CN109150892A - A kind of method and system of intelligent protection portal management system user account - Google Patents

A kind of method and system of intelligent protection portal management system user account Download PDF

Info

Publication number
CN109150892A
CN109150892A CN201811048358.6A CN201811048358A CN109150892A CN 109150892 A CN109150892 A CN 109150892A CN 201811048358 A CN201811048358 A CN 201811048358A CN 109150892 A CN109150892 A CN 109150892A
Authority
CN
China
Prior art keywords
management system
user
database
intelligent protection
system user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811048358.6A
Other languages
Chinese (zh)
Inventor
路廷文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Yunhai Information Technology Co Ltd
Original Assignee
Zhengzhou Yunhai Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Yunhai Information Technology Co Ltd filed Critical Zhengzhou Yunhai Information Technology Co Ltd
Priority to CN201811048358.6A priority Critical patent/CN109150892A/en
Publication of CN109150892A publication Critical patent/CN109150892A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms

Abstract

The present invention provides a kind of method and systems of intelligent protection portal management system user account, comprising: S1, scans web sites management system user and progress information form database;S2, when monitor modification account or process of guarding the gate operation when, temporarily prevent process operation;S3, advance ratio pair is carried out in the database;S4, notify whether user lets pass to process.The present invention is by carrying out intelligent classification for the virus of unknown behavior or network attack, and it prevents, identified, by practical according to the progress application behavior tracking of user's universal experience, rogue program attack can be achieved to intercept, there is efficient interception effect for the protection of unknown virus, may be implemented that unknown virus is prevented to attack through the invention.

Description

A kind of method and system of intelligent protection portal management system user account
Technical field
The present invention relates to field of information security technology, especially a kind of side of intelligent protection portal management system user account Method and system.
Background technique
Today of network Development, there are all trades and professions for web technology, and the opposite user account of Web site management system is to compare Fragile, many attacks, which can restart a micro-system by carry CD or u disk, can enter portal management system The lower modification for carrying out account number cipher or the included rule of Web site management system of system, this is very fearful.
Website is protected in the prior art, there is no carry out intelligent classification to the virus or network attack of unknown behavior Function, lack and the study of unknown virus or network attack identified.And lack user in actually determining and participate in, it causes To whether be that illegal operation differentiates when, unknown virus cannot be accurately identified by often resulting in.
For the safety of better protected network environment and user, the present invention proposes a kind of thoroughly protection Web site management system The technology of user account.
Summary of the invention
The object of the present invention is to provide a kind of method and systems of intelligent protection portal management system user account, it is intended to solve Certainly lack in the prior art and intelligent classification is carried out to the virus or network attack of unknown behavior, viral recognition accuracy is low to ask Topic realizes that rogue program attack intercepts, has efficient interception effect for the protection of unknown virus.
To reach above-mentioned technical purpose, the present invention provides a kind of sides of intelligent protection portal management system user account Method, comprising the following steps:
S1, scans web sites management system user and progress information form database;
S2, when monitor modification account or process of guarding the gate operation when, temporarily prevent process operation;
S3, advance ratio pair is carried out in the database;
S4, notify whether user lets pass to process.
Preferably, the database be updated to every the set time carry out circulation rescan.
Preferably, the step S3 specifically:
Compare user information;
Progress information is compared, including reads and writes and execute permission.
Preferably, the method also includes:
When process is illegal operation, it is determined as rogue program, carries out freezing user's processing;
When process is valid operation, let pass to process.
The present invention also provides a kind of system of intelligent protection portal management system user account, the system comprises:
Database initial module forms database for scans web sites management system user and progress information;
Scheduler module is monitored, for temporarily process being prevented to grasp when monitoring the operation of modification account or process of guarding the gate Make;
Process comparison module, for carrying out advance ratio pair in the database;
Information notification module, for notifying whether user lets pass to process.
Preferably, the database be updated to every the set time carry out circulation rescan.
Preferably, the process comparison module includes:
User information comparing unit, for comparing user information;
Permission is read and write and executed to progress information comparing unit for comparing progress information, including.
Preferably, the system also includes:
Determination processing module freeze user's processing for being determined as rogue program when process is illegal operation, When process is valid operation, let pass to process.
The effect provided in summary of the invention is only the effect of embodiment, rather than invents all whole effects, above-mentioned A technical solution in technical solution have the following advantages that or the utility model has the advantages that
Compared with prior art, the embodiment of the present invention is by carrying out intelligence point for the virus of unknown behavior or network attack Class, and prevent, identified, by practical according to the progress application behavior tracking of user's universal experience.
Firstly, scans web sites management system user and progress information form a database after loading this function, every Certain time circulation rescans, and building according to the whether believable dynamic thought application library of database real time diagnostic operations If scheme realizes the application category according to this inquiry you can get it trusted operations.
Secondly, intercepting self-triggered program and to Web site management system user account by intelligent intercept attaching filtering mechanism The permissions of all read-writes and execution are carried out filtering based on database by the movement for carrying out illegal operation, according to rank by database and It can let pass after the dual identification of user, generally first pass through database and identified, then user is notified to decide.
The embodiment of the present invention prevents Web site management system account information and the process of guarding the gate in Web site management system bottom Shield belongs to the single technology of Web site management system reinforcing, it can be achieved that rogue program attack intercepts, has for the protection of unknown virus Efficient interception effect, may be implemented through the invention prevent unknown virus attack.
Detailed description of the invention
Fig. 1 is a kind of method flow of intelligent protection portal management system user account provided in the embodiment of the present invention Figure;
Fig. 2 is a kind of system structure of intelligent protection portal management system user account provided in the embodiment of the present invention Block diagram.
Specific embodiment
In order to clearly illustrate the technical characterstic of this programme, below by specific embodiment, and its attached drawing is combined, to this Invention is described in detail.Following disclosure provides many different embodiments or example is used to realize different knots of the invention Structure.In order to simplify disclosure of the invention, hereinafter the component of specific examples and setting are described.In addition, the present invention can be with Repeat reference numerals and/or letter in different examples.This repetition is that for purposes of simplicity and clarity, itself is not indicated Relationship between various embodiments and/or setting is discussed.It should be noted that illustrated component is not necessarily to scale in the accompanying drawings It draws.Present invention omits the descriptions to known assemblies and treatment technology and process to avoid the present invention is unnecessarily limiting.
It is provided for the embodiments of the invention a kind of intelligent protection portal management system user account with reference to the accompanying drawing Method and system.
As shown in Figure 1, the embodiment of the invention discloses a kind of method of intelligent protection portal management system user account, packet Include following steps:
S1, scans web sites management system user and progress information form database;
S2, when monitor modification account or process of guarding the gate operation when, temporarily prevent process operation;
S3, advance ratio pair is carried out in the database;
S4, notify whether user lets pass to process.
Windows Web site management system account management is by the way that user information to be written in registration table, these information are common User checks without permission at all, and modification is verified with special process, and under normal circumstances, which comes into force, But it is then invalid under special circumstances.The embodiment of the present invention is that the modification intercepted in the infirm situation of the process of guarding the gate to user is grasped Make and is verified.This Interception Technology is inserted into Web site management system bottom in the form driven, to modifying user account Operation while be filtered and the process of guarding the gate of Web site management system is prevented to be terminated or malicious damage, if guard the gate into Journey is terminated, and entire Web site management system will collapse.
When intercepting the operation modified to the process of guarding the gate or account, if modification main body is not website pipe The administrator for managing system authorization temporarily prevent without exception, and whether report user allows to modify, and then decides whether to put by user Row.Administrator's process of Web site management system authorization is carried out by scanning the Web site management system information of this Web site management system Screening, it is compared in the inventory library of the Web site management system, for example, some process is not this Web site management system Process, to modify account, be certainly it is illegal, at this time to report administrator.
Web site scan management system user and progress information form a database, recycle sweep again at regular intervals Retouch, and whether credible according to database real time diagnostic operations, and to illegal operation carry out intelligent intercept, intercept self-triggered program and The movement of illegal operation is carried out to Web site management system user account, and the permission of all read-writes and execution is subjected to database mistake Filter, carrying out dual identification by database and user according to rank can let pass.
After load process, the trusted users of management system are scanned in the trusted users inventory library of website, it should be by comparing Whether journey is that the process of this Web site management system decides whether to intercept the operation process of the modification account.And submit user Whether allow to modify, let pass if legal, if it is rogue program, then carries out freezing user's processing.
When user can not know why a certain process operates, Web site management system can or can not be damaged, by clear Study identification is carried out in single library, based on the analysis results, is configured to denied access program.
The embodiment of the present invention is prevented by the way that the virus of unknown behavior or network attack are carried out intelligent classification, is passed through It is practical to identify, application behavior tracking is carried out according to user's universal experience.
After loading this function, scans web sites management system user and progress information form a database, every certain Time circulation rescans, and according to the Construction Party of the whether believable dynamic thought application library of database real time diagnostic operations Case realizes the application category according to this inquiry you can get it trusted operations.
Intelligent intercept attaching filtering mechanism intercepts self-triggered program and is illegally grasped to Web site management system user account The permission of all read-writes and execution is carried out filtering based on database, passes through database and the dual mirror of user according to rank by the movement of work It can let pass after not, generally first pass through database and identified, then user is notified to decide.
The embodiment of the present invention prevents Web site management system account information and the process of guarding the gate in Web site management system bottom Shield belongs to the single technology of Web site management system reinforcing, it can be achieved that rogue program attack intercepts, has for the protection of unknown virus Efficient interception effect, may be implemented through the invention prevent unknown virus attack.
As shown in Fig. 2, the embodiment of the invention also discloses a kind of system of intelligent protection portal management system user account, The system comprises:
Database initial module forms database for scans web sites management system user and progress information;
Scheduler module is monitored, for temporarily process being prevented to grasp when monitoring the operation of modification account or process of guarding the gate Make;
Process comparison module, for carrying out advance ratio pair in the database;
Information notification module, for notifying whether user lets pass to process.
The database be updated to every the set time carry out circulation rescan.
The process comparison module includes:
User information comparing unit, for comparing user information;
Permission is read and write and executed to progress information comparing unit for comparing progress information, including.
The system also includes:
Determination processing module freeze user's processing for being determined as rogue program when process is illegal operation, When process is valid operation, let pass to process.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within mind and principle.

Claims (8)

1. a kind of method of intelligent protection portal management system user account, which comprises the following steps:
S1, scans web sites management system user and progress information form database;
S2, when monitor modification account or process of guarding the gate operation when, temporarily prevent process operation;
S3, advance ratio pair is carried out in the database;
S4, notify whether user lets pass to process.
2. a kind of method of intelligent protection portal management system user account according to claim 1, which is characterized in that institute State database be updated to every the set time carry out circulation rescan.
3. a kind of method of intelligent protection portal management system user account according to claim 1, which is characterized in that institute State step S3 specifically:
Compare user information;
Progress information is compared, including reads and writes and execute permission.
4. a kind of method of intelligent protection portal management system user account according to claim 1 to 3, It is characterized in that, the method also includes:
When process is illegal operation, it is determined as rogue program, carries out freezing user's processing;
When process is valid operation, let pass to process.
5. a kind of system of intelligent protection portal management system user account, which is characterized in that the system comprises:
Database initial module forms database for scans web sites management system user and progress information;
Scheduler module is monitored, for temporarily preventing process operation when monitoring the operation of modification account or process of guarding the gate;
Process comparison module, for carrying out advance ratio pair in the database;
Information notification module, for notifying whether user lets pass to process.
6. a kind of system of intelligent protection portal management system user account according to claim 5, which is characterized in that institute State database be updated to every the set time carry out circulation rescan.
7. a kind of system of intelligent protection portal management system user account according to claim 5, which is characterized in that institute The process comparison module of stating includes:
User information comparing unit, for comparing user information;
Permission is read and write and executed to progress information comparing unit for comparing progress information, including.
8. a kind of system of intelligent protection portal management system user account according to claim 5-7 any one, It is characterized in that, the system also includes:
Determination processing module freeze user's processing for being determined as rogue program when process is illegal operation, when into When journey is valid operation, let pass to process.
CN201811048358.6A 2018-09-07 2018-09-07 A kind of method and system of intelligent protection portal management system user account Pending CN109150892A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811048358.6A CN109150892A (en) 2018-09-07 2018-09-07 A kind of method and system of intelligent protection portal management system user account

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811048358.6A CN109150892A (en) 2018-09-07 2018-09-07 A kind of method and system of intelligent protection portal management system user account

Publications (1)

Publication Number Publication Date
CN109150892A true CN109150892A (en) 2019-01-04

Family

ID=64824185

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811048358.6A Pending CN109150892A (en) 2018-09-07 2018-09-07 A kind of method and system of intelligent protection portal management system user account

Country Status (1)

Country Link
CN (1) CN109150892A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105631319A (en) * 2014-11-01 2016-06-01 江苏威盾网络科技有限公司 Computer terminal control system and method based on network protection
US20170316412A1 (en) * 2014-10-20 2017-11-02 Alibaba Group Holding Limited Verification method and apparatus
CN107844700A (en) * 2017-11-28 2018-03-27 郑州云海信息技术有限公司 A kind of method and system of intelligent protection operating system user account

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170316412A1 (en) * 2014-10-20 2017-11-02 Alibaba Group Holding Limited Verification method and apparatus
CN105631319A (en) * 2014-11-01 2016-06-01 江苏威盾网络科技有限公司 Computer terminal control system and method based on network protection
CN107844700A (en) * 2017-11-28 2018-03-27 郑州云海信息技术有限公司 A kind of method and system of intelligent protection operating system user account

Similar Documents

Publication Publication Date Title
US10645113B2 (en) Selectively choosing between actual-attack and simulation/evaluation for validating a vulnerability of a network node during execution of a penetration testing campaign
Saeed et al. A survey on malware and malware detection systems
US20060161982A1 (en) Intrusion detection system
Smaha Haystack: An intrusion detection system
Bertino et al. Towards mechanisms for detection and prevention of data exfiltration by insiders: Keynote talk paper
EP2474934A1 (en) Unauthorized process detection method and unauthorized process detection system
KR20070049514A (en) Malignant code monitor system and monitoring method using thereof
WO2011054555A1 (en) Method and system for managing security objects
CN102369532A (en) Managing security in a network
US10631168B2 (en) Advanced persistent threat (APT) detection in a mobile device
Sequeira Intrusion prevention systems: security's silver bullet?
US20230306119A1 (en) Intrusion detection
Shan et al. Enforcing mandatory access control in commodity OS to disable malware
Perera et al. The next gen security operation center
US10425432B1 (en) Methods and apparatus for detecting suspicious network activity
Eom et al. A framework of defense system for prevention of insider's malicious behaviors
CN107844700A (en) A kind of method and system of intelligent protection operating system user account
Davis et al. A framework for programming and budgeting for cybersecurity
Gupta et al. Attacking confidentiality: An agent based approach
CN109150892A (en) A kind of method and system of intelligent protection portal management system user account
JP2008250728A (en) Information leakage monitoring system and information leakage monitoring method
Agarwal et al. Security Requirements Elicitation Using View Points for Online System
Asrafi Comparing performances of graph mining algorithms to detect malware
KR20100067383A (en) Server security system and server security method
Song et al. Using acl2 to verify security properties of specification-based intrusion detection systems

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190104

RJ01 Rejection of invention patent application after publication