CN108306890A - A kind of computer network security detection method - Google Patents

A kind of computer network security detection method Download PDF

Info

Publication number
CN108306890A
CN108306890A CN201810124415.8A CN201810124415A CN108306890A CN 108306890 A CN108306890 A CN 108306890A CN 201810124415 A CN201810124415 A CN 201810124415A CN 108306890 A CN108306890 A CN 108306890A
Authority
CN
China
Prior art keywords
groups
network
network security
web
tested
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810124415.8A
Other languages
Chinese (zh)
Other versions
CN108306890B (en
Inventor
姜姗
唐国良
王哲
廖璠
李瑞昌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Henan University of Traditional Chinese Medicine HUTCM
Original Assignee
Henan University of Traditional Chinese Medicine HUTCM
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Henan University of Traditional Chinese Medicine HUTCM filed Critical Henan University of Traditional Chinese Medicine HUTCM
Priority to CN201810124415.8A priority Critical patent/CN108306890B/en
Publication of CN108306890A publication Critical patent/CN108306890A/en
Application granted granted Critical
Publication of CN108306890B publication Critical patent/CN108306890B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0817Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

Disclosed by the invention to belong to electronic information technical field, specially a kind of computer network security detection method, the computer network security detection method is as follows:S1:Test lead is installed:Using network security detection equipment, S2:Preliminary detection:It is tested according to the two of step S1 groups of measurement ends and the connection type of two groups of web-transporting devices to be tested, S3:To Preliminary detection interpretation of result:The detection judging result shown according to display screen in step S2 is analyzed, S4:Secondary detection:Sample information safety according to two groups of measurement ends acquisition in step S3 is identical, S5:To secondary detection interpretation of result, this programme measures two groups of web-transporting devices by way of control simultaneously, and as a contrast with measurement result, comparing result is more apparent, facilitate testing staff to operate, can find unsafe condition in time by way of indicating reminders.

Description

A kind of computer network security detection method
Technical field
The present invention relates to electronic information technical field, specially a kind of computer network security detection method.
Background technology
Network security refers to that the data in the hardware, software and its system of network system are protected, not because accidental or The reason of person's malice and by destruction, change, leakage, system is continuously reliably normally run, and network service is not interrupted.
From the perspective of from the network operation and manager's angle, it is desirable to which the operations such as access, the read-write of local network information are protected And control, it avoids the occurrence of " trapdoor ", virus, illegal access, refusal service and Internet resources and the prestige such as illegally occupies and illegally control The side of body prevents the attack with defending against network hacker.For safe and secret department, they wish to illegal, harmful or be related to The information of state secret be filtered with it is anti-blocking, avoid confidential information leakage, avoid to society generate harm, country is caused huge Big loss.
Invention content
The purpose of the present invention is to provide a kind of computer network security detection methods, to solve to carry in above-mentioned background technology The network that goes out is dangerous to be subject to destruction, change, leakage, and system is continuously reliably normally run, network service outages Problem.
To achieve the above object, the present invention provides the following technical solutions:A kind of computer network security detection method, the meter Calculation machine network security detection method is as follows:
S1:Test lead is installed:Using network security detection equipment, installation network package is analyzed in network security detection equipment Program integrates two groups of measurement ends in network security detection equipment, and measurement end includes collecting device and output equipment, and preparing two groups will Web-transporting device to be tested, first group of web-transporting device to be tested are connect with first group of measurement end, by second group of survey Amount end is connect with second group of web-transporting device to be tested for being connected to network firewall;
S2:Preliminary detection:According to the connection side of the two of step S1 groups of measurement ends and two groups of web-transporting devices to be tested Formula is tested, in network transmission process, the collecting devices of the two groups of measurement ends web-transporting device to be tested to two groups respectively Transmission network sampled, sample information is detected judgement by the system software of network security detection equipment, is passed through The step of decoding, data information obtain and data information is analyzed is detected judgement, by detection judging result by showing screen display Show;
S3:To Preliminary detection interpretation of result:The detection judging result shown according to display screen in step S2 is analyzed, if The sample information safety of two groups of measurement ends acquisition is identical, then further operating, if the information of first group of measurement end sampling is opposite The information of second group of measurement end sampling is relatively hazardous, then it is not safe enough to be considered as network;
S4:Secondary detection:Sample information safety according to two groups of measurement ends acquisition in step S3 is identical, network security Web-transporting device to be tested is exported infringement data information by detection device simultaneously by the output equipment of measurement end to two groups, And on second group of web-transporting device to be tested network firewall normal work when can stop infringement data information;
S5:To secondary detection interpretation of result:If invading data information all not having web-transporting device to be tested at two groups It is blocked, then proves that network firewall breaks down, judgement network is dangerous, if it is to be tested at second group to invade data information Web-transporting device be blocked, and invade data information be not blocked in first group of web-transporting device to be tested, then Prove that network firewall is normal.
Preferably, the interface of the measurement end of the network security detection equipment in the step S1 is network wire crystal joint interface.
Preferably, the biography of the network firewall on web-transporting device is arranged in second group of measurement end in the step S1 Defeated direction upstream.
Preferably, the collecting device in the step S1 is located at output equipment downstream.
Preferably, integrated alarm indicating equipment in the network security detection equipment, and the alarm bar of alert instructors Part is relatively hazardous for network firewall failure or the information of sampling.
Compared with prior art, the beneficial effects of the invention are as follows:This programme passes two groups of networks by way of control Transfer device measures simultaneously, and as a contrast with measurement result, comparing result is more apparent, and testing staff is facilitated to operate, and passes through instruction The mode of prompting can find unsafe condition in time.
Description of the drawings
Fig. 1 is detection method flow chart.
Specific implementation mode
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
Referring to Fig. 1, the present invention provides a kind of technical solution:A kind of computer network security detection method, the computer Network security detection method is as follows:
S1:Test lead is installed:Using network security detection equipment, installation network package is analyzed in network security detection equipment Program integrates two groups of measurement ends in network security detection equipment, and measurement end includes collecting device and output equipment, and preparing two groups will Web-transporting device to be tested, first group of web-transporting device to be tested are connect with first group of measurement end, by second group of survey Amount end is connect with second group of web-transporting device to be tested for being connected to network firewall;
S2:Preliminary detection:According to the connection side of the two of step S1 groups of measurement ends and two groups of web-transporting devices to be tested Formula is tested, in network transmission process, the collecting devices of the two groups of measurement ends web-transporting device to be tested to two groups respectively Transmission network sampled, sample information is detected judgement by the system software of network security detection equipment, is passed through The step of decoding, data information obtain and data information is analyzed is detected judgement, by detection judging result by showing screen display Show;
S3:To Preliminary detection interpretation of result:The detection judging result shown according to display screen in step S2 is analyzed, if The sample information safety of two groups of measurement ends acquisition is identical, then further operating, if the information of first group of measurement end sampling is opposite The information of second group of measurement end sampling is relatively hazardous, then it is not safe enough to be considered as network;
S4:Secondary detection:Sample information safety according to two groups of measurement ends acquisition in step S3 is identical, network security Web-transporting device to be tested is exported infringement data information by detection device simultaneously by the output equipment of measurement end to two groups, And on second group of web-transporting device to be tested network firewall normal work when can stop infringement data information;
S5:To secondary detection interpretation of result:If invading data information all not having web-transporting device to be tested at two groups It is blocked, then proves that network firewall breaks down, judgement network is dangerous, if it is to be tested at second group to invade data information Web-transporting device be blocked, and invade data information be not blocked in first group of web-transporting device to be tested, then Prove that network firewall is normal.
Wherein, the interface of the measurement end of the network security detection equipment in the step S1 is network wire crystal joint interface, institute State the transmission direction upstream for the network firewall that second in step S1 group of measurement end is arranged on web-transporting device, the step Collecting device in rapid S1 is located at output equipment downstream, integrated alarm indicating equipment in the network security detection equipment, and report The alert if of alert indicating equipment is relatively hazardous for network firewall failure or the information of sampling.
It although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with Understanding without departing from the principles and spirit of the present invention can carry out these embodiments a variety of variations, modification, replace And modification, the scope of the present invention is defined by the appended.

Claims (5)

1. a kind of computer network security detection method, it is characterised in that:The specific step of the computer network security detection method It is rapid as follows:
S1:Test lead is installed:Using network security detection equipment, installation network package analyzes journey in network security detection equipment Sequence integrates two groups of measurement ends in network security detection equipment, and measurement end includes collecting device and output equipment, and preparing two groups will wait for The web-transporting device of test, first group of web-transporting device to be tested are connect with first group of measurement end, by second group of measurement Hold and be connected to second group of web-transporting device connection to be tested of network firewall;
S2:Preliminary detection:According to the connection type of the two of step S1 groups of measurement ends and two groups of web-transporting devices to be tested into Row test, in network transmission process, the biography of the collecting devices of the two groups of measurement ends web-transporting device to be tested to two groups respectively Defeated network is sampled, and sample information is detected judgement by the system software of network security detection equipment, by decoding, The step of data information obtains and data information is analyzed is detected judgement, and detection judging result is shown by display screen;
S3:To Preliminary detection interpretation of result:The detection judging result shown according to display screen in step S2 is analyzed, if two groups The sample information safety of measurement end acquisition is identical, then further operating, if the information of first group of measurement end sampling is with respect to second The information of group measurement end sampling is relatively hazardous, then it is not safe enough to be considered as network;
S4:Secondary detection:Sample information safety according to two groups of measurement ends acquisition in step S3 is identical, network security detection Web-transporting device to be tested is exported infringement data information by equipment simultaneously by the output equipment of measurement end to two groups, and the Network firewall on two groups of web-transporting devices to be tested can stop infringement data information when working normally;
S5:To secondary detection interpretation of result:If invade data information two groups by web-transporting device to be tested all not by Blocking then proves that network firewall breaks down, and judgement network is dangerous, if invading data information in second group of net to be tested Network transmission device is blocked, and is invaded data information and be not blocked in first group of web-transporting device to be tested, then is proved Network firewall is normal.
2. a kind of computer network security detection method according to claim 1, it is characterised in that:In the step S1 The interface of the measurement end of network security detection equipment is network wire crystal joint interface.
3. a kind of computer network security detection method according to claim 1, it is characterised in that:In the step S1 The transmission direction upstream of the network firewall on web-transporting device is arranged in second group of measurement end.
4. a kind of computer network security detection method according to claim 1, it is characterised in that:In the step S1 Collecting device is located at output equipment downstream.
5. a kind of computer network security detection method according to claim 1, it is characterised in that:The network security inspection Integrated alarm indicating equipment on measurement equipment, and the letter that the alert if of alert instructors is network firewall failure or sampling It ceases relatively hazardous.
CN201810124415.8A 2018-02-07 2018-02-07 Computer network security detection method Expired - Fee Related CN108306890B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810124415.8A CN108306890B (en) 2018-02-07 2018-02-07 Computer network security detection method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810124415.8A CN108306890B (en) 2018-02-07 2018-02-07 Computer network security detection method

Publications (2)

Publication Number Publication Date
CN108306890A true CN108306890A (en) 2018-07-20
CN108306890B CN108306890B (en) 2020-11-10

Family

ID=62864814

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810124415.8A Expired - Fee Related CN108306890B (en) 2018-02-07 2018-02-07 Computer network security detection method

Country Status (1)

Country Link
CN (1) CN108306890B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112583790A (en) * 2020-11-05 2021-03-30 贵州数安汇大数据产业发展有限公司 Intelligent security threat discovery method based on multiple evidence entities

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6148379A (en) * 1997-09-19 2000-11-14 Silicon Graphics, Inc. System, method and computer program product for page sharing between fault-isolated cells in a distributed shared memory system
CN101447898A (en) * 2008-11-19 2009-06-03 中国人民解放军信息安全测评认证中心 Test system used for network safety product and test method thereof
CN101883023A (en) * 2010-06-05 2010-11-10 中国海洋大学 Firewall pressure testing method
CN102148727A (en) * 2011-04-22 2011-08-10 北京星网锐捷网络技术有限公司 Method and system for testing performance of network equipment
CN103905406A (en) * 2012-12-28 2014-07-02 中国移动通信集团公司 Failed firewall policy detection method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6148379A (en) * 1997-09-19 2000-11-14 Silicon Graphics, Inc. System, method and computer program product for page sharing between fault-isolated cells in a distributed shared memory system
CN101447898A (en) * 2008-11-19 2009-06-03 中国人民解放军信息安全测评认证中心 Test system used for network safety product and test method thereof
CN101883023A (en) * 2010-06-05 2010-11-10 中国海洋大学 Firewall pressure testing method
CN102148727A (en) * 2011-04-22 2011-08-10 北京星网锐捷网络技术有限公司 Method and system for testing performance of network equipment
CN103905406A (en) * 2012-12-28 2014-07-02 中国移动通信集团公司 Failed firewall policy detection method and device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112583790A (en) * 2020-11-05 2021-03-30 贵州数安汇大数据产业发展有限公司 Intelligent security threat discovery method based on multiple evidence entities

Also Published As

Publication number Publication date
CN108306890B (en) 2020-11-10

Similar Documents

Publication Publication Date Title
CN1946077B (en) System and method for detecting abnormal traffic based on early notification
KR100838799B1 (en) System and operating method of detecting hacking happening for complementary security management system
CN103491108B (en) A kind of industrial control network security protection method and system
CN108931968B (en) Network security protection system applied to industrial control system and protection method thereof
CN105991587B (en) A kind of intrusion detection method and system
CN108520187A (en) Industrial control system physics Network Intrusion detection method based on the analysis of serial communication bus signal
KR101880162B1 (en) Method for Control Signals Verifying Integrity Using Control Signals Analysis in Automatic Control System
CN109347823A (en) A kind of CAN bus method for detecting abnormality based on comentropy
Avritzer et al. Monitoring for security intrusion using performance signatures
CN112907321B (en) Big data-based information security anomaly sensing platform for data mining and analysis
CN107122685A (en) A kind of big data method for secure storing and equipment
CN106663176B (en) Detection device and detection method
CN109768971A (en) A method of based on network flow real-time detection industrial control host state
CN114006723A (en) Network security prediction method, device and system based on threat intelligence
CN108306890A (en) A kind of computer network security detection method
CN112671801B (en) Network security detection method and system
CN108040075B (en) APT attack detection system
KR100520687B1 (en) Apparatus and method for displaying states of the network
CN117579401A (en) Energy data analysis method based on edge calculation
KR101871406B1 (en) Method for securiting control system using whitelist and system for the same
Tanaka et al. IoT system security issues and solution approaches
CN116827674A (en) Protection method based on network communication security
CN112527691B (en) Program safety detection protection method, middleware system and safety middleware system
KR101551537B1 (en) Information spill prevention apparatus
CN104252598B (en) A kind of method and device detected using loophole

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20201110

Termination date: 20220207

CF01 Termination of patent right due to non-payment of annual fee