CN107465696A - Security risk intellectuality management-control method based on SaaS cloud service patterns - Google Patents
Security risk intellectuality management-control method based on SaaS cloud service patterns Download PDFInfo
- Publication number
- CN107465696A CN107465696A CN201710863006.5A CN201710863006A CN107465696A CN 107465696 A CN107465696 A CN 107465696A CN 201710863006 A CN201710863006 A CN 201710863006A CN 107465696 A CN107465696 A CN 107465696A
- Authority
- CN
- China
- Prior art keywords
- security
- safety
- domain
- control method
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
Abstract
The invention discloses a kind of security risk intellectuality management-control method based on SaaS cloud service patterns, it includes, in service end, high in the clouds intelligent and safe center, and intelligent and safe center arrangement safety detecting system, safety pre-warning system, dynamic security instruction production system, threat information data warehouse and the emergent Expert Resources of safety beyond the clouds are set;Intelligence defence engine is set in user terminal, the intelligence defence engine performs safe white ring border, traffic characteristic extraction and Initiative Defense instruction.Passage time domain, spatial domain and the three-dimensional of domain logic of the invention defend model to ensure the comprehensive of security defensive system, ensure the advance of security defensive system by the technology mechanism of intelligent joint defence, the high efficiency of security defensive system is ensured by the deployment framework of " cloud+end ".Enterprise is reduced to put into the great number of Prevention-Security.
Description
Technical field
The present invention relates to a kind of safety defense system.More particularly, to a kind of safety based on SaaS cloud service patterns
Risk intellectuality management-control method.
Background technology
China Internet scale has been the first in the world, and the thing followed is that the concentration attack of network hacker is extorted with huge,
Chinese P2P nets borrow the severely afflicated area for turning into network security attacks.According to statistics, by by the end of April, Chinese P2P platforms quantity reaches
Family more than 9000, invest number more than 1,200 ten thousand, loaning bill number more than 9,000,000, mono- month about 250,000,000,000 yuan of exchange hand of P2P.However, mutual
While explosive growth is presented in networking+market scale, network security situation is but not so good as people's will.Leaked according to the authoritative third party of China
Hole monitoring platform black clouds net shows that high-risk leak accounts for 56.2%, and middle danger leak accounts for 23.4% to P2P industry leak quantity statisticses,
Low danger leak accounts for 12.3%, wherein 8.1% is ignored by manufacturer.Except System Security Vulnerability, the upgrading of assault technology is still
It is the maximum hidden danger of network security.In order to improve network security, the online defensive product of tradition or system are often selected in visitor
Family end sets a large amount of servers to provide the defence of comprehensive security, but its performance is difficult to ensure that.Meanwhile collect various security functions
With the traditional human system of defence policies, certainly will can't bear the heavy load under internet+scene of big flow.
The content of the invention
For above-mentioned technical problem, the invention provides a kind of intelligent pipe of security risk based on SaaS cloud service patterns
Prosecutor method, using the pattern of transparent deployment, without adjusting original business network framework, deployment is simple and convenient.
Security risk intellectuality management-control method of the present invention based on SaaS cloud service patterns sets high in the clouds in service end
Intelligent and safe center, and intelligent and safe center arrangement safety detecting system, safety pre-warning system, dynamic security instruction life beyond the clouds
Production system, threaten information data warehouse and the emergent Expert Resources of safety;
Intelligence defence engine is set in user terminal, the intelligence defence engine performs safe white ring border, traffic characteristic extraction
And Initiative Defense instruction.
Preferably, the intelligence defence engine includes flow monitoring system, and the flow monitoring system is to web-based history
Flow is learnt automatically, generates network traffic security baseline, hereafter, by the real-time monitoring of network traffics and statistics, knot
The network traffic security baseline that systematic learning obtains is closed, draws traffic security mathematical modeling:
S (t)=Ψ [Δ (t)]=Ψ { Ф [P1 (t), P2 (t) ... Pn (t)]-Ф [P10 (t), P20 (t) ... Pn0
(t)]}。
Preferably, the intelligence defence engine also includes safety pre-warning system, and the safety pre-warning system is according to
The default traffic security model resolution threshold value of flow monitoring system, judges whether to safe early warning.
Preferably, the high in the clouds intelligent and safe from time-domain, spatial domain and is patrolled centrally through the three-dimensional defence model of structure
Collect domain arrangement safety detecting system, safety pre-warning system, dynamic security instruction production system, threat information data warehouse and peace
Emergent Expert Resources entirely.
Preferably, time-domain refers specifically to security incident according to the timing node of generation being divided into advance, in thing and thing
Three phases afterwards, according to the special carry out alignment processing of different phase;Wherein, refer specifically in advance:Quantify the fragility of operation system
Property and threaten the probability occurred, establish the quantitative management model of operation system risk;Referred specifically in the thing:Start safety detection
The flow of system of users carries out 7x24 and monitored in real time, starts safety pre-warning system and sends early warning to abnormal behaviour in time, described
Dynamic security instruction production system sends instruction activation defence policies in time;It is described to refer specifically to afterwards:Start the emergent expert of safety
Resource, destructive result caused by degree network attack are recovered.
Preferably, the spatial domain refers specifically to:Business network is divided into user domain, network domains, computational fields and O&M
Supporting domain, integrate the secure data and high in the clouds secure data of the network equipment in each region, safety means, server and storage device
Warehouse, carry out tactful design and safety detection.
Preferably, the domain logic refers specifically to:Set respectively in Internet, system layer, application layer, data Layer and management level
Put corresponding control operation.
Preferably, the security risk intellectuality management-control method of the present invention based on SaaS cloud service patterns, including, press
The three-dimensional defence model of framework is disposed beyond the clouds according to time-domain, spatial domain and domain logic;The time-domain is specially by security incident
By the timing node of generation its life cycle can be divided into advance, in thing, three phases afterwards;The spatial domain refers to
Business network is divided into user domain, network domains, computational fields and O&M supporting domain;The domain logic refers to defending content to spread all over
Network, system, application, data and management various aspects.
Preferably, the defence of the spatial domain is included the network equipment in each region, safety means, server and storage
The secure data of equipment is effectively integrated with high in the clouds secure data warehouse, is entered across the physical location of IT assets and network area
The design of row strategy and safety detection, realize large span, fine-grained Prevention-Security.
Preferably, referred in advance described in the time-domain by systematicness, periodicity and increment risk assessment, entirely
The threat that face, dynamic are grasped the fragility of operation system and faced, and the probability occurred according to the significance level of fragility, threat
Quantified, the quantitative management model of foundation+operation system risk;Monitoring, early warning and defence in real time are focused in thing, for+industry
The risk point of business system makes the overall arrangement for safe practice and control measures, including 7x24 security monitorings, alarm, and activation defence in real time
Strategy;Refer to afterwards when Prevention-Security strategy be not enough to completely prevent hacker attack when, the timely intervention of security expert and
Emergency response, recover for destructive result caused by network attack.
Security risk intellectuality management-control method of the present invention based on SaaS cloud service patterns, in order to overcome isolated product
Or the limitation of traditional human system security capabilities for security defensive system, it is necessary to configure an intelligence " brain ".This is intelligence
Security defensive system is different from the key point of conventional security defense system.By building the intelligent and safe center in high in the clouds, with deployment
In the security protection engine real-time linkage of new generation of client, merge the white Environmental Technology of safety, flow holographic characteristic extractive technique,
The technology such as high in the clouds security threat information and adaptive learning, establish security baseline-abnormality detection-Initiative Defense-adaptive learning
Intelligent security defense closed loop, multidimensional, real-time statistical analysis and detection, and generation safety in real time are carried out to user network flow
Instruction, the complex attack based on network behavior extremely to detect be hidden in defending against network.This Intelligent Measurement and joint defence technology
It can detect and defend such as distributed denial of service attack (ddos attack), advanced sustainability attack (APT attacks), zero day to leak
The advanced network attacks such as hole attack (Zero-Day attacks).
In addition, the online defensive product of tradition or a fatal weakness of system are exactly performance issue, collect various security functions and
Defence policies, certainly will can't bear the heavy load under internet+scene of big flow.By the intelligent and safe center in high in the clouds this
" brain ", high in the clouds is transplanted in the local flow analysis in many traditional human systems or product and the work of safety detection,
The processing pressure of near-field devices is liberated.
It is this to be detected by the monitoring in real time of high in the clouds 7x24 safe conditions and attack, with intimidation defense platform real-time linkage
Intelligent security defense system, can be can be described as with automatic detection, dynamic security, adaptive learning without enterprise's manual intervention
One of intelligent and safe technical field attempts well.This deployment framework supports SaaS i.e. service (Security as a safely
Service cloud business model), the safety means expensive without enterprise's purchase, has very high ratio between safety input and output, enterprise
Disposable input can be controlled with pay-for-use.
Brief description of the drawings
Fig. 1 is that the three-dimensional security of the present invention defends the structural representation of model;
Fig. 2 is that the layout of the security risk intellectuality management-control method of the present invention based on SaaS cloud service patterns is illustrated
Figure.
Embodiment
The present invention is described in further detail below, to make those skilled in the art being capable of evidence with reference to specification word
To implement.
It should be appreciated that such as " having ", "comprising" and " comprising " term used herein do not allot one or more
The presence or addition of individual other elements or its combination.
As shown in Fig. 2 the security risk intellectuality management-control method of the present invention based on SaaS cloud service patterns is servicing
End sets high in the clouds intelligent and safe center, and intelligent and safe center arrangement safety detecting system, safety pre-warning system, dynamic beyond the clouds
Defence instruction production system, threaten information data warehouse and the emergent Expert Resources of safety;
Intelligence defence engine is set in user terminal, the intelligence defence engine performs safe white ring border, traffic characteristic extraction
And Initiative Defense instruction.
In one of the embodiments, the intelligence defence engine includes flow monitoring system, the flow monitoring system
Web-based history flow is learnt automatically, network traffic security baseline is generated, hereafter, passes through the real-time monitoring to network traffics
And statistics, the network traffic security baseline obtained with reference to systematic learning, draw traffic security mathematical modeling:
S (t)=Ψ [Δ (t)]=Ψ { Ф [P1 (t), P2 (t) ... Pn (t)]-Ф [P10 (t), P20 (t) ... Pn0
(t)]}。
The flow monitoring system is by the study to history safe traffic data, a large amount of streams based on key risk object
Dozens of behavior safety indices P of the data calculating including " connection number ", " packet rate ", " the newly-built speed of session " etc. is measured,
And customer service white ring border (need to combine user information safety strategy and business characteristic is built) is combined, establish a traffic security
Baseline T0, and continuous intelligence learning and dynamic adjustment are carried out according to time t and data on flows, form adaptive traffic security
Baseline:
T0 (t)=Ф [P10 (t), P20 (t) ... Pn0 (t)]
In real network, any attack all along with certain exception of network traffic, such as seldom by
The serve port used is opened access, the abnormal reverse flow of server data, the abnormal big ups and downs of user's connection suddenly
Etc., these can inherently be showed by our behavior safety indices P extremely, be pacified by behavior safety index with it
Real-time comparison between full baseline, can generate network security behavior abnormal index Δ (t):
Δ (t)=T (t)-T0 (t)
It is weighted between network security behavior abnormal index according to logical interdependency, just builds a systematicness
Traffic security model S:
S (t)=Ψ [Δ (t)]=Ψ { Ф [P1 (t), P2 (t) ... Pn (t)]-Ф [P10 (t), P20 (t) ... Pn0
(t)]}
In one of the embodiments, the intelligence defence engine also includes safety pre-warning system, the safe early warning system
System makes a decision threshold value according to the default traffic security model of the flow monitoring system, judges whether to safe early warning.
In one of the embodiments, the high in the clouds intelligent and safe is centrally through the three-dimensional defence model of structure, from time-domain,
Spatial domain and domain logic arrangement safety detecting system, safety pre-warning system, dynamic security instruction production system, threat information data
Warehouse and the emergent Expert Resources of safety.
In one of the embodiments, time-domain refer specifically to by security incident according to the timing node of generation be divided into advance,
In thing and afterwards three phases, according to the special carry out alignment processing of different phase;Wherein, refer specifically in advance:Quantization business
The fragility of system and the probability for threatening generation, establish the quantitative management model of operation system risk;Referred specifically in the thing:Open
Dynamic safety detecting system carries out 7x24 to the flow of user and monitored in real time, starts safety pre-warning system and abnormal behaviour is sent in time
Early warning, the dynamic security instruction production system send instruction activation defence policies in time;It is described to refer specifically to afterwards:Start safety
Emergent Expert Resources, destructive result caused by degree network attack are recovered.
In one of the embodiments, the spatial domain refers specifically to:Business network is divided into user domain, network domains, meter
Domain and O&M supporting domain are calculated, integrates the secure data and cloud of the network equipment in each region, safety means, server and storage device
Secure data warehouse is held, carries out tactful design and safety detection.
In one of the embodiments, the domain logic refers specifically to:In Internet, system layer, application layer, data Layer and pipe
Reason layer sets corresponding control operation respectively.
As shown in figure 1, a kind of security risk intellectuality management-control method based on SaaS cloud service patterns of the present invention, its
It is characterised by, including, the three-dimensional defence model of framework is disposed beyond the clouds according to time-domain, spatial domain and domain logic;The time-domain
Specially by security incident by the timing node of generation its life cycle can be divided into advance, in thing, three phases afterwards;Institute
State spatial domain and refer to and business network is divided into user domain, network domains, computational fields and O&M supporting domain;The domain logic refers to
Be defence content spread all over network, system, application, data and management various aspects.
Security incident by the timing node of generation its life cycle can be divided into advance, in thing, three phases afterwards.Thing
Before focus on prevention, by systematicness, periodicity and increment risk assessment, come comprehensively, dynamic grasp operation system fragility and
The threat faced, and according to the significance level of fragility (can by by attack after to the influence degree of operation system come
Metering), threaten the probability etc. occurred to be quantified, the quantitative management model of foundation+operation system risk, and combine safety plus
Gu, optimization, the measure such as backup, and thing neutralizes the convergence for realizing risk of safety measure and controllable afterwards;Focused in thing
Monitoring, early warning and defence in real time, safe practice and control measures, including 7x24 are made the overall arrangement for for the risk point of+operation system
Security monitoring, alarm, and defence policies are activated in real time;" mending the fold after the sheep is lost, be still not evening " is equally applicable to security defensive system and set
Meter, existing Prevention-Security strategy is not enough to prevent completely during the attack of hacker, it is necessary to the timely intervention of security expert and sound of meeting an urgent need
Should, for destructive result caused by network attack, such as system is delayed, and machine, file are distorted, leaking data is recovered.
In spatial domain, business network is divided into user domain (can be subdivided into external user domain, internal user domain), net by us
Network domain (access network domains, core network domain can be subdivided into), computational fields and O&M supporting domain, the network equipment in each region, safety
The secure data of equipment, server and storage device and the high in the clouds secure data warehouse (peace of collection, storage and analysis strange land equipment
Total evidence) effectively integrated, tactful design and safety detection are carried out across the physical location of IT assets and network area, is realized
Large span, fine-grained Prevention-Security.
In domain logic, as it was noted above, the defence content of security defensive system spreads all over network, system, application, data and pipe
The various aspects such as reason, Redundancy Design, access control and connection control etc. in violation of rules and regulations of Internet, the leak reparation of system layer, safety
Reinforcing and authentication mandate etc., leak reparation, the management of Web safety lifecycles and the ddos attack defence of application layer etc., number
According to the encryption of layer, access control, anti-leak etc., and the strategy of management level, audit and operation management etc..
Although embodiment of the present invention is disclosed as above, it is not restricted in specification and embodiment listed
With it can be applied to various suitable the field of the invention completely, can be easily for those skilled in the art
Other modification is realized, therefore under the universal limited without departing substantially from claim and equivalency range, it is of the invention and unlimited
In specific details and shown here as the legend with description.
Claims (7)
- A kind of 1. security risk intellectuality management-control method based on SaaS cloud service patterns, it is characterised in thatHigh in the clouds intelligent and safe center is set in service end, and intelligent and safe center arrangement safety detecting system, safety are pre- beyond the clouds Alert system, dynamic security instruction production system, threaten information data warehouse and the emergent Expert Resources of safety;In user terminal, intelligence defence engine is set, the intelligence defence engine perform safe white ring border, traffic characteristic extraction and Initiative Defense instructs.
- 2. the security risk intellectuality management-control method according to claim 1 based on SaaS cloud service patterns, its feature exist In the intelligence defence engine includes flow monitoring system, and the flow monitoring system is learned web-based history flow automatically Practise, network traffic security baseline is generated, hereafter, by the real-time monitoring of network traffics and statistics, being obtained with reference to systematic learning Network traffic security baseline, draw traffic security mathematical modeling:S (t)=Ψ [Δ (t)]=Ψ Ф [P1 (t), P2 (t) ... Pn (t)]-Ф [P10 (t), P20 (t) ... Pn0 (t)] }.
- 3. the security risk intellectuality management-control method according to claim 2 based on SaaS cloud service patterns, its feature exist In the intelligence defence engine also includes safety pre-warning system, and the safety pre-warning system is pre- according to the flow monitoring system If traffic security model resolution threshold value, judge whether to safe early warning.
- 4. the security risk intellectuality management-control method according to claim 1 based on SaaS cloud service patterns, its feature exist In the high in the clouds intelligent and safe arranges safety inspection centrally through the three-dimensional defence model of structure from time-domain, spatial domain and domain logic Examining system, safety pre-warning system, dynamic security instruction production system, threat information data warehouse and the emergent expert's money of safety Source.
- 5. the security risk intellectuality management-control method according to claim 4 based on SaaS cloud service patterns, its feature exist In, time-domain refer specifically to by security incident according to the timing node of generation be divided into advance, in thing and afterwards three phases, according to The special carry out alignment processing of different phase;Wherein, refer specifically in advance:Quantify the fragility of operation system and threaten the general of generation Rate, establish the quantitative management model of operation system risk;Referred specifically in the thing:Start flow of the safety detecting system to user Carry out 7x24 to monitor in real time, start safety pre-warning system and send early warning, the dynamic security instruction production to abnormal behaviour in time System sends instruction activation defence policies in time;It is described to refer specifically to afterwards:Start the emergent Expert Resources of safety, degree network attack production Raw destructive result is recovered.
- 6. the security risk intellectuality management-control method according to claim 4 based on SaaS cloud service patterns, its feature exist In the spatial domain refers specifically to:Business network is divided into user domain, network domains, computational fields and O&M supporting domain, integrates each area The network equipment in domain, safety means, the secure data and high in the clouds secure data warehouse of server and storage device, carry out strategy and set Meter and safety detection.
- 7. the security risk intellectuality management-control method according to claim 1 based on SaaS cloud service patterns, its feature exist In the domain logic refers specifically to:In Internet, system layer, application layer, data Layer and management level, corresponding control behaviour is set respectively Make.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710532072 | 2017-07-03 | ||
CN2017105320724 | 2017-07-03 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107465696A true CN107465696A (en) | 2017-12-12 |
Family
ID=60553426
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710863006.5A Withdrawn CN107465696A (en) | 2017-07-03 | 2017-09-22 | Security risk intellectuality management-control method based on SaaS cloud service patterns |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107465696A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109391700A (en) * | 2018-12-12 | 2019-02-26 | 北京华清信安科技有限公司 | Internet of Things safe cloud platform based on depth traffic aware |
CN112769825A (en) * | 2021-01-07 | 2021-05-07 | 深圳市永达电子信息股份有限公司 | Network security guarantee method, system and computer storage medium |
CN114070608A (en) * | 2021-11-12 | 2022-02-18 | 北京天融信网络安全技术有限公司 | Asset optimization method and device based on flow analysis |
CN114726648A (en) * | 2022-05-12 | 2022-07-08 | 北京国信网联科技有限公司 | Terminal security cloud control system based on Internet of things |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070067438A1 (en) * | 2005-09-21 | 2007-03-22 | Battelle Memorial Institute | Methods and systems for detecting abnormal digital traffic |
CN102916955A (en) * | 2012-10-15 | 2013-02-06 | 北京神州绿盟信息安全科技股份有限公司 | System and method for preventing/detecting network intrusion |
CN104702598A (en) * | 2015-02-16 | 2015-06-10 | 南京邮电大学 | Distributed network protocol security detection method for smart power grid |
US20170063907A1 (en) * | 2015-08-31 | 2017-03-02 | Splunk Inc. | Multi-Stage Network Security Threat Detection |
CN106899601A (en) * | 2017-03-10 | 2017-06-27 | 北京华清信安科技有限公司 | Network attack defence installation and method based on cloud and local platform |
CN108933754A (en) * | 2017-05-19 | 2018-12-04 | 南京骏腾信息技术有限公司 | Method for managing security based on the analysis of IT asset risk |
-
2017
- 2017-09-22 CN CN201710863006.5A patent/CN107465696A/en not_active Withdrawn
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070067438A1 (en) * | 2005-09-21 | 2007-03-22 | Battelle Memorial Institute | Methods and systems for detecting abnormal digital traffic |
CN102916955A (en) * | 2012-10-15 | 2013-02-06 | 北京神州绿盟信息安全科技股份有限公司 | System and method for preventing/detecting network intrusion |
CN104702598A (en) * | 2015-02-16 | 2015-06-10 | 南京邮电大学 | Distributed network protocol security detection method for smart power grid |
US20170063907A1 (en) * | 2015-08-31 | 2017-03-02 | Splunk Inc. | Multi-Stage Network Security Threat Detection |
CN106899601A (en) * | 2017-03-10 | 2017-06-27 | 北京华清信安科技有限公司 | Network attack defence installation and method based on cloud and local platform |
CN108933754A (en) * | 2017-05-19 | 2018-12-04 | 南京骏腾信息技术有限公司 | Method for managing security based on the analysis of IT asset risk |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109391700A (en) * | 2018-12-12 | 2019-02-26 | 北京华清信安科技有限公司 | Internet of Things safe cloud platform based on depth traffic aware |
CN109391700B (en) * | 2018-12-12 | 2021-04-09 | 北京华清信安科技有限公司 | Internet of things security cloud platform based on depth flow sensing |
CN112769825A (en) * | 2021-01-07 | 2021-05-07 | 深圳市永达电子信息股份有限公司 | Network security guarantee method, system and computer storage medium |
CN114070608A (en) * | 2021-11-12 | 2022-02-18 | 北京天融信网络安全技术有限公司 | Asset optimization method and device based on flow analysis |
CN114726648A (en) * | 2022-05-12 | 2022-07-08 | 北京国信网联科技有限公司 | Terminal security cloud control system based on Internet of things |
CN114726648B (en) * | 2022-05-12 | 2022-08-23 | 北京国信网联科技有限公司 | Terminal security cloud control system based on Internet of things |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101814368B1 (en) | Information security network integrated management system using big data and artificial intelligence, and a method thereof | |
CN107465696A (en) | Security risk intellectuality management-control method based on SaaS cloud service patterns | |
CN104486141A (en) | Misdeclaration self-adapting network safety situation predication method | |
CN107659543A (en) | The means of defence of facing cloud platform APT attacks | |
CN105471854B (en) | A kind of adaptive boundary method for detecting abnormality based on multistage strategy | |
CN103905459A (en) | Cloud-based intelligent security defense system and defense method | |
CN106209856B (en) | Method for generating big data security posture map based on trusted computing | |
CN108696531A (en) | A kind of security strategy adaptive analysis and big data Visualization Platform system | |
CN109981686A (en) | A kind of network security situational awareness method and system based on circulation confrontation | |
WO2019231826A1 (en) | Systems and methods for determining the efficacy of computer system security policies | |
Samdarshi et al. | A triple layer intrusion detection system for SCADA security of electric utility | |
CN108933754A (en) | Method for managing security based on the analysis of IT asset risk | |
Nikolskaia et al. | The relationship between cybersecurity and artificial intelligence | |
Zhao et al. | Research of intrusion detection system based on neural networks | |
CN114978595B (en) | Threat model construction method and device, computer equipment and storage medium | |
Chen et al. | Research on the active defense security system based on cloud computing of wisdom campus network | |
Deng et al. | Network security intrusion detection system based on incremental improved convolutional neural network model | |
Dominik et al. | Categorizing IoT Services According to Security Risks | |
Zhang et al. | Using network security index system to evaluate network security | |
CN109495470A (en) | A kind of network information risk safe early warning method and server and system | |
Qu et al. | Studies on internet real-name system and network action surveillance system | |
Cao et al. | Design of network security situation awareness analysis module for electric power dispatching and control system | |
She | Evaluation on Communication Network Security Intrusion Detection Data in the Background of Cloud Computing | |
Qin et al. | Computer Network Security Defense System in 5G Era | |
Shu et al. | Research on situation awareness technology in industrial control system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20171212 |
|
WW01 | Invention patent application withdrawn after publication |