CN108512699B - Block chain service server data anomaly detection method and equipment and block chain system - Google Patents

Block chain service server data anomaly detection method and equipment and block chain system Download PDF

Info

Publication number
CN108512699B
CN108512699B CN201810215188.XA CN201810215188A CN108512699B CN 108512699 B CN108512699 B CN 108512699B CN 201810215188 A CN201810215188 A CN 201810215188A CN 108512699 B CN108512699 B CN 108512699B
Authority
CN
China
Prior art keywords
blockchain
service
sdn
router
block chain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810215188.XA
Other languages
Chinese (zh)
Other versions
CN108512699A (en
Inventor
马田丰
唐雄燕
赫罡
高功应
谭蓓
石乐
邢向晖
李洪峰
童俊杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
China Information Technology Designing and Consulting Institute Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
China Information Technology Designing and Consulting Institute Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd, China Information Technology Designing and Consulting Institute Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN201810215188.XA priority Critical patent/CN108512699B/en
Publication of CN108512699A publication Critical patent/CN108512699A/en
Application granted granted Critical
Publication of CN108512699B publication Critical patent/CN108512699B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0813Configuration setting characterised by the conditions triggering a change of settings
    • H04L41/0816Configuration setting characterised by the conditions triggering a change of settings the condition being an adaptation, e.g. in response to network events
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0823Errors, e.g. transmission errors
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Environmental & Geological Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention provides a method and equipment for detecting data exception of a block chain service server and a block chain system, relates to the field of block chains, and can enable the block chain system to perform self-detection on various faults and take corresponding measures. The method comprises the following steps: the method comprises the steps that a block chain core server obtains block chain service data generated by at least one block chain service server; then the block chain core server can judge whether the block chain service server in the at least one block chain service server has data abnormity according to a preset algorithm according to the block chain service data generated by the at least one block chain service server; when the target block chain service server is determined to have data abnormality, sending a processing instruction corresponding to the data abnormality to the SDN controller, so that the SDN controller generates corresponding router configuration parameters according to the processing instruction and sends the router configuration parameters to a service SDN router connected with the target block chain service server, and the SDN controller updates self configuration according to the router configuration parameters.

Description

区块链业务服务器数据异常检测方法、设备及区块链系统Block chain business server data abnormality detection method, equipment and block chain system

技术领域technical field

本发明涉及区块链技术领域,尤其涉及一种区块链业务服务器数据异常检测方法、设备及区块链系统。The invention relates to the technical field of blockchain, and in particular, to a method, equipment and a blockchain system for detecting abnormality of data in a blockchain service server.

背景技术Background technique

区块链技术的核心是一个分布式账本技术,是一种通过去中心化、去信任的方式集体维护一个可靠数据库的技术方案。目前区块链技术由以比特币为主的1.0版本向智能合约2.0版本演进,成为非常有潜力应用于各个行业的新技术。区块链的技术特点具有很强的两面性:其开放性、共识性、去中心化合和去信任的特点使得区块链具有很强的鲁棒性和公开透明性,但因为原有的区块链系统中每一个服务器节点都存储有区块链系统中所有用户的交易信息和财产信息,而且因为区块链系统中的数据变动是不可修改同时区块链用户信息时保密的无法追踪,所以一旦区块链的整个系统遭遇黑客网络袭击和网络勒索,区块链系统本身是无法保障财产的追回和犯罪分子的定位的。例如基于区块链技术建设的比特币交易平台Bitfinex在2016年被盗12万比特币,而由于区块链技术本身的缺陷该交易平台无法溯源和追踪黑客,只能由用户平摊损失。The core of blockchain technology is a distributed ledger technology, which is a technical solution to collectively maintain a reliable database in a decentralized and trustless manner. At present, blockchain technology has evolved from Bitcoin-based version 1.0 to smart contract version 2.0, and has become a new technology with great potential to be applied to various industries. The technical characteristics of the blockchain have strong two sides: its openness, consensus, decentralization and trustless characteristics make the blockchain strong robustness and openness and transparency, but because the original block Each server node in the chain system stores the transaction information and property information of all users in the blockchain system, and because the data changes in the blockchain system cannot be modified and the blockchain user information is kept confidential and cannot be traced, so Once the entire blockchain system is attacked by hackers and network extortion, the blockchain system itself cannot guarantee the recovery of property and the location of criminals. For example, Bitfinex, a bitcoin trading platform based on blockchain technology, was stolen 120,000 bitcoins in 2016. Due to the defects of the blockchain technology itself, the trading platform cannot trace the source and trace the hackers, and can only share the losses equally by users.

发明内容SUMMARY OF THE INVENTION

本发明的实施例提供一种区块链业务服务器数据异常检测方法、设备及区块链系统,能够建立一种可以检测自身故障的区块链系统,避免区块链用户遭受损失。The embodiments of the present invention provide a method, equipment and a blockchain system for detecting data anomaly of a blockchain service server, which can establish a blockchain system that can detect its own failure and avoid losses suffered by blockchain users.

为达到上述目的,本发明的实施例采用如下技术方案:To achieve the above object, the embodiments of the present invention adopt the following technical solutions:

第一方面,提供一种区块链系统中区块链业务服务的数据异常检测方法,包括:In a first aspect, a data anomaly detection method for a blockchain business service in a blockchain system is provided, including:

区块链核心服务器通过区块链核心服务器连接的核心SDN路由器获取至少一个区块链业务数据,其中至少一个区块链业务数据由至少一个区块链业务服务器生成,并通过各自连接的业务SDN路由器发送至与至少一个区块链业务数据中的地址数据对应的SDN路由器以及区块链核心服务器连接的核心SDN路由器;The blockchain core server obtains at least one blockchain business data through a core SDN router connected to the blockchain core server, wherein at least one blockchain business data is generated by at least one blockchain business server, and passes through the respective connected business SDNs The router sends to the SDN router corresponding to the address data in the at least one blockchain service data and the core SDN router connected to the blockchain core server;

区块链核心服务器根据获取到的所有区块链业务数据依据预设算法判断至少一个区块链业务服务器中是否有区块链业务服务器存在数据异常;The blockchain core server judges, according to all the obtained blockchain business data, according to a preset algorithm, whether any blockchain business server in at least one blockchain business server has abnormal data;

当区块链核心服务器确定目标区块链业务服务器存在数据异常时,经由区块链核心服务器连接的核心SDN路由器和SDN控制器连接的控制SDN路由器发送与数据异常对应的处理指令给SDN控制器;目标区块链业务服务器为至少一个区块链业务服务器中任一区块链业务服务器;When the blockchain core server determines that the target blockchain service server has data abnormality, the core SDN router connected to the blockchain core server and the control SDN router connected to the SDN controller send processing instructions corresponding to the data abnormality to the SDN controller. ; The target blockchain service server is any blockchain service server in at least one blockchain service server;

SDN控制器在接收到处理指令后生成与处理指令对应的路由器配置参数,并通过SDN控制器连接的控制SDN路由器将路由器配置参数发送给目标区块链业务服务器连接的业务SDN路由器;After receiving the processing instruction, the SDN controller generates router configuration parameters corresponding to the processing instruction, and sends the router configuration parameters to the service SDN router connected to the target blockchain service server through the control SDN router connected to the SDN controller;

目标区块链业务服务器连接的业务SDN路由器根据路由器配置参数更新自身配置。The service SDN router connected to the target blockchain service server updates its own configuration according to the router configuration parameters.

可选的,任一区块链业务服务器连接的业务SDN路由器在发送区块链业务数据之前,还包括:任一区块链业务服务器连接的业务SDN路由器给区块链业务数据设置预设标签,以使接收区块链业务数据的业务SDN路由器或核心SDN路由器识别并获取区块链业务数据。Optionally, before sending the blockchain service data, the service SDN router connected to any blockchain service server further includes: the service SDN router connected to any blockchain service server sets a preset label for the blockchain service data , so that the service SDN router or core SDN router that receives the blockchain service data can identify and obtain the blockchain service data.

可选的,目标区块链业务服务器的数据异常至少包括:目标区块链业务服务器被攻击导致其拥有的区块链业务功能和预设不符、目标区块链业务服务器发布非法信息和目标区块链业务服务器生成的区块链业务数据的数量超过预设标准;Optionally, the data anomalies of the target blockchain business server include at least: the target blockchain business server is attacked, causing its own blockchain business functions to be inconsistent with the presets, the target blockchain business server publishing illegal information and the target area. The amount of blockchain business data generated by the blockchain business server exceeds the preset standard;

处理指令至少为以下各项中一种:第一处理指令、第二处理指令和第三处理指令;目标区块链业务服务器被攻击导致其拥有的区块链业务功能和预设不符对应第一处理指令,目标区块链业务服务器发布非法信息对应第二处理指令,目标区块链业务服务器区块链业务数据的数量超过预设标准对应第三处理指令。The processing instruction is at least one of the following: the first processing instruction, the second processing instruction and the third processing instruction; the target blockchain service server is attacked and the blockchain service function it possesses does not match the preset corresponding to the first For the processing instruction, the target blockchain business server issues illegal information corresponding to the second processing instruction, and the target blockchain business server's blockchain business data exceeds the preset standard and corresponds to the third processing instruction.

可选的,SDN控制器在接收到处理指令后生成与处理指令对应的路由器配置参数,并通过SDN控制器连接的控制SDN路由器将路由器配置参数发送给目标区块链业务服务器连接的业务SDN路由器包括:Optionally, after receiving the processing instruction, the SDN controller generates router configuration parameters corresponding to the processing instruction, and sends the router configuration parameters to the service SDN router connected to the target blockchain service server through the control SDN router connected to the SDN controller. include:

当SDN控制器接收到第一处理指令时生成路由器防火墙配置参数,并通过SDN控制器连接的控制SDN路由器发送路由器防火墙配置参数给目标区块链业务服务器连接的业务SDN路由器;When the SDN controller receives the first processing instruction, it generates router firewall configuration parameters, and sends the router firewall configuration parameters to the service SDN router connected to the target blockchain service server through the control SDN router connected to the SDN controller;

当SDN控制器接收到第二处理指令时生成路由器端口配置参数,并通过SDN控制器连接的控制SDN路由器发送路由器端口配置参数给目标区块链业务服务器连接的业务SDN路由器;When the SDN controller receives the second processing instruction, it generates router port configuration parameters, and sends the router port configuration parameters to the service SDN router connected to the target blockchain service server through the control SDN router connected to the SDN controller;

当SDN控制器接收到第三处理指令时生成路由器带宽配置参数,并通过SDN控制器连接的控制SDN路由器发送路由器带宽配置参数给目标区块链业务服务器连接的业务SDN路由器。When the SDN controller receives the third processing instruction, the router bandwidth configuration parameter is generated, and the router bandwidth configuration parameter is sent to the service SDN router connected to the target blockchain service server through the control SDN router connected to the SDN controller.

进一步可选的,目标区块链业务服务器连接的业务SDN路由器根据路由器配置参数更新自身配置包括:目标区块链业务服务器连接的业务SDN路由器根据路由器防火墙配置参数更新自身的防火墙配置;目标区块链业务服务器连接的业务SDN路由器根据路由器端口配置参数关闭发布非法信息的端口;目标区块链业务服务器连接的业务SDN路由器根据路由器带宽配置参数调整数据发送的可用带宽。Further optionally, the service SDN router connected to the target blockchain service server updates its own configuration according to the router configuration parameters, including: the service SDN router connected to the target blockchain service server updates its own firewall configuration according to the router firewall configuration parameters; The service SDN router connected to the blockchain service server closes the port for publishing illegal information according to the router port configuration parameters; the service SDN router connected to the target blockchain service server adjusts the available bandwidth for data transmission according to the router bandwidth configuration parameters.

可选的,当有新的区块链业务服务器加入区块链系统时,该方法还包括:SDN控制器通过SDN控制器连接的控制SDN路由器接收新的区块链业务服务器通过其连接的业务SDN路由器发送的对接指令以完成对接,对接指令中携带新的区块链业务服务器的地址数据;Optionally, when a new blockchain service server is added to the blockchain system, the method further includes: the SDN controller receives the service connected by the new blockchain service server through the control SDN router connected to the SDN controller. The docking instruction sent by the SDN router to complete the docking, and the docking instruction carries the address data of the new blockchain service server;

区块链核心服务器将自身存储的区块链系统中所有区块链业务服务器的区块链业务数据和地址数据经由区块链核心服务器连接的核心SDN路由器和新的区块链业务服务器连接的业务SDN路由器发送给新的区块链业务服务器;The blockchain core server connects the blockchain business data and address data of all blockchain business servers in the blockchain system stored by itself through the core SDN router connected to the blockchain core server and the new blockchain business server. The business SDN router is sent to the new blockchain business server;

区块链核心服务器在新的区块链业务服务器连接的业务SDN路由器与SDN控制器完成对接后,通过区块链核心服务器连接的核心SDN路由器获取新的区块链业务服务器生成并通过自身连接的业务SDN路由器发送的区块链业务数据。After the blockchain core server completes the docking between the service SDN router connected to the new blockchain service server and the SDN controller, the core SDN router connected to the blockchain core server obtains a new blockchain service server to generate and connects through itself The blockchain business data sent by the business SDN router.

第二方面,提供一种区块链核心服务器,包括:获取模块、处理模块和发送模块;In a second aspect, a blockchain core server is provided, including: an acquisition module, a processing module and a sending module;

获取模块用于获取与区块链核心服务器连接的核心SDN路由器发送的至少一个区块链业务数据,其中至少一个区块链业务数据由至少一个区块链业务服务器生成并通过各自连接的业务SDN路由器发送至区块链核心服务器连接的核心SDN路由器;The obtaining module is used to obtain at least one blockchain service data sent by the core SDN router connected to the blockchain core server, wherein the at least one blockchain service data is generated by the at least one blockchain service server and passed through the respective connected service SDNs The router sends to the core SDN router connected to the blockchain core server;

处理模块用于根据获取模块接收的所有区块链业务数据依据预设算法判断至少一个区块链业务服务器中是否有区块链业务服务器存在数据异常;The processing module is configured to judge, according to all the blockchain business data received by the acquiring module, according to a preset algorithm, whether any blockchain business server in at least one blockchain business server has abnormal data;

发送模块用于在处理模块确定目标区块链业务服务器存在数据异常时,发送与数据异常对应的处理指令给区块链核心服务器连接的核心SDN路由器。The sending module is used to send a processing instruction corresponding to the data abnormality to the core SDN router connected to the blockchain core server when the processing module determines that the target blockchain service server has data abnormality.

具体的,目标区块链业务服务器存在的数据异常包括:目标区块链业务服务器被攻击导致其拥有的区块链业务功能和预设不符、目标区块链业务服务器发布非法信息和目标区块链业务服务器生成的区块链业务数据的数量超过预设标准。Specifically, the data anomalies in the target blockchain business server include: the target blockchain business server is attacked, causing its own blockchain business functions to be inconsistent with the presets, the target blockchain business server publishing illegal information and the target block The amount of blockchain business data generated by the chain business server exceeds the preset standard.

可选的,该区块链核心服务器还包括存储模块;存储模块用于存储获取模块获取的所有区块链业务数据和所有区块链业务服务器的地址数据;Optionally, the blockchain core server further includes a storage module; the storage module is used to store all blockchain business data obtained by the acquisition module and address data of all blockchain business servers;

当有新的区块链业务服务器加入区块链核心服务器所在的区块链系统时,发送模块还用于将存储模块中存储的所有区块链业务数据和所有区块链业务服务器的地址数据发送给新的区块链业务服务器连接的业务SDN路由器,以使新的区块链业务服务器通过其连接的业务SDN路由器获取所有区块链业务数据和所有区块链业务服务器的地址数据;When a new blockchain business server joins the blockchain system where the blockchain core server is located, the sending module is also used to send all blockchain business data stored in the storage module and address data of all blockchain business servers Send to the business SDN router connected to the new blockchain business server, so that the new blockchain business server can obtain all blockchain business data and address data of all blockchain business servers through its connected business SDN router;

获取模块还用于获取区块链核心服务器连接的核心SDN路由器发送的新的区块链业务服务器的区块链业务数据,新的区块链业务服务器的区块链业务数据由新的区块链业务服务器生成并通过自身连接的业务SDN路由器发送至区块链核心服务器连接的核心SDN路由器。The obtaining module is also used to obtain the blockchain business data of the new blockchain business server sent by the core SDN router connected to the blockchain core server, and the blockchain business data of the new blockchain business server is determined by the new block chain. The chain service server generates and sends to the core SDN router connected to the blockchain core server through the service SDN router connected to itself.

第三方面,提供一种SDN控制器,包括:接收模块、发送模块和处理模块;In a third aspect, an SDN controller is provided, including: a receiving module, a sending module, and a processing module;

接收模块用于接收SDN控制器连接的控制SDN路由器发送的处理指令,处理指令由区块链核心服务器生成并通过自身连接的核心SDN路由器发送至SDN控制器连接的控制SDN路由器;The receiving module is used to receive processing instructions sent by the control SDN router connected to the SDN controller, and the processing instructions are generated by the blockchain core server and sent to the control SDN router connected to the SDN controller through the core SDN router connected to itself;

处理模块用于根据接收模块接收的处理指令生成路由器配置参数;The processing module is used for generating router configuration parameters according to the processing instructions received by the receiving module;

发送模块用于将处理模块生成的路由器配置参数发送给SDN控制器连接的控制SDN路由器。The sending module is used for sending the router configuration parameters generated by the processing module to the controlling SDN router connected to the SDN controller.

具体的,处理指令至少为以下各项中一种:第一处理指令、第二处理指令和第三处理指令;第一处理指令对应的目标进程的数据异常为目标区块链业务服务器被攻击导致其拥有的区块链业务功能和预设不符,第二处理指令对应的目标进程的数据异常为目标区块链业务服务器发布非法信息,第三处理指令对应的目标进程的数据异常为目标区块链业务服务器区块链业务数据的数量超过预设标准;Specifically, the processing instruction is at least one of the following: a first processing instruction, a second processing instruction, and a third processing instruction; the data exception of the target process corresponding to the first processing instruction is caused by the target blockchain service server being attacked The blockchain business functions it has are inconsistent with the presets. The data abnormality of the target process corresponding to the second processing instruction is illegal information issued by the target blockchain business server, and the data abnormality of the target process corresponding to the third processing instruction is the target block. The amount of blockchain business data of the chain business server exceeds the preset standard;

处理模块具体用于:根据第一处理指令生成路由器防火墙配置参数;根据第二处理指令生成路由器端口配置参数;根据第三处理指令生成路由器带宽配置参数。The processing module is specifically configured to: generate router firewall configuration parameters according to the first processing instruction; generate router port configuration parameters according to the second processing instruction; generate router bandwidth configuration parameters according to the third processing instruction.

可选的,当有新的区块链业务服务器加入SDN控制器所在的区块链系统时,接收模块还用于接收SDN控制器连接的SDN路由器发送的对接指令,对接指令由新的区块链业务服务器新的区块链业务服务器连接的业务SDN路由器发送至SDN控制器连接的控制SDN路由器,对接指令中携带新的区块链业务服务器新的区块链业务服务器连接的业务SDN路由器的地址数据。Optionally, when a new blockchain service server is added to the blockchain system where the SDN controller is located, the receiving module is further configured to receive the docking instruction sent by the SDN router connected to the SDN controller, and the docking instruction is sent by the new block. The service SDN router connected to the new blockchain service server of the chain service server is sent to the control SDN router connected to the SDN controller, and the docking instruction carries the information of the service SDN router connected to the new blockchain service server address data.

第四方面,提供一种业务SDN路由器,其特征在于,包括:接收模块、发送模块和处理模块;A fourth aspect provides a service SDN router, characterized in that it includes: a receiving module, a sending module, and a processing module;

接收模块用于接收业务SDN路由器连接的区块链业务服务器生成的区块链业务数据;The receiving module is used to receive the blockchain service data generated by the blockchain service server connected to the service SDN router;

发送模块用于将接收模块接收的区块链业务数据发送给区块链核心服务器连接的核心SDN路由器以及与区块链业务数据中的地址数据对应的业务SDN路由器;The sending module is used to send the blockchain service data received by the receiving module to the core SDN router connected to the blockchain core server and the service SDN router corresponding to the address data in the blockchain service data;

当业务SDN路由器连接的区块链业务服务器存在数据异常时,接收模块还用于接收SDN控制器生成并通过自身连接的控制SDN路由器发送的路由器配置参数;When the blockchain service server connected to the service SDN router has abnormal data, the receiving module is further configured to receive the router configuration parameters generated by the SDN controller and sent through the control SDN router connected to itself;

处理模块用于根据路由器配置参数对业务SDN路由器的配置进行更改。The processing module is used to change the configuration of the service SDN router according to the router configuration parameters.

可选的,处理模块还用于在发送模块发送区块链业务数据之前给接收模块接收的区块链业务数据设置预设标签,以使区块链核心服务器连接的核心SDN路由器以及与区块链业务数据中的地址数据对应的业务SDN路由器获取并识别区块链业务数据。Optionally, the processing module is further configured to set a preset label for the blockchain business data received by the receiving module before the sending module sends the blockchain business data, so that the core SDN router connected to the blockchain core server and the blockchain The service SDN router corresponding to the address data in the chain service data obtains and identifies the blockchain service data.

可选的,当路由器配置参数为路由器防火墙配置参数时,处理模块用于根据路由器防火墙配置参数更改业务SDN路由器当前的防火墙配置;Optionally, when the router configuration parameters are router firewall configuration parameters, the processing module is configured to change the current firewall configuration of the service SDN router according to the router firewall configuration parameters;

当路由器配置参数为路由器端口配置参数时,处理模块用于根据路由器端口配置参数更改业务SDN路由器当前的端口配置;When the router configuration parameter is the router port configuration parameter, the processing module is used to change the current port configuration of the service SDN router according to the router port configuration parameter;

当路由器配置参数为路由器带宽配置参数时,处理模块用于根据路由器带宽配置参数更改业务SDN路由器当前的可用带宽。When the router configuration parameter is the router bandwidth configuration parameter, the processing module is used to change the current available bandwidth of the service SDN router according to the router bandwidth configuration parameter.

第五方面,提供一种区块链系统,包括第二方面提供的区块链核心服务器、第三方面提供的SDN控制器、第四方面提供的SDN路由器。A fifth aspect provides a blockchain system, including the blockchain core server provided in the second aspect, the SDN controller provided in the third aspect, and the SDN router provided in the fourth aspect.

本发明实施例提供的区块链业务服务器数据异常检测方法、设备及区块链系统,该方法包括:区块链核心服务器通过区块链核心服务器连接的核心SDN路由器获取至少一个区块链业务数据,其中至少一个区块链业务数据由至少一个区块链业务服务器生成,并通过各自连接的业务SDN路由器发送至与至少一个区块链业务数据中的地址数据对应的SDN路由器以及区块链核心服务器连接的核心SDN路由器;区块链核心服务器根据获取到的所有区块链业务数据依据预设算法判断至少一个区块链业务服务器中是否有区块链业务服务器存在数据异常;当区块链核心服务器确定目标区块链业务服务器存在数据异常时,经由区块链核心服务器连接的核心SDN路由器和SDN控制器连接的控制SDN路由器发送与数据异常对应的处理指令给SDN控制器;目标区块链业务服务器为至少一个区块链业务服务器中任一区块链业务服务器;SDN控制器在接收到处理指令后生成与处理指令对应的路由器配置参数,并通过SDN控制器连接的控制SDN路由器将路由器配置参数发送给目标区块链业务服务器连接的业务SDN路由器;目标区块链业务服务器连接的业务SDN路由器根据路由器配置参数更新自身配置。所以该区块链系统在使用过程中,区块链核心服务器可以获取至少一个区块链业务服务器连接的SDN路由器发送的区块链业务数据;然后区块链核心服务器根据所有区块链业务服务器连接的业务SDN路由器发送的区块链业务数据依据预设算法便可以判断所有区块链业务服务器中是否有区块链业务服务器存在数据异常;当确定目标区块链业务服务器存在数据异常时,发送与数据异常连接的处理指令给SDN控制器,以使其根据该处理指令生成相应的路由器配置参数并发送给目标区块链业务服务器连接的业务SDN路由器,以使其根据路由器配置参数更新自身配置。所以本发明实施例提供的区块链系统通过SDN技术的参与可以在区块链系统中的区块链业务服务器被外界攻击或者出现故障时及时对区块链系统进行相应控制,从而避免用户的损失。The blockchain service server data anomaly detection method, device, and blockchain system provided by the embodiments of the present invention include: the blockchain core server obtains at least one blockchain service through a core SDN router connected to the blockchain core server data, wherein at least one blockchain service data is generated by at least one blockchain service server, and sent to the SDN router and the blockchain corresponding to the address data in the at least one blockchain service data through the respective connected service SDN routers The core SDN router connected to the core server; the blockchain core server judges, according to all the obtained blockchain business data, according to a preset algorithm, whether any blockchain business server in at least one blockchain business server has abnormal data; When the chain core server determines that the target blockchain service server has data abnormality, it sends processing instructions corresponding to the data abnormality to the SDN controller via the core SDN router connected to the blockchain core server and the control SDN router connected to the SDN controller; The blockchain service server is any blockchain service server in the at least one blockchain service server; the SDN controller generates router configuration parameters corresponding to the processing instruction after receiving the processing instruction, and controls the SDN router connected through the SDN controller The router configuration parameters are sent to the service SDN router connected to the target blockchain service server; the service SDN router connected to the target blockchain service server updates its own configuration according to the router configuration parameters. Therefore, during the use of the blockchain system, the blockchain core server can obtain the blockchain service data sent by at least one SDN router connected to the blockchain service server; The blockchain service data sent by the connected service SDN router can be determined according to the preset algorithm to determine whether any blockchain service server has data abnormality in all blockchain service servers; when it is determined that the target blockchain service server has data abnormality, Send a processing instruction that is abnormally connected to the data to the SDN controller, so that it can generate the corresponding router configuration parameters according to the processing instruction and send it to the service SDN router connected to the target blockchain service server, so that it can update itself according to the router configuration parameters. configuration. Therefore, the blockchain system provided by the embodiments of the present invention can control the blockchain system in time when the blockchain service server in the blockchain system is attacked by the outside world or fails through the participation of the SDN technology, so as to avoid user's loss.

附图说明Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to explain the embodiments of the present invention or the technical solutions in the prior art more clearly, the following briefly introduces the accompanying drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only These are some embodiments of the present invention. For those of ordinary skill in the art, other drawings can also be obtained according to these drawings without creative efforts.

图1为本发明实施例提供的一种区块链系统中区块链业务服务器的数据异常检测方法流程示意图;1 is a schematic flowchart of a data abnormality detection method for a blockchain service server in a blockchain system provided by an embodiment of the present invention;

图2为本发明实施例提供的另一种区块链系统中区块链业务服务器的数据异常检测方法流程示意图;FIG. 2 is a schematic flowchart of a data abnormality detection method for a blockchain service server in another blockchain system provided by an embodiment of the present invention;

图3为本发明实施例提供的新的区块链业务服务器加入方法流程示意图;3 is a schematic flowchart of a method for adding a new blockchain service server provided by an embodiment of the present invention;

图4为本发明实施例提供的一种区块链系统结构示意图;4 is a schematic structural diagram of a blockchain system provided by an embodiment of the present invention;

图5为本发明实施例提供的一种区块链核心服务器结构示意图;5 is a schematic structural diagram of a blockchain core server according to an embodiment of the present invention;

图6为本发明实施例提供的一种SDN控制器结构示意图;6 is a schematic structural diagram of an SDN controller according to an embodiment of the present invention;

图7为本发明实施例提供的一种业务SDN路由器结构示意图;7 is a schematic structural diagram of a service SDN router according to an embodiment of the present invention;

图8为本发明实施例提供的一种区块链系统实际结构示意图。FIG. 8 is a schematic diagram of the actual structure of a blockchain system according to an embodiment of the present invention.

具体实施方式Detailed ways

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, but not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

需要说明的是,本发明实施例中,“示例性的”或者“例如”等词用于表示作例子、例证或说明。本发明实施例中被描述为“示例性的”或者“例如”的任何实施例或设计方案不应被解释为比其它实施例或设计方案更优选或更具优势。确切而言,使用“示例性的”或者“例如”等词旨在以具体方式呈现相关概念。It should be noted that, in the embodiments of the present invention, words such as "exemplary" or "for example" are used to represent examples, illustrations, or descriptions. Any embodiments or designs described as "exemplary" or "such as" in the embodiments of the present invention should not be construed as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "exemplary" or "such as" is intended to present the related concepts in a specific manner.

还需要说明的是,本发明实施例中,“的(英文:of)”,“相应的(英文:corresponding,relevant)”和“对应的(英文:corresponding)”有时可以混用,应当指出的是,在不强调其区别时,其所要表达的含义是一致的。It should also be noted that, in the embodiment of the present invention, "of", "corresponding (English: corresponding, relevant)" and "corresponding (English: corresponding)" can sometimes be mixed. It should be pointed out that , when not emphasizing the difference, the meaning to be expressed is the same.

为了便于清楚描述本发明实施例的技术方案,在本发明的实施例中,采用了“第一”、“第二”等字样对功能和作用基本相同的相同项或相似项进行区分,本领域技术人员可以理解“第一”、“第二”等字样并不是在对数量和执行次序进行限定。In order to clearly describe the technical solutions of the embodiments of the present invention, in the embodiments of the present invention, words such as "first" and "second" are used to distinguish the same items or similar items with basically the same functions and functions. Those skilled in the art can understand that words such as "first" and "second" are not intended to limit the quantity and execution order.

现有的区块链技术中的区块链结构因为其开放性、共识性、去中心化合和去信任的特点使得区块链具有很强的鲁棒性和公开透明性,但因为原有的区块链系统中每一个服务器节点都存储有区块链系统中所有用户的交易信息和财产信息,而且因为区块链系统中的数据变动是不可修改同时区块链用户信息时保密的无法追踪,所以一旦区块链的整个系统遭遇黑客网络袭击和网络勒索,区块链系统本身是无法保障用户的财产安全的。The blockchain structure in the existing blockchain technology has strong robustness and transparency because of its openness, consensus, decentralization and trustlessness. Each server node in the blockchain system stores the transaction information and property information of all users in the blockchain system, and because the data changes in the blockchain system cannot be modified, and the blockchain user information is kept confidential and cannot be traced. Therefore, once the entire blockchain system is attacked by hackers and network extortion, the blockchain system itself cannot guarantee the safety of users' property.

针对上述问题,参照图1所示,本发明实施例提供一种区块链系统中区块链业务服务的数据异常检测方法,包括:In view of the above problems, referring to FIG. 1 , an embodiment of the present invention provides a data abnormality detection method for a blockchain business service in a blockchain system, including:

101、区块链核心服务器通过区块链核心服务器连接的核心SDN(SoftwareDefined Network,软件定义网络)路由器获取至少一个区块链业务数据。101. The blockchain core server obtains at least one blockchain service data through a core SDN (SoftwareDefined Network, software-defined network) router connected to the blockchain core server.

其中,至少一个区块链业务数据由至少一个区块链业务服务器生成,并通过各自连接的业务SDN路由器发送至与至少一个区块链业务数据中的地址数据对应的业务SDN路由器以及区块链核心服务器连接的核心SDN路由器;实际中,因为区块链核心服务器在区块链系统中会存在不止一个,所以一般会将整个系统的区块链业务服务器分为几部分归不同的区块链核心服务器管理,当然也可以全部由一个区块链核心服务器管理,此处不做具体限制。Wherein, at least one blockchain service data is generated by at least one blockchain service server, and is sent to the service SDN router and the blockchain corresponding to the address data in the at least one blockchain service data through the respective connected service SDN routers The core SDN router connected to the core server; in practice, because there will be more than one blockchain core server in the blockchain system, the blockchain service servers of the entire system are generally divided into several parts and belong to different blockchains Of course, the core server management can also be all managed by a blockchain core server, and no specific restrictions are made here.

另外,因为需要区分区块链系统自身的网络与公共网络,业务SDN路由器在发送区块链业务服务器产生的区块链业务数据时会给区块链业务数据加上只能由区块链系统中的业务SDN路由器或核心路由器识别的标签,所以可选的:任一区块链业务服务器连接的SDN路由器在发送区块链业务数据之前,还包括:任一区块链业务服务器连接的业务SDN路由器给区块链业务数据设置预设标签,以使接收区块链业务数据的业务SDN路由器或核心SDN路由器识别并获取区块链业务数据;In addition, because the network of the blockchain system needs to be distinguished from the public network, the business SDN router will add the blockchain business data to the blockchain business data when sending the blockchain business data generated by the blockchain business server. The label identified by the service SDN router or core router in the SDN router, so optional: Before sending the blockchain service data, the SDN router connected to any blockchain service server also includes: the service connected to any blockchain service server. The SDN router sets preset labels for the blockchain business data, so that the business SDN router or core SDN router that receives the blockchain business data can identify and obtain the blockchain business data;

需要说明的是,核心SDN路由器、业务SDN路由器和控制SDN路由器之间的数据传输,只要传输的数据是属于区块链系统中的使用数据时,相应发送数据的SDN路由器均会对发送的数据设置预设标签,此处仅为示意性选择一种进行情况进行说明;It should be noted that, in the data transmission between the core SDN router, the service SDN router and the control SDN router, as long as the transmitted data belongs to the usage data in the blockchain system, the corresponding SDN router that sends the data will be responsible for the sent data. Set the preset label, here is only a schematic selection of a situation to explain;

具体的,SDN路由器在通信网络三层转发设备的正常数据转发功能技术上,通过隧道技术(例如MPLS(Multi-Protocol Label Switching,多协议标签交换),Vxlan(VirtualExtensible LAN,虚拟拓展局域网)等技术)对区块链系统中的转发报文做一定封装,从而使得整个区块链系统中的SDN路由器之间可以互相识别组成专属于各SDN路由器连接的区块链业务服务器的专网。Specifically, SDN routers use tunneling technology (such as MPLS (Multi-Protocol Label Switching, Multi-Protocol Label Switching), Vxlan (Virtual Extensible LAN, virtual extended local area network) and other technologies in the normal data forwarding function technology of the three-layer forwarding device of the communication network. ) encapsulates the forwarding messages in the blockchain system, so that the SDN routers in the entire blockchain system can identify each other and form a private network dedicated to the blockchain service server connected to each SDN router.

102、区块链核心服务器根据获取到的所有区块链业务数据依据预设算法判断至少一个区块链业务服务器中是否有区块链业务服务器存在数据异常。102. The blockchain core server determines, according to all the obtained blockchain business data, according to a preset algorithm, whether any blockchain business server in at least one blockchain business server has abnormal data.

实际中,除了通过预设算法根据数据来判断出现数据异常的区块链业务服务器,还可以将数据展示给具体专业管理人员进行判断;区块链核心服务器在这里不仅仅需要判断哪些区块链业务服务器有数据异常现象,也同时确定出现的数据异常为哪种数据异常;另外,一种特殊情况是,区块链核心服务器自身也进行区块链业务服务器的业务活动时,区块链核心服务器自身也会出现数据异常,此时区块链核心服务器也是一个特殊的区块链业务服务器,此时区块链核心服务器的数据异常也由自身判断,处理过程和对普通区块链业务服务器的处理过程相同。In practice, in addition to judging the blockchain business server with abnormal data according to the data through a preset algorithm, the data can also be displayed to specific professional managers for judgment; the blockchain core server here not only needs to judge which blockchains The business server has data anomalies, and at the same time, it is determined which data anomaly occurs. In addition, a special case is that when the blockchain core server itself also performs the business activities of the blockchain business server, the blockchain core The server itself will also have data abnormality. At this time, the blockchain core server is also a special blockchain business server. At this time, the data abnormality of the blockchain core server is also judged by itself. The processing process and the processing of ordinary blockchain business servers The process is the same.

103、当区块链核心服务器确定目标区块链业务服务器存在数据异常时,经由区块链核心服务器连接的核心SDN路由器和SDN控制器连接的控制SDN路由器发送与数据异常对应的处理指令给SDN控制器。103. When the blockchain core server determines that the target blockchain service server has data abnormality, the core SDN router connected to the blockchain core server and the control SDN router connected to the SDN controller send a processing instruction corresponding to the data abnormality to the SDN controller.

其中,目标区块链业务服务器为至少一个区块链业务服务器中任一区块链业务服务器;Wherein, the target blockchain service server is any blockchain service server in at least one blockchain service server;

实际中,处理指令携带着区块链核心服务器根据出现数据异常的区块链业务服务器具体数据异常类别判断出的初步处理策略(例如对区块链业务服务器临时隔离、调整区块链业务服务器的可用网络带宽)。In practice, the processing instruction carries the preliminary processing strategy judged by the blockchain core server according to the specific data exception category of the blockchain business server with data exception (such as temporarily isolating the blockchain business server, adjusting the available network bandwidth).

104、SDN控制器在接收到处理指令后生成与处理指令对应的路由器配置参数,并通过SDN控制器连接的控制SDN路由器将路由器配置参数发送给目标区块链业务服务器连接的业务SDN路由器。104. After receiving the processing instruction, the SDN controller generates router configuration parameters corresponding to the processing instruction, and sends the router configuration parameters to the service SDN router connected to the target blockchain service server through the control SDN router connected to the SDN controller.

示例性的,目标区块链业务服务器的数据异常至少包括:目标区块链业务服务器被攻击导致其拥有的区块链业务功能和预设不符、目标区块链业务服务器发布非法信息和目标区块链业务服务器生成的区块链业务数据的数量超过预设标准;处理指令至少为以下各项中一种:第一处理指令、第二处理指令和第三处理指令;目标区块链业务服务器被攻击导致其拥有的区块链业务功能和预设不符对应第一处理指令,目标区块链业务服务器发布非法信息对应第二处理指令,目标区块链业务服务器区块链业务数据的数量超过预设标准对应第三处理指令;Exemplarily, the data abnormality of the target blockchain service server includes at least: the target blockchain service server is attacked, causing the blockchain service functions it has to be inconsistent with the presets, the target blockchain service server publishes illegal information and the target area. The amount of blockchain business data generated by the blockchain business server exceeds the preset standard; the processing instruction is at least one of the following: the first processing instruction, the second processing instruction and the third processing instruction; the target blockchain business server The attacked blockchain business function does not match the preset corresponding to the first processing instruction, the target blockchain business server issues illegal information corresponding to the second processing instruction, and the target blockchain business server The amount of blockchain business data exceeds The preset standard corresponds to the third processing instruction;

示例性的,参照图2所示104步骤具体包括:Exemplarily, referring to step 104 shown in FIG. 2, it specifically includes:

1041、当SDN控制器接收到第一处理指令时生成路由器防火墙配置参数,并通过SDN控制器连接的控制SDN路由器发送路由器防火墙配置参数给目标区块链业务服务器连接的业务SDN路由器。1041. When the SDN controller receives the first processing instruction, generate router firewall configuration parameters, and send the router firewall configuration parameters to the service SDN router connected to the target blockchain service server through the controlling SDN router connected to the SDN controller.

1042、当SDN控制器接收到第二处理指令时生成路由器端口配置参数,并通过SDN控制器连接的控制SDN路由器发送路由器端口配置参数给目标区块链业务服务器连接的业务SDN路由器。1042. Generate router port configuration parameters when the SDN controller receives the second processing instruction, and send the router port configuration parameters to the service SDN router connected to the target blockchain service server through the control SDN router connected to the SDN controller.

1043、当SDN控制器接收到第三处理指令时生成路由器带宽配置参数,并通过SDN控制器连接的控制SDN路由器发送路由器带宽配置参数给目标区块链业务服务器连接的业务SDN路由器。1043. Generate router bandwidth configuration parameters when the SDN controller receives the third processing instruction, and send the router bandwidth configuration parameters to the service SDN router connected to the target blockchain service server through the control SDN router connected to the SDN controller.

105、目标区块链业务服务器连接的业务SDN路由器根据路由器配置参数更新自身配置。105. The service SDN router connected to the target blockchain service server updates its own configuration according to the router configuration parameters.

具体的,参照图2所示,105步骤具体包括:Specifically, referring to Figure 2, step 105 specifically includes:

1051、目标区块链业务服务器连接的业务SDN路由器根据路由器防火墙配置参数更新自身的防火墙配置。1051. The service SDN router connected to the target blockchain service server updates its own firewall configuration according to the router firewall configuration parameters.

1052、目标区块链业务服务器连接的业务SDN路由器根据路由器端口配置参数关闭发布非法信息的端口。1052. The service SDN router connected to the target blockchain service server closes the port for publishing illegal information according to the router port configuration parameter.

1053、目标区块链业务服务器连接的业务SDN路由器根据路由器带宽配置参数调整数据发送的可用带宽。1053. The service SDN router connected to the target blockchain service server adjusts the available bandwidth for data transmission according to the router bandwidth configuration parameter.

因为实际中,区块链系统随时都会有新的用户加入,从而会产生新的区块链业务服务器,所以可选的,参照图3所示,当有新的区块链业务服务器加入SDN控制器所在的区块链系统时该方法还包括:Because in practice, new users will join the blockchain system at any time, which will generate new blockchain service servers, so optional, as shown in Figure 3, when a new blockchain service server is added to the SDN control When the blockchain system where the server is located, the method further includes:

S1、SDN控制器通过SDN控制器连接的控制SDN路由器接收新的区块链业务服务器通过其连接的业务SDN路由器发送的对接指令以完成对接,对接指令中携带新的区块链业务服务器的地址数据。S1. The SDN controller receives the docking instruction sent by the new blockchain service server through the service SDN router connected to the SDN controller through the control SDN router to complete the docking, and the docking instruction carries the address of the new blockchain service server data.

具体的,新的区块链业务服务器的地址数据中应当包括其连接的业务SDN路由器的地址,最终是通过业务SDN路由器转发至新的区块链业务服务器的。Specifically, the address data of the new blockchain service server should include the address of the service SDN router to which it is connected, which is ultimately forwarded to the new blockchain service server through the service SDN router.

S2、区块链核心服务器将自身存储的区块链系统中所有区块链业务服务器的区块链业务数据和地址数据经由区块链核心服务器连接的核心SDN路由器和新的区块链业务服务器连接的业务SDN路由器发送给新的区块链业务服务器。S2. The blockchain core server connects the blockchain business data and address data of all blockchain business servers in the blockchain system stored by itself through the core SDN router and the new blockchain business server connected to the blockchain core server. The connected business SDN router is sent to the new blockchain business server.

具体的,因为区块链系统需要每一个区块链业务服务器都存在有所有区块链系统产生的业务信息以及其他可进行业务联系的区块链业务服务器的地址,所以存在S2。Specifically, because the blockchain system requires that each blockchain business server has all the business information generated by the blockchain system and the addresses of other blockchain business servers that can conduct business contacts, S2 exists.

S3、区块链核心服务器在新的区块链业务服务器连接的业务SDN路由器与SDN控制器完成对接后,通过区块链核心服务器连接的核心SDN路由器获取新的区块链业务服务器生成并通过自身连接的业务SDN路由器发送的区块链业务数据。S3. After the service SDN router connected to the new blockchain service server is connected with the SDN controller, the blockchain core server obtains a new blockchain service server through the core SDN router connected to the blockchain core server and generates and passes the The blockchain service data sent by the service SDN router connected to itself.

本发明实施例提供的区块链系统中区块链业务服务器的数据异常检测方法,该方法包括:区块链核心服务器通过区块链核心服务器连接的核心SDN路由器获取至少一个区块链业务数据,其中至少一个区块链业务数据由至少一个区块链业务服务器生成,并通过各自连接的业务SDN路由器发送至与至少一个区块链业务数据中的地址数据对应的SDN路由器以及区块链核心服务器连接的核心SDN路由器;区块链核心服务器根据获取到的所有区块链业务数据依据预设算法判断至少一个区块链业务服务器中是否有区块链业务服务器存在数据异常;当区块链核心服务器确定目标区块链业务服务器存在数据异常时,经由区块链核心服务器连接的核心SDN路由器和SDN控制器连接的控制SDN路由器发送与数据异常对应的处理指令给SDN控制器;目标区块链业务服务器为至少一个区块链业务服务器中任一区块链业务服务器;SDN控制器在接收到处理指令后生成与处理指令对应的路由器配置参数,并通过SDN控制器连接的控制SDN路由器将路由器配置参数发送给目标区块链业务服务器连接的业务SDN路由器;目标区块链业务服务器连接的业务SDN路由器根据路由器配置参数更新自身配置。所以该区块链系统在使用过程中,区块链核心服务器可以获取至少一个区块链业务服务器连接的SDN路由器发送的区块链业务数据;然后区块链核心服务器根据所有区块链业务服务器连接的业务SDN路由器发送的区块链业务数据依据预设算法便可以判断所有区块链业务服务器中是否有区块链业务服务器存在数据异常;当确定目标区块链业务服务器存在数据异常时,发送与数据异常连接的处理指令给SDN控制器,以使其根据该处理指令生成相应的路由器配置参数并发送给目标区块链业务服务器连接的业务SDN路由器,以使其根据路由器配置参数更新自身配置。所以本发明实施例提供的区块链系统通过SDN技术的参与可以在区块链系统中的区块链业务服务器被外界攻击或者出现故障时及时对区块链系统进行相应控制,从而避免用户的损失。The method for detecting data anomaly of a blockchain service server in a blockchain system provided by an embodiment of the present invention includes: the blockchain core server obtains at least one blockchain service data through a core SDN router connected to the blockchain core server , wherein at least one blockchain service data is generated by at least one blockchain service server, and sent to the SDN router and the blockchain core corresponding to the address data in the at least one blockchain service data through the respective connected service SDN routers The core SDN router connected to the server; the blockchain core server judges at least one blockchain service server with data abnormality according to all the obtained blockchain service data according to the preset algorithm; When the core server determines that the target blockchain service server has data abnormality, it sends processing instructions corresponding to the data abnormality to the SDN controller via the core SDN router connected to the blockchain core server and the control SDN router connected to the SDN controller; the target block The chain service server is any block chain service server in the at least one block chain service server; the SDN controller generates router configuration parameters corresponding to the processing instructions after receiving the processing instructions, and controls the SDN router connected to the SDN controller through the SDN controller. The router configuration parameters are sent to the service SDN router connected to the target blockchain service server; the service SDN router connected to the target blockchain service server updates its own configuration according to the router configuration parameters. Therefore, during the use of the blockchain system, the blockchain core server can obtain the blockchain service data sent by at least one SDN router connected to the blockchain service server; The blockchain service data sent by the connected service SDN router can be determined according to the preset algorithm to determine whether any blockchain service server has data abnormality in all blockchain service servers; when it is determined that the target blockchain service server has data abnormality, Send a processing instruction that is abnormally connected to the data to the SDN controller, so that it can generate the corresponding router configuration parameters according to the processing instruction and send it to the service SDN router connected to the target blockchain service server, so that it can update itself according to the router configuration parameters. configuration. Therefore, the blockchain system provided by the embodiment of the present invention can control the blockchain system in time when the blockchain service server in the blockchain system is attacked by the outside world or fails through the participation of the SDN technology, thereby avoiding user's loss.

参照图4所示,本发明实施例提供一种区块链系统,包括区块链核心服务器41、SDN控制器42和业务SDN路由器43(43-1,43-2,43-3);另外该区块链系统还包括与业务SDN路由器43功能相同的核心SDN路由器44和控制SDN路由器45以及至少一个区块链业务服务器46(46-1,46-2,46-3);该区块链系统能够完成上述实施例中提供的区块链系统中区块链业务服务器数据异常检测方法;实际中,区块链系统结构如图8所示。4, an embodiment of the present invention provides a blockchain system, including a blockchain core server 41, an SDN controller 42, and a service SDN router 43 (43-1, 43-2, 43-3); in addition The blockchain system also includes a core SDN router 44 and a control SDN router 45 with the same functions as the service SDN router 43 and at least one blockchain service server 46 (46-1, 46-2, 46-3); the block The blockchain system can complete the data abnormality detection method of the blockchain service server in the blockchain system provided in the above embodiment; in practice, the structure of the blockchain system is shown in FIG. 8 .

另外,在本发明实施例提供的区块链系统中,各个组成部分之间的信息交互需要符合下表1所示的协议:In addition, in the blockchain system provided by the embodiment of the present invention, the information interaction between the various components needs to conform to the protocol shown in Table 1 below:

Figure BDA0001598397030000121
Figure BDA0001598397030000121

Figure BDA0001598397030000131
Figure BDA0001598397030000131

表1Table 1

具体的,表1中SDN路由器包括前述实施例中的核心SDN路由器、业务SDN路由器和核心SDN路由器。Specifically, the SDN routers in Table 1 include the core SDN routers, service SDN routers, and core SDN routers in the foregoing embodiments.

参照图5所示,本发明实施例提供一种区块链系统中的区块链核心服务器41,包括:获取模块411、处理模块412和发送模块413;5, an embodiment of the present invention provides a blockchain core server 41 in a blockchain system, including: an acquisition module 411, a processing module 412, and a sending module 413;

获取模块411用于获取与区块链核心服务器41连接的核心SDN路由器44发送的至少一个区块链业务数据,其中至少一个区块链业务数据由至少一个区块链业务服务器生成并通过各自连接的业务SDN路由器发送至区块链核心服务器41连接的核心SDN路由器44;The obtaining module 411 is used to obtain at least one blockchain service data sent by the core SDN router 44 connected to the blockchain core server 41, wherein the at least one blockchain service data is generated by the at least one blockchain service server and connected through the respective The service SDN router is sent to the core SDN router 44 connected to the blockchain core server 41;

处理模块412用于根据获取模块411接收的所有区块链业务数据依据预设算法判断至少一个区块链业务服务器中是否有区块链业务服务器存在数据异常;The processing module 412 is configured to judge, according to all the blockchain business data received by the acquiring module 411, according to a preset algorithm, whether there is a data abnormality in any blockchain business server in the at least one blockchain business server;

发送模块413用于在处理模块412确定目标区块链业务服务器存在数据异常时,发送与数据异常对应的处理指令给区块链核心服务器41连接的核心SDN路由器44。The sending module 413 is configured to send a processing instruction corresponding to the data abnormality to the core SDN router 44 connected to the blockchain core server 41 when the processing module 412 determines that the target blockchain service server has data abnormality.

具体的,目标区块链业务服务器存在的数据异常包括:目标区块链业务服务器被攻击导致其拥有的区块链业务功能和预设不符、目标区块链业务服务器发布非法信息和目标区块链业务服务器生成的区块链业务数据的数量超过预设标准。Specifically, the data anomalies in the target blockchain business server include: the target blockchain business server is attacked, causing its own blockchain business functions to be inconsistent with the presets, the target blockchain business server publishing illegal information and the target block The amount of blockchain business data generated by the chain business server exceeds the preset standard.

可选的,该区块链核心服务器41还包括存储模块;存储模块用于存储获取模块411获取的所有区块链业务数据和所有区块链业务服务器的地址数据;Optionally, the blockchain core server 41 further includes a storage module; the storage module is used to store all blockchain business data and address data of all blockchain business servers acquired by the acquisition module 411;

当有新的区块链业务服务器加入区块链核心服务器41所在的区块链系统时,发送模块413还用于将存储模块中存储的所有区块链业务数据和所有区块链业务服务器的地址数据发送给新的区块链业务服务器连接的业务SDN路由器43-4,以使新的区块链业务服务器通过其连接的业务SDN路由器获取所有区块链业务数据和所有区块链业务服务器的地址数据;When a new blockchain service server is added to the blockchain system where the blockchain core server 41 is located, the sending module 413 is further configured to send all the blockchain service data stored in the storage module and the data of all the blockchain service servers. The address data is sent to the service SDN router 43-4 to which the new blockchain service server is connected, so that the new blockchain service server obtains all blockchain service data and all blockchain service servers through its connected service SDN router address data;

获取模块411还用于获取区块链核心服务器41连接的核心SDN路由器44发送的新的区块链业务服务器的区块链业务数据,新的区块链业务服务器的区块链业务数据由新的区块链业务服务器生成并通过自身连接的业务SDN路由器43-4发送至区块链核心服务器41连接的核心SDN路由器44。The obtaining module 411 is further configured to obtain the blockchain service data of the new blockchain service server sent by the core SDN router 44 connected to the blockchain core server 41, and the blockchain service data of the new blockchain service server is obtained by the new The blockchain service server generates and sends it to the core SDN router 44 connected to the blockchain core server 41 through the service SDN router 43-4 connected to itself.

实际中,在区块链系统中,区块链核心服务器是在某个区块链服务器具备所有区块链业务功能(例如比特币系统中,功能完整的区块链服务器需要具备:路由、挖矿、完整区块链系统数据、钱包功能等)的基础上添加一个区块链分析管理系统而成,区块链分析管理系统可以基于区块链核心服务器获取的区块链业务数据对区块链系统中的所有服务器运行情况进行分析;在本发明实施例提供的技术方案中,区块链核心服务器仅指区块链核心服务器中的分析管理系统,其实施业务功能的部分被列入区块链业务服务器中的一员;实际中区块链业务服务器为区块链系统中具备一部分或者所有业务功能的区块链服务器。In fact, in the blockchain system, the blockchain core server is a blockchain server that has all blockchain business functions (for example, in the Bitcoin system, a fully functional blockchain server needs to have: routing, mining, etc.) It is formed by adding a blockchain analysis and management system on the basis of mining, complete blockchain system data, wallet function, etc.) The operation of all servers in the blockchain system is analyzed; in the technical solution provided by the embodiment of the present invention, the blockchain core server only refers to the analysis and management system in the blockchain core server, and the part that implements business functions is listed in the zone A member of the blockchain business server; in fact, the blockchain business server is a blockchain server with some or all business functions in the blockchain system.

参照图6所示,本发明实施例提供一种区块链系统中的SDN控制器42,包括:接收模块421、发送模块422和处理模块423;6, an embodiment of the present invention provides an SDN controller 42 in a blockchain system, including: a receiving module 421, a sending module 422, and a processing module 423;

接收模块421用于接收SDN控制器42连接的控制SDN路由器45发送的处理指令,处理指令由区块链核心服务器连接的核心SDN路由器发送至SDN控制器连接的控制SDN路由器;The receiving module 421 is configured to receive the processing instruction sent by the control SDN router 45 connected to the SDN controller 42, and the processing instruction is sent by the core SDN router connected to the blockchain core server to the control SDN router connected to the SDN controller;

处理模块423用于根据接收模块421接收的处理指令生成路由器配置参数;The processing module 423 is configured to generate router configuration parameters according to the processing instruction received by the receiving module 421;

发送模块422用于将处理模块423生成的路由器配置参数发送给SDN控制器42连接的控制SDN路由器45。The sending module 422 is configured to send the router configuration parameters generated by the processing module 423 to the controlling SDN router 45 connected to the SDN controller 42 .

具体的,处理指令至少为以下各项中一种:第一处理指令、第二处理指令和第三处理指令;第一处理指令对应的目标进程的数据异常为目标区块链业务服务器被攻击导致其拥有的区块链业务功能和预设不符,第二处理指令对应的目标进程的数据异常为目标区块链业务服务器发布非法信息,第三处理指令对应的目标进程的数据异常为目标区块链业务服务器区块链业务数据的数量超过预设标准;Specifically, the processing instruction is at least one of the following: a first processing instruction, a second processing instruction, and a third processing instruction; the data exception of the target process corresponding to the first processing instruction is caused by the target blockchain service server being attacked The blockchain business functions it has are inconsistent with the presets. The data abnormality of the target process corresponding to the second processing instruction is illegal information issued by the target blockchain business server, and the data abnormality of the target process corresponding to the third processing instruction is the target block. The amount of blockchain business data of the chain business server exceeds the preset standard;

处理模块423具体用于:根据第一处理指令生成路由器防火墙配置参数;根据第二处理指令生成路由器端口配置参数;根据第三处理指令生成路由器带宽配置参数。The processing module 423 is specifically configured to: generate router firewall configuration parameters according to the first processing instruction; generate router port configuration parameters according to the second processing instruction; and generate router bandwidth configuration parameters according to the third processing instruction.

可选的,当有新的区块链业务服务器加入SDN控制器42所在的区块链系统时,接收模块421还用于接收SDN控制器42连接的控制SDN路由器45发送的对接指令,对接指令由新的区块链业务服务器新的区块链业务服务器连接的业务SDN路由器发送至SDN控制器连接的控制SDN路由器,对接指令中携带新的区块链业务服务器新的区块链业务服务器连接的SDN路由器的地址数据。Optionally, when a new blockchain service server is added to the blockchain system where the SDN controller 42 is located, the receiving module 421 is further configured to receive a docking instruction sent by the control SDN router 45 connected to the SDN controller 42, and the docking instruction The service SDN router connected by the new blockchain service server and the new blockchain service server is sent to the control SDN router connected by the SDN controller, and the docking instruction carries the connection of the new blockchain service server and the new blockchain service server. address data of the SDN router.

参照图7所示,本发明实施例提供一种区块链系统中的业务SDN路由器43-1(图7中仅以43-1为例说明,并不作为限制条件),包括:接收模块431、发送模块432和处理模块433;Referring to FIG. 7 , an embodiment of the present invention provides a service SDN router 43-1 in a blockchain system (in FIG. 7, only 43-1 is used as an example to illustrate, not as a limitation), including: a receiving module 431 , a sending module 432 and a processing module 433;

接收模块431用于接收业务SDN路由器43-1连接的区块链业务服务器46-1生成的区块链业务数据;The receiving module 431 is configured to receive the blockchain service data generated by the blockchain service server 46-1 connected to the service SDN router 43-1;

发送模块432用于将接收模块431接收的区块链业务数据发送给区块链核心服务器连接的核心SDN路由器44以及与区块链业务数据中的地址数据对应的业务SDN路由器43-2(图7中仅以43-2为例进行说明,并不作为限制条件);The sending module 432 is configured to send the blockchain service data received by the receiving module 431 to the core SDN router 44 connected to the blockchain core server and the service SDN router 43-2 corresponding to the address data in the blockchain service data (Fig. In 7, only 43-2 is used as an example to illustrate, not as a restriction);

当业务SDN路由器43连接的区块链业务服务器存在数据异常时,接收模块431还用于接收SDN控制器生成并通过自身连接的控制SDN路由器45发送的路由器配置参数;When the blockchain service server connected to the service SDN router 43 has abnormal data, the receiving module 431 is further configured to receive the router configuration parameters generated by the SDN controller and sent through the control SDN router 45 connected to itself;

处理模块433用于根据路由器配置参数对业务SDN路由器43的配置进行更改。The processing module 433 is configured to modify the configuration of the service SDN router 43 according to the router configuration parameters.

可选的,处理模块433还用于在发送模块432发送区块链业务数据之前给接收模块431接收的区块链业务数据设置预设标签,以使区块链核心服务器连接的核心SDN路由器44以及与区块链业务数据中的地址数据对应的业务SDN路由器43-2获取并识别区块链业务数据。Optionally, the processing module 433 is further configured to set a preset label for the blockchain service data received by the receiving module 431 before the sending module 432 sends the blockchain service data, so that the core SDN router 44 connected to the blockchain core server is connected. And the service SDN router 43-2 corresponding to the address data in the blockchain service data acquires and identifies the blockchain service data.

可选的,当路由器配置参数为路由器防火墙配置参数时,处理模块433用于根据路由器防火墙配置参数更改业务SDN路由器43-1当前的防火墙配置;Optionally, when the router configuration parameter is the router firewall configuration parameter, the processing module 433 is configured to change the current firewall configuration of the service SDN router 43-1 according to the router firewall configuration parameter;

当路由器配置参数为路由器端口配置参数时,处理模块433用于根据路由器端口配置参数更改业务SDN路由器43-1当前的端口配置;When the router configuration parameter is the router port configuration parameter, the processing module 433 is configured to change the current port configuration of the service SDN router 43-1 according to the router port configuration parameter;

当路由器配置参数为路由器带宽配置参数时,处理模块433用于根据路由器带宽配置参数更改业务SDN路由器43-1当前的可用带宽。When the router configuration parameter is the router bandwidth configuration parameter, the processing module 433 is configured to change the current available bandwidth of the service SDN router 43-1 according to the router bandwidth configuration parameter.

综上所述,本发明实施例提供的区块链业务服务器数据异常检测方法、设备及区块链系统,该方案在对区块链业务服务器数据异常时具体包括:区块链核心服务器通过区块链核心服务器连接的核心SDN路由器获取至少一个区块链业务数据,其中至少一个区块链业务数据由至少一个区块链业务服务器生成,并通过各自连接的业务SDN路由器发送至与至少一个区块链业务数据中的地址数据对应的SDN路由器以及区块链核心服务器连接的核心SDN路由器;区块链核心服务器根据获取到的所有区块链业务数据依据预设算法判断至少一个区块链业务服务器中是否有区块链业务服务器存在数据异常;当区块链核心服务器确定目标区块链业务服务器存在数据异常时,经由区块链核心服务器连接的核心SDN路由器和SDN控制器连接的控制SDN路由器发送与数据异常对应的处理指令给SDN控制器;目标区块链业务服务器为至少一个区块链业务服务器中任一区块链业务服务器;SDN控制器在接收到处理指令后生成与处理指令对应的路由器配置参数,并通过SDN控制器连接的控制SDN路由器将路由器配置参数发送给目标区块链业务服务器连接的业务SDN路由器;目标区块链业务服务器连接的业务SDN路由器根据路由器配置参数更新自身配置。所以该区块链系统在使用过程中,区块链核心服务器可以获取至少一个区块链业务服务器连接的SDN路由器发送的区块链业务数据;然后区块链核心服务器根据所有区块链业务服务器连接的业务SDN路由器发送的区块链业务数据依据预设算法便可以判断所有区块链业务服务器中是否有区块链业务服务器存在数据异常;当确定目标区块链业务服务器存在数据异常时,发送与数据异常连接的处理指令给SDN控制器,以使其根据该处理指令生成相应的路由器配置参数并发送给目标区块链业务服务器连接的业务SDN路由器,以使其根据路由器配置参数更新自身配置。所以本发明实施例提供的区块链系统通过SDN技术的参与可以在区块链系统中的区块链业务服务器被外界攻击或者出现故障时及时对区块链系统进行相应控制,从而避免用户的损失。To sum up, the method, device, and blockchain system for detecting abnormality of blockchain service server data provided by the embodiments of the present invention specifically include: the blockchain core server passes through the block chain service server when the data of the blockchain service server is abnormal. The core SDN router connected to the blockchain core server obtains at least one blockchain service data, wherein the at least one blockchain service data is generated by the at least one blockchain service server, and is sent to the at least one district through the respective connected service SDN routers. The SDN router corresponding to the address data in the blockchain business data and the core SDN router connected to the blockchain core server; the blockchain core server judges at least one blockchain business according to a preset algorithm according to all the obtained blockchain business data Whether any blockchain service server in the server has abnormal data; when the blockchain core server determines that the target blockchain service server has data abnormality, the control SDN connected via the core SDN router connected to the blockchain core server and the SDN controller The router sends a processing instruction corresponding to the abnormal data to the SDN controller; the target blockchain service server is any blockchain service server in at least one blockchain service server; the SDN controller generates and processes the instruction after receiving the processing instruction The corresponding router configuration parameters, and the control SDN router connected to the SDN controller sends the router configuration parameters to the service SDN router connected to the target blockchain service server; the service SDN router connected to the target blockchain service server is updated according to the router configuration parameters. self configuration. Therefore, during the use of the blockchain system, the blockchain core server can obtain the blockchain service data sent by at least one SDN router connected to the blockchain service server; The blockchain service data sent by the connected service SDN router can be determined according to the preset algorithm to determine whether any blockchain service server has data abnormality in all blockchain service servers; when it is determined that the target blockchain service server has data abnormality, Send a processing instruction that is abnormally connected to the data to the SDN controller, so that it can generate the corresponding router configuration parameters according to the processing instruction and send it to the service SDN router connected to the target blockchain service server, so that it can update itself according to the router configuration parameters. configuration. Therefore, the blockchain system provided by the embodiment of the present invention can control the blockchain system in time when the blockchain service server in the blockchain system is attacked by the outside world or fails through the participation of the SDN technology, thereby avoiding user's loss.

以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到的变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应以权利要求的保护范围为准。The above are only specific embodiments of the present invention, but the protection scope of the present invention is not limited thereto. Any person skilled in the art who is familiar with the technical scope disclosed by the present invention can easily think of changes or substitutions. All should be covered within the protection scope of the present invention. Therefore, the protection scope of the present invention should be subject to the protection scope of the claims.

Claims (16)

1. A data anomaly detection method for block chain service in a block chain system comprises the following steps:
the block chain core server acquires at least one block chain service data through a core SDN router connected with the block chain core server, wherein the at least one block chain service data is generated by the at least one block chain service server and is sent to an SDN router corresponding to address data in the at least one block chain service data and the core SDN router connected with the block chain core server through service SDN routers connected with the block chain core server;
the block chain core server judges whether a block chain service server in at least one block chain service server has data abnormality according to all the acquired block chain service data and a preset algorithm;
when the blockchain core server determines that data abnormality exists in a target blockchain service server, sending a processing instruction corresponding to the data abnormality to an SDN controller through a core SDN router connected with the blockchain core server and a control SDN router connected with an SDN controller; the target block chain service server is any one of the at least one block chain service server;
the SDN controller generates router configuration parameters corresponding to the processing instruction after receiving the processing instruction, and sends the router configuration parameters to a service SDN router connected with the target block chain service server through a control SDN router connected with the SDN controller;
and the service SDN router connected with the target block chain service server updates the self configuration according to the router configuration parameters.
2. The method of claim 1, wherein before sending blockchain service data, the service SDN router connected to any blockchain service server further comprises:
and a service SDN router connected with any block chain service server sets a preset label for the block chain service data so that a service SDN router or a core SDN router receiving the block chain service data identifies and acquires the block chain service data.
3. The method of claim 1, wherein the data exception of the target blockchain service server at least comprises: the target block chain service server is attacked, so that the block chain service function and the preset of the target block chain service server are inconsistent, the target block chain service server issues illegal information, and the quantity of block chain service data generated by the target block chain service server exceeds a preset standard;
the processing instruction is at least one of: a first processing instruction, a second processing instruction, and a third processing instruction; the target block chain service server is attacked, so that block chain service functions and preset inconsistency of the target block chain service server correspond to the first processing instruction, the target block chain service server issues illegal information corresponding to the second processing instruction, and the number of block chain service data of the target block chain service server exceeds a preset standard and corresponds to the third processing instruction.
4. The method of claim 3, wherein the SDN controller generates router configuration parameters corresponding to the processing instructions after receiving the processing instructions, and sends the router configuration parameters to a service SDN router connected to the target blockchain service server through a control SDN router connected to the SDN controller comprises:
when the SDN controller receives a first processing instruction, generating router firewall configuration parameters, and sending the router firewall configuration parameters to a service SDN router connected with the target block chain service server through a control SDN router connected with the SDN controller;
when the SDN controller receives a second processing instruction, generating router port configuration parameters, and sending the router port configuration parameters to a service SDN router connected with the target block chaining service server through a control SDN router connected with the SDN controller;
and when the SDN controller receives a third processing instruction, generating router bandwidth configuration parameters, and sending the router bandwidth configuration parameters to a service SDN router connected with the target block chain service server through a control SDN router connected with the SDN controller.
5. The method of claim 4, wherein updating the self-configuration of the target blockchain service server connected service SDN router according to the router configuration parameters comprises:
a service SDN router connected with the target block chain service server updates the firewall configuration of the service SDN router according to the firewall configuration parameters of the router;
a service SDN router connected with the target block chain service server closes a port for releasing the illegal information according to the configuration parameters of the router port;
and the service SDN router connected with the target block chain service server adjusts the available bandwidth for data transmission according to the router bandwidth configuration parameter.
6. The method of claim 1, wherein when a new blockchain service server joins the blockchain system, further comprising:
the SDN controller receives a docking instruction sent by the new blockchain service server through a service SDN router connected with the SDN controller through a control SDN router connected with the SDN controller so as to complete docking, wherein the docking instruction carries address data of the new blockchain service server;
the blockchain core server sends blockchain service data and address data of all blockchain service servers in the blockchain system, which are stored by the blockchain core server, to the new blockchain service server through a core SDN router connected with the blockchain core server and a service SDN router connected with the new blockchain service server;
and after the service SDN router connected with the new blockchain service server is in butt joint with the SDN controller, the blockchain core server acquires blockchain service data generated by the new blockchain service server and sent by the service SDN router connected with the blockchain core server through the core SDN router connected with the blockchain core server.
7. A blockchain core server, comprising: the device comprises an acquisition module, a processing module and a sending module;
the acquiring module is used for acquiring at least one block chain service data sent by a core SDN router connected with a block chain core server, wherein the at least one block chain service data is generated by the at least one block chain service server and is sent to the core SDN router connected with the block chain core server through a service SDN router connected with the block chain service server;
the processing module is used for judging whether a block chain service server in at least one block chain service server has data abnormity according to all the block chain service data received by the acquisition module and a preset algorithm;
the sending module is used for sending a processing instruction corresponding to the data exception to a core SDN router connected with the block chain core server when the processing module determines that the target block chain service server has the data exception.
8. The blockchain core server of claim 7, wherein the data exception existing for the target blockchain service server includes: the target block chain service server is attacked, so that the block chain service function and the preset of the target block chain service server are inconsistent, the target block chain service server issues illegal information, and the quantity of block chain service data generated by the target block chain service server exceeds a preset standard.
9. The blockchain core server of claim 7, further comprising a storage module;
the storage module is used for storing all the blockchain service data acquired by the acquisition module and the address data of all the blockchain service servers;
when a new blockchain service server joins the blockchain system where the blockchain core server is located, the sending module is further configured to send all blockchain service data stored in the storage module and address data of all blockchain service servers to a service SDN router connected to the new blockchain service server, so that the new blockchain service server obtains all blockchain service data and address data of all blockchain service servers through the service SDN router connected to the new blockchain service server;
the obtaining module is further configured to obtain blockchain service data of the new blockchain service server, which is sent by a core SDN router connected to the blockchain core server, where the blockchain service data of the new blockchain service server is generated by the new blockchain service server and is sent to the core SDN router connected to the blockchain core server through a service SDN router connected to the new blockchain service server.
10. An SDN controller, comprising: the device comprises a receiving module, a sending module and a processing module;
the receiving module is used for receiving processing instructions sent by a control SDN router connected with the SDN controller, and the processing instructions are generated by a block chain core server and sent to the control SDN router connected with the SDN controller through a core SDN router connected with the block chain core server;
the processing module is used for generating router configuration parameters according to the processing instruction received by the receiving module;
the sending module is configured to send the router configuration parameters generated by the processing module to a controlling SDN router connected to the SDN controller.
11. The SDN controller of claim 10, wherein the processing instructions are at least one of: a first processing instruction, a second processing instruction, and a third processing instruction; the data exception of the target process corresponding to the first processing instruction is that the target block chain service server is attacked to cause that the block chain service function of the target process is inconsistent with the preset value, the data exception of the target process corresponding to the second processing instruction is that the target block chain service server issues illegal information, and the data exception of the target process corresponding to the third processing instruction is that the number of the block chain service data of the target block chain service server exceeds the preset standard;
the processing module is specifically configured to: generating a router firewall configuration parameter according to the first processing instruction; generating a router port configuration parameter according to the second processing instruction; and generating a router bandwidth configuration parameter according to the third processing instruction.
12. The SDN controller of claim 10, wherein when a new blockchain service server joins a blockchain system in which the SDN controller is located,
the receiving module is further configured to receive a docking instruction sent by an SDN router connected to the SDN controller, where the docking instruction is sent to a control SDN router connected to the SDN controller by a service SDN router connected to a new blockchain service server of the new blockchain service server, and the docking instruction carries address data of the service SDN router connected to the new blockchain service server of the new blockchain service server.
13. A service SDN router, comprising: the device comprises a receiving module, a sending module and a processing module;
the receiving module is used for receiving blockchain service data generated by a blockchain service server connected with the service SDN router;
the sending module is used for sending the blockchain service data received by the receiving module to a core SDN router connected with a blockchain core server and a service SDN router corresponding to address data in the blockchain service data;
when data abnormality exists in a blockchain service server connected with the service SDN router, the receiving module is further configured to receive router configuration parameters generated by the SDN controller and sent by a control SDN router connected with the receiving module;
the processing module is used for changing the configuration of the service SDN router according to the router configuration parameters.
14. The service SDN router of claim 13, wherein the processing module is further configured to set a preset tag to the blockchain service data received by the receiving module before the sending module sends the blockchain service data, so that a core SDN router connected to the blockchain core server and a service SDN router corresponding to address data in the blockchain service data acquire and identify the blockchain service data.
15. The service SDN router of claim 13,
when the router configuration parameter is a router firewall configuration parameter, the processing module is configured to change the current firewall configuration of the SDN router according to the router firewall configuration parameter;
when the router configuration parameter is a router port configuration parameter, the processing module is configured to change the current port configuration of the service SDN router according to the router port configuration parameter;
when the router configuration parameter is a router bandwidth configuration parameter, the processing module is configured to change a current available bandwidth of the service SDN router according to the router bandwidth configuration parameter.
16. A blockchain system comprising a blockchain core server according to any of claims 7 to 9, an SDN controller according to any of claims 10 to 12, a service SDN router according to any of claims 13 to 15.
CN201810215188.XA 2018-03-15 2018-03-15 Block chain service server data anomaly detection method and equipment and block chain system Active CN108512699B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810215188.XA CN108512699B (en) 2018-03-15 2018-03-15 Block chain service server data anomaly detection method and equipment and block chain system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810215188.XA CN108512699B (en) 2018-03-15 2018-03-15 Block chain service server data anomaly detection method and equipment and block chain system

Publications (2)

Publication Number Publication Date
CN108512699A CN108512699A (en) 2018-09-07
CN108512699B true CN108512699B (en) 2020-08-14

Family

ID=63376570

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810215188.XA Active CN108512699B (en) 2018-03-15 2018-03-15 Block chain service server data anomaly detection method and equipment and block chain system

Country Status (1)

Country Link
CN (1) CN108512699B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109525397B (en) * 2018-10-12 2021-05-28 南京邮电大学 A blockchain and method for security assurance of SDN network flow rules
CN111162970B (en) * 2019-12-30 2021-05-25 支付宝(杭州)信息技术有限公司 Method and device for testing decentralized application server in block chain system
CN111614480B (en) * 2020-03-31 2024-01-05 视联动力信息技术股份有限公司 Service detection method, device and storage medium
CN119148609B (en) * 2024-11-12 2025-01-24 云南神经元信息技术有限公司 An IMC embedded PC remote control system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102857363A (en) * 2012-05-04 2013-01-02 运软网络科技(上海)有限公司 Automatic computing system and method for virtual networking
CN103795805A (en) * 2014-02-27 2014-05-14 中国科学技术大学苏州研究院 Distributed server load balancing method based on SDN
CN104967528A (en) * 2015-05-12 2015-10-07 中国联合网络通信集团有限公司 A bandwidth adjustment method and system based on an SDN controller
CN106875165A (en) * 2017-02-22 2017-06-20 中山大学 A kind of common recognition algorithm of utilization software defined network optimization
CN107181720A (en) * 2016-03-11 2017-09-19 中兴通讯股份有限公司 A kind of method and device of software definition networking SDN secure communications
CN107222478A (en) * 2017-05-27 2017-09-29 暨南大学 Software defined network key-course security mechanism construction method based on block chain
CN107360115A (en) * 2016-05-09 2017-11-17 中兴通讯股份有限公司 A kind of SDN means of defence and device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102857363A (en) * 2012-05-04 2013-01-02 运软网络科技(上海)有限公司 Automatic computing system and method for virtual networking
CN103795805A (en) * 2014-02-27 2014-05-14 中国科学技术大学苏州研究院 Distributed server load balancing method based on SDN
CN104967528A (en) * 2015-05-12 2015-10-07 中国联合网络通信集团有限公司 A bandwidth adjustment method and system based on an SDN controller
CN107181720A (en) * 2016-03-11 2017-09-19 中兴通讯股份有限公司 A kind of method and device of software definition networking SDN secure communications
CN107360115A (en) * 2016-05-09 2017-11-17 中兴通讯股份有限公司 A kind of SDN means of defence and device
CN106875165A (en) * 2017-02-22 2017-06-20 中山大学 A kind of common recognition algorithm of utilization software defined network optimization
CN107222478A (en) * 2017-05-27 2017-09-29 暨南大学 Software defined network key-course security mechanism construction method based on block chain

Also Published As

Publication number Publication date
CN108512699A (en) 2018-09-07

Similar Documents

Publication Publication Date Title
US11805024B1 (en) Automatically generating an intent-based network model of an existing computer network
CN108512699B (en) Block chain service server data anomaly detection method and equipment and block chain system
CN112887119B (en) Fault root cause determination method and device and computer storage medium
US9929924B2 (en) SDN controller logic-inference network troubleshooter (SDN-LINT) tool
CN114208128B (en) Fault root cause positioning method and device and computer storage medium
CN110383765B (en) Configuration, telemetry and analysis of computer infrastructure using graphical models
US12021708B2 (en) Connectivity templates
CN102833108B (en) Position of failure point information processing method and equipment
US8270306B2 (en) Fault management apparatus and method for identifying cause of fault in communication network
US8352590B2 (en) Method and system for network management using wire tapping
US10263808B2 (en) Deployment of virtual extensible local area network
CN105490884B (en) A kind of VXLAN tunnel detection method and device
US20200220774A1 (en) Method and device for detecting network failure
US7864666B2 (en) Communication control apparatus, method and program thereof
US10785100B2 (en) Interconnecting networks
US20130329599A1 (en) Method of Network Connectivity Analyses and System Thereof
CN106911648A (en) One kind is environmentally isolated method and apparatus
CN110891018A (en) Network traffic recovery method and device, SDN controller and storage medium
CN107645402A (en) A kind of route management method and device
CN102301662A (en) MAC address protection method and switches
US20150280998A1 (en) Communication system, communication control method, and control device
CN106230717B (en) Route obtaining method and device in cluster system
CN105407095B (en) Secure communication device and its communication means between heterogeneous networks
US10587677B2 (en) Control apparatus, computer readable medium, and equipment control system
CN101527683A (en) Method, device and system of path calculation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant