CN108418801A - A kind of firewall policy optimization method and system based on big data analysis - Google Patents
A kind of firewall policy optimization method and system based on big data analysis Download PDFInfo
- Publication number
- CN108418801A CN108418801A CN201810103920.4A CN201810103920A CN108418801A CN 108418801 A CN108418801 A CN 108418801A CN 201810103920 A CN201810103920 A CN 201810103920A CN 108418801 A CN108418801 A CN 108418801A
- Authority
- CN
- China
- Prior art keywords
- security strategy
- detail
- tactful
- hit rate
- strategies
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention relates to the network information securitys, it is desirable to provide a kind of firewall policy optimization method and system based on big data analysis.Firewall policy optimization method of this kind based on big data analysis includes step:It receives all daily records of fire wall, data sample acquisition time, log analysis is set.The present invention acquires security strategy collection using product log, its hit rate is counted for certain security strategy, and security strategy priority is adjusted according to hit rate.The method can improve firewall security policy hit efficiency, to optimize protecting wall performance significantly so that security strategy has combination that is more scientific, being more suitable for actual environment demand.
Description
Technical field
The present invention relates to filed of network information security, more particularly to a kind of firewall policy based on big data analysis is excellent
Change method and system.
Background technology
Fire wall refers to that one has software and hardware equipment to be composed, between intranet and extranets, private network
The protective barrier constructed on interface between public network.Fire wall sequentially detects the data passed through according to the strategy of its configuration
Packet prevents invalid data invasion internal network from realizing security protection.With the development of internet, network size constantly expands, number
Increasingly increase according to packet, fire wall plays vital safety effect as internal, external network safety curtain.
In the actual scene that fire wall uses, there are ad hoc firewall management personnel or safe team to carry out fire wall
It management and safeguards and configures necessary security strategy, other are then from business department to fire prevention with the relevant security strategy of business
Wall team proposes application and is added after workflow examination and approval, however business department usually only enhances plus the application of security strategy, but not
It carries and services the application closed and need to delete corresponding security strategy due to certain.For years, the strategy in fire wall is cured gradually swollen
Swollen, policy priority grade confusion.
Strategy expansion, policy priority grade confusion lead to problems with:
1, matching efficiency is low:The all policies configured in fire wall are sequentially to be matched, due to tactful redundancy,
Policy priority grade confusion so that matching efficiency is low in fire wall.
2, daily record redundancy:Since tactful redundancy, policy priority grade are chaotic, fire wall data packet detection limit is caused to increase
Add so that daily record redundancy.
3, performance declines:Daily record redundancy makes SOCKS server I/0 performances decline.
The optimization method and device (CN201610571681.6) of existing patent of invention firewall policy at present, the invention energy
Heavy workload that firewall policy in the prior art safeguards enough is made up, repetition strategies is susceptible to, increases firewall load even
The defect for reducing fire wall performance carries out the unitized management of centralization to firewall policy, based on application by a plurality of strategy into
Row merges, and reduces strategy entries, and avoiding repetition strategies reduces the possibility of fire wall performance, improves firewall policy
It is readable.But the problem of not closed in time there are still some corpse strategies after implementing.
Invention content
It is a primary object of the present invention to overcome deficiency in the prior art, provide one kind can science, intelligent optimization it is anti-
The method and system of wall with flues strategy.In order to solve the above technical problems, the solution of the present invention is:
A kind of firewall policy optimization method based on big data analysis is provided, following step is specifically included:
(1) all daily records of fire wall are received;
(2) data sample acquisition time is set:
Data sample acquisition time T (T is typically sized as two months, but can be adjusted according to actual environment) is set, is adopted
Collect daily record of the fire wall in nearly time T to be analyzed;
(3) log analysis:
The daily record that step (2) is acquired, is analyzed by following sub-steps:
(3.1) set of strategies is counted:
In daily record, set of strategies P, the P={ p in fire wall are counted1, p2, p3..., pn-1, pn};
Wherein, the element of set of strategies P is security strategy, pnFor tactful ID, DetailnIt is p for tactful IDnSecurity strategy
Tactful details, LnIt is p for tactful IDnSecurity strategy priority, n is greater than 1 natural number;Set of strategies P is specific as follows:
Tactful ID | Tactful details | Priority |
p1 | Detail1 | L1 |
p2 | Detail2 | L2 |
p3 | Detail3 | L3 |
… | … | … |
pn-1 | Detailn-1 | Ln-1 |
pn | Detailn | Ln |
(3.2) tactful hits are counted:
Daily record is polymerize by the security strategy in set of strategies P, counts every security strategy p in set of strategiesiHit
Number, 1≤i≤n;
Wherein, NnIt is p for tactful IDnSecurity strategy hits;Calculate the set of strategies P of the hits of security strategy
It is specific as follows:
Tactful ID | Tactful details | Priority | Hits |
p1 | Detail1 | L1 | N1 |
p2 | Detail2 | L2 | N2 |
p3 | Detail3 | L3 | N3 |
… | … | … | … |
pn-1 | Detailn-1 | Ln-1 | Nn-1 |
pn | Detailn | Ln | Nn |
(4) calculative strategy hit rate:
According to step (3.2) collected handling result, the hit rate of security strategy is calculated;Security strategy piHit rate
Computational methods are:
Wherein, RiIt is security strategy piHit rate;NiIt is security strategy piHits;Calculate the life of security strategy
The set of strategies P of middle rate is specific as follows:
Tactful ID | Tactful details | Priority | Hit rate |
p1 | Detail1 | L1 | R1 |
p2 | Detail2 | L2 | R2 |
p3 | Detail3 | L3 | R3 |
… | … | … | … |
pn-1 | Detailn-1 | Ln-1 | Rn-1 |
pn | Detailn | Ln | Rn |
(5) hit rate is ranked up:
By security strategy, it is ranked up from low by height by hit rate;
(6) security strategy optimizes:
The security strategy to shoot straight is in the top, for being preferentially matched;And the security strategy for by hit rate being zero, into
Row disabling is deleted;Realize that the security strategy priority after sequence is reset.
In the present invention, in the step (1), all daily records of fire wall are received by syslog agreements.
In the present invention, in the step (6), the security strategy (corpse strategy) that hit rate is zero refers to being counted through M times,
Hit rate is all zero security strategy;M is configurable parameter.
A kind of firewall policy optimization system based on big data analysis, including processor and storage device are provided, handled
Device is adapted for carrying out each instruction, and storage device is suitable for storing a plurality of instruction, and described instruction is loaded and executed suitable for processor;It is described
Instruction is loaded and is executed suitable for processor:
(1) all daily records of fire wall are received;
(2) data sample acquisition time is set:
Data sample acquisition time T (T is typically sized as two months, but can be adjusted according to actual environment) is set, is adopted
Collect daily record of the fire wall in nearly time T to be analyzed;
(3) log analysis:
The daily record that step (2) is acquired, is analyzed by following sub-steps:
(3.1) set of strategies is counted:
In daily record, set of strategies P, the P={ p in fire wall are counted1, p2, p3..., pn-1, pn};
Wherein, the element of set of strategies P is security strategy, pnFor tactful ID, DetailnIt is p for tactful IDnSecurity strategy
Tactful details, LnIt is p for tactful IDnSecurity strategy priority, n is greater than 1 natural number;Set of strategies P is specific as follows:
Tactful ID | Tactful details | Priority |
p1 | Detail1 | L1 |
p2 | Detail2 | L2 |
p3 | Detail3 | L3 |
… | … | … |
pn-1 | Detailn-1 | Ln-1 |
pn | Detailn | Ln |
(3.2) tactful hits are counted:
Daily record is polymerize by the security strategy in set of strategies P, counts every security strategy p in set of strategiesiHit
Number, 1≤i≤n;
Wherein, NnIt is p for tactful IDnSecurity strategy hits;Calculate the set of strategies P of the hits of security strategy
It is specific as follows:
Tactful ID | Tactful details | Priority | Hits |
p1 | Detail1 | L1 | N1 |
p2 | Detail2 | L2 | N2 |
p3 | Detail3 | L3 | N3 |
… | … | … | … |
pn-1 | Detailn-1 | Ln-1 | Nn-1 |
pn | Detailn | Ln | Nn |
(4) calculative strategy hit rate:
According to step (3.2) collected handling result, the hit rate of security strategy is calculated;Security strategy piHit rate
Computational methods are:
Wherein, RiIt is security strategy piHit rate;NiIt is security strategy piHits;Calculate the life of security strategy
The set of strategies P of middle rate is specific as follows:
(5) hit rate is ranked up:
By security strategy, it is ranked up from low by height by hit rate;
(6) security strategy optimizes:
The security strategy to shoot straight is in the top, for being preferentially matched;And the security strategy for by hit rate being zero, into
Row disabling is deleted;Realize that the security strategy priority after sequence is reset.
In the step (5) of the present invention, it is assumed that R2> Rn-1> R1> ... > Rn> R2, arranged from low by height by hit rate
Sequence then obtains:
Tactful ID | Tactful details | Priority | Hit rate |
p3 | Detail3 | L3 | R3 |
pn-1 | Detailn-1 | Ln-1 | Rn-1 |
p1 | Detail1 | L1 | R1 |
… | … | … | … |
pn | Detailn | Ln | Rn |
p2 | Detail2 | L2 | R2 |
In the step (6) of the present invention, after security strategy optimization, then obtain:
Tactful ID | Tactful details | Priority | Hit rate |
p3 | Detail3 | 1 | R3 |
pn-1 | Detailn-1 | 2 | Rn-1 |
p1 | Detail1 | 3 | R1 |
… | … | … | … |
pn | Detailn | n-1 | Rn |
p2 | Detail2 | n | R2 |
Compared with prior art, the beneficial effects of the invention are as follows:
The present invention acquires security strategy collection using product log, its hit rate is counted for certain security strategy, according to life
Middle rate adjusts security strategy priority.The method can improve firewall security policy hit efficiency, to optimization protection significantly
Wall performance so that security strategy has combination that is more scientific, being more suitable for actual environment demand.
Description of the drawings
Fig. 1 is security policy information schematic diagram.
Fig. 2 is security strategy optimized flow chart.
Specific implementation mode
Firstly the need of explanation, the present invention is a kind of application of the computer technology in field of information security technology.At this
During the realization of invention, the application of multiple software function modules can be related to.It is applicant's understanding that such as reading over application text
Part, the accurate understanding present invention realization principle and goal of the invention after, combine existing known technology in the case of, this field skill
Art personnel can use the software programming technical ability of its grasp to realize the present invention, the software work(that all the present patent application files refer to completely
Energy module belongs to this scope, and applicant will not enumerate.
Present invention is further described in detail with specific implementation mode below in conjunction with the accompanying drawings:
Fig. 1 exemplary security policy informations, Fig. 2 exemplary security policy optimization flows.
A kind of firewall policy optimization method based on big data analysis as shown in Figure 2, specific implementation are:
(1) Firewall Log is received:All daily records of fire wall are received by syslog agreements.
(2) data sample acquisition time is set:With access device, the increase of network flow, strategy number, fire wall is produced
Raw daily record can be more and more huger, by being arranged data sample acquisition time T, daily record of the acquisition fire wall in nearly time T into
Row analysis.
(3) log analysis:By daily record of the fire wall of step (2) acquisition in nearly time T, following analysis is carried out:
(3.1) set of strategies is counted:In daily record, the set of strategies P in fire wall is counted;
P={ p1, p2, p3..., pn-1, pn}
Tactful ID | Tactful details | Priority |
00001 | Access-list 00001 deny tcp host 58.254.143.113 any eq 1521 | 1 |
00002 | Access-list 00002 deny ip host 58.254.143.113 any | 2 |
00003 | Access-list 00003 deny tcp any any eq 41416 | 3 |
00005 | Access-list 00005 deny tcp any any eq 1521 | 4 |
00006 | Access-list 00006 deny tcp host 202.107.219.18 any eq... | 5 |
00007 | Access-list 00007 deny ip host 202.107.219.18 any | 6 |
(3.2) tactful hits are counted:Daily record is polymerize by the strategy in set of strategies P, counts in set of strategies certain
Tactful piHits.
(4) calculative strategy hit rate:According to step (3.2) collected handling result, calculative strategy hit rate.For certain
Security strategy Pi, hit rate computational methods are:
Tactful ID | Tactful details | Priority | Hit rate |
00001 | Access-list 00001 deny tcp host 58.254.143.113 any eq 1521 | 1 | 11.21% |
00002 | Access-list 00002 deny ip host 58.254.143.113 any | 2 | 23.70% |
00003 | Access-list 00003 deny tcp any any eq 41416 | 3 | 0.81% |
00005 | Access-list 00005 deny tcp any any eq 1521 | 4 | 3.20% |
00006 | Access-list 00006 deny tcp host 202.107.219.18 any eq... | 5 | 53.21% |
00007 | Access-list 00007 deny ip host 202.107.219.18 any | 6 | 1.21% |
(5) hit rate is ranked up:By security strategy, it is ranked up from low by height by hit rate.
Tactful ID | Tactful details | Priority | Hit rate |
00006 | Access-list 00006 deny tcp host 202.107.219.18 any eq... | 5 | 53.21% |
00002 | Access-list 00002 deny ip host 58.254.143.113 any | 2 | 23.7% |
00001 | Access-list 00001 deny tcp host 58.254.143.113 any eq 1521 | 1 | 11.21% |
00005 | Access-list 00005 deny tcp any any eq 1521 | 4 | 3.20% |
00007 | Access-list 00007 deny ip host 202.107.219.18 any | 6 | 1.21% |
00003 | Access-list 00003 deny tcp any any eq 41416 | 3 | 0.81% |
(6) security strategy optimizes:
I, the security strategy to shoot straight is in the top, is preferentially hit.
The security strategy that ii, hit rate are zero is disabled or is deleted.
It particularly points out, disables or delete security strategy, can be operated according to statistics number.It is counted through M times, hit rate
The security strategy for being zero is referred to as corpse strategy, can be deleted or be disabled.M is configurable parameter.
Finally it should be noted that listed above is only specific embodiments of the present invention.It is clear that the invention is not restricted to
Above example can also have many variations.Those skilled in the art can directly lead from present disclosure
All deformations for going out or associating, are considered as protection scope of the present invention.
Claims (4)
1. a kind of firewall policy optimization method based on big data analysis, which is characterized in that specifically include following step:
(1) all daily records of fire wall are received;
(2) data sample acquisition time is set:
Data sample acquisition time T is set, and daily record of the acquisition fire wall in nearly time T is analyzed;
(3) log analysis:
The daily record that step (2) is acquired, is analyzed by following sub-steps:
(3.1) set of strategies is counted:
In daily record, set of strategies P, the P={ p in fire wall are counted1, p2, p3..., pn-1, pn};
Wherein, the element of set of strategies P is security strategy, pnFor tactful ID, DetailnIt is p for tactful IDnSecurity strategy plan
Slightly details, LnIt is p for tactful IDnSecurity strategy priority, n is greater than 1 natural number;Set of strategies P is specific as follows:
(3.2) tactful hits are counted:
Daily record is polymerize by the security strategy in set of strategies P, counts every security strategy p in set of strategiesiHits, 1≤
i≤n;
Wherein, NnIt is p for tactful IDnSecurity strategy hits;The set of strategies P for calculating the hits of security strategy is specific
It is as follows:
(4) calculative strategy hit rate:
According to step (3.2) collected handling result, the hit rate of security strategy is calculated;Security strategy piHit rate calculate
Method is:
Wherein, RiIt is security strategy piHit rate;NiIt is security strategy piHits;Calculate the hit rate of security strategy
Set of strategies P is specific as follows:
(5) hit rate is ranked up:
By security strategy, it is ranked up from low by height by hit rate;
(6) security strategy optimizes:
The security strategy to shoot straight is in the top, for being preferentially matched;And the security strategy for by hit rate being zero, prohibited
With or delete;Realize that the security strategy priority after sequence is reset.
2. a kind of firewall policy optimization method based on big data analysis according to claim 1, which is characterized in that institute
It states in step (1), all daily records of fire wall is received by syslog agreements.
3. a kind of firewall policy optimization method based on big data analysis according to claim 1, which is characterized in that institute
It states in step (6), the security strategy that hit rate is zero refers to being counted through M times, and hit rate is all zero security strategy;M is can to match
Set parameter.
4. a kind of firewall policy optimization system based on big data analysis, including processor and storage device, processor are suitable for
Realize that each instruction, storage device are suitable for storing a plurality of instruction, described instruction is loaded and executed suitable for processor;Described instruction is suitable
It loads and executes in processor:
(1) all daily records of fire wall are received;
(2) data sample acquisition time is set:
Data sample acquisition time T is set, and daily record of the acquisition fire wall in nearly time T is analyzed;
(3) log analysis:
The daily record that step (2) is acquired, is analyzed by following sub-steps:
(3.1) set of strategies is counted:
In daily record, set of strategies P, the P={ p in fire wall are counted1, p2, p3..., pn-1, pn};
Wherein, the element of set of strategies P is security strategy, pnFor tactful ID, DetailnIt is p for tactful IDnSecurity strategy plan
Slightly details, LnIt is p for tactful IDnSecurity strategy priority, n is greater than 1 natural number;Set of strategies P is specific as follows:
(3.2) tactful hits are counted:
Daily record is polymerize by the security strategy in set of strategies P, counts every security strategy p in set of strategiesiHits, 1≤
i≤n;
Wherein, NnIt is p for tactful IDnSecurity strategy hits;The set of strategies P for calculating the hits of security strategy is specific
It is as follows:
(4) calculative strategy hit rate:
According to step (3.2) collected handling result, the hit rate of security strategy is calculated;Security strategy piHit rate calculate
Method is:
Wherein, RiIt is security strategy piHit rate;NiIt is security strategy piHits;Calculate the hit rate of security strategy
Set of strategies P is specific as follows:
(5) hit rate is ranked up:
By security strategy, it is ranked up from low by height by hit rate;
(6) security strategy optimizes:
The security strategy to shoot straight is in the top, for being preferentially matched;And the security strategy for by hit rate being zero, prohibited
With or delete;Realize that the security strategy priority after sequence is reset.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810103920.4A CN108418801A (en) | 2018-02-01 | 2018-02-01 | A kind of firewall policy optimization method and system based on big data analysis |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810103920.4A CN108418801A (en) | 2018-02-01 | 2018-02-01 | A kind of firewall policy optimization method and system based on big data analysis |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108418801A true CN108418801A (en) | 2018-08-17 |
Family
ID=63127451
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810103920.4A Pending CN108418801A (en) | 2018-02-01 | 2018-02-01 | A kind of firewall policy optimization method and system based on big data analysis |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108418801A (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109639743A (en) * | 2018-12-13 | 2019-04-16 | 成都亚信网络安全产业技术研究院有限公司 | A kind of firewall policy detection method and equipment |
CN109787973A (en) * | 2019-01-11 | 2019-05-21 | 积成电子股份有限公司 | A kind of calculation method of network safety situation index system |
CN109802960A (en) * | 2019-01-08 | 2019-05-24 | 深圳中兴网信科技有限公司 | Firewall policy processing method and processing device, computer equipment and storage medium |
CN110138742A (en) * | 2019-04-17 | 2019-08-16 | 深圳中兴网信科技有限公司 | Firewall policy optimization method, system and computer readable storage medium |
CN111277586A (en) * | 2020-01-17 | 2020-06-12 | 武汉思普崚技术有限公司 | Method and device for adjusting firewall security policy |
CN111935186A (en) * | 2020-10-09 | 2020-11-13 | 四川新网银行股份有限公司 | Optimization method of network security policy |
CN112437058A (en) * | 2020-11-11 | 2021-03-02 | 中国电子科技集团公司第三十研究所 | Firewall security policy automatic generation method based on session flow log |
CN112615811A (en) * | 2020-11-19 | 2021-04-06 | 贵州电网有限责任公司 | Method for automatically analyzing robustness of network boundary strategy in power information |
CN113301040A (en) * | 2021-05-21 | 2021-08-24 | 恒安嘉新(北京)科技股份公司 | Firewall strategy optimization method, device, equipment and storage medium |
CN113452715A (en) * | 2021-06-29 | 2021-09-28 | 中国工商银行股份有限公司 | Management method, system, equipment and readable storage medium of firewall policy |
CN113794690A (en) * | 2021-08-20 | 2021-12-14 | 山石网科通信技术股份有限公司 | Data processing method, data processing device, nonvolatile storage medium and processor |
CN114745208A (en) * | 2022-06-10 | 2022-07-12 | 深圳市永达电子信息股份有限公司 | Method for detecting and correcting abnormity of firewall access control list |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101060521A (en) * | 2006-04-18 | 2007-10-24 | 华为技术有限公司 | Information packet filtering method and network firewall |
CN103384222A (en) * | 2013-06-26 | 2013-11-06 | 汉柏科技有限公司 | Method for matching data flow with ACL |
CN103873441A (en) * | 2012-12-12 | 2014-06-18 | 中国电信股份有限公司 | Firewall safety rule optimization method and device thereof |
CN105791213A (en) * | 2014-12-18 | 2016-07-20 | 华为技术有限公司 | Strategy optimization device and method |
CN105959331A (en) * | 2016-07-19 | 2016-09-21 | 上海携程商务有限公司 | Firewall policy optimization method and device |
-
2018
- 2018-02-01 CN CN201810103920.4A patent/CN108418801A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101060521A (en) * | 2006-04-18 | 2007-10-24 | 华为技术有限公司 | Information packet filtering method and network firewall |
CN103873441A (en) * | 2012-12-12 | 2014-06-18 | 中国电信股份有限公司 | Firewall safety rule optimization method and device thereof |
CN103384222A (en) * | 2013-06-26 | 2013-11-06 | 汉柏科技有限公司 | Method for matching data flow with ACL |
CN105791213A (en) * | 2014-12-18 | 2016-07-20 | 华为技术有限公司 | Strategy optimization device and method |
CN105959331A (en) * | 2016-07-19 | 2016-09-21 | 上海携程商务有限公司 | Firewall policy optimization method and device |
Non-Patent Citations (3)
Title |
---|
单超: "防火墙配置规则集优化关键技术研究", 《万方数据库》 * |
张李: "基于统计分析方法的防火墙优化研究", 《万方数据库》 * |
本书编写组编著: "《财会人员计算机安全知识读本》", 31 December 2003, 北京:中国财政经济出版社 * |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109639743A (en) * | 2018-12-13 | 2019-04-16 | 成都亚信网络安全产业技术研究院有限公司 | A kind of firewall policy detection method and equipment |
CN109802960A (en) * | 2019-01-08 | 2019-05-24 | 深圳中兴网信科技有限公司 | Firewall policy processing method and processing device, computer equipment and storage medium |
CN109787973A (en) * | 2019-01-11 | 2019-05-21 | 积成电子股份有限公司 | A kind of calculation method of network safety situation index system |
CN110138742B (en) * | 2019-04-17 | 2022-05-31 | 深圳中兴网信科技有限公司 | Firewall policy optimization method, system and computer readable storage medium |
CN110138742A (en) * | 2019-04-17 | 2019-08-16 | 深圳中兴网信科技有限公司 | Firewall policy optimization method, system and computer readable storage medium |
CN111277586A (en) * | 2020-01-17 | 2020-06-12 | 武汉思普崚技术有限公司 | Method and device for adjusting firewall security policy |
CN111935186A (en) * | 2020-10-09 | 2020-11-13 | 四川新网银行股份有限公司 | Optimization method of network security policy |
CN112437058A (en) * | 2020-11-11 | 2021-03-02 | 中国电子科技集团公司第三十研究所 | Firewall security policy automatic generation method based on session flow log |
CN112437058B (en) * | 2020-11-11 | 2022-02-08 | 中国电子科技集团公司第三十研究所 | Firewall security policy automatic generation method based on session flow log |
CN112615811A (en) * | 2020-11-19 | 2021-04-06 | 贵州电网有限责任公司 | Method for automatically analyzing robustness of network boundary strategy in power information |
CN113301040A (en) * | 2021-05-21 | 2021-08-24 | 恒安嘉新(北京)科技股份公司 | Firewall strategy optimization method, device, equipment and storage medium |
CN113301040B (en) * | 2021-05-21 | 2023-02-10 | 恒安嘉新(北京)科技股份公司 | Firewall strategy optimization method, device, equipment and storage medium |
CN113452715A (en) * | 2021-06-29 | 2021-09-28 | 中国工商银行股份有限公司 | Management method, system, equipment and readable storage medium of firewall policy |
CN113794690A (en) * | 2021-08-20 | 2021-12-14 | 山石网科通信技术股份有限公司 | Data processing method, data processing device, nonvolatile storage medium and processor |
CN113794690B (en) * | 2021-08-20 | 2024-02-09 | 山石网科通信技术股份有限公司 | Data processing method, device, nonvolatile storage medium and processor |
CN114745208A (en) * | 2022-06-10 | 2022-07-12 | 深圳市永达电子信息股份有限公司 | Method for detecting and correcting abnormity of firewall access control list |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108418801A (en) | A kind of firewall policy optimization method and system based on big data analysis | |
CN110351307B (en) | Abnormal user detection method and system based on ensemble learning | |
CN107623697B (en) | Network security situation assessment method based on attack and defense random game model | |
RU2477929C2 (en) | System and method for prevention safety incidents based on user danger rating | |
CN112637115A (en) | System and method for performing cyber-security risk assessment | |
KR102542720B1 (en) | System for providing internet of behavior based intelligent data security platform service for zero trust security | |
CN110138627B (en) | A kind of edge side terminal security access strategy selection method based on security risk quantization | |
CN106295349A (en) | Risk Identification Method, identification device and the anti-Ore-controlling Role that account is stolen | |
CN206686205U (en) | The multiple-protection network architecture | |
CN107294971A (en) | The Threat sort method in server attack source | |
CN116827697B (en) | Push method of network attack event, electronic equipment and storage medium | |
Jennex et al. | Modifying knowledge risk strategy using threat lessons learned from COVID-19 in 2020-21 in the United States | |
CN109309678A (en) | Network risks method for early warning based on artificial intelligence | |
Scheuermann | Cyber Risks, Systemic Risks, and Cyber Insurance | |
KR101423307B1 (en) | Information-security ability management system | |
CN110266719A (en) | Security strategy delivery method, device, equipment and medium | |
Frincke | Embedding forensic capabilities into networks: addressing inefficiencies in digital forensics investigations | |
JP6518613B2 (en) | Security countermeasure server and system | |
Sridharan et al. | Game-theoretic approach to malicious controller detection in software defined networks | |
Taveras | Cyber Risk Management, Procedures and Considerations to Address the Threats of a Cyber Attack | |
CN113132379A (en) | Intelligent security system of warehousing system | |
Douris | Cyber threat data sharing needs refinement | |
Wu et al. | Design and Practice of Hospital Network Security Deep Defense System | |
Yang et al. | An assessment method of vulnerabilities in electric CPS cyber space | |
KR102577809B1 (en) | Method, system and non-transitory computer-readable recording medium for managing information related to industrial technology leakage |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180817 |