CN107018143A - The monitoring system of defense for the APT monitoring defence platforms analyzed based on big data - Google Patents

The monitoring system of defense for the APT monitoring defence platforms analyzed based on big data Download PDF

Info

Publication number
CN107018143A
CN107018143A CN201710304058.9A CN201710304058A CN107018143A CN 107018143 A CN107018143 A CN 107018143A CN 201710304058 A CN201710304058 A CN 201710304058A CN 107018143 A CN107018143 A CN 107018143A
Authority
CN
China
Prior art keywords
big data
platform
data
analysis
defense
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710304058.9A
Other languages
Chinese (zh)
Inventor
彭光辉
屈立笳
陶磊
苏礼刚
林伟
何羽霏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CHENGDU GOLDTEL INDUSTRY GROUP Co Ltd
Original Assignee
CHENGDU GOLDTEL INDUSTRY GROUP Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CHENGDU GOLDTEL INDUSTRY GROUP Co Ltd filed Critical CHENGDU GOLDTEL INDUSTRY GROUP Co Ltd
Priority to CN201710304058.9A priority Critical patent/CN107018143A/en
Publication of CN107018143A publication Critical patent/CN107018143A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a kind of monitoring system of defense for the APT monitoring defence platforms analyzed based on big data, it is related to network security monitoring field.It includes total evidence obtaining center and multiple points of evidence obtaining centers, and described total evidence obtaining center and multiple points of evidence obtaining centers all represent platform including front end data acquisition platform, big data mining analysis platform and result;The data output end of front end data acquisition platform is connected with the I/O of big data mining analysis platform, and data output end and the result of big data mining analysis platform represent that the data input pin of platform is connected.The data acquisition to the all-network equipment in detection zone is realized, and the proof data of collection is associated analysis and judges that potential APT attacks are threatened.Blacklist and white list are set up, different objects be classified with the monitoring of quilt, finally analysis result is presented, and carrying out contrast with knowledge base information reference makes its degree of accuracy higher.

Description

The monitoring system of defense for the APT monitoring defence platforms analyzed based on big data
Technical field
Field, especially a kind of APT monitoring defence platforms analyzed based on big data are monitored the present invention relates to network security Monitoring system of defense.
Background technology
Under the overall background of global network level of informatization high speed development, possesses disguised, permeability and targetedly high Level continuation is threatened(APT, advanced persistent threat)The prestige that all kinds of high-grade information safety systems are caused The side of body it is increasingly serious, for specific objective organized APT attack it is increasing country, the network information system of enterprise and Data safety faces a severe challenge.For example, China Great Wall network in 2008 suffers from the attack infiltration of U.S. Department of Defense's network hacker, It is implanted back door and steals information;" the shake net " of 2010.
By preparation for many years and latent, successful attack is located at the industrial control system in physical isolation Intranet, sluggish The nuclear programme of Iran;" the night dragon action " of 2011 has stolen the extremely sensitive internal text of multiple transnational energy giant companies Part;The supervirus " flame " of 2012 successfully obtains the substantial amounts of confidential information in Middle East various countries.As can be seen that APT attacks are Through all kinds of key message infrastructure securities are caused with grave danger, carry out the work of APT attack defendings very urgent.APT is attacked Hit in defense work, attack detecting is security protection and the premise and foundation reinforced, be also most difficult in APT attack defendings Part, therefore detection technique turns into the study hotspot in current APT attack defendings field.However, from the point of view of typical case, APT attacks have extremely strong hidden ability and specific aim, and traditional detection device is felt simply helpless mostly in face of APT attacks.
The content of the invention
Prevented it is an object of the invention to overcome the deficiencies of the prior art and provide a kind of based on the APT monitorings that big data is analyzed The monitoring system of defense of imperial platform, realizes the data acquisition to the all-network equipment in detection zone, and by the evidence of collection Data are associated analysis and judge that potential APT attacks are threatened.
The purpose of the present invention is achieved through the following technical solutions:It is a kind of to be prevented based on the APT monitorings that big data is analyzed The monitoring system of defense of imperial platform, it is characterised in that:It includes total evidence obtaining center and multiple points of evidence obtaining centers, described total evidence obtaining Center and multiple points of evidence obtaining centers all represent platform including front end data acquisition platform, big data mining analysis platform and result; The data output end of front end data acquisition platform is connected with the I/O of big data mining analysis platform, and big data, which is excavated, divides The data output end of analysis platform represents that the data input pin of platform is connected with result.
Further limit, the main frame probe of described front end data acquisition platform is with network probe respectively in monitored area All-network equipment terminal evidence collection and network evidence collection.
Further limit, described terminal evidence collection includes end message record, enters thread record, peripheral apparatus note Record, port information record, software of the third party record, data in magnetic disk operation note and registry information record.
Further limit, described network evidence collection is including remote control protocol analysis, spectroscopy data are obtained, network is set Standby Remote configuration protocal analysis, standard agreement analysis, nonstandard protocol analysis, the analysis of user's custom protocol and unknown protocol point Analysis.
Further limit, described big data mining analysis platform includes behavioral data analysis module, knowledge base and evidence Save module from damage.
Further limit, described knowledge base including user profile put on record storehouse, user security demand storehouse, threat modeling storehouse, Behaviorist risk laws and regulations storehouse, behavior regulation storehouse and user's regulations storehouse.
Further limit, the data collected are associated analysis by described behavior evidence association analysis module.
Further limit, described behavioral data analysis module carries out IP associations, user-association, association in time, type pass Connection and structure connection and the behavior type for making host service function behavior, network service behavior, business conduct and remote service behavior Judge.
Further limit, described knowledge base is put on record including user base information, act of authorization white list, unauthorized behavior Blacklist, evidence obtaining strategy, evidence record, behaviorist risk standard, state's laws regulation and itself monitor system of defense system match somebody with somebody Put.
Further limit, described preservation of evidence module includes data storage cell and codified processing unit, described Data storage cell carries out the storage of data, and data are carried out unified sign, unified field and unified lattice by codified processing unit Formula.
The beneficial effects of the invention are as follows:The data acquisition to the all-network equipment in detection zone is realized, and will collection Proof data be associated analysis and judge that potential APT attack is threatened, filtering blocking is carried out to network service process to be had Information flow is detected and alarm.Blacklist and white list are set up, different objects be classified with the monitoring of quilt, finally by analysis result Presented, and carrying out contrast with knowledge base information reference makes its degree of accuracy higher.
Brief description of the drawings
Fig. 1 is present system frame diagram;Fig. 2 is that evidence-obtaining system of the present invention disposes schematic diagram.
Embodiment
Technical scheme is described in further detail below in conjunction with the accompanying drawings, but protection scope of the present invention is not limited to It is as described below.
As shown in figure 1, a kind of monitoring system of defense for the APT monitoring defence platforms analyzed based on big data, its feature is existed In:It includes total evidence obtaining center and multiple points of evidence obtaining centers, before described total evidence obtaining center and multiple points of evidence obtaining centers all includes End data acquisition platform, big data mining analysis platform and result represent platform;The data output end of front end data acquisition platform It is connected with the I/O of big data mining analysis platform, the data output end of big data mining analysis platform is represented with result The data input pin of platform is connected.
Further limit, the main frame probe of described front end data acquisition platform is with network probe respectively in monitored area All-network equipment terminal evidence collection and network evidence collection.
Further limit, described terminal evidence collection includes end message record, enters thread record, peripheral apparatus note Record, port information record, software of the third party record, data in magnetic disk operation note and registry information record.
Further limit, described network evidence collection is including remote control protocol analysis, spectroscopy data are obtained, network is set Standby Remote configuration protocal analysis, standard agreement analysis, nonstandard protocol analysis, the analysis of user's custom protocol and unknown protocol point Analysis.
Further limit, described big data mining analysis platform includes behavioral data analysis module, knowledge base and evidence Save module from damage.
Further limit, described knowledge base including user profile put on record storehouse, user security demand storehouse, threat modeling storehouse, Behaviorist risk laws and regulations storehouse, behavior regulation storehouse and user's regulations storehouse.
Further limit, the data collected are associated analysis by described behavior evidence association analysis module.
Further limit, described behavioral data analysis module carries out IP associations, user-association, association in time, type pass Connection and structure connection and the behavior type for making host service function behavior, network service behavior, business conduct and remote service behavior Judge.
Further limit, described knowledge base is put on record including user base information, act of authorization white list, unauthorized behavior Blacklist, evidence obtaining strategy, evidence record, behaviorist risk standard, state's laws regulation and itself monitor system of defense system match somebody with somebody Put.
Further limit, described preservation of evidence module includes data storage cell and codified processing unit, described Data storage cell carries out the storage of data, and data are carried out unified sign, unified field and unified lattice by codified processing unit Formula.
System work process is specially:
Evidence obtaining policy issue is given front end data acquisition platform by the evidence obtaining policy library of knowledge base, and front end data acquisition platform is gathered Object treasure-house database server, communication intermediate server, business intermediate server, business system server, network service Equipment, Network Security Device, service terminal main frame and office terminal main frame etc..
The user base information of knowledge base storehouse user information terminal information of putting on record is put on record.
In collection, verification determines whether that the act of authorization white list storehouse of knowledge base includes, the white name of the described act of authorization Single storehouse includes:Operating system configuration behavior white list, operating system data manipulation behavior white list, the white name of database configuration behavior List, database data operation behavior white list, network apparatus remote configuration management behavior white list, operation system operation behavior are white List and remote control behavior white list.
In collection, verification determines whether the security liability behavior list storehouse of knowledge base, described security liability behavior name Single storehouse is the list that the related responsibility behavior that should be fulfiled is formulated according to industrial security business demand.
In collection, verification determines whether the prohibitive behavior blacklist storehouse of knowledge base, described prohibitive behavior blacklist storehouse It is that blacklist configuration is made according to user's request clear and definite prohibitive behavior.
Using all users in the monitored area are carried out with evidence collection, main frame probe collection is remembered including end message Record, enter thread record, peripheral apparatus record, port information record, software of the third party record, data in magnetic disk operation note and registration table The terminal datas such as information record;Network probe collection includes end message record, enters thread record, peripheral apparatus record, port The network evidences such as information record, software of the third party record, data in magnetic disk operation note and registry information record.
After the completion of data acquisition, the influence seriousness that the behaviorist risk java standard library of knowledge base is produced for unauthorized behavior is entered Row classification.
System configuration manages storehouse to the management configuration inside evidence-obtaining system.Including system user management, front end evidence collection Point certification etc..
The behavior evidence storehouse of knowledge base is used when being recorded evidence obtaining result for inquiry.
Behavioral data analysis module carries out IP associations, user-association, association in time, type association and structure connection and made The behavior type of host service function behavior, network service behavior, business conduct and remote service behavior judges.
Described preservation of evidence module includes data storage cell and codified processing unit, described data storage cell The storage of data is carried out, data are carried out unified sign, unified field and unified form by codified processing unit.
As a result represent that platform is mainly all kinds of inquiry/management terminals.As a result platform is represented according to using the need for main body, it is raw Into all kinds of forms and analysis report.As a result the friendly interface queries data warehouse content of platform is represented, and realizes that session is reset, Each platform management is safeguarded, such as backs up, delete.And operator may call upon knowledge base data and carry out assistant analysis.
As shown in Fig. 2 an evidence-obtaining system deployment schematic diagram under multiple ISP environment based on Initiative Defense.Built in ISP Vertical branch center, each branch center can have the front end data acquisition platform of oneself, big data mining analysis platform, result to represent flat Platform.Head center(Convergent point)Positioned at central machine room, convergent point to each collection point can take xDSL or other special lines, in order to protect Close, convergent point takes privately owned circuit to each collection point, does not pass through Internet.
It is apparent to those skilled in the art that, for convenience of description and succinctly, the side of foregoing description The specific work process of method, system and module, may be referred to the corresponding process in preceding method embodiment, will not be repeated here.
Disclosed herein method, system and module, can realize by another way.For example, described above Embodiment be only illustrative, it is actual to realize for example, the division of the module, can be only a kind of division of logic function When can have other dividing mode, such as multiple module or components can combine or be desirably integrated into another system, or Some features can be ignored, or not perform.Another, shown or discussed coupling or direct-coupling or communication each other Connection is it may be said that by some interfaces, the INDIRECT COUPLING or communication connection of system or module can be electrical, machinery or other Form.
The module that the discrete parts illustrates can be or may not be physically separate, be shown as module Part can be or can not be physical module, you can with positioned at a place, or can also be distributed to multiple network moulds On block.Some or all of module therein can be selected according to the actual needs to realize the scheme purpose of the present embodiment.
In addition, each functional module in each embodiment of the invention can be integrated in a processing module, can also That modules are individually physically present, can also two or more modules be integrated in a module.
If the function is realized using in the form of software function module and is used as independent production marketing or in use, can be with It is stored in a computer-readable recording medium.Understood based on such, technical scheme is substantially right in other words The part or the part of the technical scheme that prior art contributes can be embodied in the form of software product, the calculating Machine software product is stored in a storage medium, including some instructions are to cause a computer equipment(Can be personal Computer, server, or network equipment etc.)Perform all or part of step of each embodiment methods described of the invention.And Foregoing storage medium includes:USB flash disk, mobile hard disk, system memory(Read-Only Memory, ROM), random access memory Device(Random Access Memory, RAM), magnetic disc or CD etc. are various can be with the medium of store program codes
Described above is only the preferred embodiment of the present invention, it should be understood that the present invention is not limited to shape described herein Formula, is not to be taken as the exclusion to other embodiment, and available for various other combinations, modification and environment, and can be herein In the contemplated scope, it is modified by the technology or knowledge of above-mentioned teaching or association area.And those skilled in the art are carried out Change and change do not depart from the spirit and scope of the present invention, then all should be in the protection domain of appended claims of the present invention.

Claims (10)

1. a kind of monitoring system of defense for the APT monitoring defence platforms analyzed based on big data, it is characterised in that:It includes always taking Card center and multiple points of evidence obtaining centers, described total evidence obtaining center and multiple points of evidence obtaining centers are all flat including front end data acquisition Platform, big data mining analysis platform and result represent platform;The data output end of front end data acquisition platform is excavated with big data The I/O of analysis platform is connected, and data output end and the result of big data mining analysis platform represent that the data of platform are defeated Enter end to be connected.
2. a kind of monitoring system of defense of APT monitoring defence platforms analyzed based on big data according to claim 1, its It is characterised by:The main frame probe of described front end data acquisition platform is with network probe respectively to the all-network in monitored area The terminal evidence collection and network evidence collection of equipment.
3. a kind of monitoring system of defense of APT monitoring defence platforms analyzed based on big data according to claim 2, its It is characterised by:Described terminal evidence collection includes end message record, enters thread record, peripheral apparatus record, port information Record, software of the third party record, data in magnetic disk operation note and registry information record.
4. a kind of monitoring system of defense of APT monitoring defence platforms analyzed based on big data according to claim 2, its It is characterised by:Described network evidence collection includes remote control protocol analysis, spectroscopy data acquisition, network apparatus remote configuration Protocal analysis, standard agreement analysis, nonstandard protocol analysis, the analysis of user's custom protocol and unknown protocol analysis.
5. a kind of monitoring system of defense of APT monitoring defence platforms analyzed based on big data according to claim 1, its It is characterised by:Described big data mining analysis platform includes behavioral data analysis module, knowledge base and preservation of evidence module.
6. a kind of monitoring system of defense of APT monitoring defence platforms analyzed based on big data according to claim 5, its It is characterised by:Described knowledge base is put on record storehouse, user security demand storehouse, threat modeling storehouse, behaviorist risk method including user profile Laws & Regulations storehouse, behavior regulation storehouse and user's regulations storehouse.
7. a kind of monitoring system of defense of APT monitoring defence platforms analyzed based on big data according to claim 6, its It is characterised by:The data collected are associated analysis by described behavior evidence association analysis module.
8. a kind of monitoring system of defense of APT monitoring defence platforms analyzed based on big data according to claim 7, its It is characterised by:Described behavioral data analysis module carries out IP associations, user-association, association in time, type association and structure and closed Join and make host service function behavior, network service behavior, the behavior type of business conduct and remote service behavior judge.
9. a kind of monitoring system of defense of APT monitoring defence platforms analyzed based on big data according to claim 5, its It is characterised by:Described knowledge base is put on record including user base information, act of authorization white list, unauthorized behavior blacklist, taken Demonstrate,prove the system configuration of strategy, evidence record, behaviorist risk standard, state's laws regulation and itself monitoring system of defense.
10. a kind of monitoring system of defense of APT monitoring defence platforms analyzed based on big data according to claim 5, It is characterized in that:Described preservation of evidence module includes data storage cell and codified processing unit, described data storage Unit carries out the storage of data, and data are carried out unified sign, unified field and unified form by codified processing unit.
CN201710304058.9A 2017-05-03 2017-05-03 The monitoring system of defense for the APT monitoring defence platforms analyzed based on big data Pending CN107018143A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710304058.9A CN107018143A (en) 2017-05-03 2017-05-03 The monitoring system of defense for the APT monitoring defence platforms analyzed based on big data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710304058.9A CN107018143A (en) 2017-05-03 2017-05-03 The monitoring system of defense for the APT monitoring defence platforms analyzed based on big data

Publications (1)

Publication Number Publication Date
CN107018143A true CN107018143A (en) 2017-08-04

Family

ID=59448739

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710304058.9A Pending CN107018143A (en) 2017-05-03 2017-05-03 The monitoring system of defense for the APT monitoring defence platforms analyzed based on big data

Country Status (1)

Country Link
CN (1) CN107018143A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109547486A (en) * 2018-12-29 2019-03-29 浙江汇安网络科技有限公司 A kind of monitoring analysis method of Internet of Things network layer communication
CN110324353A (en) * 2019-07-11 2019-10-11 武汉思普崚技术有限公司 A kind of methods, devices and systems of network trace reel chain attack

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103986706A (en) * 2014-05-14 2014-08-13 浪潮电子信息产业股份有限公司 Security structure design method dealing with APT attacks
CN104283889A (en) * 2014-10-20 2015-01-14 国网重庆市电力公司电力科学研究院 Electric power system interior APT attack detection and pre-warning system based on network architecture
CN105141598A (en) * 2015-08-14 2015-12-09 中国传媒大学 APT (Advanced Persistent Threat) attack detection method and APT attack detection device based on malicious domain name detection
CN106453401A (en) * 2016-10-21 2017-02-22 国家计算机网络与信息安全管理中心山东分中心 Network monitoring, analyzing and managing platform based on multi-source massive heterogeneous data
CN206077070U (en) * 2016-08-31 2017-04-05 国网四川省电力公司信息通信公司 High amount of traffic safety analysis detection and APT attack detection systems based on intelligent grid

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103986706A (en) * 2014-05-14 2014-08-13 浪潮电子信息产业股份有限公司 Security structure design method dealing with APT attacks
CN104283889A (en) * 2014-10-20 2015-01-14 国网重庆市电力公司电力科学研究院 Electric power system interior APT attack detection and pre-warning system based on network architecture
CN105141598A (en) * 2015-08-14 2015-12-09 中国传媒大学 APT (Advanced Persistent Threat) attack detection method and APT attack detection device based on malicious domain name detection
CN206077070U (en) * 2016-08-31 2017-04-05 国网四川省电力公司信息通信公司 High amount of traffic safety analysis detection and APT attack detection systems based on intelligent grid
CN106453401A (en) * 2016-10-21 2017-02-22 国家计算机网络与信息安全管理中心山东分中心 Network monitoring, analyzing and managing platform based on multi-source massive heterogeneous data

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
管磊: ""基于大数据的网络安全态势感知技术研究"", 《第31次全国计算机安全学术交流会论文集》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109547486A (en) * 2018-12-29 2019-03-29 浙江汇安网络科技有限公司 A kind of monitoring analysis method of Internet of Things network layer communication
CN110324353A (en) * 2019-07-11 2019-10-11 武汉思普崚技术有限公司 A kind of methods, devices and systems of network trace reel chain attack
CN110324353B (en) * 2019-07-11 2022-02-25 武汉思普崚技术有限公司 Method, device and system for network tracking long chain attack

Similar Documents

Publication Publication Date Title
CN104283889B (en) APT attack detectings and early warning system inside electric system based on the network architecture
US11916944B2 (en) Network anomaly detection and profiling
CN107659543B (en) Protection method for APT (android packet) attack of cloud platform
CN102045319B (en) Method and device for detecting SQL (Structured Query Language) injection attack
CN104361035B (en) The method and device of Test database tampering
CN103226675B (en) A kind of traceability system and method analyzing intrusion behavior
CN105357216A (en) Secure access method and system
CN102932540A (en) Mobile terminal and stealing prevention method thereof
CN106446658A (en) Data center security protection method and system
CN106664297A (en) Method for detecting an attack on a working environment connected to a communication network
CN109347808B (en) Safety analysis method based on user group behavior activity
CN107770125A (en) A kind of network security emergency response method and emergency response platform
CN106027520A (en) Method and device for detecting and processing stealing of website accounts
CN105260657A (en) Privacy protection method and device
CN107154939A (en) A kind of method and system of data tracing
CN108965251B (en) A kind of safe mobile phone guard system that cloud combines
CN101540704B (en) Unreliable DBMS malicious intrusion detection system and method
CN105184184A (en) Anti-theft method for terminal data
Suo et al. Research on the application of honeypot technology in intrusion detection system
CN105868625B (en) Method and device for intercepting restart deletion of file
CN107018143A (en) The monitoring system of defense for the APT monitoring defence platforms analyzed based on big data
CN105260378A (en) Database audit method and device
CN107493258A (en) A kind of intruding detection system based on network security
Wang et al. Network attack detection based on domain attack behavior analysis
CN114363069A (en) Data management system for guaranteeing information network security of colleges and universities

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170804