CN106205188A - A kind of based on parking stall, visual parking lot release management system - Google Patents
A kind of based on parking stall, visual parking lot release management system Download PDFInfo
- Publication number
- CN106205188A CN106205188A CN201610562304.6A CN201610562304A CN106205188A CN 106205188 A CN106205188 A CN 106205188A CN 201610562304 A CN201610562304 A CN 201610562304A CN 106205188 A CN106205188 A CN 106205188A
- Authority
- CN
- China
- Prior art keywords
- information
- cloud server
- parking stall
- security
- link
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G08—SIGNALLING
- G08G—TRAFFIC CONTROL SYSTEMS
- G08G1/00—Traffic control systems for road vehicles
- G08G1/14—Traffic control systems for road vehicles indicating individual free spaces in parking areas
- G08G1/141—Traffic control systems for road vehicles indicating individual free spaces in parking areas with means giving the indication of available parking spaces
- G08G1/143—Traffic control systems for road vehicles indicating individual free spaces in parking areas with means giving the indication of available parking spaces inside the vehicles
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Alarm Systems (AREA)
Abstract
A kind of based on parking stall, visual parking lot release management system, including card reader, native processor, display, Cloud Server, encryption system and security postures map system;Described card reader is arranged on each parking stall in parking lot, during each into or out parking stall of vehicle, car owner is with card Card Reader on card reader, card reader obtains relevant information and by wireless network, information is uploaded to Cloud Server, described relevant information includes public information and security information two parts, public information is directly uploaded to Cloud Server, and security information is uploaded to Cloud Server after encryption system;Described security information is entered into Cloud Server by management personnel individual PC by encryption system;Described Cloud Server includes multiple node and link, and described security postures map system is for generating visual security postures map for Cloud Server, to facilitate the safety information to Cloud Server to be monitored.
Description
Technical field
The present invention relates to parking stall management domain, be specifically related to a kind of based on parking stall, visual parking lot release management system
System.
Background technology
The parking stall management in parking lot is a common problem of management during people live, and existing parking space management system is the most not
The situation of parking stall can be updated in real time.Therefore, a kind of management that can reflect parking stall, parking lot situation by cloud computing in real time is researched and developed
System is necessary, and this system is it is necessary to have certain safety and monitoring property, should preserve specifically
Necessary car owner's personal information, can not make again these information be easy to leakage, and wherein the safety of Cloud Server itself is one
Critically important aspect.
Summary of the invention
For the problems referred to above, the present invention provides a kind of based on parking stall, visual parking lot release management system.
The purpose of this parking lot parking space management system realizes by the following technical solutions:
A kind of based on parking stall, visual parking lot release management system, including card reader, native processor, display,
Cloud Server, encryption system and security postures map system;Described card reader is arranged on each parking stall in parking lot, and vehicle is each
During into or out parking stall, car owner obtains relevant information with card Card Reader on card reader, card reader and information is passed through nothing
Gauze network is uploaded to Cloud Server, and described relevant information includes public information and security information two parts, described public information bag
Including the time of into or out parking stall, parking stall numbering, described security information includes that car owner registers name, telephone number, car plate
Number, public information is directly uploaded to Cloud Server, and security information is uploaded to Cloud Server after encryption system;Cloud Server connects
After receiving above-mentioned information, updated the situation that takies of parking stall by described public information, and send the processing locality extremely asking to check
In device, described native processor is integrated with the GPS alignment system on car, and car owner is come by the display being connected with native processor
Check current parking stall situation;Described security information is entered into Cloud Server by management personnel individual PC by encryption system;Described
Cloud Server includes multiple node and link, and described security postures map system is for generating visual safety for Cloud Server
Military posture map, to facilitate the safety information to Cloud Server to be monitored.
Having the beneficial effect that of this parking lot parking space management system devises a kind of parking stall, parking lot release management system, and this is
System can reflect the situation of parking stall on the native processor of car owner in real time, utilizes Cloud Server calculate and store data simultaneously,
The investment making native processor greatly reduces, and public information and security information is separately processed, and reduces security information
The possibility revealed.
Accompanying drawing explanation
The invention will be further described to utilize accompanying drawing, but the embodiment in accompanying drawing does not constitute any limit to the present invention
System, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to obtain according to the following drawings
Other accompanying drawing.
Fig. 1 is a kind of structured flowchart based on parking stall, visual parking lot release management system;
Fig. 2 is the structured flowchart of safety military posture map system;
Fig. 3 is the security postures map example after generating.
Reference: card reader-1;Native processor-2;Display-3;Cloud Server-4;Encryption system-5;Safe state
Gesture map system-6;Management personnel individual PC-7;Geographical background figure generation module-100;Safety information acquisition module-200;Number
According to storehouse generation module-300;Roller warning generation module-400;Security postures value estimation block-500;Main map generates mould
Block-600.
Detailed description of the invention
The invention will be further described with the following Examples.
Application scenarios 1:
One as shown in Figure 1, based on parking stall, visual parking lot release management system, including card reader 1, is originally located in
Reason device 2, display 3, Cloud Server 4, encryption system 5 and security postures map system 6;Described card reader 1 is arranged on parking lot
On each parking stall, during each into or out parking stall of vehicle, car owner is with card Card Reader on card reader 1, and card reader 1 obtains phase
Information is also uploaded to Cloud Server 4 by wireless network by pass information, and described relevant information includes public information and security information
Two parts, described public information includes the time of into or out parking stall, parking stall numbering, and described security information includes that car owner notes
Volume name, telephone number, license plate number, public information is directly uploaded to Cloud Server 4, and security information is uploaded after encryption system
To Cloud Server 4;After Cloud Server 4 receives above-mentioned information, by described public information update parking stall take situation, concurrently
Delivering in the native processor 2 asking to check, described native processor 2 is integrated with the GPS alignment system on car, car owner by with
The display 3 that native processor 2 is connected checks current parking stall situation;Described security information is passed through by management personnel individual PC7
Encryption system 5 is entered into Cloud Server 4;Described Cloud Server 4 includes multiple node and link, described security postures map system
6 for generating visual security postures map for Cloud Server 4, to facilitate the safety information to Cloud Server 4 to be monitored.
Having the beneficial effect that of this parking lot parking space management system devises a kind of parking stall, parking lot release management system, and this is
System can reflect the situation of parking stall on the native processor of car owner in real time, utilizes Cloud Server calculate and store data simultaneously,
The investment making native processor greatly reduces, and public information and security information is separately processed, and reduces security information
The possibility revealed.
Preferably, also include that the photographic head being arranged on each parking stall, the image that photographic head shooting obtains pass through wireless network
Network is sent in the image library of Cloud Server 4, and separately stores by the numbering of parking stall, when user needs to call image, defeated
Angle of incidence section, then Cloud Server 4 is automatically transferred corresponding image information from image library and is sent in native processor 2.
Preferably, described card reader 1 and card use Card Reader technology based on FRID.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter
Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and
Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background
Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background
On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described
Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security
Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information,
The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by
Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit
It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server
Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report
Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2,
T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes
Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node
The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar
Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar
The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current
Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar
Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI
Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's
When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add
Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously
In, when same node is had reached 2 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification
Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A
Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 5 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police
Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links
Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node
Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t
Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than
When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1
T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target
The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be
Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain
Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest,
B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when
When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link
Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked
Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be
It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root
According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours
Node and the safe condition of link, generate security postures map.
In the present embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security is believed
Cease the comprehensive of data acquisition;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls corresponding
Function carries out the filtration of warning information, polymerization, is simultaneous for the background event that is likely to occur or does not substantially hinder safe thing
Part, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces supervision
The interference of personnel, on the other hand in order to avoid security breaches, puts in temporary store by this kind of security incident, when occurring 2 times
Regarding as new security incident time above, the misdetection rate of now security incident is less than 5 ‰, and this makes the safety behavior of military posture map
Verity is higher, and this improves the credibility of military posture map from another point of view;Devise new network safety situation computing formula,
Consider the security postures of node and link, it is contemplated that the impact of many factors simultaneously;By strong for the maximum of P ' (t) and B ' (t)
System is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is necessarily
Degree inhibits the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net
Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed
The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold
The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2;
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number
According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will
The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width
Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4;
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
The present embodiment considers the impact of the dynamically change of node and link, relative to present discrete type node and chain
For the performance state method for expressing of road, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3+J4
Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Application scenarios 2:
One as shown in Figure 1, based on parking stall, visual parking lot release management system, including card reader 1, is originally located in
Reason device 2, display 3, Cloud Server 4, encryption system 5 and security postures map system 6;Described card reader 1 is arranged on parking lot
On each parking stall, during each into or out parking stall of vehicle, car owner is with card Card Reader on card reader 1, and card reader 1 obtains phase
Information is also uploaded to Cloud Server 4 by wireless network by pass information, and described relevant information includes public information and security information
Two parts, described public information includes the time of into or out parking stall, parking stall numbering, and described security information includes that car owner notes
Volume name, telephone number, license plate number, public information is directly uploaded to Cloud Server 4, and security information is uploaded after encryption system
To Cloud Server 4;After Cloud Server 4 receives above-mentioned information, by described public information update parking stall take situation, concurrently
Delivering in the native processor 2 asking to check, described native processor 2 is integrated with the GPS alignment system on car, car owner by with
The display 3 that native processor 2 is connected checks current parking stall situation;Described security information is passed through by management personnel individual PC7
Encryption system 5 is entered into Cloud Server 4;Described Cloud Server 4 includes multiple node and link, described security postures map system
6 for generating visual security postures map for Cloud Server 4, to facilitate the safety information to Cloud Server 4 to be monitored.
Having the beneficial effect that of this parking lot parking space management system devises a kind of parking stall, parking lot release management system, and this is
System can reflect the situation of parking stall on the native processor of car owner in real time, utilizes Cloud Server calculate and store data simultaneously,
The investment making native processor greatly reduces, and public information and security information is separately processed, and reduces security information
The possibility revealed.
Preferably, also include that the photographic head being arranged on each parking stall, the image that photographic head shooting obtains pass through wireless network
Network is sent in the image library of Cloud Server 4, and separately stores by the numbering of parking stall, when user needs to call image, defeated
Angle of incidence section, then Cloud Server 4 is automatically transferred corresponding image information from image library and is sent in native processor 2.
Preferably, described card reader 1 and card use Card Reader technology based on FRID.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter
Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and
Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background
Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background
On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described
Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security
Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information,
The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by
Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit
It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server
Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report
Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2,
T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes
Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node
The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar
Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar
The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current
Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar
Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI
Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's
When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add
Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously
In, when same node is had reached 3 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification
Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A
Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 6 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police
Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links
Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node
Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t
Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than
When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1
T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target
The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be
Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain
Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest,
B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when
When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link
Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked
Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be
It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root
According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours
Node and the safe condition of link, generate security postures map.
In the present embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security is believed
Cease the comprehensive of data acquisition;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls corresponding
Function carries out the filtration of warning information, polymerization, is simultaneous for the background event that is likely to occur or does not substantially hinder safe thing
Part, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces supervision
The interference of personnel, on the other hand in order to avoid security breaches, puts in temporary store by this kind of security incident, when occurring 3 times
Regarding as new security incident time above, the misdetection rate of now security incident is less than 6 ‰, and this makes the safety behavior of military posture map
Verity is higher, and this improves the credibility of military posture map from another point of view;Devise new network safety situation computing formula,
Consider the security postures of node and link, it is contemplated that the impact of many factors simultaneously;By strong for the maximum of P ' (t) and B ' (t)
System is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is necessarily
Degree inhibits the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net
Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed
The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold
The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2;
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number
According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will
The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width
Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4;
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
The present embodiment considers the impact of the dynamically change of node and link, relative to present discrete type node and chain
For the performance state method for expressing of road, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3+J4
Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Application scenarios 3:
One as shown in Figure 1, based on parking stall, visual parking lot release management system, including card reader 1, is originally located in
Reason device 2, display 3, Cloud Server 4, encryption system 5 and security postures map system 6;Described card reader 1 is arranged on parking lot
On each parking stall, during each into or out parking stall of vehicle, car owner is with card Card Reader on card reader 1, and card reader 1 obtains phase
Information is also uploaded to Cloud Server 4 by wireless network by pass information, and described relevant information includes public information and security information
Two parts, described public information includes the time of into or out parking stall, parking stall numbering, and described security information includes that car owner notes
Volume name, telephone number, license plate number, public information is directly uploaded to Cloud Server 4, and security information is uploaded after encryption system
To Cloud Server 4;After Cloud Server 4 receives above-mentioned information, by described public information update parking stall take situation, concurrently
Delivering in the native processor 2 asking to check, described native processor 2 is integrated with the GPS alignment system on car, car owner by with
The display 3 that native processor 2 is connected checks current parking stall situation;Described security information is passed through by management personnel individual PC7
Encryption system 5 is entered into Cloud Server 4;Described Cloud Server 4 includes multiple node and link, described security postures map system
6 for generating visual security postures map for Cloud Server 4, to facilitate the safety information to Cloud Server 4 to be monitored.
Having the beneficial effect that of this parking lot parking space management system devises a kind of parking stall, parking lot release management system, and this is
System can reflect the situation of parking stall on the native processor of car owner in real time, utilizes Cloud Server calculate and store data simultaneously,
The investment making native processor greatly reduces, and public information and security information is separately processed, and reduces security information
The possibility revealed.
Preferably, also include that the photographic head being arranged on each parking stall, the image that photographic head shooting obtains pass through wireless network
Network is sent in the image library of Cloud Server 4, and separately stores by the numbering of parking stall, when user needs to call image, defeated
Angle of incidence section, then Cloud Server 4 is automatically transferred corresponding image information from image library and is sent in native processor 2.
Preferably, described card reader 1 and card use Card Reader technology based on FRID.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter
Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and
Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background
Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background
On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described
Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security
Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information,
The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by
Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit
It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server
Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report
Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2,
T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes
Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node
The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar
Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar
The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current
Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar
Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI
Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's
When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add
Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously
In, when same node is had reached 4 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification
Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A
Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 7 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police
Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links
Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node
Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t
Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than
When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1
T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target
The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be
Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain
Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest,
B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when
When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link
Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked
Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be
It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root
According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours
Node and the safe condition of link, generate security postures map.
In the present embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security is believed
Cease the comprehensive of data acquisition;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls corresponding
Function carries out the filtration of warning information, polymerization, is simultaneous for the background event that is likely to occur or does not substantially hinder safe thing
Part, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces supervision
The interference of personnel, on the other hand in order to avoid security breaches, puts in temporary store by this kind of security incident, when occurring 4 times
Regarding as new security incident time above, the misdetection rate of now security incident is less than 7 ‰, and this makes the safety behavior of military posture map
Verity is higher, and this improves the credibility of military posture map from another point of view;Devise new network safety situation computing formula,
Consider the security postures of node and link, it is contemplated that the impact of many factors simultaneously;By strong for the maximum of P ' (t) and B ' (t)
System is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is necessarily
Degree inhibits the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net
Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed
The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold
The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2;
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number
According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will
The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width
Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4;
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
The present embodiment considers the impact of the dynamically change of node and link, relative to present discrete type node and chain
For the performance state method for expressing of road, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3+J4
Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Application scenarios 4:
One as shown in Figure 1, based on parking stall, visual parking lot release management system, including card reader 1, is originally located in
Reason device 2, display 3, Cloud Server 4, encryption system 5 and security postures map system 6;Described card reader 1 is arranged on parking lot
On each parking stall, during each into or out parking stall of vehicle, car owner is with card Card Reader on card reader 1, and card reader 1 obtains phase
Information is also uploaded to Cloud Server 4 by wireless network by pass information, and described relevant information includes public information and security information
Two parts, described public information includes the time of into or out parking stall, parking stall numbering, and described security information includes that car owner notes
Volume name, telephone number, license plate number, public information is directly uploaded to Cloud Server 4, and security information is uploaded after encryption system
To Cloud Server 4;After Cloud Server 4 receives above-mentioned information, by described public information update parking stall take situation, concurrently
Delivering in the native processor 2 asking to check, described native processor 2 is integrated with the GPS alignment system on car, car owner by with
The display 3 that native processor 2 is connected checks current parking stall situation;Described security information is passed through by management personnel individual PC7
Encryption system 5 is entered into Cloud Server 4;Described Cloud Server 4 includes multiple node and link, described security postures map system
6 for generating visual security postures map for Cloud Server 4, to facilitate the safety information to Cloud Server 4 to be monitored.
Having the beneficial effect that of this parking lot parking space management system devises a kind of parking stall, parking lot release management system, and this is
System can reflect the situation of parking stall on the native processor of car owner in real time, utilizes Cloud Server calculate and store data simultaneously,
The investment making native processor greatly reduces, and public information and security information is separately processed, and reduces security information
The possibility revealed.
Preferably, also include that the photographic head being arranged on each parking stall, the image that photographic head shooting obtains pass through wireless network
Network is sent in the image library of Cloud Server 4, and separately stores by the numbering of parking stall, when user needs to call image, defeated
Angle of incidence section, then Cloud Server 4 is automatically transferred corresponding image information from image library and is sent in native processor 2.
Preferably, described card reader 1 and card use Card Reader technology based on FRID.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter
Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and
Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background
Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background
On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described
Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security
Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information,
The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by
Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit
It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server
Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report
Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2,
T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes
Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node
The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar
Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar
The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current
Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar
Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI
Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's
When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add
Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously
In, when same node is had reached 5 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification
Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A
Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 8 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police
Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.US(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links
Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node
Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t
Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than
When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1
T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target
The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be
Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain
Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest,
B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when
When B ' (t) value is more than 3, injunction B ' (t)=3;Us(t)=N2 (t) .10D2(t), represent the service safe of t Target Link
Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked
Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be
It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root
According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours
Node and the safe condition of link, generate security postures map.
In the present embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security is believed
Cease the comprehensive of data acquisition;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls corresponding
Function carries out the filtration of warning information, polymerization, is simultaneous for the background event that is likely to occur or does not substantially hinder safe thing
Part, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces supervision
The interference of personnel, on the other hand in order to avoid security breaches, puts in temporary store by this kind of security incident, when occurring 5 times
Regarding as new security incident time above, the misdetection rate of now security incident is less than 8 ‰, and this makes the safety behavior of military posture map
Verity is higher, and this improves the credibility of military posture map from another point of view;Devise new network safety situation computing formula,
Consider the security postures of node and link, it is contemplated that the impact of many factors simultaneously;By strong for the maximum of P ' (t) and B ' (t)
System is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is necessarily
Degree inhibits the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net
Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed
The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold
The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2;
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number
According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will
The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width
Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4;
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
The present embodiment considers the impact of the dynamically change of node and link, relative to present discrete type node and chain
For the performance state method for expressing of road, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3+J4
Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Application scenarios 5:
One as shown in Figure 1, based on parking stall, visual parking lot release management system, including card reader 1, is originally located in
Reason device 2, display 3, Cloud Server 4, encryption system 5 and security postures map system 6;Described card reader 1 is arranged on parking lot
On each parking stall, during each into or out parking stall of vehicle, car owner is with card Card Reader on card reader 1, and card reader 1 obtains phase
Information is also uploaded to Cloud Server 4 by wireless network by pass information, and described relevant information includes public information and security information
Two parts, described public information includes the time of into or out parking stall, parking stall numbering, and described security information includes that car owner notes
Volume name, telephone number, license plate number, public information is directly uploaded to Cloud Server 4, and security information is uploaded after encryption system
To Cloud Server 4;After Cloud Server 4 receives above-mentioned information, by described public information update parking stall take situation, concurrently
Delivering in the native processor 2 asking to check, described native processor 2 is integrated with the GPS alignment system on car, car owner by with
The display 3 that native processor 2 is connected checks current parking stall situation;Described security information is passed through by management personnel individual PC7
Encryption system 5 is entered into Cloud Server 4;Described Cloud Server 4 includes multiple node and link, described security postures map system
6 for generating visual security postures map for Cloud Server 4, to facilitate the safety information to Cloud Server 4 to be monitored.
Having the beneficial effect that of this parking lot parking space management system devises a kind of parking stall, parking lot release management system, and this is
System can reflect the situation of parking stall on the native processor of car owner in real time, utilizes Cloud Server calculate and store data simultaneously,
The investment making native processor greatly reduces, and public information and security information is separately processed, and reduces security information
The possibility revealed.
Preferably, also include that the photographic head being arranged on each parking stall, the image that photographic head shooting obtains pass through wireless network
Network is sent in the image library of Cloud Server 4, and separately stores by the numbering of parking stall, when user needs to call image, defeated
Angle of incidence section, then Cloud Server 4 is automatically transferred corresponding image information from image library and is sent in native processor 2.
Preferably, described card reader 1 and card use Card Reader technology based on FRID.
Preferably, as in figure 2 it is shown, described security postures map system includes geographical background figure generation module 100, safety letter
Breath acquisition module 200, data base's generation module 300, roller warning generation module 400, security postures value estimation block 500 and
Main map generation module 600:
(1) geographical background figure generation module 100: utilize MAPX software, using the geographical map at network place as Background
Layer, splits the network into multiple node and the link connected between two nodes simultaneously, by node and link maps to Background
On layer;
(2) safety information acquisition module 200: network information data is acquired by multiple data acquisition unit, described
Data acquisition unit is based on Syslog acquisition mode, using Snmp as supplementary acquisition mode, by differently configured network security
Equipment completes the collection to network information data;Described network information data includes daily record data, data on flows and vulnerability information,
The acquisition of wherein said vulnerability information by scanning tools and network ids intrusion detection instrument, by Snmp or Http agreement by
Log collection plug-in unit or data-interface complete;Described daily record data is passed through Syslog agreement and Flow agreement by data acquisition unit
It is acquired;
(3) data base's generation module 300: the described network information data after gathering is carried out by proxy management server
Merger and filtration, form unified data form and be sent to server terminal basis of formation data base;
(4) roller warning generation module 400: network information data is carried out polymerization classification and accordingly generates roller report
Alert, described roller is reported to the police and is arranged on the right side of security postures map, the following operation of concrete execution:
(4-1) from basic database, recall network information data, multiple classification thresholds T1 is set simultaneously, T2,
T3 ..., Tn, similarity update threshold values T, curvature threshold K, similarity duration threshold A and initial similarity C, and circulation takes
Go out the network information data in preset time, call Similarity Measure function and calculate real-time similarity, and generate at each node
The curvilinear function AI of real-time similarity and time;
(4-2) result of calculation is compared, if similarity is more than initial similarity C in real time, then update the most similar
Degree is current similarity, and otherwise retaining initial similarity C is current similarity, and enumerator adds 1;
(4-3) by current similarity and multiple classification thresholds T1, T2, T3 ..., Tn compares, according to the most similar
The threshold interval at degree place determines the alarm level of this security incident, wherein T < T1 < T2 < T3 ... < Tn;If it is current
Similarity does not falls within arbitrary interval, then current similarity compared with similarity threshold values T, if current similarity is less than similar
Bottom valve value T, the then following operation of execution:
Calculating current point in time, relative to the real-time similarity variable quantity of previous time point, i.e. calculates described curvilinear function AI
Current point in time is relative to curvature K' of previous time point, if K'> is K, and current similarity is less than similarity threshold T's
When persistent period is less than similarity duration threshold A, by qualitative for this network information data for harmless security incident, do not perform to add
Add the operation of new warning classification, the relevant information of described harmless security incident is stored into the temporary store of artificial setting simultaneously
In, when same node is had reached 6 harmless security incidents by enumerator numeration, then perform to add the behaviour of new warning classification
Make;When arbitrary current similarity is less than the persistent period of similarity threshold T more than or equal to big similarity duration threshold A
Time, also perform to add the operation of new warning classification;The misdetection rate of now security incident is less than 9 ‰;
(4-4) by all-network information data, after above-mentioned polymerization sorting technique classification, to roll the form reported to the police
Display is on the right side of map, and the warning color of different classification is set to different;
(5) security postures value estimation block 500: obtain the network safety situation value of each node and link according to following formula:
FN{WH, WL, FH, FL, t}=WH.FH+WL.FL
Herein,
FH(H, V1, Fs, t)=V1.Fs(t)+10P’(t)
FL(L, V2, US, t)=V2.Us(t)+10B‘(t)
Wherein, WHRepresent the weighted value that destination node is shared in all nodes, WLRepresent that Target Link is in all links
Shared weighted value, WH、WLThe information on services provided by node and link component respectively obtains;
FHRepresenting the security postures situation of t destination node, H represents destination node, V1Represent that a certain service is transported at node
Weight shared in all services of row;P represents joint behavior situation, and P value the biggest expression joint behavior is the poorest, and P ' (t) represents t
Moment link performance changing condition, is tried to achieve by the curvature calculating function P point, and forces P ' (t)≤3, works as P ' (t) value and is more than
When 3, injunction P ' (t)=3;Fs(t)=N1 (t) .10D1(t), represent the service safe situation situation of t destination node, N1
T () represents that t node is hacked the number of times of generation, D1 (t) represents the order of severity that t node is hacked, itself and target
The attack kind that the currently provided service of node is subject to is relevant with the number of times of attack being subject to, and is manually set this letter as the case may be
Number;
FLRepresenting the security postures situation of t Target Link, L represents Target Link, V2Represent that a certain Component service is at chain
Shared weight in all component service that road is run;B represents link performance situation, and the performance of numerical value the biggest expression link is the poorest,
B ' (t) represents t link performance changing condition, is tried to achieve by the curvature calculating function B point, and forces B ' (t)≤3, when
When B ' (t) value is more than 3, injunction B ' (t)=3;US(t)=N2 (t) .10D2(t), represent the service safe of t Target Link
Situation situation, N2 (t) represents that t link is hacked the number of times of generation, and D2 (t) represents the serious journey that t link is hacked
Degree, attack kind and suffered number of times of attack that its service provided with Target Link is subject to are relevant, as the case may be
It is manually set this function;
(6) main map generation module 600: according to each node calculated and the network safety situation value of link, root
According to threshold value set in advance, the network safety situation of different numerical value is carried out classification, represent different situation grade with different colours
Node and the safe condition of link, generate security postures map.
In the present embodiment, network safety information data are acquired by multiple data acquisition unit, it is ensured that network security is believed
Cease the comprehensive of data acquisition;Algorithm based on attribute phase recency, by arranging threshold values, compares each warning information, calls corresponding
Function carries out the filtration of warning information, polymerization, is simultaneous for the background event that is likely to occur or does not substantially hinder safe thing
Part, uses similarity curvature and the new evaluation criteria of persistent period, eliminates outside Normal Alarm by this kind of event, reduces supervision
The interference of personnel, on the other hand in order to avoid security breaches, puts in temporary store by this kind of security incident, when occurring 6 times
Regarding as new security incident time above, the misdetection rate of now security incident is less than 9 ‰, and this makes the safety behavior of military posture map
Verity is higher, and this improves the credibility of military posture map from another point of view;Devise new network safety situation computing formula,
Consider the security postures of node and link, it is contemplated that the impact of many factors simultaneously;By strong for the maximum of P ' (t) and B ' (t)
System is defined to 3, then the item 10 that reaction node and link performance dynamically changeP‘(t)With 10B‘(t)Not over 1000, this is necessarily
Degree inhibits the misjudgment phenomenon in short-term being likely to occur in dynamic representation, it is ensured that the stability of image.
Preferably, the acquisition process of described joint behavior situation P is: respectively to processor utilization, memory usage, net
Network connects number, data packetloss rate arranges corresponding threshold value, and the change threshold at Fixed Time Interval, above-mentioned each value is surpassed
The absolute value sum of the difference crossing respective doors limit value is expressed as J1, by each value in Fixed Time Interval amplitude of variation more than change threshold
The absolute value sum of the concrete difference of value is expressed as J2, following formula obtain joint behavior situation P:P=2J1+J2;
The acquisition process of described link performance situation B is: respectively to link component number of network connections, bandwidth availability ratio, number
According to packet loss, link component processor utilization, corresponding threshold value, and the change threshold at Fixed Time Interval are set;Will
The absolute value sum of the concrete difference that above-mentioned each value exceedes respective doors limit value is designated as J3, and at Fixed Time Interval, each value is changed width
Degree is designated as J4 more than the absolute value sum of the concrete difference of change threshold, following formula obtain link performance situation B:B=2J3+J4;
The determination process of the weighted value of described each node is:
(1) each node is set up relative to other nodes importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by node is converted to the fuzzy consistent matrix of node;
(3) according to each element of the fuzzy consistent matrix of node, the weighted value of each node is calculated.
The determination process of the weighted value of described each link is:
(1) each link is set up relative to other links importance degree comparator matrix on network safety situation;
(2) the importance degree comparator matrix by link is converted to the fuzzy consistent matrix of link;
(3) according to each element of the fuzzy consistent matrix of link, the weighted value of each link is calculated.
Fig. 3 gives the example of the security postures map after generation.
The present embodiment considers the impact of the dynamically change of node and link, relative to present discrete type node and chain
For the performance state method for expressing of road, the dynamically change of node and link (can be passed through P=2 continuouslyJ1+J2And B=2J3+J4
Arrange replace discrete type of the prior art and dynamically change) be reacted in final security postures value.
Last it should be noted that, above example is only in order to illustrate technical scheme, rather than the present invention is protected
Protecting the restriction of scope, although having made to explain to the present invention with reference to preferred embodiment, those of ordinary skill in the art should
Work as understanding, technical scheme can be modified or equivalent, without deviating from the reality of technical solution of the present invention
Matter and scope.
Claims (3)
1., based on parking stall, a visual parking lot release management system, it is characterized in that, including card reader, native processor,
Display, Cloud Server, encryption system and security postures map system;Described card reader is arranged on each parking stall in parking lot,
During each into or out parking stall of vehicle, car owner obtains relevant information with card Card Reader on card reader, card reader and will believe
Breath is uploaded to Cloud Server by wireless network, and described relevant information includes public information and security information two parts, described public affairs
The information of opening includes the time of into or out parking stall, parking stall numbering, and described security information includes that car owner registers name, contact electricity
Words, license plate number, public information is directly uploaded to Cloud Server, and security information is uploaded to Cloud Server after encryption system;Cloud
After server receives above-mentioned information, updated the situation that takies of parking stall by described public information, and send what extremely request was checked
In native processor, described native processor is integrated with the GPS alignment system on car, and car owner is by being connected with native processor
Display checks current parking stall situation;Described security information is entered into cloud service by management personnel individual PC by encryption system
Device;Described Cloud Server includes multiple node and link, and described security postures map system is visual for generating for Cloud Server
The security postures map changed, to facilitate the safety information to Cloud Server to be monitored.
One the most according to claim 1, based on parking stall, visual parking lot release management system, is characterized in that, also wraps
Including the photographic head being arranged on each parking stall, the image that photographic head shooting obtains is sent to the figure of Cloud Server by wireless network
As in storehouse, and separately store by the numbering of parking stall, when user needs to call image, input time section, then Cloud Server from
Dynamic from image library, transfer corresponding image information be sent in native processor.
One the most according to claim 2, based on parking stall, visual parking lot release management system, is characterized in that, described
Card reader and card use Card Reader technology based on FRID.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610562304.6A CN106205188A (en) | 2016-07-14 | 2016-07-14 | A kind of based on parking stall, visual parking lot release management system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610562304.6A CN106205188A (en) | 2016-07-14 | 2016-07-14 | A kind of based on parking stall, visual parking lot release management system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106205188A true CN106205188A (en) | 2016-12-07 |
Family
ID=57475601
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610562304.6A Withdrawn CN106205188A (en) | 2016-07-14 | 2016-07-14 | A kind of based on parking stall, visual parking lot release management system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106205188A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109255967A (en) * | 2018-09-12 | 2019-01-22 | 三星电子(中国)研发中心 | Method and apparatus for release information |
| CN109615924A (en) * | 2018-12-28 | 2019-04-12 | 西安艾润物联网技术服务有限责任公司 | The management method and relevant device of virtual parking area |
| CN109741605A (en) * | 2018-12-25 | 2019-05-10 | 深圳市天彦通信股份有限公司 | Vehicle monitoring method and relevant apparatus |
-
2016
- 2016-07-14 CN CN201610562304.6A patent/CN106205188A/en not_active Withdrawn
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109255967A (en) * | 2018-09-12 | 2019-01-22 | 三星电子(中国)研发中心 | Method and apparatus for release information |
| CN109255967B (en) * | 2018-09-12 | 2022-04-22 | 三星电子(中国)研发中心 | Method and device for publishing information |
| CN109741605A (en) * | 2018-12-25 | 2019-05-10 | 深圳市天彦通信股份有限公司 | Vehicle monitoring method and relevant apparatus |
| CN109615924A (en) * | 2018-12-28 | 2019-04-12 | 西安艾润物联网技术服务有限责任公司 | The management method and relevant device of virtual parking area |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105009137B (en) | Orient safety warning | |
| CN106209856B (en) | Method for generating big data security posture map based on trusted computing | |
| CN107623697A (en) | A kind of network security situation evaluating method based on attacking and defending Stochastic Game Model | |
| CN104303153A (en) | Path scanning for the detection of anomalous subgraphs, anomaly/change detection and network situational awareness | |
| CN108600275B (en) | Threat context aware information security Active Defending System Against based on artificial intelligence | |
| CN110839031B (en) | Malicious user behavior intelligent detection system based on reinforcement learning | |
| CN102447707B (en) | DDoS (Distributed Denial of Service) detection and response method based on mapping request | |
| CN110866642A (en) | Security monitoring method and device, electronic equipment and computer readable storage medium | |
| CN106205188A (en) | A kind of based on parking stall, visual parking lot release management system | |
| CN111079577B (en) | Calculation method and system for dynamic area aggregation early warning real-time recommendation | |
| CN108540329A (en) | Network security inference method based on two-layer Bayesian network model | |
| Maskey et al. | Alicia: Applied intelligence in blockchain based vanet: Accident validation as a case study | |
| CN113111359A (en) | Big data resource sharing method and resource sharing system based on information security | |
| CN110059984A (en) | Security risk recognition methods, device, equipment and storage medium | |
| CN106850675A (en) | A kind of determination method and device of attack | |
| CN101499928A (en) | Network intrusion scene chart generation method based on cluster analysis | |
| CN113626648A (en) | Water conservancy data processing system, method and storage medium | |
| CN106302533A (en) | Big data safety management system and method | |
| CN106203164A (en) | The big Data Resources Management System of information security based on trust computing and cloud computing | |
| CN108833383B (en) | Linkage defense system based on deep learning and agent | |
| CN111400774B (en) | Block chain system of secondary water supply anti-terrorism anti-poison safety system | |
| CN105959184A (en) | Smart indoor air purification system | |
| CN106226719A (en) | A kind of fault electric arc detecting system based on secure cloud network | |
| CN106196450A (en) | A kind of high security central air conditioning system | |
| CN110430158A (en) | Collection agent dispositions method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C04 | Withdrawal of patent application after publication (patent law 2001) | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20161207 |