CN108418801A - A kind of firewall policy optimization method and system based on big data analysis - Google Patents

A kind of firewall policy optimization method and system based on big data analysis Download PDF

Info

Publication number
CN108418801A
CN108418801A CN201810103920.4A CN201810103920A CN108418801A CN 108418801 A CN108418801 A CN 108418801A CN 201810103920 A CN201810103920 A CN 201810103920A CN 108418801 A CN108418801 A CN 108418801A
Authority
CN
China
Prior art keywords
security strategy
detail
tactful
hit rate
strategies
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810103920.4A
Other languages
Chinese (zh)
Inventor
范渊
杨锦峰
刘博�
龙文洁
金晓磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
DBAPPSecurity Co Ltd
Hangzhou Dbappsecurity Technology Co Ltd
Original Assignee
Hangzhou Dbappsecurity Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Dbappsecurity Technology Co Ltd filed Critical Hangzhou Dbappsecurity Technology Co Ltd
Priority to CN201810103920.4A priority Critical patent/CN108418801A/en
Publication of CN108418801A publication Critical patent/CN108418801A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention relates to the network information securitys, it is desirable to provide a kind of firewall policy optimization method and system based on big data analysis.Firewall policy optimization method of this kind based on big data analysis includes step:It receives all daily records of fire wall, data sample acquisition time, log analysis is set.The present invention acquires security strategy collection using product log, its hit rate is counted for certain security strategy, and security strategy priority is adjusted according to hit rate.The method can improve firewall security policy hit efficiency, to optimize protecting wall performance significantly so that security strategy has combination that is more scientific, being more suitable for actual environment demand.

Description

A kind of firewall policy optimization method and system based on big data analysis
Technical field
The present invention relates to filed of network information security, more particularly to a kind of firewall policy based on big data analysis is excellent Change method and system.
Background technology
Fire wall refers to that one has software and hardware equipment to be composed, between intranet and extranets, private network The protective barrier constructed on interface between public network.Fire wall sequentially detects the data passed through according to the strategy of its configuration Packet prevents invalid data invasion internal network from realizing security protection.With the development of internet, network size constantly expands, number Increasingly increase according to packet, fire wall plays vital safety effect as internal, external network safety curtain.
In the actual scene that fire wall uses, there are ad hoc firewall management personnel or safe team to carry out fire wall It management and safeguards and configures necessary security strategy, other are then from business department to fire prevention with the relevant security strategy of business Wall team proposes application and is added after workflow examination and approval, however business department usually only enhances plus the application of security strategy, but not It carries and services the application closed and need to delete corresponding security strategy due to certain.For years, the strategy in fire wall is cured gradually swollen Swollen, policy priority grade confusion.
Strategy expansion, policy priority grade confusion lead to problems with:
1, matching efficiency is low:The all policies configured in fire wall are sequentially to be matched, due to tactful redundancy, Policy priority grade confusion so that matching efficiency is low in fire wall.
2, daily record redundancy:Since tactful redundancy, policy priority grade are chaotic, fire wall data packet detection limit is caused to increase Add so that daily record redundancy.
3, performance declines:Daily record redundancy makes SOCKS server I/0 performances decline.
The optimization method and device (CN201610571681.6) of existing patent of invention firewall policy at present, the invention energy Heavy workload that firewall policy in the prior art safeguards enough is made up, repetition strategies is susceptible to, increases firewall load even The defect for reducing fire wall performance carries out the unitized management of centralization to firewall policy, based on application by a plurality of strategy into Row merges, and reduces strategy entries, and avoiding repetition strategies reduces the possibility of fire wall performance, improves firewall policy It is readable.But the problem of not closed in time there are still some corpse strategies after implementing.
Invention content
It is a primary object of the present invention to overcome deficiency in the prior art, provide one kind can science, intelligent optimization it is anti- The method and system of wall with flues strategy.In order to solve the above technical problems, the solution of the present invention is:
A kind of firewall policy optimization method based on big data analysis is provided, following step is specifically included:
(1) all daily records of fire wall are received;
(2) data sample acquisition time is set:
Data sample acquisition time T (T is typically sized as two months, but can be adjusted according to actual environment) is set, is adopted Collect daily record of the fire wall in nearly time T to be analyzed;
(3) log analysis:
The daily record that step (2) is acquired, is analyzed by following sub-steps:
(3.1) set of strategies is counted:
In daily record, set of strategies P, the P={ p in fire wall are counted1, p2, p3..., pn-1, pn};
Wherein, the element of set of strategies P is security strategy, pnFor tactful ID, DetailnIt is p for tactful IDnSecurity strategy Tactful details, LnIt is p for tactful IDnSecurity strategy priority, n is greater than 1 natural number;Set of strategies P is specific as follows:
Tactful ID Tactful details Priority
p1 Detail1 L1
p2 Detail2 L2
p3 Detail3 L3
pn-1 Detailn-1 Ln-1
pn Detailn Ln
(3.2) tactful hits are counted:
Daily record is polymerize by the security strategy in set of strategies P, counts every security strategy p in set of strategiesiHit Number, 1≤i≤n;
Wherein, NnIt is p for tactful IDnSecurity strategy hits;Calculate the set of strategies P of the hits of security strategy It is specific as follows:
Tactful ID Tactful details Priority Hits
p1 Detail1 L1 N1
p2 Detail2 L2 N2
p3 Detail3 L3 N3
pn-1 Detailn-1 Ln-1 Nn-1
pn Detailn Ln Nn
(4) calculative strategy hit rate:
According to step (3.2) collected handling result, the hit rate of security strategy is calculated;Security strategy piHit rate Computational methods are:
Wherein, RiIt is security strategy piHit rate;NiIt is security strategy piHits;Calculate the life of security strategy The set of strategies P of middle rate is specific as follows:
Tactful ID Tactful details Priority Hit rate
p1 Detail1 L1 R1
p2 Detail2 L2 R2
p3 Detail3 L3 R3
pn-1 Detailn-1 Ln-1 Rn-1
pn Detailn Ln Rn
(5) hit rate is ranked up:
By security strategy, it is ranked up from low by height by hit rate;
(6) security strategy optimizes:
The security strategy to shoot straight is in the top, for being preferentially matched;And the security strategy for by hit rate being zero, into Row disabling is deleted;Realize that the security strategy priority after sequence is reset.
In the present invention, in the step (1), all daily records of fire wall are received by syslog agreements.
In the present invention, in the step (6), the security strategy (corpse strategy) that hit rate is zero refers to being counted through M times, Hit rate is all zero security strategy;M is configurable parameter.
A kind of firewall policy optimization system based on big data analysis, including processor and storage device are provided, handled Device is adapted for carrying out each instruction, and storage device is suitable for storing a plurality of instruction, and described instruction is loaded and executed suitable for processor;It is described Instruction is loaded and is executed suitable for processor:
(1) all daily records of fire wall are received;
(2) data sample acquisition time is set:
Data sample acquisition time T (T is typically sized as two months, but can be adjusted according to actual environment) is set, is adopted Collect daily record of the fire wall in nearly time T to be analyzed;
(3) log analysis:
The daily record that step (2) is acquired, is analyzed by following sub-steps:
(3.1) set of strategies is counted:
In daily record, set of strategies P, the P={ p in fire wall are counted1, p2, p3..., pn-1, pn};
Wherein, the element of set of strategies P is security strategy, pnFor tactful ID, DetailnIt is p for tactful IDnSecurity strategy Tactful details, LnIt is p for tactful IDnSecurity strategy priority, n is greater than 1 natural number;Set of strategies P is specific as follows:
Tactful ID Tactful details Priority
p1 Detail1 L1
p2 Detail2 L2
p3 Detail3 L3
pn-1 Detailn-1 Ln-1
pn Detailn Ln
(3.2) tactful hits are counted:
Daily record is polymerize by the security strategy in set of strategies P, counts every security strategy p in set of strategiesiHit Number, 1≤i≤n;
Wherein, NnIt is p for tactful IDnSecurity strategy hits;Calculate the set of strategies P of the hits of security strategy It is specific as follows:
Tactful ID Tactful details Priority Hits
p1 Detail1 L1 N1
p2 Detail2 L2 N2
p3 Detail3 L3 N3
pn-1 Detailn-1 Ln-1 Nn-1
pn Detailn Ln Nn
(4) calculative strategy hit rate:
According to step (3.2) collected handling result, the hit rate of security strategy is calculated;Security strategy piHit rate Computational methods are:
Wherein, RiIt is security strategy piHit rate;NiIt is security strategy piHits;Calculate the life of security strategy The set of strategies P of middle rate is specific as follows:
(5) hit rate is ranked up:
By security strategy, it is ranked up from low by height by hit rate;
(6) security strategy optimizes:
The security strategy to shoot straight is in the top, for being preferentially matched;And the security strategy for by hit rate being zero, into Row disabling is deleted;Realize that the security strategy priority after sequence is reset.
In the step (5) of the present invention, it is assumed that R2> Rn-1> R1> ... > Rn> R2, arranged from low by height by hit rate Sequence then obtains:
Tactful ID Tactful details Priority Hit rate
p3 Detail3 L3 R3
pn-1 Detailn-1 Ln-1 Rn-1
p1 Detail1 L1 R1
pn Detailn Ln Rn
p2 Detail2 L2 R2
In the step (6) of the present invention, after security strategy optimization, then obtain:
Tactful ID Tactful details Priority Hit rate
p3 Detail3 1 R3
pn-1 Detailn-1 2 Rn-1
p1 Detail1 3 R1
pn Detailn n-1 Rn
p2 Detail2 n R2
Compared with prior art, the beneficial effects of the invention are as follows:
The present invention acquires security strategy collection using product log, its hit rate is counted for certain security strategy, according to life Middle rate adjusts security strategy priority.The method can improve firewall security policy hit efficiency, to optimization protection significantly Wall performance so that security strategy has combination that is more scientific, being more suitable for actual environment demand.
Description of the drawings
Fig. 1 is security policy information schematic diagram.
Fig. 2 is security strategy optimized flow chart.
Specific implementation mode
Firstly the need of explanation, the present invention is a kind of application of the computer technology in field of information security technology.At this During the realization of invention, the application of multiple software function modules can be related to.It is applicant's understanding that such as reading over application text Part, the accurate understanding present invention realization principle and goal of the invention after, combine existing known technology in the case of, this field skill Art personnel can use the software programming technical ability of its grasp to realize the present invention, the software work(that all the present patent application files refer to completely Energy module belongs to this scope, and applicant will not enumerate.
Present invention is further described in detail with specific implementation mode below in conjunction with the accompanying drawings:
Fig. 1 exemplary security policy informations, Fig. 2 exemplary security policy optimization flows.
A kind of firewall policy optimization method based on big data analysis as shown in Figure 2, specific implementation are:
(1) Firewall Log is received:All daily records of fire wall are received by syslog agreements.
(2) data sample acquisition time is set:With access device, the increase of network flow, strategy number, fire wall is produced Raw daily record can be more and more huger, by being arranged data sample acquisition time T, daily record of the acquisition fire wall in nearly time T into Row analysis.
(3) log analysis:By daily record of the fire wall of step (2) acquisition in nearly time T, following analysis is carried out:
(3.1) set of strategies is counted:In daily record, the set of strategies P in fire wall is counted;
P={ p1, p2, p3..., pn-1, pn}
Tactful ID Tactful details Priority
00001 Access-list 00001 deny tcp host 58.254.143.113 any eq 1521 1
00002 Access-list 00002 deny ip host 58.254.143.113 any 2
00003 Access-list 00003 deny tcp any any eq 41416 3
00005 Access-list 00005 deny tcp any any eq 1521 4
00006 Access-list 00006 deny tcp host 202.107.219.18 any eq... 5
00007 Access-list 00007 deny ip host 202.107.219.18 any 6
(3.2) tactful hits are counted:Daily record is polymerize by the strategy in set of strategies P, counts in set of strategies certain Tactful piHits.
(4) calculative strategy hit rate:According to step (3.2) collected handling result, calculative strategy hit rate.For certain Security strategy Pi, hit rate computational methods are:
Tactful ID Tactful details Priority Hit rate
00001 Access-list 00001 deny tcp host 58.254.143.113 any eq 1521 1 11.21%
00002 Access-list 00002 deny ip host 58.254.143.113 any 2 23.70%
00003 Access-list 00003 deny tcp any any eq 41416 3 0.81%
00005 Access-list 00005 deny tcp any any eq 1521 4 3.20%
00006 Access-list 00006 deny tcp host 202.107.219.18 any eq... 5 53.21%
00007 Access-list 00007 deny ip host 202.107.219.18 any 6 1.21%
(5) hit rate is ranked up:By security strategy, it is ranked up from low by height by hit rate.
Tactful ID Tactful details Priority Hit rate
00006 Access-list 00006 deny tcp host 202.107.219.18 any eq... 5 53.21%
00002 Access-list 00002 deny ip host 58.254.143.113 any 2 23.7%
00001 Access-list 00001 deny tcp host 58.254.143.113 any eq 1521 1 11.21%
00005 Access-list 00005 deny tcp any any eq 1521 4 3.20%
00007 Access-list 00007 deny ip host 202.107.219.18 any 6 1.21%
00003 Access-list 00003 deny tcp any any eq 41416 3 0.81%
(6) security strategy optimizes:
I, the security strategy to shoot straight is in the top, is preferentially hit.
The security strategy that ii, hit rate are zero is disabled or is deleted.
It particularly points out, disables or delete security strategy, can be operated according to statistics number.It is counted through M times, hit rate The security strategy for being zero is referred to as corpse strategy, can be deleted or be disabled.M is configurable parameter.
Finally it should be noted that listed above is only specific embodiments of the present invention.It is clear that the invention is not restricted to Above example can also have many variations.Those skilled in the art can directly lead from present disclosure All deformations for going out or associating, are considered as protection scope of the present invention.

Claims (4)

1. a kind of firewall policy optimization method based on big data analysis, which is characterized in that specifically include following step:
(1) all daily records of fire wall are received;
(2) data sample acquisition time is set:
Data sample acquisition time T is set, and daily record of the acquisition fire wall in nearly time T is analyzed;
(3) log analysis:
The daily record that step (2) is acquired, is analyzed by following sub-steps:
(3.1) set of strategies is counted:
In daily record, set of strategies P, the P={ p in fire wall are counted1, p2, p3..., pn-1, pn};
Wherein, the element of set of strategies P is security strategy, pnFor tactful ID, DetailnIt is p for tactful IDnSecurity strategy plan Slightly details, LnIt is p for tactful IDnSecurity strategy priority, n is greater than 1 natural number;Set of strategies P is specific as follows:
Tactful ID Tactful details Priority p1 Detail1 L1 p2 Detail2 L2 p3 Detail3 L3 pn-1 Detailn-1 Ln-1 pn Detailn Ln
(3.2) tactful hits are counted:
Daily record is polymerize by the security strategy in set of strategies P, counts every security strategy p in set of strategiesiHits, 1≤ i≤n;
Wherein, NnIt is p for tactful IDnSecurity strategy hits;The set of strategies P for calculating the hits of security strategy is specific It is as follows:
Tactful ID Tactful details Priority Hits p1 Detail1 L1 N1 p2 Detail2 L2 N2 p3 Detail3 L3 N3 pn-1 Detailn-1 Ln-1 Nn-1 pn Detailn Ln Nn
(4) calculative strategy hit rate:
According to step (3.2) collected handling result, the hit rate of security strategy is calculated;Security strategy piHit rate calculate Method is:
Wherein, RiIt is security strategy piHit rate;NiIt is security strategy piHits;Calculate the hit rate of security strategy Set of strategies P is specific as follows:
Tactful ID Tactful details Priority Hit rate p1 Detail1 L1 R1 p2 Detail2 L2 R2 p3 Detail3 L3 R3 pn-1 Detailn-1 Ln-1 Rn-1 pn Detailn Ln Rn
(5) hit rate is ranked up:
By security strategy, it is ranked up from low by height by hit rate;
(6) security strategy optimizes:
The security strategy to shoot straight is in the top, for being preferentially matched;And the security strategy for by hit rate being zero, prohibited With or delete;Realize that the security strategy priority after sequence is reset.
2. a kind of firewall policy optimization method based on big data analysis according to claim 1, which is characterized in that institute It states in step (1), all daily records of fire wall is received by syslog agreements.
3. a kind of firewall policy optimization method based on big data analysis according to claim 1, which is characterized in that institute It states in step (6), the security strategy that hit rate is zero refers to being counted through M times, and hit rate is all zero security strategy;M is can to match Set parameter.
4. a kind of firewall policy optimization system based on big data analysis, including processor and storage device, processor are suitable for Realize that each instruction, storage device are suitable for storing a plurality of instruction, described instruction is loaded and executed suitable for processor;Described instruction is suitable It loads and executes in processor:
(1) all daily records of fire wall are received;
(2) data sample acquisition time is set:
Data sample acquisition time T is set, and daily record of the acquisition fire wall in nearly time T is analyzed;
(3) log analysis:
The daily record that step (2) is acquired, is analyzed by following sub-steps:
(3.1) set of strategies is counted:
In daily record, set of strategies P, the P={ p in fire wall are counted1, p2, p3..., pn-1, pn};
Wherein, the element of set of strategies P is security strategy, pnFor tactful ID, DetailnIt is p for tactful IDnSecurity strategy plan Slightly details, LnIt is p for tactful IDnSecurity strategy priority, n is greater than 1 natural number;Set of strategies P is specific as follows:
Tactful ID Tactful details Priority p1 Detail1 L1 p2 Detail2 L2 p3 Detail3 L3 pn-1 Detailn-1 Ln-1 pn Detailn Ln
(3.2) tactful hits are counted:
Daily record is polymerize by the security strategy in set of strategies P, counts every security strategy p in set of strategiesiHits, 1≤ i≤n;
Wherein, NnIt is p for tactful IDnSecurity strategy hits;The set of strategies P for calculating the hits of security strategy is specific It is as follows:
Tactful ID Tactful details Priority Hits p1 Detail1 L1 N1 p2 Detail2 L2 N2 p3 Detail3 L3 N3 pn-1 Detailn-1 Ln-1 Nn-1 pn Detailn Ln Nn
(4) calculative strategy hit rate:
According to step (3.2) collected handling result, the hit rate of security strategy is calculated;Security strategy piHit rate calculate Method is:
Wherein, RiIt is security strategy piHit rate;NiIt is security strategy piHits;Calculate the hit rate of security strategy Set of strategies P is specific as follows:
(5) hit rate is ranked up:
By security strategy, it is ranked up from low by height by hit rate;
(6) security strategy optimizes:
The security strategy to shoot straight is in the top, for being preferentially matched;And the security strategy for by hit rate being zero, prohibited With or delete;Realize that the security strategy priority after sequence is reset.
CN201810103920.4A 2018-02-01 2018-02-01 A kind of firewall policy optimization method and system based on big data analysis Pending CN108418801A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810103920.4A CN108418801A (en) 2018-02-01 2018-02-01 A kind of firewall policy optimization method and system based on big data analysis

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810103920.4A CN108418801A (en) 2018-02-01 2018-02-01 A kind of firewall policy optimization method and system based on big data analysis

Publications (1)

Publication Number Publication Date
CN108418801A true CN108418801A (en) 2018-08-17

Family

ID=63127451

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810103920.4A Pending CN108418801A (en) 2018-02-01 2018-02-01 A kind of firewall policy optimization method and system based on big data analysis

Country Status (1)

Country Link
CN (1) CN108418801A (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109639743A (en) * 2018-12-13 2019-04-16 成都亚信网络安全产业技术研究院有限公司 A kind of firewall policy detection method and equipment
CN109787973A (en) * 2019-01-11 2019-05-21 积成电子股份有限公司 A kind of calculation method of network safety situation index system
CN109802960A (en) * 2019-01-08 2019-05-24 深圳中兴网信科技有限公司 Firewall policy processing method and processing device, computer equipment and storage medium
CN110138742A (en) * 2019-04-17 2019-08-16 深圳中兴网信科技有限公司 Firewall policy optimization method, system and computer readable storage medium
CN111277586A (en) * 2020-01-17 2020-06-12 武汉思普崚技术有限公司 Method and device for adjusting firewall security policy
CN111935186A (en) * 2020-10-09 2020-11-13 四川新网银行股份有限公司 Optimization method of network security policy
CN112437058A (en) * 2020-11-11 2021-03-02 中国电子科技集团公司第三十研究所 Firewall security policy automatic generation method based on session flow log
CN112615811A (en) * 2020-11-19 2021-04-06 贵州电网有限责任公司 Method for automatically analyzing robustness of network boundary strategy in power information
CN113301040A (en) * 2021-05-21 2021-08-24 恒安嘉新(北京)科技股份公司 Firewall strategy optimization method, device, equipment and storage medium
CN113452715A (en) * 2021-06-29 2021-09-28 中国工商银行股份有限公司 Management method, system, equipment and readable storage medium of firewall policy
CN113794690A (en) * 2021-08-20 2021-12-14 山石网科通信技术股份有限公司 Data processing method, data processing device, nonvolatile storage medium and processor
CN114745208A (en) * 2022-06-10 2022-07-12 深圳市永达电子信息股份有限公司 Method for detecting and correcting abnormity of firewall access control list

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101060521A (en) * 2006-04-18 2007-10-24 华为技术有限公司 Information packet filtering method and network firewall
CN103384222A (en) * 2013-06-26 2013-11-06 汉柏科技有限公司 Method for matching data flow with ACL
CN103873441A (en) * 2012-12-12 2014-06-18 中国电信股份有限公司 Firewall safety rule optimization method and device thereof
CN105791213A (en) * 2014-12-18 2016-07-20 华为技术有限公司 Strategy optimization device and method
CN105959331A (en) * 2016-07-19 2016-09-21 上海携程商务有限公司 Firewall policy optimization method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101060521A (en) * 2006-04-18 2007-10-24 华为技术有限公司 Information packet filtering method and network firewall
CN103873441A (en) * 2012-12-12 2014-06-18 中国电信股份有限公司 Firewall safety rule optimization method and device thereof
CN103384222A (en) * 2013-06-26 2013-11-06 汉柏科技有限公司 Method for matching data flow with ACL
CN105791213A (en) * 2014-12-18 2016-07-20 华为技术有限公司 Strategy optimization device and method
CN105959331A (en) * 2016-07-19 2016-09-21 上海携程商务有限公司 Firewall policy optimization method and device

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
单超: "防火墙配置规则集优化关键技术研究", 《万方数据库》 *
张李: "基于统计分析方法的防火墙优化研究", 《万方数据库》 *
本书编写组编著: "《财会人员计算机安全知识读本》", 31 December 2003, 北京:中国财政经济出版社 *

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109639743A (en) * 2018-12-13 2019-04-16 成都亚信网络安全产业技术研究院有限公司 A kind of firewall policy detection method and equipment
CN109802960A (en) * 2019-01-08 2019-05-24 深圳中兴网信科技有限公司 Firewall policy processing method and processing device, computer equipment and storage medium
CN109787973A (en) * 2019-01-11 2019-05-21 积成电子股份有限公司 A kind of calculation method of network safety situation index system
CN110138742B (en) * 2019-04-17 2022-05-31 深圳中兴网信科技有限公司 Firewall policy optimization method, system and computer readable storage medium
CN110138742A (en) * 2019-04-17 2019-08-16 深圳中兴网信科技有限公司 Firewall policy optimization method, system and computer readable storage medium
CN111277586A (en) * 2020-01-17 2020-06-12 武汉思普崚技术有限公司 Method and device for adjusting firewall security policy
CN111935186A (en) * 2020-10-09 2020-11-13 四川新网银行股份有限公司 Optimization method of network security policy
CN112437058A (en) * 2020-11-11 2021-03-02 中国电子科技集团公司第三十研究所 Firewall security policy automatic generation method based on session flow log
CN112437058B (en) * 2020-11-11 2022-02-08 中国电子科技集团公司第三十研究所 Firewall security policy automatic generation method based on session flow log
CN112615811A (en) * 2020-11-19 2021-04-06 贵州电网有限责任公司 Method for automatically analyzing robustness of network boundary strategy in power information
CN113301040A (en) * 2021-05-21 2021-08-24 恒安嘉新(北京)科技股份公司 Firewall strategy optimization method, device, equipment and storage medium
CN113301040B (en) * 2021-05-21 2023-02-10 恒安嘉新(北京)科技股份公司 Firewall strategy optimization method, device, equipment and storage medium
CN113452715A (en) * 2021-06-29 2021-09-28 中国工商银行股份有限公司 Management method, system, equipment and readable storage medium of firewall policy
CN113794690A (en) * 2021-08-20 2021-12-14 山石网科通信技术股份有限公司 Data processing method, data processing device, nonvolatile storage medium and processor
CN113794690B (en) * 2021-08-20 2024-02-09 山石网科通信技术股份有限公司 Data processing method, device, nonvolatile storage medium and processor
CN114745208A (en) * 2022-06-10 2022-07-12 深圳市永达电子信息股份有限公司 Method for detecting and correcting abnormity of firewall access control list

Similar Documents

Publication Publication Date Title
CN108418801A (en) A kind of firewall policy optimization method and system based on big data analysis
CN110351307B (en) Abnormal user detection method and system based on ensemble learning
CN107623697B (en) Network security situation assessment method based on attack and defense random game model
RU2477929C2 (en) System and method for prevention safety incidents based on user danger rating
CN112637115A (en) System and method for performing cyber-security risk assessment
KR102542720B1 (en) System for providing internet of behavior based intelligent data security platform service for zero trust security
CN110138627B (en) A kind of edge side terminal security access strategy selection method based on security risk quantization
CN106295349A (en) Risk Identification Method, identification device and the anti-Ore-controlling Role that account is stolen
CN206686205U (en) The multiple-protection network architecture
CN107294971A (en) The Threat sort method in server attack source
CN116827697B (en) Push method of network attack event, electronic equipment and storage medium
Jennex et al. Modifying knowledge risk strategy using threat lessons learned from COVID-19 in 2020-21 in the United States
CN109309678A (en) Network risks method for early warning based on artificial intelligence
Scheuermann Cyber Risks, Systemic Risks, and Cyber Insurance
KR101423307B1 (en) Information-security ability management system
CN110266719A (en) Security strategy delivery method, device, equipment and medium
Frincke Embedding forensic capabilities into networks: addressing inefficiencies in digital forensics investigations
JP6518613B2 (en) Security countermeasure server and system
Sridharan et al. Game-theoretic approach to malicious controller detection in software defined networks
Taveras Cyber Risk Management, Procedures and Considerations to Address the Threats of a Cyber Attack
CN113132379A (en) Intelligent security system of warehousing system
Douris Cyber threat data sharing needs refinement
Wu et al. Design and Practice of Hospital Network Security Deep Defense System
Yang et al. An assessment method of vulnerabilities in electric CPS cyber space
KR102577809B1 (en) Method, system and non-transitory computer-readable recording medium for managing information related to industrial technology leakage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180817