CN109905378A

CN109905378A - A kind of network information security monitoring method, system and computer storage medium

Info

Publication number: CN109905378A
Application number: CN201910104414.1A
Authority: CN
Inventors: 谭佳; 梁俊杰
Original assignee: Hubei University
Current assignee: Hubei University
Priority date: 2019-02-01
Filing date: 2019-02-01
Publication date: 2019-06-18

Abstract

The present invention discloses a kind of network information security monitor system, comprising: Network Isolation module, the Network Isolation module include: 1 gateway and 2 network interface cards；One end of gateway is connect by 1 network interface card with firewall, and firewall is connect with wide area network, and the other end of gateway is connect by another network interface card with permission server；Network monitoring module, Network monitoring module include: CPU, network code key generator, network code key controller and netkey decipher；Network code key generator, network code key controller and netkey decipher are connect with CPU, and CPU is connect with permission server.Wide area network and local area network are effectively isolated by the Network Isolation module of setting by the present invention, influence user, in comparatively safe environment, from the insecurity factor in heterogeneous networks when using computer；Meanwhile the Network monitoring module of setting detects server, further improves the safety of network system.

Description

A kind of network information security monitoring method, system and computer storage medium

Technical field

The present invention relates to field of computer technology more particularly to a kind of network information security monitoring method, system and Computer storage medium.

Background technique

The network information security is one and is related to computer science, network technology, the communication technology, cryptographic technique, information security The multi-disciplinary comprehensive branch of learning such as technology, applied mathematics, number theory, information theory.It is primarily referred to as the hardware of network system, software And its data in system are protected, not by the reason of accidental or malice and by destroying, changing, revealing, system connects Continuous reliably normally to run, network service is not interrupted.

In recent years, it is grown rapidly along with Internet technology in the whole world, people are providing great convenience, however, letter For breathization while bringing various substances and culture is enjoyed, we are also just by the safety for carrying out automatic network got worse Threaten, the data burglar of such as network, the invasion of hacker, virus distribution person or even internal system blabber.Although we are just In the software technology that various complexity are widely used, such as firewall, proxy server invade detector, channel controlling mechanism, but It is that no matter in developed country, or in developing country (including China), activities of hacker is more and more savage, they are all-pervasive, Serious harm is caused to society.At the same time, more allow people uneasy, hacker website is also being continuously increased on internet, Study hacking technique, acquisition hacking tool become easy.In this way, making originally that just very fragile internet is more aobvious It obtains dangerous.

Summary of the invention

The present invention provides a kind of network information security monitoring method, system and computer storage medium, existing to solve Above-mentioned technical problem in technology

In a first aspect, the embodiment of the invention provides a kind of network information security monitor system, the system comprises: network Isolation module, the Network Isolation module include: 1 gateway and 2 network interface cards；Wherein, one end of the gateway passes through described in 1 The connection of the output end of network interface card and firewall, the input terminal of the firewall are connect with wide area network, and the other end of the gateway passes through Another network interface card is connect with permission server；Network monitoring module, the Network monitoring module include: CPU, the generation of network code key Device, network code key controller and netkey decipher；Wherein, the network code key generator, the network code key controller It is connect with the CPU with the netkey decipher, the CPU is connect with the permission server.

Optionally, the system also includes: alarm, the alarm are connect with the netkey decipher；Wherein, The alarm includes at least one of following types: display lamp or buzzer.

Optionally, the system also includes face recognition module, the face recognition module and the permission servers to connect It connects.

Optionally, the system also includes fingerprint identification module, the fingerprint identification module and the permission servers to connect It connects.

Optionally, the system also includes: radiator, the radiator are connect with the CPU.

Optionally, the system also includes: data compressor and database, the data compressor and the database are equal It is connect with the permission server.

Second aspect, the embodiment of the invention also provides a kind of network information security monitoring method, the method is applied to System described above；The described method includes: isolation step, in wide area network and/or the request of data of local area network transmission, The wide area network and the local area network are isolated；Step is guarded, for generating and using when detecting to permission server Family encryption and decryption code key, and verified to whether the generation of the code key legal, and judge whether the code key correct； Alarming step, the verification information for inputting user are compared with encryption code key, if mismatching, are alarmed.

Optionally, the method also includes compression step, for when sending request of data, to incoming data progress Compression generates several compressed packages, and in the database by compressed package storage, and each database is equipped with different passwords.

The third aspect, the embodiment of the invention also provides a kind of network information security monitor devices, including memory, processing On a memory and the computer program that can run on a processor, when processor execution described program, is realized for device and storage Following steps: isolation step, in wide area network and/or the request of data of local area network transmission, by the wide area network and described Local area network is isolated；Step is guarded, for when detecting to permission server, generating user encryption and decryption code key, And it is verified to whether the generation of the code key is legal, and judge whether the code key is correct；Alarming step, for that will use The verification information of family input is compared with encryption code key, if mismatching, is alarmed.

Fourth aspect, the embodiment of the invention also provides a kind of computer readable storage mediums, are stored thereon with computer Program, the program perform the steps of isolation step when being executed by processor, for what is sent in wide area network and/or local area network When request of data, the wide area network and the local area network are isolated；Step is guarded, for examining to permission server When survey, user encryption and decryption code key are generated, and verify to whether the generation of the code key is legal, and judge described secret Whether key is correct；Alarming step, the verification information for inputting user are compared with encryption code key, if mismatching, are reported It is alert.

The one or more technical solutions provided in the embodiment of the present invention, have at least the following technical effects or advantages:

Wide area network and local area network are effectively isolated by the Network Isolation module of setting, user are made to exist by the present invention Using in comparatively safe environment, being influenced from the insecurity factor in heterogeneous networks when computer；Meanwhile the network of setting Monitoring module detects server, further increases the safety of network system.

The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention, And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can It is clearer and more comprehensible, the followings are specific embodiments of the present invention.

Detailed description of the invention

To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment Attached drawing is briefly described, it should be apparent that, drawings in the following description are some embodiments of the invention, for this For the those of ordinary skill of field, without creative efforts, it can also be obtained according to these attached drawings others Attached drawing.

Fig. 1 is the flow chart of the method for multistage list page sequence in the embodiment of the present application；

Fig. 2 is the structural schematic diagram of device in the embodiment of the present application；

Fig. 3 is the structural schematic diagram of server in the embodiment of the present application；

Fig. 4 is the structural schematic diagram of computer readable storage medium 400 in the embodiment of the present application.

Specific embodiment

The embodiment of the present invention mention for a kind of network information security monitor system, to solve the network information in the prior art The technical problem of security protection deficiency, has reached the technical effect for further increasing the safety of network system.

Technical solution in the embodiment of the present invention, general thought are as follows:

Network Isolation module, the Network Isolation module include: 1 gateway and 2 network interface cards；Wherein, the one of the gateway End is connected by the output end of 1 network interface card and firewall, and the input terminal of the firewall is connect with wide area network, the gateway The other end connect with permission server by another network interface card；

Network monitoring module, the Network monitoring module include: CPU, network code key generator, network code key controller and Netkey decipher；Wherein, the network code key generator, the network code key controller and the netkey decipher It is connect with the CPU, the CPU is connect with the permission server.

In above system, by the Network Isolation module of setting, wide area network and local area network are effectively isolated, used Family, in comparatively safe environment, is influenced when using computer from the insecurity factor in heterogeneous networks；Meanwhile setting Network monitoring module detects server, further increases the safety of network system.

In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art Every other embodiment obtained without creative efforts, shall fall within the protection scope of the present invention.

Term " includes " in description and claims of this specification and above-mentioned attached drawing and " having " and they Any deformation, it is intended that cover it is non-exclusive include, for example, containing the process, method of a series of steps or units, being System, product or equipment those of are not necessarily limited to be clearly listed step or unit, but may include be not clearly listed or For the intrinsic other step or units of these process, methods, product or equipment.

Term "and/or" in description and claims of this specification and above-mentioned attached drawing, only a kind of description is closed Join the incidence relation of object, indicates may exist three kinds of relationships, for example, A and/or B, can indicate: individualism A is deposited simultaneously In A and B, these three situations of individualism B.In addition, character "/" herein, typicallying represent forward-backward correlation object is a kind of "or" Relationship.

Embodiment one

A kind of network information security monitor system that the embodiment of the present invention one provides, referring to Fig. 1, the system comprises wide Domain net 1, firewall 2, permission server 3, data compressor 4 and database 5, wide area network 1 are connect with the input terminal of firewall 2, The output end of permission server 3 is connect with the input terminal of data compressor 4 and database 5 respectively, and system further includes Network Isolation Module and Network monitoring module, Network Isolation module is by circuit board 6 and two network interface cards, the 7, gateways 8 being located on circuit board 6 Composition, 8 both ends of gateway are connect with two network interface cards 7 respectively, and 8 one end of gateway is connect by network interface card 7 with 2 output end of firewall, net It closes 8 other ends to connect by network interface card 7 with 3 input terminal of permission server, Network monitoring module is connect with permission server 3, and net Network monitoring module is made of CPU 9, netkey generator 10, netkey controller 11 and netkey decipher 12, net Network key generator 10, netkey controller 11 and 12 output end of netkey decipher are connect with the input terminal of CPU9.

In embodiments of the present invention, 3 inner end of permission server is passed through into internal layer firewall and interchanger and end hosts Connection.In use, after wide area network 1 receives network data, by firewall 2, firewall 2 intercepts it to end hosts In virus and network attack；It is combined by gateway 8 with network interface card 7 in Network Isolation module, either wide area network or local area network When sending request of data, it can be effectively isolated with local area network with wide area network 1, locate end hosts in use In comparatively safe environment, influenced from the insecurity factor in heterogeneous networks；When sending request of data, data can be stored in In database 5, and data compressor 4 compresses incoming data, and data compressor 4 compresses data into multiple compressions Packet, is then store in database 5, each database 5 is designed with different passwords, improves the safety of network system.

Meanwhile Network monitoring module is mainly used for detecting permission server 3, specifically, netkey generator Using the unique Product sequence number of AT05SC card microcontroller as seed, and 128 users are generated according to certain rules and are added Key, the intelligent chip are 8 smart card microcontrollers of Atmel company production, and it can be used to store to execute password calculation Key needed for method includes 40kb read-only memory, 2kb Electrically Erasable Programmable Read-Only Memory, has 64 product IDs, When initialization, 64 it is product ID as seed using this, 128 user encryptions and decruption key can be generated, with very High security performance.Whether generation of the netkey controller for authentication secret be legal, and judges that inputted key is No correct, netkey decipher is used to decrypt the verification information that user inputs and compare with encryption key.

Structure as one embodiment, the model EXZB-WJ-V of gateway 8, the model DM9161BIEP of network interface card 7.

Structure as one embodiment, netkey decipher 12 are connected with alarm 13, and alarm 13 includes display lamp And buzzer is issued by alarm 13 and is warned when 12 comparing result of netkey decipher is mismatched.

Structure as one embodiment, permission server 3 can be connected with face recognition module 14, and face recognition module 14 is adopted With the video special DSP of model TMS320DM642, the dominant frequency of the DSP is up to 720MHz, and operational capability is up to 5400MIPS.Permission server 3 can be connected with fingerprint identification module 15, and fingerprint arranging sets module 15 uses model ATK-AS608 Optical finger print identifier.Face recognition module 14 and fingerprint arranging sets module 15 are used equally for user identity authentication, further plus Strong information security.

Structure as one embodiment, CPU 9 are connected with radiator 16, and the model 2R11S180L of radiator 16 is used for Heat spreading function to CPU guarantees its job stability.

Based on the same inventive concept, the embodiment of the invention also provides method corresponding with system in embodiment one, see reality Apply example two.

Embodiment two

Second embodiment of the present invention provides a kind of methods, referring to FIG. 2, the described method includes:

Isolation step 101, for wide area network and/or local area network transmission request of data when, by the wide area network and institute Local area network is stated to be isolated；

Step 102 is guarded, for when detecting to permission server, generating user encryption and decryption code key, and it is right Whether the generation of the code key is legal to be verified, and judges whether the code key is correct；

Alarming step 103, the verification information for inputting user are compared with encryption code key, if mismatching, are reported It is alert.

In the embodiment of the present invention two, further includes: compression step 104 is used for when sending request of data, to incoming data It carries out compression and generates several compressed packages, in the database by compressed package storage, and each database is equipped with different Password.

By the method that the embodiment of the present invention two is introduced, dress side used by the system to implement the embodiment of the present invention one Method, so based on the system that the embodiment of the present invention one is introduced, the affiliated personnel in this field can understand the specific steps of this method And deformation, so details are not described herein.Method used by the system of all embodiment of the present invention one belongs to the present invention and is intended to The range of protection.

Embodiment three

It should be noted that one, the same inventive concept of embodiment two, the embodiment of the present invention three mention based on the above embodiment A kind of device is supplied, comprising: radio frequency (Radio Frequency, RF) circuit 310, memory 320, input unit 330, display The components such as unit 340, voicefrequency circuit 350, WiFi module 360, processor 370 and power supply 380.Wherein, on memory 320 It is stored with the computer program that can be run on processor 370, processor 370 realizes embodiment when executing the computer program Step 101 described in two, 102,103.

In the specific implementation process, when processor executes computer program, any reality in embodiment one, two may be implemented Apply mode.

It will be understood by those skilled in the art that the restriction of the not structure twin installation of apparatus structure shown in Fig. 3 itself, it can To include perhaps combining certain components or different component layouts than illustrating more or fewer components.

It is specifically introduced below with reference to each component parts of the Fig. 4 to computer equipment:

RF circuit 310 can be used for sending and receiving for signal, particularly, after the downlink information of base station is received, to processing The processing of device 370.In general, RF circuit 310 includes but is not limited at least one amplifier, transceiver, coupler, low noise amplification Device (Low Noise Amplifier, LNA), duplexer etc..

Memory 320 can be used for storing software program and module, and processor 370 is stored in memory 320 by operation Software program and module, thereby executing the various function application and data processing of computer equipment.Memory 320 can be led It to include storing program area and storage data area, wherein storing program area can be needed for storage program area, at least one function Application program etc.；Storage data area, which can be stored, uses created data etc. according to computer equipment.In addition, memory 320 May include high-speed random access memory, can also include nonvolatile memory, a for example, at least disk memory, Flush memory device or other volatile solid-state parts.

Input unit 330 can be used for receiving the number or character information of input, and generate the user with computer equipment Setting and the related key signals input of function control.Specifically, input unit 330 may include keyboard 331 and other inputs Equipment 332.Keyboard 331 collects the input operation of user on it, and drives corresponding connection according to preset formula Device.Keyboard 331 gives processor 370 after collecting output information again.In addition to keyboard 331, input unit 330 can also include Other input equipments 332.Specifically, other input equipments 332 can include but is not limited to touch panel, function key (such as sound Measure control button, switch key etc.), trace ball, mouse, one of operating stick etc. or a variety of.

Display unit 340 can be used for showing information input by user or the information and computer equipment that are supplied to user Various menus.Display unit 340 may include display panel 341, optionally, can use liquid crystal display (Liquid Crystal Display, LCD), the forms such as Organic Light Emitting Diode (Organic Light-Emitting Diode, OLED) To configure display panel 341.Further, keyboard 331 can cover display panel 341, when keyboard 331 detect it is on it or attached After close touch operation, processor 370 is sent to determine the type of touch event, is followed by subsequent processing device 370 according to incoming event Type corresponding visual output is provided on display panel 341.Although keyboard 331 and display panel 341 are conducts in Fig. 3 Two independent components realize the input and input function of computer equipment, but in some embodiments it is possible to by keyboard 331 is integrated with display panel 341 and that realizes computer equipment output and input function.

Voicefrequency circuit 350, loudspeaker 351, microphone 352 can provide the audio interface between user and computer equipment. Electric signal after the audio data received conversion can be transferred to loudspeaker 351, be converted by loudspeaker 351 by voicefrequency circuit 350 For voice signal output；

WiFi belongs to short range wireless transmission technology, and computer equipment can help user to receive and dispatch by WiFi module 360 Email, browsing webpage and access streaming video etc., it provides wireless broadband internet access for user.Although Fig. 4 WiFi module 360 is shown, but it is understood that, and it is not belonging to must be configured into for computer equipment, it completely can root It is omitted within the scope of not changing the essence of the invention according to needs.

Processor 370 is the control centre of computer equipment, utilizes various interfaces and the entire computer equipment of connection Various pieces, by running or execute the software program and/or module that are stored in memory 320, and call and be stored in Data in memory 320 execute the various functions and processing data of computer equipment, to carry out to computer equipment whole Monitoring.Optionally, processor 370 may include one or more processing units；Preferably, processor 370 can be integrated using processing Device, wherein the main processing operation system of application processor, user interface and application program etc..

Computer equipment further includes the power supply 380 (such as power supply adaptor) powered to all parts, it is preferred that power supply can With logically contiguous by power-supply management system and processor 370.

Example IV

Based on the same inventive concept, as shown in figure 4, the present embodiment five provides a kind of computer readable storage medium 400, The step of being stored thereon with computer program 411, being realized described in embodiment one when which is executed by processor 101、102、103、104。

In the specific implementation process, when which is executed by processor, embodiment one, two and may be implemented Any embodiment in three.

It should be understood by those skilled in the art that, the embodiment of the present invention can provide as method, system or computer program Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the present invention Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the present invention, which can be used in one or more, The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces The form of product.

The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.

These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.

These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.

The technical solution provided in the embodiment of the present invention, has at least the following technical effects or advantages:

Although preferred embodiments of the present invention have been described, it is created once a person skilled in the art knows basic Property concept, then additional changes and modifications may be made to these embodiments.So it includes excellent that the following claims are intended to be interpreted as It selects embodiment and falls into all change and modification of the scope of the invention.

Obviously, those skilled in the art can carry out various modification and variations without departing from this hair to the embodiment of the present invention The spirit and scope of bright embodiment.In this way, if these modifications and variations of the embodiment of the present invention belong to the claims in the present invention And its within the scope of equivalent technologies, then the present invention is also intended to include these modifications and variations.

Claims

1. a kind of network information security monitor system, which is characterized in that the system comprises:

Network Isolation module, the Network Isolation module include: 1 gateway and 2 network interface cards；Wherein, one end of the gateway is logical The output end for crossing 1 network interface card and firewall connects, and the input terminal of the firewall is connect with wide area network, the gateway it is another One end is connect by another network interface card with permission server；

Network monitoring module, the Network monitoring module include: CPU, network code key generator, network code key controller and network Key decipher；Wherein, the network code key generator, the network code key controller and the netkey decipher with The CPU connection, the CPU are connect with the permission server.

2. the system as claimed in claim 1, which is characterized in that the system also includes:

Alarm, the alarm are connect with the netkey decipher；Wherein, the alarm includes at least following types One of: display lamp or buzzer.

3. the system as claimed in claim 1, which is characterized in that the system also includes:

Face recognition module, the face recognition module are connect with the permission server.

4. the system as claimed in claim 1, which is characterized in that the system also includes:

Fingerprint identification module, the fingerprint identification module are connect with the permission server.

5. the system as claimed in claim 1, which is characterized in that the system also includes:

Radiator, the radiator are connect with the CPU.

6. the system as claimed in claim 1, which is characterized in that the system also includes:

Data compressor and database, the data compressor and the database are connect with the permission server.

7. a kind of network information security monitoring method, it is characterised in that:

The method is applied to the described in any item systems of claim 1-5；

The described method includes:

Isolation step, for wide area network and/or local area network transmission request of data when, by the wide area network and the local area network It is isolated；

Step is guarded, for when detecting to permission server, generating user encryption and decryption code key, and to the code key Generation it is whether legal verified, and judge whether the code key correct；

Alarming step, the verification information for inputting user are compared with encryption code key, if mismatching, are alarmed.

8. the method for claim 7, which is characterized in that further include:

Compression step will be described for carrying out compression to incoming data and generating several compressed packages when sending request of data Compressed package stores in the database, and each database is equipped with different passwords.

9. a kind of network information security monitor device, including memory, processor and storage are on a memory and can be in processor The computer program of upper operation, which is characterized in that the processor performs the steps of when executing described program

10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the program is by processor It is performed the steps of when execution