised in that include the Information Number being sequentially connected with According to excavating module, reliable information pretreatment module, information storage module and information analysis based on credible integrity and showing mould Block;
Described information data excavates module, and certification carries out the hardware node in the network of information, it is judged that network hardware node Credibility, sets up the trusting relationship of gathered information, obtains original by the way of capturing network packet in LAN Information data, described original information data includes that between IP, sensitive information sends detection data, mail-detection daily record data and distribution Three kinds of data types of formula Denial of Service attack data;
Described reliable information pretreatment module, carries out Data Dimensionality Reduction, identify and classify pretreatment to original information data, and formation can The quantized data of tolerance, the structure for global trust environment provides basis;
Described information storage module, by storage after pretreated information data encryption to the corresponding position of cloud storage resource pool In, jointly build trust data platform by information data excavation module, reliable information pretreatment module, and put down in trust data The secure and trusted realizing data on the basis of platform stores, and builds global trust environment;Described trust data platform also includes credible Software system, described trusted software system provides the interface using trust data platform, simultaneously for operating system and application software There is provided integrity measurement to described trust data platform subsequent software, and the specific behavior of uncontrollable operating system is carried out behavior Audit and analysis;Described subsequent software includes that core loads software and uncontrollable operating system software;Described information data is excavated Module is the starting point of chain-of-trust, described information data excavate module, reliable information pretreatment module, information storage module and based on The information analysis of credible integrity generates with display module and collectively forms chain-of-trust, and above-mentioned each system is provided with 3G module sum According to transmitting-receiving application program, data are transmitted by 3G module, after 3G module powers on, described trust data platform power on Detection;
Described information analysis based on credible integrity and display module, for realizing information in the trusted environment built Extracting, analyze and show, provide visual trust data and figure to show for management personnel, it includes mail contact relation Analysis shows that submodule, daily record number of times distributional analysis show that between submodule, IP, information sends relation analysis displaying submodule, sensitive postal Part forward-path is analyzed and shows submodule and distributed denial of service attack data analysis and show submodule, particularly as follows:
(1) submodule is shown in mail contact relation analysis, for the mail-detection daily record data of storage in cloud storage resource pool Carry out extracting, analyze, process, and show a certain specify the time period in the sensitive mail contact relation that detects;Described mail is past Carrying out relation analysis and show that submodule enables users to interact with interface by the calendar on design optional date, user can be any The time period that selection is to be checked, the following operation of concrete execution:
The time period selected according to user, the data in cloud storage resource pool are chosen by system, choose after data with word Data are stored by the form of allusion quotation, through data are analyzed process, generate according to the transmitting-receiving corresponding relation of sensitive mail Corresponding matrix data model;Subsequently, by the form of chord figure, the transmitting-receiving relation of mail sensitive in the selected time period is entered Row visual presentation, each different mailboxes are distributed in circle around, show email address at circular outside profile, if different Mailbox between have the transmission relation of sensitive information, between two mailboxes, be just ribbon lines, the side that lines are thick Represent the sender of mail, and the thin side of lines represents the recipient of mail;
(2) submodule is shown in the distributional analysis of daily record number of times, for classifying according to time period and the daily record quantity that detects And statistics, and show by the form of dendrogram, particularly as follows:
(2-1) log data set W of reception is divided into n time subset, i.e. W={W1, W2 according to the time period ..., Wj ..., Wn};
(2-2) be manually set m daily record quantitative levels, by each time subset Wj divide m level subset, i.e. W1j, W2j、…、Wij、…、Wmj;
(2-3) with log data set W as root, Wj is ground floor node, and Wij is second layer joint structure tree TW;
(2-5) calculating the value of each node in tree TW, wherein the value of leaf node is the value of this data element, non-leaf The value of node is equal to the value sum of all child nodes of its lower floor, and so far log data set W has been configured to a tree type data Structure;
(2-6) dendrogram that the tree data structure of generation is mapped as on two dimensional surface;
(3) between IP, information sends relation analysis displaying submodule, quick for being pointed between the IP of cloud storage resource pool relevant position Sense information send detection data carry out extracting, analyze, statistical disposition, show certain by visual presentation form and interface alternation Sensitive information between IP different in time period sends incidence relation;Between described IP, information sends relation analysis displaying submodule Use the time period to select mechanism and scatterplot layout exhibition method, use joint form presentation-entity, between lines presentation-entity With size of node, contact, represents that between IP, information sends the degree of strength of incidence relation, has selection according to mouse click event Property carry out level displaying;Mouse-over there will be the details of correspondent entity on node, described details include ID, Discovery time, click entity can select all IP related with selected node;It is provided with search mechanisms simultaneously, uses The IP related information that family is wanted to check by inputting a certain IP to select;
The transmitting-receiving corresponding relation of described mail is obtained by the TCP closure obtaining mail, obtains particularly as follows: first pass through parsing Network packet, obtain including source IP address, purpose IP address, source port, destination interface, the information of serial number, and with Four-tuple 1{ source IP address, source port, purpose IP address, destination interface } and the IP address of four-tuple 2:{ mesh, destination interface, source IP address, source port } indicate the both direction that TCP connects respectively, then by the application layer data of network packet according to sequence In the journal file that number sequentially write is corresponding with TCP closure;
(4) sensitive email relaying path analysis and displaying submodule, for by analyzing and processing statistics mail-detection daily record data In detection data and email relaying relation, show the path that a certain specific mail is forwarded between different mailboxes, tool Body is:
First, user inputs the key word contained by mail header to be searched for or mail header in search box, system according to Key word carries out fuzzy matching retrieval to mail header all of in mail record data, inputs phase if not retrieving with user The mail of coupling, then send information reminding user and re-enter;If being successfully retrieved relative recording, just will retrieval result with The form of Table content shows user, is that the title of each mail adds Click event simultaneously, and user clicks on targeted mails Title, backstage according to mail selected by user again mail record is carried out retrieval coupling, find the forwarding record of this mail, and The article receiving and sending people every time forwarded is carried out statistic record with the form of dictionary, the data required for structure visual presentation;Finally, Show that the forward-path of mail is presented to user and provides interactive function, if certain mailbox is with the form of a stacking dendrogram Afterbody recipient, then the summit of tree diagram is hollow display, if this email relaying is also given other one by this mailbox Individual or several mailboxes, then the tree diagram node representing this mailbox is set to solid;Described Table content includes mail ID, mail Title, mail time, mail originator and Email attachment number;
(5) distributed denial of service attack data analysis and displaying submodule, is used for extracting, analyze and show distributed refusal clothes Data are attacked in business, particularly as follows:
(5-1) distributed denial of service attack data analysis extracts from the relevant position of cloud storage resource pool with displaying submodule Distributed denial of service attack data, use Hash table to store, and in Hash table, keyword uses character string forms, character string Form by source IP, port numbers and according to the time label three selected by the time interval of user's setting, any one in these three Item newly-built element will be inserted into newly-built element in Hash table when occurring different, and each element represents one in graphical Individual node, the relation representing and being connected between main frame, the value that in Hash table, keyword is corresponding represents that this time connects communication activity In data total amount;
(5-2) calculate the coordinate figure of all nodes, and then the point with coordinate information is drawn, and enter according to different demands The adjustment of the unit radius parameter that row time interval, figure show, the principle followed when wherein drawing is: host node and center Line different colours between node represents the size of amount of communication data in time interval, reflects according to certain coefficient Penetrate;Host node is made up of some concentric circulars, and the contrast intensity of color represents the port number related in this connection.
Cloud computing information security visualization system based on trust computing the most according to claim 1, it is characterised in that institute State reliable information pretreatment module and include Data Dimensionality Reduction unit, data identification unit and data sorting unit, for global trust ring The structure in border provides basis, particularly as follows:
(1) Data Dimensionality Reduction unit, for using the PCA of improvement to eliminate the redundancy between original information data, reduces former The dimension of beginning information data, particularly as follows:
1) N bar original information data to be analyzed is extracted, as matrix X=[x1, x2,…,xN], wherein xiIt is i-th original letter Breath data;
2) meansigma methods of N bar original information data is solved:
x ‾ = 1 N Σ i = 1 N x i
3) the covariance matrix A of N bar original information data is solved:
A = 1 N Σ i = 1 N ( x i - x ‾ ) ( x i - x ‾ ) T
4) according to its main component element of eigenvalue calculation of covariance matrix A:
iiδi
Wherein μi, δiIt is respectively eigenvalue and the characteristic of correspondence vector of A;
5) according to given precision ρ, by numerical computation method, front M eigenvalue of maximum is solved:
Σ i = 1 M μ i / Σ i = 1 N μ i ≥ ρ
Wherein, the span of M is
6) front M eigenvalue of maximum and characteristic of correspondence vector, order are taken
Φ=[δ12,…,δM], Γ=diag (μ12,…,μM)
Then there is A Φ=Φ Γ;
7) the new matrix Y=Φ of low-dimensional vector composition is calculatedTX;
(2) data identification unit, for the original information data after reducing dimension is identified detection, removes incoherent letter Breath data, obtain relevant information data;
(3) data sorting unit, for classifying according to data type to relevant information data.
Cloud computing information security visualization system based on trust computing the most according to claim 1, it is characterised in that institute State data identification unit to include distributed denial of service attack data are identified, particularly as follows:
1) the n bar original information data matrix after dimensionality reduction is set as Y '=ΦTX ', wherein X '=[x1,x2,…,xn], xj∈ X ', choosing Select Db3 small echo as analysis wavelet, and select maximum decomposition scale, use decomposition algorithm to carry out wavelet decomposition Y ' and obtain small echo Coefficient matrix, when j≤out to out, extracts high frequency coefficient, after calculating variance Ψ of little coefficient, root from matrix of wavelet coefficients According to [j, log2Ψ] fitting a straight line tries to achieve slope k, thus solves self similar parameter Hurst value H of network traffics:
H=(k-1)/2
2) the Hurst changing value Δ H=H the most in the same time tried to achieve by analysist-Ht-1, set threshold T, if Δ H > T, it is determined that Distributed denial of service attack occurs, and preserves corresponding original information data;If Δ H≤T, it is determined that distributed denial of service attack Do not send, remove corresponding original information data.
CN201610554260.2A 2016-07-14 2016-07-14 Cloud computing information security visualization system based on trust computing Expired - Fee Related CN106131017B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610554260.2A CN106131017B (en) 2016-07-14 2016-07-14 Cloud computing information security visualization system based on trust computing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610554260.2A CN106131017B (en) 2016-07-14 2016-07-14 Cloud computing information security visualization system based on trust computing

Publications (2)

Publication Number Publication Date
CN106131017A true CN106131017A (en) 2016-11-16
CN106131017B CN106131017B (en) 2017-04-05

Family

ID=57282621

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610554260.2A Expired - Fee Related CN106131017B (en) 2016-07-14 2016-07-14 Cloud computing information security visualization system based on trust computing

Country Status (1)

Country Link
CN (1) CN106131017B (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106599234A (en) * 2016-12-20 2017-04-26 深圳飓风传媒科技有限公司 Data visualization processing method and system based on multidimensional identification
CN108090938A (en) * 2016-11-22 2018-05-29 北京国双科技有限公司 A kind of method for exhibiting data and device
CN108090101A (en) * 2016-11-22 2018-05-29 北京国双科技有限公司 The method and device of data display
CN108491452A (en) * 2018-02-28 2018-09-04 武汉大学 A kind of character cloud method for configuring location of distribution character driving
CN108964979A (en) * 2018-06-07 2018-12-07 成都深思科技有限公司 A kind of network data flow display system and its working method
CN109388732A (en) * 2018-10-16 2019-02-26 腾讯音乐娱乐科技(深圳)有限公司 Music ground map generalization and display methods, device and storage medium
CN109587104A (en) * 2018-02-26 2019-04-05 新华三信息安全技术有限公司 A kind of anomalous traffic detection method, device and equipment
CN110147406A (en) * 2019-05-29 2019-08-20 深圳市城市屋超科技有限公司 A kind of visual numeric simulation system and its framework method towards cloud computing
CN112134897A (en) * 2020-09-27 2020-12-25 奇安信科技集团股份有限公司 Network attack data processing method and device
CN112685756A (en) * 2020-12-30 2021-04-20 北京海泰方圆科技股份有限公司 Data writing and reading method, device, medium and equipment
US20210117908A1 (en) * 2019-10-16 2021-04-22 Ciena Corporation Graph views and models for representing networks and associated inventory
CN113392286A (en) * 2021-06-11 2021-09-14 深圳市宏博信息科技有限公司 Big data information acquisition system
CN116027903A (en) * 2023-01-30 2023-04-28 大庆市壹零零壹数据服务有限公司 Computer network security analysis system and method based on big data
CN117235761A (en) * 2023-09-22 2023-12-15 北京宝联之星科技股份有限公司 Cloud computing-based data security processing method, system and storage medium
CN117235761B (en) * 2023-09-22 2024-04-19 北京宝联之星科技股份有限公司 Cloud computing-based data security processing method, system and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102546638A (en) * 2012-01-12 2012-07-04 冶金自动化研究设计院 Scene-based hybrid invasion detection method and system
CN104462995A (en) * 2014-11-28 2015-03-25 福建畅云安鼎信息科技有限公司 Digital processing safety protection system
CN104573516A (en) * 2014-12-25 2015-04-29 中国科学院软件研究所 Industrial control system trusted environment control method and platform based on safety chip
US20150242594A1 (en) * 2014-02-21 2015-08-27 Venafi, Inc. Trust Map Management and User Interface

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102546638A (en) * 2012-01-12 2012-07-04 冶金自动化研究设计院 Scene-based hybrid invasion detection method and system
US20150242594A1 (en) * 2014-02-21 2015-08-27 Venafi, Inc. Trust Map Management and User Interface
CN104462995A (en) * 2014-11-28 2015-03-25 福建畅云安鼎信息科技有限公司 Digital processing safety protection system
CN104573516A (en) * 2014-12-25 2015-04-29 中国科学院软件研究所 Industrial control system trusted environment control method and platform based on safety chip

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108090938A (en) * 2016-11-22 2018-05-29 北京国双科技有限公司 A kind of method for exhibiting data and device
CN108090101A (en) * 2016-11-22 2018-05-29 北京国双科技有限公司 The method and device of data display
CN106599234A (en) * 2016-12-20 2017-04-26 深圳飓风传媒科技有限公司 Data visualization processing method and system based on multidimensional identification
CN109587104A (en) * 2018-02-26 2019-04-05 新华三信息安全技术有限公司 A kind of anomalous traffic detection method, device and equipment
CN108491452A (en) * 2018-02-28 2018-09-04 武汉大学 A kind of character cloud method for configuring location of distribution character driving
CN108491452B (en) * 2018-02-28 2021-09-14 武汉大学 Character cloud position configuration method driven by geographic space distribution characteristics
CN108964979B (en) * 2018-06-07 2021-05-18 成都深思科技有限公司 Network data stream display system and working method thereof
CN108964979A (en) * 2018-06-07 2018-12-07 成都深思科技有限公司 A kind of network data flow display system and its working method
CN109388732B (en) * 2018-10-16 2022-02-25 腾讯音乐娱乐科技(深圳)有限公司 Music map generating and displaying method, device and storage medium
CN109388732A (en) * 2018-10-16 2019-02-26 腾讯音乐娱乐科技(深圳)有限公司 Music ground map generalization and display methods, device and storage medium
CN110147406A (en) * 2019-05-29 2019-08-20 深圳市城市屋超科技有限公司 A kind of visual numeric simulation system and its framework method towards cloud computing
US20210117908A1 (en) * 2019-10-16 2021-04-22 Ciena Corporation Graph views and models for representing networks and associated inventory
CN112134897A (en) * 2020-09-27 2020-12-25 奇安信科技集团股份有限公司 Network attack data processing method and device
CN112134897B (en) * 2020-09-27 2023-04-18 奇安信科技集团股份有限公司 Network attack data processing method and device
CN112685756A (en) * 2020-12-30 2021-04-20 北京海泰方圆科技股份有限公司 Data writing and reading method, device, medium and equipment
CN113392286A (en) * 2021-06-11 2021-09-14 深圳市宏博信息科技有限公司 Big data information acquisition system
CN113392286B (en) * 2021-06-11 2022-02-11 深圳市宏博信息科技有限公司 Big data information acquisition system
CN116027903A (en) * 2023-01-30 2023-04-28 大庆市壹零零壹数据服务有限公司 Computer network security analysis system and method based on big data
CN116027903B (en) * 2023-01-30 2023-09-29 中软国际科技服务有限公司 Computer network security analysis system and method based on big data
CN117235761A (en) * 2023-09-22 2023-12-15 北京宝联之星科技股份有限公司 Cloud computing-based data security processing method, system and storage medium
CN117235761B (en) * 2023-09-22 2024-04-19 北京宝联之星科技股份有限公司 Cloud computing-based data security processing method, system and storage medium

Also Published As

Publication number Publication date
CN106131017B (en) 2017-04-05

Similar Documents

Publication Publication Date Title
CN106131017B (en) Cloud computing information security visualization system based on trust computing
CN110380896A (en) Network security situation awareness model and method based on attack graph
CN104660594B (en) A kind of virtual malicious node and its Network Recognition method towards social networks
CN103927398B (en) The microblogging excavated based on maximum frequent itemsets propagandizes colony's discovery method
CN112053221A (en) Knowledge graph-based internet financial group fraud detection method
CN107992746A (en) Malicious act method for digging and device
CN103795723B (en) Distributed type internet-of-things safety situation awareness method
US20030236652A1 (en) System and method for anomaly detection
Nguyen et al. Vasabi: Hierarchical user profiles for interactive visual user behaviour analytics
CN107092929A (en) Criminal offense case association string and method and system based on clustering technique
CN112053222A (en) Knowledge graph-based internet financial group fraud detection method
CN109858930A (en) Online trading fraud detection method based on associated diagram spectrum representative learning
CN107465691A (en) Network attack detection system and detection method based on router log analysis
CN107483451A (en) Based on serial parallel structural network secure data processing method and system, social networks
Rabbi et al. An Approximation For Monitoring The Efficiency Of Cooperative Across Diverse Network Aspects
CN108846043A (en) Network trace mining analysis method and system based on internet big data
Petersen Data mining for network intrusion detection: A comparison of data mining algorithms and an analysis of relevant features for detecting cyber-attacks
CN112685272B (en) Interpretable user behavior abnormity detection method
Ohanuba et al. Topological data analysis via unsupervised machine learning for recognizing atmospheric river patterns on flood detection
CN106210066A (en) A kind of indoor irrigation system of long-range monitoring
Malik et al. Performance Evaluation of Classification Algorithms for Intrusion Detection on NSL-KDD Using Rapid Miner
CN106204846A (en) A kind of high security intelligent door lock system
CN106131197A (en) A kind of multifunctional intellectual cell management system
Sharma Finding communities in weighted signed social networks
CN106156256A (en) A kind of user profile classification transmitting method and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C41 Transfer of patent application or patent right or utility model
CB03 Change of inventor or designer information

Inventor after: Chen Zubin

Inventor after: Tang Lingli

Inventor after: Huang Lianyue

Inventor after: Zeng Mingfei

Inventor after: Hang Cong

Inventor after: He Guanbo

Inventor after: Wang Hai

Inventor after: Li Xin

Inventor after: He Zhongzhu

Inventor after: Xie Ming

Inventor after: Hu Jijun

Inventor after: Weng Xiaoyun

Inventor after: Yuan Yong

Inventor after: Deng Gefeng

Inventor after: Mo Yinghong

Inventor after: Xie Jing

Inventor after: Zhang Peng

Inventor before: Chen Zubin

Inventor before: Tang Lingli

Inventor before: Huang Lianyue

Inventor before: Zeng Mingfei

Inventor before: Hang Cong

Inventor before: He Guanbo

Inventor before: Wang Hai

Inventor before: Li Xin

Inventor before: Xie Ming

Inventor before: Hu Jijun

Inventor before: Weng Xiaoyun

Inventor before: Yuan Yong

Inventor before: Deng Gefeng

Inventor before: Mo Yinghong

Inventor before: Xie Jing

Inventor before: Zhang Peng

COR Change of bibliographic data
TA01 Transfer of patent application right

Effective date of registration: 20170213

Address after: 530000 Xingning, Nanning District, democratic road, No. 6,

Applicant after: GUANGXI POWER GRID CO., LTD.

Address before: 530000 Xingning, Nanning District, democratic road, No. 6,

Applicant before: He Zhongzhu

GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20170405

Termination date: 20200714