CN109150892A - A kind of method and system of intelligent protection portal management system user account - Google Patents
A kind of method and system of intelligent protection portal management system user account Download PDFInfo
- Publication number
- CN109150892A CN109150892A CN201811048358.6A CN201811048358A CN109150892A CN 109150892 A CN109150892 A CN 109150892A CN 201811048358 A CN201811048358 A CN 201811048358A CN 109150892 A CN109150892 A CN 109150892A
- Authority
- CN
- China
- Prior art keywords
- management system
- user
- database
- intelligent protection
- system user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Abstract
The present invention provides a kind of method and systems of intelligent protection portal management system user account, comprising: S1, scans web sites management system user and progress information form database;S2, when monitor modification account or process of guarding the gate operation when, temporarily prevent process operation;S3, advance ratio pair is carried out in the database;S4, notify whether user lets pass to process.The present invention is by carrying out intelligent classification for the virus of unknown behavior or network attack, and it prevents, identified, by practical according to the progress application behavior tracking of user's universal experience, rogue program attack can be achieved to intercept, there is efficient interception effect for the protection of unknown virus, may be implemented that unknown virus is prevented to attack through the invention.
Description
Technical field
The present invention relates to field of information security technology, especially a kind of side of intelligent protection portal management system user account
Method and system.
Background technique
Today of network Development, there are all trades and professions for web technology, and the opposite user account of Web site management system is to compare
Fragile, many attacks, which can restart a micro-system by carry CD or u disk, can enter portal management system
The lower modification for carrying out account number cipher or the included rule of Web site management system of system, this is very fearful.
Website is protected in the prior art, there is no carry out intelligent classification to the virus or network attack of unknown behavior
Function, lack and the study of unknown virus or network attack identified.And lack user in actually determining and participate in, it causes
To whether be that illegal operation differentiates when, unknown virus cannot be accurately identified by often resulting in.
For the safety of better protected network environment and user, the present invention proposes a kind of thoroughly protection Web site management system
The technology of user account.
Summary of the invention
The object of the present invention is to provide a kind of method and systems of intelligent protection portal management system user account, it is intended to solve
Certainly lack in the prior art and intelligent classification is carried out to the virus or network attack of unknown behavior, viral recognition accuracy is low to ask
Topic realizes that rogue program attack intercepts, has efficient interception effect for the protection of unknown virus.
To reach above-mentioned technical purpose, the present invention provides a kind of sides of intelligent protection portal management system user account
Method, comprising the following steps:
S1, scans web sites management system user and progress information form database;
S2, when monitor modification account or process of guarding the gate operation when, temporarily prevent process operation;
S3, advance ratio pair is carried out in the database;
S4, notify whether user lets pass to process.
Preferably, the database be updated to every the set time carry out circulation rescan.
Preferably, the step S3 specifically:
Compare user information;
Progress information is compared, including reads and writes and execute permission.
Preferably, the method also includes:
When process is illegal operation, it is determined as rogue program, carries out freezing user's processing;
When process is valid operation, let pass to process.
The present invention also provides a kind of system of intelligent protection portal management system user account, the system comprises:
Database initial module forms database for scans web sites management system user and progress information;
Scheduler module is monitored, for temporarily process being prevented to grasp when monitoring the operation of modification account or process of guarding the gate
Make;
Process comparison module, for carrying out advance ratio pair in the database;
Information notification module, for notifying whether user lets pass to process.
Preferably, the database be updated to every the set time carry out circulation rescan.
Preferably, the process comparison module includes:
User information comparing unit, for comparing user information;
Permission is read and write and executed to progress information comparing unit for comparing progress information, including.
Preferably, the system also includes:
Determination processing module freeze user's processing for being determined as rogue program when process is illegal operation,
When process is valid operation, let pass to process.
The effect provided in summary of the invention is only the effect of embodiment, rather than invents all whole effects, above-mentioned
A technical solution in technical solution have the following advantages that or the utility model has the advantages that
Compared with prior art, the embodiment of the present invention is by carrying out intelligence point for the virus of unknown behavior or network attack
Class, and prevent, identified, by practical according to the progress application behavior tracking of user's universal experience.
Firstly, scans web sites management system user and progress information form a database after loading this function, every
Certain time circulation rescans, and building according to the whether believable dynamic thought application library of database real time diagnostic operations
If scheme realizes the application category according to this inquiry you can get it trusted operations.
Secondly, intercepting self-triggered program and to Web site management system user account by intelligent intercept attaching filtering mechanism
The permissions of all read-writes and execution are carried out filtering based on database by the movement for carrying out illegal operation, according to rank by database and
It can let pass after the dual identification of user, generally first pass through database and identified, then user is notified to decide.
The embodiment of the present invention prevents Web site management system account information and the process of guarding the gate in Web site management system bottom
Shield belongs to the single technology of Web site management system reinforcing, it can be achieved that rogue program attack intercepts, has for the protection of unknown virus
Efficient interception effect, may be implemented through the invention prevent unknown virus attack.
Detailed description of the invention
Fig. 1 is a kind of method flow of intelligent protection portal management system user account provided in the embodiment of the present invention
Figure;
Fig. 2 is a kind of system structure of intelligent protection portal management system user account provided in the embodiment of the present invention
Block diagram.
Specific embodiment
In order to clearly illustrate the technical characterstic of this programme, below by specific embodiment, and its attached drawing is combined, to this
Invention is described in detail.Following disclosure provides many different embodiments or example is used to realize different knots of the invention
Structure.In order to simplify disclosure of the invention, hereinafter the component of specific examples and setting are described.In addition, the present invention can be with
Repeat reference numerals and/or letter in different examples.This repetition is that for purposes of simplicity and clarity, itself is not indicated
Relationship between various embodiments and/or setting is discussed.It should be noted that illustrated component is not necessarily to scale in the accompanying drawings
It draws.Present invention omits the descriptions to known assemblies and treatment technology and process to avoid the present invention is unnecessarily limiting.
It is provided for the embodiments of the invention a kind of intelligent protection portal management system user account with reference to the accompanying drawing
Method and system.
As shown in Figure 1, the embodiment of the invention discloses a kind of method of intelligent protection portal management system user account, packet
Include following steps:
S1, scans web sites management system user and progress information form database;
S2, when monitor modification account or process of guarding the gate operation when, temporarily prevent process operation;
S3, advance ratio pair is carried out in the database;
S4, notify whether user lets pass to process.
Windows Web site management system account management is by the way that user information to be written in registration table, these information are common
User checks without permission at all, and modification is verified with special process, and under normal circumstances, which comes into force,
But it is then invalid under special circumstances.The embodiment of the present invention is that the modification intercepted in the infirm situation of the process of guarding the gate to user is grasped
Make and is verified.This Interception Technology is inserted into Web site management system bottom in the form driven, to modifying user account
Operation while be filtered and the process of guarding the gate of Web site management system is prevented to be terminated or malicious damage, if guard the gate into
Journey is terminated, and entire Web site management system will collapse.
When intercepting the operation modified to the process of guarding the gate or account, if modification main body is not website pipe
The administrator for managing system authorization temporarily prevent without exception, and whether report user allows to modify, and then decides whether to put by user
Row.Administrator's process of Web site management system authorization is carried out by scanning the Web site management system information of this Web site management system
Screening, it is compared in the inventory library of the Web site management system, for example, some process is not this Web site management system
Process, to modify account, be certainly it is illegal, at this time to report administrator.
Web site scan management system user and progress information form a database, recycle sweep again at regular intervals
Retouch, and whether credible according to database real time diagnostic operations, and to illegal operation carry out intelligent intercept, intercept self-triggered program and
The movement of illegal operation is carried out to Web site management system user account, and the permission of all read-writes and execution is subjected to database mistake
Filter, carrying out dual identification by database and user according to rank can let pass.
After load process, the trusted users of management system are scanned in the trusted users inventory library of website, it should be by comparing
Whether journey is that the process of this Web site management system decides whether to intercept the operation process of the modification account.And submit user
Whether allow to modify, let pass if legal, if it is rogue program, then carries out freezing user's processing.
When user can not know why a certain process operates, Web site management system can or can not be damaged, by clear
Study identification is carried out in single library, based on the analysis results, is configured to denied access program.
The embodiment of the present invention is prevented by the way that the virus of unknown behavior or network attack are carried out intelligent classification, is passed through
It is practical to identify, application behavior tracking is carried out according to user's universal experience.
After loading this function, scans web sites management system user and progress information form a database, every certain
Time circulation rescans, and according to the Construction Party of the whether believable dynamic thought application library of database real time diagnostic operations
Case realizes the application category according to this inquiry you can get it trusted operations.
Intelligent intercept attaching filtering mechanism intercepts self-triggered program and is illegally grasped to Web site management system user account
The permission of all read-writes and execution is carried out filtering based on database, passes through database and the dual mirror of user according to rank by the movement of work
It can let pass after not, generally first pass through database and identified, then user is notified to decide.
The embodiment of the present invention prevents Web site management system account information and the process of guarding the gate in Web site management system bottom
Shield belongs to the single technology of Web site management system reinforcing, it can be achieved that rogue program attack intercepts, has for the protection of unknown virus
Efficient interception effect, may be implemented through the invention prevent unknown virus attack.
As shown in Fig. 2, the embodiment of the invention also discloses a kind of system of intelligent protection portal management system user account,
The system comprises:
Database initial module forms database for scans web sites management system user and progress information;
Scheduler module is monitored, for temporarily process being prevented to grasp when monitoring the operation of modification account or process of guarding the gate
Make;
Process comparison module, for carrying out advance ratio pair in the database;
Information notification module, for notifying whether user lets pass to process.
The database be updated to every the set time carry out circulation rescan.
The process comparison module includes:
User information comparing unit, for comparing user information;
Permission is read and write and executed to progress information comparing unit for comparing progress information, including.
The system also includes:
Determination processing module freeze user's processing for being determined as rogue program when process is illegal operation,
When process is valid operation, let pass to process.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention
Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within mind and principle.
Claims (8)
1. a kind of method of intelligent protection portal management system user account, which comprises the following steps:
S1, scans web sites management system user and progress information form database;
S2, when monitor modification account or process of guarding the gate operation when, temporarily prevent process operation;
S3, advance ratio pair is carried out in the database;
S4, notify whether user lets pass to process.
2. a kind of method of intelligent protection portal management system user account according to claim 1, which is characterized in that institute
State database be updated to every the set time carry out circulation rescan.
3. a kind of method of intelligent protection portal management system user account according to claim 1, which is characterized in that institute
State step S3 specifically:
Compare user information;
Progress information is compared, including reads and writes and execute permission.
4. a kind of method of intelligent protection portal management system user account according to claim 1 to 3,
It is characterized in that, the method also includes:
When process is illegal operation, it is determined as rogue program, carries out freezing user's processing;
When process is valid operation, let pass to process.
5. a kind of system of intelligent protection portal management system user account, which is characterized in that the system comprises:
Database initial module forms database for scans web sites management system user and progress information;
Scheduler module is monitored, for temporarily preventing process operation when monitoring the operation of modification account or process of guarding the gate;
Process comparison module, for carrying out advance ratio pair in the database;
Information notification module, for notifying whether user lets pass to process.
6. a kind of system of intelligent protection portal management system user account according to claim 5, which is characterized in that institute
State database be updated to every the set time carry out circulation rescan.
7. a kind of system of intelligent protection portal management system user account according to claim 5, which is characterized in that institute
The process comparison module of stating includes:
User information comparing unit, for comparing user information;
Permission is read and write and executed to progress information comparing unit for comparing progress information, including.
8. a kind of system of intelligent protection portal management system user account according to claim 5-7 any one,
It is characterized in that, the system also includes:
Determination processing module freeze user's processing for being determined as rogue program when process is illegal operation, when into
When journey is valid operation, let pass to process.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811048358.6A CN109150892A (en) | 2018-09-07 | 2018-09-07 | A kind of method and system of intelligent protection portal management system user account |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811048358.6A CN109150892A (en) | 2018-09-07 | 2018-09-07 | A kind of method and system of intelligent protection portal management system user account |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109150892A true CN109150892A (en) | 2019-01-04 |
Family
ID=64824185
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811048358.6A Pending CN109150892A (en) | 2018-09-07 | 2018-09-07 | A kind of method and system of intelligent protection portal management system user account |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109150892A (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105631319A (en) * | 2014-11-01 | 2016-06-01 | 江苏威盾网络科技有限公司 | Computer terminal control system and method based on network protection |
US20170316412A1 (en) * | 2014-10-20 | 2017-11-02 | Alibaba Group Holding Limited | Verification method and apparatus |
CN107844700A (en) * | 2017-11-28 | 2018-03-27 | 郑州云海信息技术有限公司 | A kind of method and system of intelligent protection operating system user account |
-
2018
- 2018-09-07 CN CN201811048358.6A patent/CN109150892A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170316412A1 (en) * | 2014-10-20 | 2017-11-02 | Alibaba Group Holding Limited | Verification method and apparatus |
CN105631319A (en) * | 2014-11-01 | 2016-06-01 | 江苏威盾网络科技有限公司 | Computer terminal control system and method based on network protection |
CN107844700A (en) * | 2017-11-28 | 2018-03-27 | 郑州云海信息技术有限公司 | A kind of method and system of intelligent protection operating system user account |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10645113B2 (en) | Selectively choosing between actual-attack and simulation/evaluation for validating a vulnerability of a network node during execution of a penetration testing campaign | |
Saeed et al. | A survey on malware and malware detection systems | |
US20060161982A1 (en) | Intrusion detection system | |
Smaha | Haystack: An intrusion detection system | |
Bertino et al. | Towards mechanisms for detection and prevention of data exfiltration by insiders: Keynote talk paper | |
EP2474934A1 (en) | Unauthorized process detection method and unauthorized process detection system | |
KR20070049514A (en) | Malignant code monitor system and monitoring method using thereof | |
WO2011054555A1 (en) | Method and system for managing security objects | |
CN102369532A (en) | Managing security in a network | |
US10631168B2 (en) | Advanced persistent threat (APT) detection in a mobile device | |
Sequeira | Intrusion prevention systems: security's silver bullet? | |
US20230306119A1 (en) | Intrusion detection | |
Shan et al. | Enforcing mandatory access control in commodity OS to disable malware | |
Perera et al. | The next gen security operation center | |
US10425432B1 (en) | Methods and apparatus for detecting suspicious network activity | |
Eom et al. | A framework of defense system for prevention of insider's malicious behaviors | |
CN107844700A (en) | A kind of method and system of intelligent protection operating system user account | |
Davis et al. | A framework for programming and budgeting for cybersecurity | |
Gupta et al. | Attacking confidentiality: An agent based approach | |
CN109150892A (en) | A kind of method and system of intelligent protection portal management system user account | |
JP2008250728A (en) | Information leakage monitoring system and information leakage monitoring method | |
Agarwal et al. | Security Requirements Elicitation Using View Points for Online System | |
Asrafi | Comparing performances of graph mining algorithms to detect malware | |
KR20100067383A (en) | Server security system and server security method | |
Song et al. | Using acl2 to verify security properties of specification-based intrusion detection systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190104 |
|
RJ01 | Rejection of invention patent application after publication |