CN107920055A - A kind of IP risk evaluating methods and IP Risk Evaluating Systems - Google Patents

A kind of IP risk evaluating methods and IP Risk Evaluating Systems Download PDF

Info

Publication number
CN107920055A
CN107920055A CN201710887457.2A CN201710887457A CN107920055A CN 107920055 A CN107920055 A CN 107920055A CN 201710887457 A CN201710887457 A CN 201710887457A CN 107920055 A CN107920055 A CN 107920055A
Authority
CN
China
Prior art keywords
risk
decision tree
risk evaluating
training set
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710887457.2A
Other languages
Chinese (zh)
Other versions
CN107920055B (en
Inventor
陈舟
杨阳
朱浩然
黄自力
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN201710887457.2A priority Critical patent/CN107920055B/en
Publication of CN107920055A publication Critical patent/CN107920055A/en
Application granted granted Critical
Publication of CN107920055B publication Critical patent/CN107920055B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/21Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
    • G06F18/214Generating training patterns; Bootstrap methods, e.g. bagging or boosting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/24Classification techniques
    • G06F18/243Classification techniques relating to the number of classes
    • G06F18/24323Tree-organised classifiers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks

Abstract

The present invention relates to IP risk evaluating methods and IP Risk Evaluating Systems.This method comprises the following steps:IP behavioral data acquisition steps, are acquired IP behavioral datas and form IP databases;Eigenmatrix extraction step, characteristic processing is carried out to the IP behavioral datas, and the IP databases are trained to form eigenmatrix as training set;Decision tree generation step, feature based matrix structure training set, according to the training set and rated condition generation classification and regression tree;And IP address risk assessment step, the IP address for needing to carry out risk assessment is obtained, carries out the risk assessment of the IP address with regression tree based on the classification.Using the present invention, IP risk assessment can be accurately and comprehensively carried out.

Description

A kind of IP risk evaluating methods and IP Risk Evaluating Systems
Technical field
The present invention relates to computer technology, more particularly to a kind of IP risk evaluating methods and IP risk assessment system System.
Background technology
In the prior art, for IP risk assessment, generally mainly carried out according to the label of IP, such as sentenced according to the ownership place of IP Disconnected whether strange land is merchandised, and judges whether the IP is normal users according to Agent IP label.
This determination methods are simpler to be answered roughly, often judges whether IP is that there are evil using one or several labels Meaning, thus in practical applications there is accuracy rate it is not high the problem of.
Therefore, at present for IP risk assessment also without the method for comparative maturity.
The content of the invention
In view of the above problems, the present invention is intended to provide a kind of IP risks for the risk assessment that can accurately carry out IP address are commented Valency method and IP Risk Evaluating Systems.
The IP risk evaluating methods of the present invention, it is characterised in that comprise the following steps:
IP behavioral data acquisition steps, are acquired IP behavioral datas and form IP databases;
Eigenmatrix extraction step, using the IP databases as training set, characteristic processing, shape are carried out to the IP behavioral datas Into eigenmatrix;
Decision tree generation step, based on the training set, according to the training set and rated condition generation classification with returning decision-making Tree;And
IP address risk assessment step, obtains the IP address for needing to carry out risk assessment, based on the classification and regression tree Carry out the risk assessment of the IP address.
Preferably, the IP data gathered in the IP behavioral datas acquisition step include:IP attribute informations, IP association letters Breath and IP behavioural informations.
Preferably, in the eigenmatrix extraction step, following characteristic processing is carried out to the IP data:Belong to for IP Property information, chooses corresponding code value as characteristic value or characterized by 0,1;For IP related informations, historical context is chosen Domain name number or domain name mean time are frequently as characteristic value;And for IP behavioural informations, IP behaviors are chosen apart from the stipulated time The time number of point is as characteristic value.
Preferably, in the decision tree generation step, build training set, since root node recurrence to each node into Row predetermined operation builds binary decision tree.
Preferably, following sub-steps are included in the decision tree generation step:
(1)If the training dataset of node is D, gini index of the existing feature to the data set is calculated, to each feature A, D is divided into D1 and D2 two parts;
(2)In all possible feature A and the possible cut-off α of all of which, select gini index minimum feature and Its corresponding cut-off generates two with optimal characteristics and optimal cut-off as optimal characteristics and optimal cut-off from existing node Child node, training dataset is assigned in two child nodes according to feature;
(3)Two child nodes are recursively called above-mentioned(1),(2), until meeting stop condition;
(4)Generation classification and regression tree T0.
Preferably, above-mentioned in the decision tree generation step includes(4)Following sub-steps are further included afterwards:
(5)Pruning algorithms are performed with regression tree T0 to the classification and obtain optimum decision tree T α.
The IP Risk Evaluating Systems of the present invention, it is characterised in that possess:
IP behavioral data acquisition modules, for IP databases to be acquired and formed to IP behavioral datas;
Eigenmatrix extraction module, for using the IP databases as training set, being carried out to the IP behavioral datas at feature Reason, forms eigenmatrix;
Decision tree generation module, for based on the training set, according to the training set and rated condition generation classification and returning Decision tree;And
IP address risk assessment module, for obtaining the IP address for needing to carry out risk assessment, is determined based on the classification with recurrence Plan tree carries out the risk assessment of the IP address.
Preferably, the IP data of the IP behavioral datas acquisition module collection include:IP attribute informations, IP related informations with And IP behavioural informations.
Preferably, in the eigenmatrix extraction module, for IP attribute informations, corresponding code is chosen as feature Value is worth characterized by 0,1;For IP related informations, choose historical context domain name number or domain name mean time frequently as Characteristic value;And for IP behavioural informations, IP behaviors are chosen apart from the time number of stipulated time point as characteristic value.
Preferably, the decision tree generation module builds training set and recurrence carries out each node since root node Predetermined operation builds binary decision tree.
The computer-readable recording medium of the present invention, is stored thereon with computer program, it is characterised in that the program is located Reason device realizes above-mentioned IP risk evaluating methods when performing.
The computer equipment of the present invention, including memory, processor and storage are on a memory and can be on a processor The computer program of operation, it is characterised in that the processor realizes above-mentioned IP risk evaluating methods when performing described program.
IP risk evaluating methods and IP Risk Evaluating Systems according to the present invention, with current IP risk evaluating methods phase Than following technique effect can be obtained:
(1)IP address information is obtained from global visual angle, while also carries each attribute, such as time attribute, thus, it is possible to comprehensive Reflection IP states so that evaluation result is more accurate;
(2)With the renewal of training data, decision tree being capable of continuous updating therewith;
(3)Acquisition optimum decision tree can further be optimized to decision tree, thereby, it is possible to more accurately carry out IP risk assessment;
(4)IP risk assessment is carried out using decision tree, is readily able to understand and realizes.
Brief description of the drawings
Fig. 1 is the step flow chart for representing the IP risk evaluating methods of the present invention.
Fig. 2 is the IP Risk Evaluating Systems for representing one embodiment of the present invention.
Embodiment
What is be described below is some in multiple embodiments of the invention, it is desirable to provide to the basic understanding of the present invention.And It is not intended to the crucial or conclusive key element for confirming the present invention or limits scope of the claimed.
Fig. 1 is the step flow chart for the IP risk evaluating methods for representing one embodiment of the present invention.
The IP risk evaluating methods of one embodiment of the present invention as shown in Figure 1 comprise the following steps:
IP behavioral data acquisition steps S100:IP behavioral datas are acquired and form IP databases;
Eigenmatrix extraction step S200:Using the IP databases as training set, the IP behavioral datas are carried out at feature Reason, forms eigenmatrix;
Decision tree generation step S300:Based on the training set, according to the training set and rated condition generation classification and return Decision tree;And
IP address risk assessment step S400:The IP address for needing to carry out risk assessment is obtained, is determined based on the classification with recurrence Plan tree carries out the risk assessment of the IP address.
Then, it is specifically described for above-mentioned steps S100 ~ S400.
In IP behavioral data acquisition steps S100, IP data are acquired and form IP databases.At present to IP rows Include for the means that data are acquired:
The safety protection equipment such as slave firewall, IPS, WAF gathers, and Intranet outlet is generally all deployed with security protection and sets Standby, these equipment can gather the information for accessing IP;
Gathered by honey jar, dispose honey jar server on the internet, gather the IP information of access;
Public information, such as whois information, ASN information are gathered from internet;And
Obtained by IP information, IP information is obtained from IP information company by the means such as buying, exchanging.
The IP behavioral datas of collection include for example following information, but are not limited to following information:
IP attribute informations:Country, province, city, IDC, dynamic IP, mobile gateway, longitude and latitude, ASN etc..
IP related informations:IP associations domain name, IP associated withs and their corresponding periods.
IP behavioural informations:The behavior of IP, including act on behalf of, scan, reptile, cc attacks, ddos attacks, spam etc. and it The corresponding time.
In the eigenmatrix extraction step S200, using the IP databases as training set, to the IP behaviors number According to characteristic processing is carried out, eigenmatrix is formed.
For example, for IP attribute informations, country, province, city's information choose corresponding code as characteristic value, IDC, dynamic IP, mobile gateway etc. are used as characteristic value with 0,1.
For example, for IP related informations, historical context domain name number, domain name mean time are chosen frequently as characteristic value.
For example, for IP behavioural informations, for each label, it is not then 0, has then with 1/ identified time away from today month Several squares are characterized value.
IP databases known to acquirement can influence training result as training set, the credibility and size of training set.According to The above method handles training set, forms eigenmatrix.It is, for example, possible to use the learning algorithm of machine is trained.This In, we are using the training dataset of generation as training dataset D.
Then, in decision tree generation step S300, based on the training set, given birth to according to the training set and rated condition Constituent class and regression tree.
In Decision Tree Construction, as input, input training dataset D and stop the condition calculating, as defeated Go out, output category and regression tree.The algorithm of use, as described below:
Training dataset is built, since root node, following operation is recursively carried out to each node, builds binary decision tree:
(1)If the training dataset of node is D, gini index of the existing feature to the data set is calculated.At this time, it is special to each A, each value α that may be taken to it are levied, D is divided into by D1 and D2 two for "Yes" or "No" according to test of the sample point to A=α Point, calculate gini index during A=α;
(2)In all possible feature A and the possible cut-off α of all of which, select gini index minimum feature and Its corresponding cut-off is as optimal characteristics and optimal cut-off.According to optimal characteristics and optimal cut-off, from existing node generation two A child node, training dataset is assigned in two child nodes according to feature;
(3)Two child nodes are recursively called(1),(2), until meeting stop condition;And
(4)Generation classification and regression tree T0.
The condition for stopping calculating as algorithm, such as can be that number of samples in node is less than reservation threshold, alternatively, sample The gini index of this collection is less than reservation threshold(Sample substantially belongs to same class), or without more features.
In order to enable the classification of generation can more accurately be used for the risk assessment of IP address with regression tree, preferably Ground, can carry out further beta pruning to the classification of above-mentioned generation with returning decision-making.
Then, illustrated for the pruning algorithms classified with regression tree.
In the pruning algorithms with regression tree of classifying, as input, the decision-making of input classification and regression algorithm generation T0 is set, as output, output optimum decision tree T α.The pruning algorithms of use are as described below:
(1)If k=0, T=T0;
(2)If α=+ ∞;
(3)C (Tt) is calculated to each internal node t bottom-uply, | Tt | and
g(t)=C(t)−C(Tt)|Tt|−1g(t)=C(t)−C(Tt)|Tt|−1
α=min (α, g (t)) α=min (α, g (t)),
Here, Tt represents the subtree that t is root node, prediction error when C (t) is using t as single node tree to training data(Such as base Buddhist nun's index), C (Tt) is using t as prediction error of the subtree of root node to training data(Such as gini index), | Tt | it is the leaf of Tt Node number;
(4)Internal node t is accessed from top to down, if g (t)=α, carries out beta pruning, and to leaf node t with majority vote method Determine its class, obtain tree T;
(5)If k=k+1, α k=α, Tk=T;
(6)If T is not the tree being separately formed by root node, step is returned to(4);
(7)Optimal subtree is chosen in subtree sequence T0, T1 ..., TnT0, T1 ..., Tn using cross-validation method, output is most Excellent decision tree T α.
Finally, in IP address risk assessment step S400, the IP address for needing to carry out risk assessment is obtained, based on generation Optimum decision tree T α carry out the risk assessment of the IP address.
More than, it is illustrated for the IP risk evaluating methods of the present invention.Then, for the IP risk assessment of the present invention System illustrates.
Fig. 2 is the IP Risk Evaluating Systems for representing one embodiment of the present invention.
As shown in Fig. 2, the IP Risk Evaluating Systems of one embodiment of the present invention possess:
IP behavioral datas acquisition module 100, for IP databases to be acquired and formed to IP behavioral datas;
Eigenmatrix extraction module 200, for using the IP databases as training set, feature to be carried out to the IP behavioral datas Processing, forms eigenmatrix;
Decision tree generation module 300, for based on the training set, according to the training set and rated condition generation classification and returning Return decision tree;And
IP address risk assessment module 400, for obtaining the IP address for needing to carry out risk assessment, based on the classification and returns Decision tree carries out the risk assessment of the IP address.
Wherein, the IP data that IP behavioral datas acquisition module 100 gathers include but not limited to:IP attribute informations, IP associations Information and IP behavioural informations.
In eigenmatrix extraction module 200, for IP attribute informations, choose corresponding code as characteristic value or with 0th, 1 it is characterized value;For IP related informations, historical context domain name number or domain name mean time are chosen frequently as characteristic value;With And for IP behavioural informations, IP behaviors are chosen apart from the time number of stipulated time point as characteristic value.
Decision tree generation module 300 builds training set and recurrence carries out predetermined operation to each node since root node Build binary decision tree.The calculating process of structure binary decision tree has been described above in the above description, omits repeat specification here.
Furthermore further, in order to enable the classification of generation can more accurately be used for IP address with regression tree Risk assessment, it is preferable that decision tree generation module 300 can further cut the classification of above-mentioned generation with returning decision-making Branch generation optimum decision tree T α.The calculating process of same the, generation optimum decision tree T α have been described above in the above description, here Also repeat specification is omitted.
The present invention also provides a kind of computer-readable recording medium, computer program is stored thereon with, it is characterised in that should The IP risk evaluating methods of the invention described above are realized when program is executed by processor.
The present invention also provides a kind of computer equipment, including memory, processor and storage are on a memory and can be The computer program run on processor, it is characterised in that the processor realizes the invention described above when performing described program IP risk evaluating methods.
IP risk evaluating methods and IP Risk Evaluating Systems according to the present invention, with current IP risk evaluating methods phase Than following technique effect can be obtained:
(1)IP address information is obtained from global visual angle, while also carries each attribute, such as time attribute, thus, it is possible to comprehensive Reflection IP states so that evaluation result is more accurate;
(2)With the renewal of training data, decision tree being capable of continuous updating therewith;
(3)Acquisition optimum decision tree can further be optimized to decision tree, thereby, it is possible to more accurately carry out IP risk assessment;
(4)IP risk assessment is carried out using decision tree, is readily able to understand and realizes.
Example above primarily illustrates the IP risk evaluating methods and IP Risk Evaluating Systems of the present invention.Although only to it In some embodiments of the invention be described, but those of ordinary skill in the art are it is to be appreciated that the present invention can By without departing from its spirit with scope in the form of many other implement.Therefore, the example that is shown and embodiment by regarding To be illustrative and not restrictive, the situation of the spirit and scope of the present invention as defined in appended claims is not being departed from Under, the present invention may cover various modification and replacement.

Claims (12)

1. a kind of IP risk evaluating methods, it is characterised in that comprise the following steps:
IP behavioral data acquisition steps, are acquired IP behavioral datas and form IP databases;
Eigenmatrix extraction step, using the IP databases as training set, characteristic processing, shape are carried out to the IP behavioral datas Into eigenmatrix;Training set and rated condition generation classification and regression tree;And
IP address risk assessment step, obtains the IP address for needing to carry out risk assessment, based on the classification and regression tree Carry out the risk assessment of the IP address.
2. IP risk evaluating methods as claimed in claim 1, it is characterised in that
The IP data gathered in the IP behavioral datas acquisition step include:IP attribute informations, IP related informations and IP rows For information.
3. IP risk evaluating methods as claimed in claim 2, it is characterised in that
In the eigenmatrix extraction step, following characteristic processing is carried out to the IP data:For IP attribute informations, choose Corresponding code is worth as characteristic value or characterized by 0,1;For IP related informations, choose historical context domain name number or Person's domain name mean time is frequently as characteristic value;And for IP behavioural informations, choose time number of the IP behaviors apart from stipulated time point As characteristic value.
4. the IP risk evaluating methods as described in claim 1 ~ 3 any one, it is characterised in that
In the decision tree generation step, training set is built, recurrence carries out predetermined operation to each node since root node Build binary decision tree.
5. IP risk evaluating methods as claimed in claim 4, it is characterised in that
Include following sub-steps in the decision tree generation step:
(1)If the training dataset of node is D, gini index of the existing feature to the data set is calculated, to each feature A, D is divided into D1 and D2 two parts;
(2)In all possible feature A and the possible cut-off α of all of which, select gini index minimum feature and Its corresponding cut-off generates two with optimal characteristics and optimal cut-off as optimal characteristics and optimal cut-off from existing node Child node, training dataset is assigned in two child nodes according to feature;
(3)Two child nodes are recursively called above-mentioned(1),(2), until meeting stop condition;
(4)Generation classification and regression tree T0.
6. IP risk evaluating methods as claimed in claim 5, it is characterised in that
Above-mentioned in the decision tree generation step includes(4)Following sub-steps are further included afterwards:
(5)Pruning algorithms are performed with regression tree T0 to the classification and obtain optimum decision tree T α.
7. a kind of IP Risk Evaluating Systems, it is characterised in that possess:
IP behavioral data acquisition modules, for IP databases to be acquired and formed to IP behavioral datas;
Eigenmatrix extraction module, for using the IP databases as training set, being carried out to the IP behavioral datas at feature Reason, forms eigenmatrix;
Decision tree generation module, for based on the training set, according to the training set and rated condition generation classification and returning Decision tree;And
IP address risk assessment module, for obtaining the IP address for needing to carry out risk assessment, is determined based on the classification with recurrence Plan tree carries out the risk assessment of the IP address.
8. IP Risk Evaluating Systems as claimed in claim 7, it is characterised in that
The IP data of the IP behavioral datas acquisition module collection include:IP attribute informations, IP related informations and IP behaviors letter Breath.
9. IP Risk Evaluating Systems as claimed in claim 7, it is characterised in that
In the eigenmatrix extraction module, for IP attribute informations, corresponding code is chosen as characteristic value or with 0,1 It is characterized value;For IP related informations, historical context domain name number or domain name mean time are chosen frequently as characteristic value;And For IP behavioural informations, IP behaviors are chosen apart from the time number of stipulated time point as characteristic value.
10. the IP Risk Evaluating Systems as described in claim 7 ~ 9 any one, it is characterised in that
The decision tree generation module builds training set and recurrence carries out predetermined operation structure to each node since root node Build binary decision tree.
11. a kind of computer-readable recording medium, is stored thereon with computer program, it is characterised in that the program is by processor The IP risk evaluating methods described in claim 1 ~ 6 any one are realized during execution.
12. a kind of computer equipment, including memory, processor and storage can be run on a memory and on a processor Computer program, it is characterised in that the processor realizes the IP described in claim 1 ~ 6 any one when performing described program Risk evaluating method.
CN201710887457.2A 2017-09-27 2017-09-27 IP risk evaluation method and IP risk evaluation system Active CN107920055B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710887457.2A CN107920055B (en) 2017-09-27 2017-09-27 IP risk evaluation method and IP risk evaluation system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710887457.2A CN107920055B (en) 2017-09-27 2017-09-27 IP risk evaluation method and IP risk evaluation system

Publications (2)

Publication Number Publication Date
CN107920055A true CN107920055A (en) 2018-04-17
CN107920055B CN107920055B (en) 2020-08-25

Family

ID=61898698

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710887457.2A Active CN107920055B (en) 2017-09-27 2017-09-27 IP risk evaluation method and IP risk evaluation system

Country Status (1)

Country Link
CN (1) CN107920055B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108711103A (en) * 2018-06-04 2018-10-26 中国平安人寿保险股份有限公司 Personal loan repays Risk Forecast Method, device, computer equipment and medium
CN109345381A (en) * 2018-12-19 2019-02-15 重庆誉存大数据科技有限公司 A kind of Risk Identification Method and system
CN109685635A (en) * 2018-09-11 2019-04-26 深圳平安财富宝投资咨询有限公司 Methods of risk assessment, air control server-side and the storage medium of financial business
CN109729069A (en) * 2018-11-26 2019-05-07 武汉极意网络科技有限公司 Detection method, device and the electronic equipment of unusual IP addresses
CN110717179A (en) * 2018-07-13 2020-01-21 马上消费金融股份有限公司 Risk assessment method of IP address and related device
CN110808987A (en) * 2019-11-07 2020-02-18 南京亚信智网科技有限公司 Method and computing device for identifying malicious domain name
WO2021093051A1 (en) * 2019-11-15 2021-05-20 网宿科技股份有限公司 Ip address assessment method and system, and device
CN112861093A (en) * 2021-04-25 2021-05-28 上海派拉软件股份有限公司 Verification method, device and equipment for access data and storage medium
CN115099684A (en) * 2022-07-18 2022-09-23 江西中科冠物联网科技有限公司 Enterprise safety production management system and management method thereof

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1746916A (en) * 2005-10-25 2006-03-15 二六三网络通信股份有限公司 Network IP address credit assessment and use in electronic mail system
CN101990003A (en) * 2010-10-22 2011-03-23 西安交通大学 User action monitoring system and method based on IP address attribute
CN103001825A (en) * 2012-11-15 2013-03-27 中国科学院计算机网络信息中心 Method and system for detecting DNS (domain name system) traffic abnormality
CN105721406A (en) * 2014-12-05 2016-06-29 中国移动通信集团广东有限公司 Method and device for obtaining IP black list
KR101712462B1 (en) * 2016-10-14 2017-03-06 국방과학연구소 System for monitoring dangerous ip

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1746916A (en) * 2005-10-25 2006-03-15 二六三网络通信股份有限公司 Network IP address credit assessment and use in electronic mail system
CN101990003A (en) * 2010-10-22 2011-03-23 西安交通大学 User action monitoring system and method based on IP address attribute
CN103001825A (en) * 2012-11-15 2013-03-27 中国科学院计算机网络信息中心 Method and system for detecting DNS (domain name system) traffic abnormality
CN105721406A (en) * 2014-12-05 2016-06-29 中国移动通信集团广东有限公司 Method and device for obtaining IP black list
KR101712462B1 (en) * 2016-10-14 2017-03-06 국방과학연구소 System for monitoring dangerous ip

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108711103A (en) * 2018-06-04 2018-10-26 中国平安人寿保险股份有限公司 Personal loan repays Risk Forecast Method, device, computer equipment and medium
CN110717179A (en) * 2018-07-13 2020-01-21 马上消费金融股份有限公司 Risk assessment method of IP address and related device
CN109685635A (en) * 2018-09-11 2019-04-26 深圳平安财富宝投资咨询有限公司 Methods of risk assessment, air control server-side and the storage medium of financial business
CN109729069B (en) * 2018-11-26 2021-12-28 武汉极意网络科技有限公司 Abnormal IP address detection method and device and electronic equipment
CN109729069A (en) * 2018-11-26 2019-05-07 武汉极意网络科技有限公司 Detection method, device and the electronic equipment of unusual IP addresses
CN109345381A (en) * 2018-12-19 2019-02-15 重庆誉存大数据科技有限公司 A kind of Risk Identification Method and system
CN110808987A (en) * 2019-11-07 2020-02-18 南京亚信智网科技有限公司 Method and computing device for identifying malicious domain name
CN110808987B (en) * 2019-11-07 2022-03-29 南京亚信智网科技有限公司 Method and computing device for identifying malicious domain name
WO2021093051A1 (en) * 2019-11-15 2021-05-20 网宿科技股份有限公司 Ip address assessment method and system, and device
CN112861093A (en) * 2021-04-25 2021-05-28 上海派拉软件股份有限公司 Verification method, device and equipment for access data and storage medium
CN112861093B (en) * 2021-04-25 2021-09-10 上海派拉软件股份有限公司 Verification method, device and equipment for access data and storage medium
CN115099684A (en) * 2022-07-18 2022-09-23 江西中科冠物联网科技有限公司 Enterprise safety production management system and management method thereof
CN115099684B (en) * 2022-07-18 2023-04-07 江西中科冠物联网科技有限公司 Enterprise safety production management system and management method thereof

Also Published As

Publication number Publication date
CN107920055B (en) 2020-08-25

Similar Documents

Publication Publication Date Title
CN107920055A (en) A kind of IP risk evaluating methods and IP Risk Evaluating Systems
Kamp et al. Unstructured citizen science data fail to detect long‐term population declines of common birds in Denmark
Zurell et al. Testing species assemblage predictions from stacked and joint species distribution models
Veron et al. Vulnerability to climate change of islands worldwide and its impact on the tree of life
Murtaugh Performance of several variable‐selection methods applied to real ecological data
Dengler et al. Species–area relationships in continuous vegetation: Evidence from Palaearctic grasslands
Stukal et al. Detecting bots on Russian political Twitter
Beery et al. Species distribution modeling for machine learning practitioners: A review
Oliveira et al. Modelling highly biodiverse areas in Brazil
Farrell et al. Machine learning of large‐scale spatial distributions of wild turkeys with high‐dimensional environmental data
Kling et al. Facets of phylodiversity: evolutionary diversification, divergence and survival as conservation targets
Kadmon et al. A systematic analysis of factors affecting the performance of climatic envelope models
Martin et al. The power of expert opinion in ecological models using Bayesian methods: impact of grazing on birds
Yaworsky et al. Advancing predictive modeling in archaeology: An evaluation of regression and machine learning methods on the Grand Staircase-Escalante National Monument
Marx et al. Deconstructing Darwin's Naturalization Conundrum in the San Juan Islands using community phylogenetics and functional traits
Dengler Robust methods for detecting a small island effect
Valle et al. Decomposing biodiversity data using the Latent Dirichlet Allocation model, a probabilistic multivariate statistical method
Fenker et al. Phylogenetic diversity, habitat loss and conservation in South American pitvipers (Crotalinae: Bothrops and Bothrocophias)
Collaris et al. Instance-level explanations for fraud detection: A case study
Pavoine Clarifying and developing analyses of biodiversity: towards a generalisation of current approaches
Yemshanov et al. A new multicriteria risk mapping approach based on a multiattribute frontier concept
Emilio et al. Assessing the relationship between forest types and canopy tree beta diversity in Amazonia
Gao et al. Detecting the small island effect and nestedness of herpetofauna of the West Indies
Dauphin et al. Disentangling the effects of geographic peripherality and habitat suitability on neutral and adaptive genetic variation in Swiss stone pine
Cattarino et al. Land‐use drivers of forest fragmentation vary with spatial scale

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant