CN107465696A - Security risk intellectuality management-control method based on SaaS cloud service patterns - Google Patents

Security risk intellectuality management-control method based on SaaS cloud service patterns Download PDF

Info

Publication number
CN107465696A
CN107465696A CN201710863006.5A CN201710863006A CN107465696A CN 107465696 A CN107465696 A CN 107465696A CN 201710863006 A CN201710863006 A CN 201710863006A CN 107465696 A CN107465696 A CN 107465696A
Authority
CN
China
Prior art keywords
security
safety
domain
control method
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201710863006.5A
Other languages
Chinese (zh)
Inventor
田新远
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Teng Teng Teng Information Technology Co Ltd
Original Assignee
Nanjing Teng Teng Teng Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Teng Teng Teng Information Technology Co Ltd filed Critical Nanjing Teng Teng Teng Information Technology Co Ltd
Publication of CN107465696A publication Critical patent/CN107465696A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service

Abstract

The invention discloses a kind of security risk intellectuality management-control method based on SaaS cloud service patterns, it includes, in service end, high in the clouds intelligent and safe center, and intelligent and safe center arrangement safety detecting system, safety pre-warning system, dynamic security instruction production system, threat information data warehouse and the emergent Expert Resources of safety beyond the clouds are set;Intelligence defence engine is set in user terminal, the intelligence defence engine performs safe white ring border, traffic characteristic extraction and Initiative Defense instruction.Passage time domain, spatial domain and the three-dimensional of domain logic of the invention defend model to ensure the comprehensive of security defensive system, ensure the advance of security defensive system by the technology mechanism of intelligent joint defence, the high efficiency of security defensive system is ensured by the deployment framework of " cloud+end ".Enterprise is reduced to put into the great number of Prevention-Security.

Description

Security risk intellectuality management-control method based on SaaS cloud service patterns
Technical field
The present invention relates to a kind of safety defense system.More particularly, to a kind of safety based on SaaS cloud service patterns Risk intellectuality management-control method.
Background technology
China Internet scale has been the first in the world, and the thing followed is that the concentration attack of network hacker is extorted with huge, Chinese P2P nets borrow the severely afflicated area for turning into network security attacks.According to statistics, by by the end of April, Chinese P2P platforms quantity reaches Family more than 9000, invest number more than 1,200 ten thousand, loaning bill number more than 9,000,000, mono- month about 250,000,000,000 yuan of exchange hand of P2P.However, mutual While explosive growth is presented in networking+market scale, network security situation is but not so good as people's will.Leaked according to the authoritative third party of China Hole monitoring platform black clouds net shows that high-risk leak accounts for 56.2%, and middle danger leak accounts for 23.4% to P2P industry leak quantity statisticses, Low danger leak accounts for 12.3%, wherein 8.1% is ignored by manufacturer.Except System Security Vulnerability, the upgrading of assault technology is still It is the maximum hidden danger of network security.In order to improve network security, the online defensive product of tradition or system are often selected in visitor Family end sets a large amount of servers to provide the defence of comprehensive security, but its performance is difficult to ensure that.Meanwhile collect various security functions With the traditional human system of defence policies, certainly will can't bear the heavy load under internet+scene of big flow.
The content of the invention
For above-mentioned technical problem, the invention provides a kind of intelligent pipe of security risk based on SaaS cloud service patterns Prosecutor method, using the pattern of transparent deployment, without adjusting original business network framework, deployment is simple and convenient.
Security risk intellectuality management-control method of the present invention based on SaaS cloud service patterns sets high in the clouds in service end Intelligent and safe center, and intelligent and safe center arrangement safety detecting system, safety pre-warning system, dynamic security instruction life beyond the clouds Production system, threaten information data warehouse and the emergent Expert Resources of safety;
Intelligence defence engine is set in user terminal, the intelligence defence engine performs safe white ring border, traffic characteristic extraction And Initiative Defense instruction.
Preferably, the intelligence defence engine includes flow monitoring system, and the flow monitoring system is to web-based history Flow is learnt automatically, generates network traffic security baseline, hereafter, by the real-time monitoring of network traffics and statistics, knot The network traffic security baseline that systematic learning obtains is closed, draws traffic security mathematical modeling:
S (t)=Ψ [Δ (t)]=Ψ { Ф [P1 (t), P2 (t) ... Pn (t)]-Ф [P10 (t), P20 (t) ... Pn0 (t)]}。
Preferably, the intelligence defence engine also includes safety pre-warning system, and the safety pre-warning system is according to The default traffic security model resolution threshold value of flow monitoring system, judges whether to safe early warning.
Preferably, the high in the clouds intelligent and safe from time-domain, spatial domain and is patrolled centrally through the three-dimensional defence model of structure Collect domain arrangement safety detecting system, safety pre-warning system, dynamic security instruction production system, threat information data warehouse and peace Emergent Expert Resources entirely.
Preferably, time-domain refers specifically to security incident according to the timing node of generation being divided into advance, in thing and thing Three phases afterwards, according to the special carry out alignment processing of different phase;Wherein, refer specifically in advance:Quantify the fragility of operation system Property and threaten the probability occurred, establish the quantitative management model of operation system risk;Referred specifically in the thing:Start safety detection The flow of system of users carries out 7x24 and monitored in real time, starts safety pre-warning system and sends early warning to abnormal behaviour in time, described Dynamic security instruction production system sends instruction activation defence policies in time;It is described to refer specifically to afterwards:Start the emergent expert of safety Resource, destructive result caused by degree network attack are recovered.
Preferably, the spatial domain refers specifically to:Business network is divided into user domain, network domains, computational fields and O&M Supporting domain, integrate the secure data and high in the clouds secure data of the network equipment in each region, safety means, server and storage device Warehouse, carry out tactful design and safety detection.
Preferably, the domain logic refers specifically to:Set respectively in Internet, system layer, application layer, data Layer and management level Put corresponding control operation.
Preferably, the security risk intellectuality management-control method of the present invention based on SaaS cloud service patterns, including, press The three-dimensional defence model of framework is disposed beyond the clouds according to time-domain, spatial domain and domain logic;The time-domain is specially by security incident By the timing node of generation its life cycle can be divided into advance, in thing, three phases afterwards;The spatial domain refers to Business network is divided into user domain, network domains, computational fields and O&M supporting domain;The domain logic refers to defending content to spread all over Network, system, application, data and management various aspects.
Preferably, the defence of the spatial domain is included the network equipment in each region, safety means, server and storage The secure data of equipment is effectively integrated with high in the clouds secure data warehouse, is entered across the physical location of IT assets and network area The design of row strategy and safety detection, realize large span, fine-grained Prevention-Security.
Preferably, referred in advance described in the time-domain by systematicness, periodicity and increment risk assessment, entirely The threat that face, dynamic are grasped the fragility of operation system and faced, and the probability occurred according to the significance level of fragility, threat Quantified, the quantitative management model of foundation+operation system risk;Monitoring, early warning and defence in real time are focused in thing, for+industry The risk point of business system makes the overall arrangement for safe practice and control measures, including 7x24 security monitorings, alarm, and activation defence in real time Strategy;Refer to afterwards when Prevention-Security strategy be not enough to completely prevent hacker attack when, the timely intervention of security expert and Emergency response, recover for destructive result caused by network attack.
Security risk intellectuality management-control method of the present invention based on SaaS cloud service patterns, in order to overcome isolated product Or the limitation of traditional human system security capabilities for security defensive system, it is necessary to configure an intelligence " brain ".This is intelligence Security defensive system is different from the key point of conventional security defense system.By building the intelligent and safe center in high in the clouds, with deployment In the security protection engine real-time linkage of new generation of client, merge the white Environmental Technology of safety, flow holographic characteristic extractive technique, The technology such as high in the clouds security threat information and adaptive learning, establish security baseline-abnormality detection-Initiative Defense-adaptive learning Intelligent security defense closed loop, multidimensional, real-time statistical analysis and detection, and generation safety in real time are carried out to user network flow Instruction, the complex attack based on network behavior extremely to detect be hidden in defending against network.This Intelligent Measurement and joint defence technology It can detect and defend such as distributed denial of service attack (ddos attack), advanced sustainability attack (APT attacks), zero day to leak The advanced network attacks such as hole attack (Zero-Day attacks).
In addition, the online defensive product of tradition or a fatal weakness of system are exactly performance issue, collect various security functions and Defence policies, certainly will can't bear the heavy load under internet+scene of big flow.By the intelligent and safe center in high in the clouds this " brain ", high in the clouds is transplanted in the local flow analysis in many traditional human systems or product and the work of safety detection, The processing pressure of near-field devices is liberated.
It is this to be detected by the monitoring in real time of high in the clouds 7x24 safe conditions and attack, with intimidation defense platform real-time linkage Intelligent security defense system, can be can be described as with automatic detection, dynamic security, adaptive learning without enterprise's manual intervention One of intelligent and safe technical field attempts well.This deployment framework supports SaaS i.e. service (Security as a safely Service cloud business model), the safety means expensive without enterprise's purchase, has very high ratio between safety input and output, enterprise Disposable input can be controlled with pay-for-use.
Brief description of the drawings
Fig. 1 is that the three-dimensional security of the present invention defends the structural representation of model;
Fig. 2 is that the layout of the security risk intellectuality management-control method of the present invention based on SaaS cloud service patterns is illustrated Figure.
Embodiment
The present invention is described in further detail below, to make those skilled in the art being capable of evidence with reference to specification word To implement.
It should be appreciated that such as " having ", "comprising" and " comprising " term used herein do not allot one or more The presence or addition of individual other elements or its combination.
As shown in Fig. 2 the security risk intellectuality management-control method of the present invention based on SaaS cloud service patterns is servicing End sets high in the clouds intelligent and safe center, and intelligent and safe center arrangement safety detecting system, safety pre-warning system, dynamic beyond the clouds Defence instruction production system, threaten information data warehouse and the emergent Expert Resources of safety;
Intelligence defence engine is set in user terminal, the intelligence defence engine performs safe white ring border, traffic characteristic extraction And Initiative Defense instruction.
In one of the embodiments, the intelligence defence engine includes flow monitoring system, the flow monitoring system Web-based history flow is learnt automatically, network traffic security baseline is generated, hereafter, passes through the real-time monitoring to network traffics And statistics, the network traffic security baseline obtained with reference to systematic learning, draw traffic security mathematical modeling:
S (t)=Ψ [Δ (t)]=Ψ { Ф [P1 (t), P2 (t) ... Pn (t)]-Ф [P10 (t), P20 (t) ... Pn0 (t)]}。
The flow monitoring system is by the study to history safe traffic data, a large amount of streams based on key risk object Dozens of behavior safety indices P of the data calculating including " connection number ", " packet rate ", " the newly-built speed of session " etc. is measured, And customer service white ring border (need to combine user information safety strategy and business characteristic is built) is combined, establish a traffic security Baseline T0, and continuous intelligence learning and dynamic adjustment are carried out according to time t and data on flows, form adaptive traffic security Baseline:
T0 (t)=Ф [P10 (t), P20 (t) ... Pn0 (t)]
In real network, any attack all along with certain exception of network traffic, such as seldom by The serve port used is opened access, the abnormal reverse flow of server data, the abnormal big ups and downs of user's connection suddenly Etc., these can inherently be showed by our behavior safety indices P extremely, be pacified by behavior safety index with it Real-time comparison between full baseline, can generate network security behavior abnormal index Δ (t):
Δ (t)=T (t)-T0 (t)
It is weighted between network security behavior abnormal index according to logical interdependency, just builds a systematicness Traffic security model S:
S (t)=Ψ [Δ (t)]=Ψ { Ф [P1 (t), P2 (t) ... Pn (t)]-Ф [P10 (t), P20 (t) ... Pn0 (t)]}
In one of the embodiments, the intelligence defence engine also includes safety pre-warning system, the safe early warning system System makes a decision threshold value according to the default traffic security model of the flow monitoring system, judges whether to safe early warning.
In one of the embodiments, the high in the clouds intelligent and safe is centrally through the three-dimensional defence model of structure, from time-domain, Spatial domain and domain logic arrangement safety detecting system, safety pre-warning system, dynamic security instruction production system, threat information data Warehouse and the emergent Expert Resources of safety.
In one of the embodiments, time-domain refer specifically to by security incident according to the timing node of generation be divided into advance, In thing and afterwards three phases, according to the special carry out alignment processing of different phase;Wherein, refer specifically in advance:Quantization business The fragility of system and the probability for threatening generation, establish the quantitative management model of operation system risk;Referred specifically in the thing:Open Dynamic safety detecting system carries out 7x24 to the flow of user and monitored in real time, starts safety pre-warning system and abnormal behaviour is sent in time Early warning, the dynamic security instruction production system send instruction activation defence policies in time;It is described to refer specifically to afterwards:Start safety Emergent Expert Resources, destructive result caused by degree network attack are recovered.
In one of the embodiments, the spatial domain refers specifically to:Business network is divided into user domain, network domains, meter Domain and O&M supporting domain are calculated, integrates the secure data and cloud of the network equipment in each region, safety means, server and storage device Secure data warehouse is held, carries out tactful design and safety detection.
In one of the embodiments, the domain logic refers specifically to:In Internet, system layer, application layer, data Layer and pipe Reason layer sets corresponding control operation respectively.
As shown in figure 1, a kind of security risk intellectuality management-control method based on SaaS cloud service patterns of the present invention, its It is characterised by, including, the three-dimensional defence model of framework is disposed beyond the clouds according to time-domain, spatial domain and domain logic;The time-domain Specially by security incident by the timing node of generation its life cycle can be divided into advance, in thing, three phases afterwards;Institute State spatial domain and refer to and business network is divided into user domain, network domains, computational fields and O&M supporting domain;The domain logic refers to Be defence content spread all over network, system, application, data and management various aspects.
Security incident by the timing node of generation its life cycle can be divided into advance, in thing, three phases afterwards.Thing Before focus on prevention, by systematicness, periodicity and increment risk assessment, come comprehensively, dynamic grasp operation system fragility and The threat faced, and according to the significance level of fragility (can by by attack after to the influence degree of operation system come Metering), threaten the probability etc. occurred to be quantified, the quantitative management model of foundation+operation system risk, and combine safety plus Gu, optimization, the measure such as backup, and thing neutralizes the convergence for realizing risk of safety measure and controllable afterwards;Focused in thing Monitoring, early warning and defence in real time, safe practice and control measures, including 7x24 are made the overall arrangement for for the risk point of+operation system Security monitoring, alarm, and defence policies are activated in real time;" mending the fold after the sheep is lost, be still not evening " is equally applicable to security defensive system and set Meter, existing Prevention-Security strategy is not enough to prevent completely during the attack of hacker, it is necessary to the timely intervention of security expert and sound of meeting an urgent need Should, for destructive result caused by network attack, such as system is delayed, and machine, file are distorted, leaking data is recovered.
In spatial domain, business network is divided into user domain (can be subdivided into external user domain, internal user domain), net by us Network domain (access network domains, core network domain can be subdivided into), computational fields and O&M supporting domain, the network equipment in each region, safety The secure data of equipment, server and storage device and the high in the clouds secure data warehouse (peace of collection, storage and analysis strange land equipment Total evidence) effectively integrated, tactful design and safety detection are carried out across the physical location of IT assets and network area, is realized Large span, fine-grained Prevention-Security.
In domain logic, as it was noted above, the defence content of security defensive system spreads all over network, system, application, data and pipe The various aspects such as reason, Redundancy Design, access control and connection control etc. in violation of rules and regulations of Internet, the leak reparation of system layer, safety Reinforcing and authentication mandate etc., leak reparation, the management of Web safety lifecycles and the ddos attack defence of application layer etc., number According to the encryption of layer, access control, anti-leak etc., and the strategy of management level, audit and operation management etc..
Although embodiment of the present invention is disclosed as above, it is not restricted in specification and embodiment listed With it can be applied to various suitable the field of the invention completely, can be easily for those skilled in the art Other modification is realized, therefore under the universal limited without departing substantially from claim and equivalency range, it is of the invention and unlimited In specific details and shown here as the legend with description.

Claims (7)

  1. A kind of 1. security risk intellectuality management-control method based on SaaS cloud service patterns, it is characterised in that
    High in the clouds intelligent and safe center is set in service end, and intelligent and safe center arrangement safety detecting system, safety are pre- beyond the clouds Alert system, dynamic security instruction production system, threaten information data warehouse and the emergent Expert Resources of safety;
    In user terminal, intelligence defence engine is set, the intelligence defence engine perform safe white ring border, traffic characteristic extraction and Initiative Defense instructs.
  2. 2. the security risk intellectuality management-control method according to claim 1 based on SaaS cloud service patterns, its feature exist In the intelligence defence engine includes flow monitoring system, and the flow monitoring system is learned web-based history flow automatically Practise, network traffic security baseline is generated, hereafter, by the real-time monitoring of network traffics and statistics, being obtained with reference to systematic learning Network traffic security baseline, draw traffic security mathematical modeling:
    S (t)=Ψ [Δ (t)]=Ψ Ф [P1 (t), P2 (t) ... Pn (t)]-Ф [P10 (t), P20 (t) ... Pn0 (t)] }.
  3. 3. the security risk intellectuality management-control method according to claim 2 based on SaaS cloud service patterns, its feature exist In the intelligence defence engine also includes safety pre-warning system, and the safety pre-warning system is pre- according to the flow monitoring system If traffic security model resolution threshold value, judge whether to safe early warning.
  4. 4. the security risk intellectuality management-control method according to claim 1 based on SaaS cloud service patterns, its feature exist In the high in the clouds intelligent and safe arranges safety inspection centrally through the three-dimensional defence model of structure from time-domain, spatial domain and domain logic Examining system, safety pre-warning system, dynamic security instruction production system, threat information data warehouse and the emergent expert's money of safety Source.
  5. 5. the security risk intellectuality management-control method according to claim 4 based on SaaS cloud service patterns, its feature exist In, time-domain refer specifically to by security incident according to the timing node of generation be divided into advance, in thing and afterwards three phases, according to The special carry out alignment processing of different phase;Wherein, refer specifically in advance:Quantify the fragility of operation system and threaten the general of generation Rate, establish the quantitative management model of operation system risk;Referred specifically in the thing:Start flow of the safety detecting system to user Carry out 7x24 to monitor in real time, start safety pre-warning system and send early warning, the dynamic security instruction production to abnormal behaviour in time System sends instruction activation defence policies in time;It is described to refer specifically to afterwards:Start the emergent Expert Resources of safety, degree network attack production Raw destructive result is recovered.
  6. 6. the security risk intellectuality management-control method according to claim 4 based on SaaS cloud service patterns, its feature exist In the spatial domain refers specifically to:Business network is divided into user domain, network domains, computational fields and O&M supporting domain, integrates each area The network equipment in domain, safety means, the secure data and high in the clouds secure data warehouse of server and storage device, carry out strategy and set Meter and safety detection.
  7. 7. the security risk intellectuality management-control method according to claim 1 based on SaaS cloud service patterns, its feature exist In the domain logic refers specifically to:In Internet, system layer, application layer, data Layer and management level, corresponding control behaviour is set respectively Make.
CN201710863006.5A 2017-07-03 2017-09-22 Security risk intellectuality management-control method based on SaaS cloud service patterns Withdrawn CN107465696A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710532072 2017-07-03
CN2017105320724 2017-07-03

Publications (1)

Publication Number Publication Date
CN107465696A true CN107465696A (en) 2017-12-12

Family

ID=60553426

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710863006.5A Withdrawn CN107465696A (en) 2017-07-03 2017-09-22 Security risk intellectuality management-control method based on SaaS cloud service patterns

Country Status (1)

Country Link
CN (1) CN107465696A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109391700A (en) * 2018-12-12 2019-02-26 北京华清信安科技有限公司 Internet of Things safe cloud platform based on depth traffic aware
CN112769825A (en) * 2021-01-07 2021-05-07 深圳市永达电子信息股份有限公司 Network security guarantee method, system and computer storage medium
CN114070608A (en) * 2021-11-12 2022-02-18 北京天融信网络安全技术有限公司 Asset optimization method and device based on flow analysis
CN114726648A (en) * 2022-05-12 2022-07-08 北京国信网联科技有限公司 Terminal security cloud control system based on Internet of things

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070067438A1 (en) * 2005-09-21 2007-03-22 Battelle Memorial Institute Methods and systems for detecting abnormal digital traffic
CN102916955A (en) * 2012-10-15 2013-02-06 北京神州绿盟信息安全科技股份有限公司 System and method for preventing/detecting network intrusion
CN104702598A (en) * 2015-02-16 2015-06-10 南京邮电大学 Distributed network protocol security detection method for smart power grid
US20170063907A1 (en) * 2015-08-31 2017-03-02 Splunk Inc. Multi-Stage Network Security Threat Detection
CN106899601A (en) * 2017-03-10 2017-06-27 北京华清信安科技有限公司 Network attack defence installation and method based on cloud and local platform
CN108933754A (en) * 2017-05-19 2018-12-04 南京骏腾信息技术有限公司 Method for managing security based on the analysis of IT asset risk

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070067438A1 (en) * 2005-09-21 2007-03-22 Battelle Memorial Institute Methods and systems for detecting abnormal digital traffic
CN102916955A (en) * 2012-10-15 2013-02-06 北京神州绿盟信息安全科技股份有限公司 System and method for preventing/detecting network intrusion
CN104702598A (en) * 2015-02-16 2015-06-10 南京邮电大学 Distributed network protocol security detection method for smart power grid
US20170063907A1 (en) * 2015-08-31 2017-03-02 Splunk Inc. Multi-Stage Network Security Threat Detection
CN106899601A (en) * 2017-03-10 2017-06-27 北京华清信安科技有限公司 Network attack defence installation and method based on cloud and local platform
CN108933754A (en) * 2017-05-19 2018-12-04 南京骏腾信息技术有限公司 Method for managing security based on the analysis of IT asset risk

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109391700A (en) * 2018-12-12 2019-02-26 北京华清信安科技有限公司 Internet of Things safe cloud platform based on depth traffic aware
CN109391700B (en) * 2018-12-12 2021-04-09 北京华清信安科技有限公司 Internet of things security cloud platform based on depth flow sensing
CN112769825A (en) * 2021-01-07 2021-05-07 深圳市永达电子信息股份有限公司 Network security guarantee method, system and computer storage medium
CN114070608A (en) * 2021-11-12 2022-02-18 北京天融信网络安全技术有限公司 Asset optimization method and device based on flow analysis
CN114726648A (en) * 2022-05-12 2022-07-08 北京国信网联科技有限公司 Terminal security cloud control system based on Internet of things
CN114726648B (en) * 2022-05-12 2022-08-23 北京国信网联科技有限公司 Terminal security cloud control system based on Internet of things

Similar Documents

Publication Publication Date Title
KR101814368B1 (en) Information security network integrated management system using big data and artificial intelligence, and a method thereof
CN107465696A (en) Security risk intellectuality management-control method based on SaaS cloud service patterns
CN104486141A (en) Misdeclaration self-adapting network safety situation predication method
CN107659543A (en) The means of defence of facing cloud platform APT attacks
CN105471854B (en) A kind of adaptive boundary method for detecting abnormality based on multistage strategy
CN103905459A (en) Cloud-based intelligent security defense system and defense method
CN106209856B (en) Method for generating big data security posture map based on trusted computing
CN108696531A (en) A kind of security strategy adaptive analysis and big data Visualization Platform system
CN109981686A (en) A kind of network security situational awareness method and system based on circulation confrontation
WO2019231826A1 (en) Systems and methods for determining the efficacy of computer system security policies
Samdarshi et al. A triple layer intrusion detection system for SCADA security of electric utility
CN108933754A (en) Method for managing security based on the analysis of IT asset risk
Nikolskaia et al. The relationship between cybersecurity and artificial intelligence
Zhao et al. Research of intrusion detection system based on neural networks
CN114978595B (en) Threat model construction method and device, computer equipment and storage medium
Chen et al. Research on the active defense security system based on cloud computing of wisdom campus network
Deng et al. Network security intrusion detection system based on incremental improved convolutional neural network model
Dominik et al. Categorizing IoT Services According to Security Risks
Zhang et al. Using network security index system to evaluate network security
CN109495470A (en) A kind of network information risk safe early warning method and server and system
Qu et al. Studies on internet real-name system and network action surveillance system
Cao et al. Design of network security situation awareness analysis module for electric power dispatching and control system
She Evaluation on Communication Network Security Intrusion Detection Data in the Background of Cloud Computing
Qin et al. Computer Network Security Defense System in 5G Era
Shu et al. Research on situation awareness technology in industrial control system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20171212

WW01 Invention patent application withdrawn after publication