CN108377242A - A kind of computer network security detection method - Google Patents
A kind of computer network security detection method Download PDFInfo
- Publication number
- CN108377242A CN108377242A CN201810156167.5A CN201810156167A CN108377242A CN 108377242 A CN108377242 A CN 108377242A CN 201810156167 A CN201810156167 A CN 201810156167A CN 108377242 A CN108377242 A CN 108377242A
- Authority
- CN
- China
- Prior art keywords
- computer
- url
- file
- user
- network security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of computer network security detection methods, it is related to technical field of the computer network, whether detection computer installs antivirus software and whether opens fire wall, and corresponding dangerous tip information is generated according to different testing results, to remind user actively to promote the internet security of computer, data traffic and the file of reception can be also measured in real time during the use of computer, malice URL or file is avoided to cause further to destroy to computer, the present invention combines computer state itself and network state, complete detection is carried out to computer network security, improve the safety of computer.
Description
Technical field
The present invention relates to technical field of the computer network, more particularly to a kind of computer network security detection method.
Background technology
Computer network security refers to utilizing network management control and technical measures, is ensured in a network environment, number
According to confidentiality, integrality and workability be protected.Computer network security includes two aspects, i.e., physical security and patrols
Chian is complete;Physical security refers to system equipment and related facility by physical protection, from destroying or losing;Logical security includes
Integrality, confidentiality and the availability of information.
Many computer network security technologies are to wear hand from network basis to go to be detected, however actually using at present
The state of journey Computer itself can also influence the safety during network connection, but most network security technologies are simultaneously
This point is not considered.
Invention content
An embodiment of the present invention provides a kind of computer network security detection methods, can solve existing in the prior art
Problem.
The present invention provides a kind of computer network security detection methods, the described method comprises the following steps:
One safe space is set in hard disc of computer;
Whether antivirus software is installed in detection computer, shows that level-one carries on computer display if being fitted without
Show dialog box, to warn user's current computer to be in level-one precarious position;
Whether the fire wall of detection computer is opened, if computer is mounted with antivirus software but is not turned on fire prevention
Wall then shows two level prompted dialog frame on computer display, to warn user's current computer to be in secondary threat shape
State;If being both fitted without antivirus software in computer or being not turned on fire wall, three-level is shown on computer display
Prompted dialog frame, to warn user's current computer to be in three-level precarious position;
The data traffic for each uniform resource position mark URL that real-time monitoring computer is connected in use, when
It is more than preset value to have the data traffic whithin a period of time of any URL, then judging in the black and white lists of storage should
The safety of URL then shows that URL dangerous tips are talked with if a determination be made that the URL is danger on computer display
Frame, it is danger to remind the URL that user is connected to;
After computer receives the file of download, the file of reception is run in the safe space, parsing operation
File afterwards is deleted the file of reception, and shown on computer display if file includes any malicious code
The deleted dialog box of one file.
Preferably, the safe space is the concealed space being directly arranged on hard disk, which can not be by user
It changes and invisible to user;Or
The safe space is the virtual machine on hard disk.
Preferably, if computer has whether two or more independent hard disks, inquiry user are made one of
It is used for safe space, person to be used confirms and selects after one of hard disk using the hard disk selected as safe space.
Preferably, after reminding the URL that user is connected to be dangerous, also inquire whether user disconnects the company of the URL
Connect, if user select disconnect if a period of time of computer afterwards all cannot connect to the URL.
Preferably, the mode for obtaining data traffic is realized by way of virtual port is arranged on service processing board.
Preferably, the URL column is entered into black name if file is downloaded by URL after deleting the file of reception
It is single, forbid computer to download file from the URL.
Whether a kind of computer network security detection method in the embodiment of the present invention, detection computer install antivirus software
And fire wall whether is opened, and corresponding dangerous tip information is generated according to different testing results, to remind user master
The dynamic internet security for promoting computer can also carry out the file of data traffic and reception real during the use of computer
When detect, avoid malice URL or file from causing further to destroy to computer, the present invention is by computer state itself and net
Network combinations of states is got up, and is carried out complete detection to computer network security, is improved the safety of computer.
Description of the drawings
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with
Obtain other attached drawings according to these attached drawings.
Fig. 1 is a kind of flow chart of computer network security detection method in the embodiment of the present invention.
Specific implementation mode
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
Referring to Fig.1, an embodiment of the present invention provides a kind of computer network security detection method, this method includes following step
Suddenly:
Step 100, a safe space is set in hard disc of computer, which can directly be set on hard disk
The concealed space set, the concealed space can not be modifiable by the user and invisible to user, and the safe space can also be installation
Virtual machine on hard disk can also be direct by one of hard disk if computer has two or more independent hard disks
It is used as safe space, needs to inquire that user, person to be used are true when using entire hard disk as safe space certainly
Recognize and select could be using the hard disk selected as safe space after one of hard disk;
Step 101, detect in computer whether antivirus software is installed, shown on computer display if being fitted without
Show level-one prompted dialog frame, to warn user's current computer to be in level-one precarious position, common computer antivirus software
Title is stored in the form of a list, it is only necessary to which inquiry can determine in computer whether be mounted in list in registration table
A or more money software;
Step 102, whether the fire wall for detecting computer is opened, if computer is mounted with antivirus software but without beating
Fire wall is opened, then shows two level prompted dialog frame on computer display, to warn user's current computer to be in two level
The degree of danger of precarious position, the secondary threat state is higher than level-one precarious position, belongs to abnormally dangerous;If in computer both
It is fitted without antivirus software and is also not turned on fire wall, then show three-level prompted dialog frame on computer display, with warning
User's current computer is in three-level precarious position, and the degree of danger of the three-level precarious position is higher than three-level precarious position, belongs to
In the state of being in extreme danger;
Step 103, the data for each uniform resource position mark URL that real-time monitoring computer is connected in use
Flow, when the data traffic whithin a period of time for having any URL be more than preset value, then existed according to its corresponding URL
The safety of URL is judged in the black and white lists of storage, if a determination be made that the URL is danger, then on computer display
Show URL dangerous tip dialog boxes, it is danger to remind the URL that user is connected to, and inquires whether user disconnects the URL's
Connection, if user select disconnect if a period of time of computer afterwards all cannot connect to the URL;
In the present embodiment, the mode for obtaining data traffic is by way of virtual port is arranged on service processing board
It realizes;
Step 104, after computer receives the file of download, the file of reception is run in the safe space,
Postrun file is parsed, if file includes any malicious code, the file of reception is deleted, and in Computer display
The URL column is entered blacklist by the deleted dialog box of one file of screen display if file is downloaded by URL, is prohibited
Only computer downloads file from the URL.
It should be understood that above-mentioned steps 100 only need to execute primary or computer in refitting system on every computer
After be also required to execute primary, and step 101-102 is required to execute after computer be switched on every time once, and step 103-104 is then
It needs to execute always during being switched on use, to protect the safety of computer constantly.
It should be understood by those skilled in the art that, the embodiment of the present invention can be provided as method, system or computer program
Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the present invention
Apply the form of example.Moreover, the present invention can be used in one or more wherein include computer usable program code computer
The computer program production implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.)
The form of product.
The present invention be with reference to according to the method for the embodiment of the present invention, the flow of equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that can be realized by computer program instructions every first-class in flowchart and/or the block diagram
The combination of flow and/or box in journey and/or box and flowchart and/or the block diagram.These computer programs can be provided
Instruct the processor of all-purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine so that the instruction executed by computer or the processor of other programmable data processing devices is generated for real
The device for the function of being specified in present one flow of flow chart or one box of multiple flows and/or block diagram or multiple boxes.
These computer program instructions, which may also be stored in, can guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works so that instruction generation stored in the computer readable memory includes referring to
Enable the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one box of block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device so that count
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, in computer or
The instruction executed on other programmable devices is provided for realizing in one flow of flow chart or multiple flows and/or block diagram one
The step of function of being specified in a box or multiple boxes.
Although preferred embodiments of the present invention have been described, it is created once a person skilled in the art knows basic
Property concept, then additional changes and modifications may be made to these embodiments.So it includes excellent that the following claims are intended to be interpreted as
It selects embodiment and falls into all change and modification of the scope of the invention.
Obviously, various changes and modifications can be made to the invention without departing from essence of the invention by those skilled in the art
God and range.In this way, if these modifications and changes of the present invention belongs to the range of the claims in the present invention and its equivalent technologies
Within, then the present invention is also intended to include these modifications and variations.
Claims (6)
1. a kind of computer network security detection method, which is characterized in that the described method comprises the following steps:
One safe space is set in hard disc of computer;
Whether antivirus software is installed in detection computer, shows level-one prompt pair on computer display if being fitted without
Frame is talked about, to warn user's current computer to be in level-one precarious position;
Whether the fire wall of detection computer is opened, if computer is mounted with antivirus software but is not turned on fire wall,
Two level prompted dialog frame is shown on computer display, to warn user's current computer to be in secondary threat state;Such as
Both it had been fitted without antivirus software in fruit computer or has been not turned on fire wall, then has shown three-level prompt pair on computer display
Frame is talked about, to warn user's current computer to be in three-level precarious position;
The data traffic for each uniform resource position mark URL that real-time monitoring computer is connected in use, appoints when having
The data traffic whithin a period of time of what URL is more than preset value, then judges the URL's in the black and white lists of storage
Safety then shows URL dangerous tip dialog boxes if a determination be made that the URL is danger on computer display, reminds
The URL that user is connected to is danger;
After computer receives the file of download, the file of reception is run in the safe space, parsing is postrun
File deletes the file of reception if file includes any malicious code, and one is shown on computer display
The deleted dialog box of file.
2. computer network security detection method as described in claim 1, which is characterized in that the safe space is directly to exist
The concealed space being arranged on hard disk, the concealed space can not be modifiable by the user and invisible to user;Or
The safe space is the virtual machine on hard disk.
3. computer network security detection method as described in claim 1, which is characterized in that if computer tool there are two or
The above independent hard disk, whether inquiry user uses one of conduct safe space, and person to be used confirms and selects it
In after a hard disk using the hard disk selected as safe space.
4. computer network security detection method as described in claim 1, which is characterized in that be connected to reminding user
After URL is dangerous, also inquire whether user disconnects the connection of the URL, computer is afterwards if user selects to disconnect
A period of time all cannot connect to the URL.
5. computer network security detection method as described in claim 1, which is characterized in that the mode for obtaining data traffic is logical
The mode for crossing the setting virtual port on service processing board is realized.
6. computer network security detection method as described in claim 1, which is characterized in that after the file that will be received is deleted
If file is downloaded by URL, which is entered into blacklist, computer is forbidden to download file from the URL.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810156167.5A CN108377242A (en) | 2018-02-24 | 2018-02-24 | A kind of computer network security detection method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810156167.5A CN108377242A (en) | 2018-02-24 | 2018-02-24 | A kind of computer network security detection method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108377242A true CN108377242A (en) | 2018-08-07 |
Family
ID=63017912
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810156167.5A Pending CN108377242A (en) | 2018-02-24 | 2018-02-24 | A kind of computer network security detection method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108377242A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109101818A (en) * | 2018-08-14 | 2018-12-28 | 齐鲁工业大学 | A kind of computer network security detection method |
CN109933983A (en) * | 2019-01-23 | 2019-06-25 | 秦皇岛职业技术学院 | A kind of information security of computer network management system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104573494A (en) * | 2014-12-30 | 2015-04-29 | 北京工业大学 | Safety mobile office method based on WMI software whitelist mechanism |
US20150154610A1 (en) * | 2011-05-13 | 2015-06-04 | Google Inc. | Detecting potentially false business listings based on an anomaly detection threshold |
CN106302350A (en) * | 2015-06-01 | 2017-01-04 | 阿里巴巴集团控股有限公司 | URL monitoring method, device and equipment |
CN106899549A (en) * | 2015-12-18 | 2017-06-27 | 北京奇虎科技有限公司 | A kind of network security detection method and device |
-
2018
- 2018-02-24 CN CN201810156167.5A patent/CN108377242A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150154610A1 (en) * | 2011-05-13 | 2015-06-04 | Google Inc. | Detecting potentially false business listings based on an anomaly detection threshold |
CN104573494A (en) * | 2014-12-30 | 2015-04-29 | 北京工业大学 | Safety mobile office method based on WMI software whitelist mechanism |
CN106302350A (en) * | 2015-06-01 | 2017-01-04 | 阿里巴巴集团控股有限公司 | URL monitoring method, device and equipment |
CN106899549A (en) * | 2015-12-18 | 2017-06-27 | 北京奇虎科技有限公司 | A kind of network security detection method and device |
Non-Patent Citations (1)
Title |
---|
匿名用户: ""计算机安全中心自动更新有必要启动吗"", 《HTTPS://WENWEN.SOGOU.COM/Z/Q548782427.HTM》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109101818A (en) * | 2018-08-14 | 2018-12-28 | 齐鲁工业大学 | A kind of computer network security detection method |
CN109933983A (en) * | 2019-01-23 | 2019-06-25 | 秦皇岛职业技术学院 | A kind of information security of computer network management system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11526610B2 (en) | Peer-to-peer network for blockchain security | |
US10318730B2 (en) | Detection and prevention of malicious code execution using risk scoring | |
US7624450B1 (en) | System, method, and computer program product for conveying a status of a plurality of security applications | |
US9948667B2 (en) | Signature rule processing method, server, and intrusion prevention system | |
EP3476101B1 (en) | Method, device and system for network security | |
US10142343B2 (en) | Unauthorized access detecting system and unauthorized access detecting method | |
CA2968327A1 (en) | Systems and methods for malicious code detection accuracy assurance | |
CN106341386B (en) | It is determining and remedy for the threat assessment grade of multi-level safety framework based on cloud | |
CN107070889B (en) | Unified security defense system based on cloud platform | |
CN112685682A (en) | Method, device, equipment and medium for identifying forbidden object of attack event | |
US20190109824A1 (en) | Rule enforcement in a network | |
CN107733725A (en) | A kind of safe early warning method, device, equipment and storage medium | |
JP6267089B2 (en) | Virus detection system and method | |
CN108183884B (en) | Network attack determination method and device | |
CN108377242A (en) | A kind of computer network security detection method | |
JP2023550974A (en) | Image-based malicious code detection method and device and artificial intelligence-based endpoint threat detection and response system using the same | |
EP2208303A2 (en) | Method and system for protecting a computer against malicious software | |
JP2007122408A (en) | Client security management system | |
US20230254334A1 (en) | Intelligent workflow for protecting servers from outside threats | |
US8239941B1 (en) | Push alert system, method, and computer program product | |
US20230164170A1 (en) | Automatic Vulnerability Mitigation in Cloud Environments | |
US20230018096A1 (en) | Analysis apparatus, analysis method, and non-transitory computer readable medium storing analysis program | |
CN107911500B (en) | Method, equipment and device for positioning user based on situation awareness and storage medium | |
CN110378120A (en) | Application programming interfaces attack detection method, device and readable storage medium storing program for executing | |
CN109492405A (en) | A kind of computer network security test method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180807 |
|
RJ01 | Rejection of invention patent application after publication |