CN107920055A - A kind of IP risk evaluating methods and IP Risk Evaluating Systems - Google Patents
A kind of IP risk evaluating methods and IP Risk Evaluating Systems Download PDFInfo
- Publication number
- CN107920055A CN107920055A CN201710887457.2A CN201710887457A CN107920055A CN 107920055 A CN107920055 A CN 107920055A CN 201710887457 A CN201710887457 A CN 201710887457A CN 107920055 A CN107920055 A CN 107920055A
- Authority
- CN
- China
- Prior art keywords
- risk
- decision tree
- risk evaluating
- training set
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/21—Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
- G06F18/214—Generating training patterns; Bootstrap methods, e.g. bagging or boosting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
- G06F18/243—Classification techniques relating to the number of classes
- G06F18/24323—Tree-organised classifiers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
Abstract
The present invention relates to IP risk evaluating methods and IP Risk Evaluating Systems.This method comprises the following steps:IP behavioral data acquisition steps, are acquired IP behavioral datas and form IP databases;Eigenmatrix extraction step, characteristic processing is carried out to the IP behavioral datas, and the IP databases are trained to form eigenmatrix as training set;Decision tree generation step, feature based matrix structure training set, according to the training set and rated condition generation classification and regression tree;And IP address risk assessment step, the IP address for needing to carry out risk assessment is obtained, carries out the risk assessment of the IP address with regression tree based on the classification.Using the present invention, IP risk assessment can be accurately and comprehensively carried out.
Description
Technical field
The present invention relates to computer technology, more particularly to a kind of IP risk evaluating methods and IP risk assessment system
System.
Background technology
In the prior art, for IP risk assessment, generally mainly carried out according to the label of IP, such as sentenced according to the ownership place of IP
Disconnected whether strange land is merchandised, and judges whether the IP is normal users according to Agent IP label.
This determination methods are simpler to be answered roughly, often judges whether IP is that there are evil using one or several labels
Meaning, thus in practical applications there is accuracy rate it is not high the problem of.
Therefore, at present for IP risk assessment also without the method for comparative maturity.
The content of the invention
In view of the above problems, the present invention is intended to provide a kind of IP risks for the risk assessment that can accurately carry out IP address are commented
Valency method and IP Risk Evaluating Systems.
The IP risk evaluating methods of the present invention, it is characterised in that comprise the following steps:
IP behavioral data acquisition steps, are acquired IP behavioral datas and form IP databases;
Eigenmatrix extraction step, using the IP databases as training set, characteristic processing, shape are carried out to the IP behavioral datas
Into eigenmatrix;
Decision tree generation step, based on the training set, according to the training set and rated condition generation classification with returning decision-making
Tree;And
IP address risk assessment step, obtains the IP address for needing to carry out risk assessment, based on the classification and regression tree
Carry out the risk assessment of the IP address.
Preferably, the IP data gathered in the IP behavioral datas acquisition step include:IP attribute informations, IP association letters
Breath and IP behavioural informations.
Preferably, in the eigenmatrix extraction step, following characteristic processing is carried out to the IP data:Belong to for IP
Property information, chooses corresponding code value as characteristic value or characterized by 0,1;For IP related informations, historical context is chosen
Domain name number or domain name mean time are frequently as characteristic value;And for IP behavioural informations, IP behaviors are chosen apart from the stipulated time
The time number of point is as characteristic value.
Preferably, in the decision tree generation step, build training set, since root node recurrence to each node into
Row predetermined operation builds binary decision tree.
Preferably, following sub-steps are included in the decision tree generation step:
(1)If the training dataset of node is D, gini index of the existing feature to the data set is calculated, to each feature A,
D is divided into D1 and D2 two parts;
(2)In all possible feature A and the possible cut-off α of all of which, select gini index minimum feature and
Its corresponding cut-off generates two with optimal characteristics and optimal cut-off as optimal characteristics and optimal cut-off from existing node
Child node, training dataset is assigned in two child nodes according to feature;
(3)Two child nodes are recursively called above-mentioned(1),(2), until meeting stop condition;
(4)Generation classification and regression tree T0.
Preferably, above-mentioned in the decision tree generation step includes(4)Following sub-steps are further included afterwards:
(5)Pruning algorithms are performed with regression tree T0 to the classification and obtain optimum decision tree T α.
The IP Risk Evaluating Systems of the present invention, it is characterised in that possess:
IP behavioral data acquisition modules, for IP databases to be acquired and formed to IP behavioral datas;
Eigenmatrix extraction module, for using the IP databases as training set, being carried out to the IP behavioral datas at feature
Reason, forms eigenmatrix;
Decision tree generation module, for based on the training set, according to the training set and rated condition generation classification and returning
Decision tree;And
IP address risk assessment module, for obtaining the IP address for needing to carry out risk assessment, is determined based on the classification with recurrence
Plan tree carries out the risk assessment of the IP address.
Preferably, the IP data of the IP behavioral datas acquisition module collection include:IP attribute informations, IP related informations with
And IP behavioural informations.
Preferably, in the eigenmatrix extraction module, for IP attribute informations, corresponding code is chosen as feature
Value is worth characterized by 0,1;For IP related informations, choose historical context domain name number or domain name mean time frequently as
Characteristic value;And for IP behavioural informations, IP behaviors are chosen apart from the time number of stipulated time point as characteristic value.
Preferably, the decision tree generation module builds training set and recurrence carries out each node since root node
Predetermined operation builds binary decision tree.
The computer-readable recording medium of the present invention, is stored thereon with computer program, it is characterised in that the program is located
Reason device realizes above-mentioned IP risk evaluating methods when performing.
The computer equipment of the present invention, including memory, processor and storage are on a memory and can be on a processor
The computer program of operation, it is characterised in that the processor realizes above-mentioned IP risk evaluating methods when performing described program.
IP risk evaluating methods and IP Risk Evaluating Systems according to the present invention, with current IP risk evaluating methods phase
Than following technique effect can be obtained:
(1)IP address information is obtained from global visual angle, while also carries each attribute, such as time attribute, thus, it is possible to comprehensive
Reflection IP states so that evaluation result is more accurate;
(2)With the renewal of training data, decision tree being capable of continuous updating therewith;
(3)Acquisition optimum decision tree can further be optimized to decision tree, thereby, it is possible to more accurately carry out IP risk assessment;
(4)IP risk assessment is carried out using decision tree, is readily able to understand and realizes.
Brief description of the drawings
Fig. 1 is the step flow chart for representing the IP risk evaluating methods of the present invention.
Fig. 2 is the IP Risk Evaluating Systems for representing one embodiment of the present invention.
Embodiment
What is be described below is some in multiple embodiments of the invention, it is desirable to provide to the basic understanding of the present invention.And
It is not intended to the crucial or conclusive key element for confirming the present invention or limits scope of the claimed.
Fig. 1 is the step flow chart for the IP risk evaluating methods for representing one embodiment of the present invention.
The IP risk evaluating methods of one embodiment of the present invention as shown in Figure 1 comprise the following steps:
IP behavioral data acquisition steps S100:IP behavioral datas are acquired and form IP databases;
Eigenmatrix extraction step S200:Using the IP databases as training set, the IP behavioral datas are carried out at feature
Reason, forms eigenmatrix;
Decision tree generation step S300:Based on the training set, according to the training set and rated condition generation classification and return
Decision tree;And
IP address risk assessment step S400:The IP address for needing to carry out risk assessment is obtained, is determined based on the classification with recurrence
Plan tree carries out the risk assessment of the IP address.
Then, it is specifically described for above-mentioned steps S100 ~ S400.
In IP behavioral data acquisition steps S100, IP data are acquired and form IP databases.At present to IP rows
Include for the means that data are acquired:
The safety protection equipment such as slave firewall, IPS, WAF gathers, and Intranet outlet is generally all deployed with security protection and sets
Standby, these equipment can gather the information for accessing IP;
Gathered by honey jar, dispose honey jar server on the internet, gather the IP information of access;
Public information, such as whois information, ASN information are gathered from internet;And
Obtained by IP information, IP information is obtained from IP information company by the means such as buying, exchanging.
The IP behavioral datas of collection include for example following information, but are not limited to following information:
IP attribute informations:Country, province, city, IDC, dynamic IP, mobile gateway, longitude and latitude, ASN etc..
IP related informations:IP associations domain name, IP associated withs and their corresponding periods.
IP behavioural informations:The behavior of IP, including act on behalf of, scan, reptile, cc attacks, ddos attacks, spam etc. and it
The corresponding time.
In the eigenmatrix extraction step S200, using the IP databases as training set, to the IP behaviors number
According to characteristic processing is carried out, eigenmatrix is formed.
For example, for IP attribute informations, country, province, city's information choose corresponding code as characteristic value, IDC, dynamic
IP, mobile gateway etc. are used as characteristic value with 0,1.
For example, for IP related informations, historical context domain name number, domain name mean time are chosen frequently as characteristic value.
For example, for IP behavioural informations, for each label, it is not then 0, has then with 1/ identified time away from today month
Several squares are characterized value.
IP databases known to acquirement can influence training result as training set, the credibility and size of training set.According to
The above method handles training set, forms eigenmatrix.It is, for example, possible to use the learning algorithm of machine is trained.This
In, we are using the training dataset of generation as training dataset D.
Then, in decision tree generation step S300, based on the training set, given birth to according to the training set and rated condition
Constituent class and regression tree.
In Decision Tree Construction, as input, input training dataset D and stop the condition calculating, as defeated
Go out, output category and regression tree.The algorithm of use, as described below:
Training dataset is built, since root node, following operation is recursively carried out to each node, builds binary decision tree:
(1)If the training dataset of node is D, gini index of the existing feature to the data set is calculated.At this time, it is special to each
A, each value α that may be taken to it are levied, D is divided into by D1 and D2 two for "Yes" or "No" according to test of the sample point to A=α
Point, calculate gini index during A=α;
(2)In all possible feature A and the possible cut-off α of all of which, select gini index minimum feature and
Its corresponding cut-off is as optimal characteristics and optimal cut-off.According to optimal characteristics and optimal cut-off, from existing node generation two
A child node, training dataset is assigned in two child nodes according to feature;
(3)Two child nodes are recursively called(1),(2), until meeting stop condition;And
(4)Generation classification and regression tree T0.
The condition for stopping calculating as algorithm, such as can be that number of samples in node is less than reservation threshold, alternatively, sample
The gini index of this collection is less than reservation threshold(Sample substantially belongs to same class), or without more features.
In order to enable the classification of generation can more accurately be used for the risk assessment of IP address with regression tree, preferably
Ground, can carry out further beta pruning to the classification of above-mentioned generation with returning decision-making.
Then, illustrated for the pruning algorithms classified with regression tree.
In the pruning algorithms with regression tree of classifying, as input, the decision-making of input classification and regression algorithm generation
T0 is set, as output, output optimum decision tree T α.The pruning algorithms of use are as described below:
(1)If k=0, T=T0;
(2)If α=+ ∞;
(3)C (Tt) is calculated to each internal node t bottom-uply, | Tt | and
g(t)=C(t)−C(Tt)|Tt|−1g(t)=C(t)−C(Tt)|Tt|−1
α=min (α, g (t)) α=min (α, g (t)),
Here, Tt represents the subtree that t is root node, prediction error when C (t) is using t as single node tree to training data(Such as base
Buddhist nun's index), C (Tt) is using t as prediction error of the subtree of root node to training data(Such as gini index), | Tt | it is the leaf of Tt
Node number;
(4)Internal node t is accessed from top to down, if g (t)=α, carries out beta pruning, and to leaf node t with majority vote method
Determine its class, obtain tree T;
(5)If k=k+1, α k=α, Tk=T;
(6)If T is not the tree being separately formed by root node, step is returned to(4);
(7)Optimal subtree is chosen in subtree sequence T0, T1 ..., TnT0, T1 ..., Tn using cross-validation method, output is most
Excellent decision tree T α.
Finally, in IP address risk assessment step S400, the IP address for needing to carry out risk assessment is obtained, based on generation
Optimum decision tree T α carry out the risk assessment of the IP address.
More than, it is illustrated for the IP risk evaluating methods of the present invention.Then, for the IP risk assessment of the present invention
System illustrates.
Fig. 2 is the IP Risk Evaluating Systems for representing one embodiment of the present invention.
As shown in Fig. 2, the IP Risk Evaluating Systems of one embodiment of the present invention possess:
IP behavioral datas acquisition module 100, for IP databases to be acquired and formed to IP behavioral datas;
Eigenmatrix extraction module 200, for using the IP databases as training set, feature to be carried out to the IP behavioral datas
Processing, forms eigenmatrix;
Decision tree generation module 300, for based on the training set, according to the training set and rated condition generation classification and returning
Return decision tree;And
IP address risk assessment module 400, for obtaining the IP address for needing to carry out risk assessment, based on the classification and returns
Decision tree carries out the risk assessment of the IP address.
Wherein, the IP data that IP behavioral datas acquisition module 100 gathers include but not limited to:IP attribute informations, IP associations
Information and IP behavioural informations.
In eigenmatrix extraction module 200, for IP attribute informations, choose corresponding code as characteristic value or with
0th, 1 it is characterized value;For IP related informations, historical context domain name number or domain name mean time are chosen frequently as characteristic value;With
And for IP behavioural informations, IP behaviors are chosen apart from the time number of stipulated time point as characteristic value.
Decision tree generation module 300 builds training set and recurrence carries out predetermined operation to each node since root node
Build binary decision tree.The calculating process of structure binary decision tree has been described above in the above description, omits repeat specification here.
Furthermore further, in order to enable the classification of generation can more accurately be used for IP address with regression tree
Risk assessment, it is preferable that decision tree generation module 300 can further cut the classification of above-mentioned generation with returning decision-making
Branch generation optimum decision tree T α.The calculating process of same the, generation optimum decision tree T α have been described above in the above description, here
Also repeat specification is omitted.
The present invention also provides a kind of computer-readable recording medium, computer program is stored thereon with, it is characterised in that should
The IP risk evaluating methods of the invention described above are realized when program is executed by processor.
The present invention also provides a kind of computer equipment, including memory, processor and storage are on a memory and can be
The computer program run on processor, it is characterised in that the processor realizes the invention described above when performing described program
IP risk evaluating methods.
IP risk evaluating methods and IP Risk Evaluating Systems according to the present invention, with current IP risk evaluating methods phase
Than following technique effect can be obtained:
(1)IP address information is obtained from global visual angle, while also carries each attribute, such as time attribute, thus, it is possible to comprehensive
Reflection IP states so that evaluation result is more accurate;
(2)With the renewal of training data, decision tree being capable of continuous updating therewith;
(3)Acquisition optimum decision tree can further be optimized to decision tree, thereby, it is possible to more accurately carry out IP risk assessment;
(4)IP risk assessment is carried out using decision tree, is readily able to understand and realizes.
Example above primarily illustrates the IP risk evaluating methods and IP Risk Evaluating Systems of the present invention.Although only to it
In some embodiments of the invention be described, but those of ordinary skill in the art are it is to be appreciated that the present invention can
By without departing from its spirit with scope in the form of many other implement.Therefore, the example that is shown and embodiment by regarding
To be illustrative and not restrictive, the situation of the spirit and scope of the present invention as defined in appended claims is not being departed from
Under, the present invention may cover various modification and replacement.
Claims (12)
1. a kind of IP risk evaluating methods, it is characterised in that comprise the following steps:
IP behavioral data acquisition steps, are acquired IP behavioral datas and form IP databases;
Eigenmatrix extraction step, using the IP databases as training set, characteristic processing, shape are carried out to the IP behavioral datas
Into eigenmatrix;Training set and rated condition generation classification and regression tree;And
IP address risk assessment step, obtains the IP address for needing to carry out risk assessment, based on the classification and regression tree
Carry out the risk assessment of the IP address.
2. IP risk evaluating methods as claimed in claim 1, it is characterised in that
The IP data gathered in the IP behavioral datas acquisition step include:IP attribute informations, IP related informations and IP rows
For information.
3. IP risk evaluating methods as claimed in claim 2, it is characterised in that
In the eigenmatrix extraction step, following characteristic processing is carried out to the IP data:For IP attribute informations, choose
Corresponding code is worth as characteristic value or characterized by 0,1;For IP related informations, choose historical context domain name number or
Person's domain name mean time is frequently as characteristic value;And for IP behavioural informations, choose time number of the IP behaviors apart from stipulated time point
As characteristic value.
4. the IP risk evaluating methods as described in claim 1 ~ 3 any one, it is characterised in that
In the decision tree generation step, training set is built, recurrence carries out predetermined operation to each node since root node
Build binary decision tree.
5. IP risk evaluating methods as claimed in claim 4, it is characterised in that
Include following sub-steps in the decision tree generation step:
(1)If the training dataset of node is D, gini index of the existing feature to the data set is calculated, to each feature A,
D is divided into D1 and D2 two parts;
(2)In all possible feature A and the possible cut-off α of all of which, select gini index minimum feature and
Its corresponding cut-off generates two with optimal characteristics and optimal cut-off as optimal characteristics and optimal cut-off from existing node
Child node, training dataset is assigned in two child nodes according to feature;
(3)Two child nodes are recursively called above-mentioned(1),(2), until meeting stop condition;
(4)Generation classification and regression tree T0.
6. IP risk evaluating methods as claimed in claim 5, it is characterised in that
Above-mentioned in the decision tree generation step includes(4)Following sub-steps are further included afterwards:
(5)Pruning algorithms are performed with regression tree T0 to the classification and obtain optimum decision tree T α.
7. a kind of IP Risk Evaluating Systems, it is characterised in that possess:
IP behavioral data acquisition modules, for IP databases to be acquired and formed to IP behavioral datas;
Eigenmatrix extraction module, for using the IP databases as training set, being carried out to the IP behavioral datas at feature
Reason, forms eigenmatrix;
Decision tree generation module, for based on the training set, according to the training set and rated condition generation classification and returning
Decision tree;And
IP address risk assessment module, for obtaining the IP address for needing to carry out risk assessment, is determined based on the classification with recurrence
Plan tree carries out the risk assessment of the IP address.
8. IP Risk Evaluating Systems as claimed in claim 7, it is characterised in that
The IP data of the IP behavioral datas acquisition module collection include:IP attribute informations, IP related informations and IP behaviors letter
Breath.
9. IP Risk Evaluating Systems as claimed in claim 7, it is characterised in that
In the eigenmatrix extraction module, for IP attribute informations, corresponding code is chosen as characteristic value or with 0,1
It is characterized value;For IP related informations, historical context domain name number or domain name mean time are chosen frequently as characteristic value;And
For IP behavioural informations, IP behaviors are chosen apart from the time number of stipulated time point as characteristic value.
10. the IP Risk Evaluating Systems as described in claim 7 ~ 9 any one, it is characterised in that
The decision tree generation module builds training set and recurrence carries out predetermined operation structure to each node since root node
Build binary decision tree.
11. a kind of computer-readable recording medium, is stored thereon with computer program, it is characterised in that the program is by processor
The IP risk evaluating methods described in claim 1 ~ 6 any one are realized during execution.
12. a kind of computer equipment, including memory, processor and storage can be run on a memory and on a processor
Computer program, it is characterised in that the processor realizes the IP described in claim 1 ~ 6 any one when performing described program
Risk evaluating method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710887457.2A CN107920055B (en) | 2017-09-27 | 2017-09-27 | IP risk evaluation method and IP risk evaluation system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710887457.2A CN107920055B (en) | 2017-09-27 | 2017-09-27 | IP risk evaluation method and IP risk evaluation system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107920055A true CN107920055A (en) | 2018-04-17 |
CN107920055B CN107920055B (en) | 2020-08-25 |
Family
ID=61898698
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710887457.2A Active CN107920055B (en) | 2017-09-27 | 2017-09-27 | IP risk evaluation method and IP risk evaluation system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107920055B (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108711103A (en) * | 2018-06-04 | 2018-10-26 | 中国平安人寿保险股份有限公司 | Personal loan repays Risk Forecast Method, device, computer equipment and medium |
CN109345381A (en) * | 2018-12-19 | 2019-02-15 | 重庆誉存大数据科技有限公司 | A kind of Risk Identification Method and system |
CN109685635A (en) * | 2018-09-11 | 2019-04-26 | 深圳平安财富宝投资咨询有限公司 | Methods of risk assessment, air control server-side and the storage medium of financial business |
CN109729069A (en) * | 2018-11-26 | 2019-05-07 | 武汉极意网络科技有限公司 | Detection method, device and the electronic equipment of unusual IP addresses |
CN110717179A (en) * | 2018-07-13 | 2020-01-21 | 马上消费金融股份有限公司 | Risk assessment method of IP address and related device |
CN110808987A (en) * | 2019-11-07 | 2020-02-18 | 南京亚信智网科技有限公司 | Method and computing device for identifying malicious domain name |
WO2021093051A1 (en) * | 2019-11-15 | 2021-05-20 | 网宿科技股份有限公司 | Ip address assessment method and system, and device |
CN112861093A (en) * | 2021-04-25 | 2021-05-28 | 上海派拉软件股份有限公司 | Verification method, device and equipment for access data and storage medium |
CN115099684A (en) * | 2022-07-18 | 2022-09-23 | 江西中科冠物联网科技有限公司 | Enterprise safety production management system and management method thereof |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1746916A (en) * | 2005-10-25 | 2006-03-15 | 二六三网络通信股份有限公司 | Network IP address credit assessment and use in electronic mail system |
CN101990003A (en) * | 2010-10-22 | 2011-03-23 | 西安交通大学 | User action monitoring system and method based on IP address attribute |
CN103001825A (en) * | 2012-11-15 | 2013-03-27 | 中国科学院计算机网络信息中心 | Method and system for detecting DNS (domain name system) traffic abnormality |
CN105721406A (en) * | 2014-12-05 | 2016-06-29 | 中国移动通信集团广东有限公司 | Method and device for obtaining IP black list |
KR101712462B1 (en) * | 2016-10-14 | 2017-03-06 | 국방과학연구소 | System for monitoring dangerous ip |
-
2017
- 2017-09-27 CN CN201710887457.2A patent/CN107920055B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1746916A (en) * | 2005-10-25 | 2006-03-15 | 二六三网络通信股份有限公司 | Network IP address credit assessment and use in electronic mail system |
CN101990003A (en) * | 2010-10-22 | 2011-03-23 | 西安交通大学 | User action monitoring system and method based on IP address attribute |
CN103001825A (en) * | 2012-11-15 | 2013-03-27 | 中国科学院计算机网络信息中心 | Method and system for detecting DNS (domain name system) traffic abnormality |
CN105721406A (en) * | 2014-12-05 | 2016-06-29 | 中国移动通信集团广东有限公司 | Method and device for obtaining IP black list |
KR101712462B1 (en) * | 2016-10-14 | 2017-03-06 | 국방과학연구소 | System for monitoring dangerous ip |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108711103A (en) * | 2018-06-04 | 2018-10-26 | 中国平安人寿保险股份有限公司 | Personal loan repays Risk Forecast Method, device, computer equipment and medium |
CN110717179A (en) * | 2018-07-13 | 2020-01-21 | 马上消费金融股份有限公司 | Risk assessment method of IP address and related device |
CN109685635A (en) * | 2018-09-11 | 2019-04-26 | 深圳平安财富宝投资咨询有限公司 | Methods of risk assessment, air control server-side and the storage medium of financial business |
CN109729069B (en) * | 2018-11-26 | 2021-12-28 | 武汉极意网络科技有限公司 | Abnormal IP address detection method and device and electronic equipment |
CN109729069A (en) * | 2018-11-26 | 2019-05-07 | 武汉极意网络科技有限公司 | Detection method, device and the electronic equipment of unusual IP addresses |
CN109345381A (en) * | 2018-12-19 | 2019-02-15 | 重庆誉存大数据科技有限公司 | A kind of Risk Identification Method and system |
CN110808987A (en) * | 2019-11-07 | 2020-02-18 | 南京亚信智网科技有限公司 | Method and computing device for identifying malicious domain name |
CN110808987B (en) * | 2019-11-07 | 2022-03-29 | 南京亚信智网科技有限公司 | Method and computing device for identifying malicious domain name |
WO2021093051A1 (en) * | 2019-11-15 | 2021-05-20 | 网宿科技股份有限公司 | Ip address assessment method and system, and device |
CN112861093A (en) * | 2021-04-25 | 2021-05-28 | 上海派拉软件股份有限公司 | Verification method, device and equipment for access data and storage medium |
CN112861093B (en) * | 2021-04-25 | 2021-09-10 | 上海派拉软件股份有限公司 | Verification method, device and equipment for access data and storage medium |
CN115099684A (en) * | 2022-07-18 | 2022-09-23 | 江西中科冠物联网科技有限公司 | Enterprise safety production management system and management method thereof |
CN115099684B (en) * | 2022-07-18 | 2023-04-07 | 江西中科冠物联网科技有限公司 | Enterprise safety production management system and management method thereof |
Also Published As
Publication number | Publication date |
---|---|
CN107920055B (en) | 2020-08-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107920055A (en) | A kind of IP risk evaluating methods and IP Risk Evaluating Systems | |
Kamp et al. | Unstructured citizen science data fail to detect long‐term population declines of common birds in Denmark | |
Zurell et al. | Testing species assemblage predictions from stacked and joint species distribution models | |
Veron et al. | Vulnerability to climate change of islands worldwide and its impact on the tree of life | |
Murtaugh | Performance of several variable‐selection methods applied to real ecological data | |
Dengler et al. | Species–area relationships in continuous vegetation: Evidence from Palaearctic grasslands | |
Stukal et al. | Detecting bots on Russian political Twitter | |
Beery et al. | Species distribution modeling for machine learning practitioners: A review | |
Oliveira et al. | Modelling highly biodiverse areas in Brazil | |
Farrell et al. | Machine learning of large‐scale spatial distributions of wild turkeys with high‐dimensional environmental data | |
Kling et al. | Facets of phylodiversity: evolutionary diversification, divergence and survival as conservation targets | |
Kadmon et al. | A systematic analysis of factors affecting the performance of climatic envelope models | |
Martin et al. | The power of expert opinion in ecological models using Bayesian methods: impact of grazing on birds | |
Yaworsky et al. | Advancing predictive modeling in archaeology: An evaluation of regression and machine learning methods on the Grand Staircase-Escalante National Monument | |
Marx et al. | Deconstructing Darwin's Naturalization Conundrum in the San Juan Islands using community phylogenetics and functional traits | |
Dengler | Robust methods for detecting a small island effect | |
Valle et al. | Decomposing biodiversity data using the Latent Dirichlet Allocation model, a probabilistic multivariate statistical method | |
Fenker et al. | Phylogenetic diversity, habitat loss and conservation in South American pitvipers (Crotalinae: Bothrops and Bothrocophias) | |
Collaris et al. | Instance-level explanations for fraud detection: A case study | |
Pavoine | Clarifying and developing analyses of biodiversity: towards a generalisation of current approaches | |
Yemshanov et al. | A new multicriteria risk mapping approach based on a multiattribute frontier concept | |
Emilio et al. | Assessing the relationship between forest types and canopy tree beta diversity in Amazonia | |
Gao et al. | Detecting the small island effect and nestedness of herpetofauna of the West Indies | |
Dauphin et al. | Disentangling the effects of geographic peripherality and habitat suitability on neutral and adaptive genetic variation in Swiss stone pine | |
Cattarino et al. | Land‐use drivers of forest fragmentation vary with spatial scale |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |