CN110175455A - A kind of Risk-recovery method for database - Google Patents
A kind of Risk-recovery method for database Download PDFInfo
- Publication number
- CN110175455A CN110175455A CN201910455289.9A CN201910455289A CN110175455A CN 110175455 A CN110175455 A CN 110175455A CN 201910455289 A CN201910455289 A CN 201910455289A CN 110175455 A CN110175455 A CN 110175455A
- Authority
- CN
- China
- Prior art keywords
- data
- module
- viral
- database
- processor
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/568—Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
Abstract
The invention discloses a kind of Risk-recovery methods for database, including database, cloud and warning device, level one data acquisition module, secondary data acquisition module, contrast module, time calibrating module, viral data interception module, viral data storage bank and the viral data extraction module for being provided with processor in the cloud and being electrically connected between processor, the virus data extraction module are also electrically connected between viral data storage bank;Data code is acquired by level one data acquisition module, and the viral data in data and viral data storage bank are compared using contrast module, and this data is intercepted by viral data interception module, data secondary acquisition is purified by secondary data acquisition module, and the sensitive word data code in data is detected by processor, effectively contain the sensitive word data code for being not desired to spread, consummating function diversity in defence database.
Description
Technical field
The invention belongs to database defense technique fields, and in particular to a kind of Risk-recovery method for database.
Background technique
Database can be considered the file cabinet of electronization in brief --- the place of storage electronic document, user can be right
Data in file newly such as are increased, are intercepted, being updated, being deleted at the operation, so-called database be store in a certain way together, energy
With multiple user sharings, have redundancy as small as possible, with application program data acquisition system independent of each other, with internet
Develop, comes on more and more business migrations to internet, the safety of database is increasingly taken seriously.
The existing Risk-recovery function for database is not perfect, and it is anti-to carry out risk well for database
It is imperial, screening defence can not be carried out for the vocabulary of some sensitivities, so that sensitive vocabulary code is circulated by database
To inappropriate occasion.
Summary of the invention
The purpose of the present invention is to provide a kind of Risk-recovery methods for database, to solve in above-mentioned background technique
The problem of proposition.
To achieve the above object, the invention provides the following technical scheme: a kind of Risk-recovery method for database, packet
Include database, cloud and warning device, the level-one that processor is provided in the cloud and is electrically connected between processor
Data acquisition module, secondary data acquisition module, contrast module, time calibrating module, viral data interception module, viral data
Repository and viral data extraction module, the virus data extraction module are also electrically connected between viral data storage bank,
It is electrically connected between the warning device and processor, steps are as follows for specific defence:
1) viral data and the input of cloud sensitive word pass through the known viral data of extraneous computer input to virus first
It is stored in data storage bank, for comparing detection when circulating to data in database, while inputting sensitive word number to cloud
According to;
2) database data injection request, step 1) will be infused data using time computing module after the input of viral data
Time when entering to database is demarcated;
3) a data acquisition, by level one data acquisition module in database after the injection of step 2) database data
The data of circulation are acquired, and send processor for collected data;
4) data of data comparison, the acquisition of step 3) data are sent to contrast module, while viral data by processor
Extraction module extracts the known viruse data stored in viral data storage bank and is sent to contrast module by processor, benefit
Two kinds of data are compared with contrast module;
5) data alarm, if finding to include viral data storage bank in collected data after step 4) data comparison
The viral data of interior storage, then processor control warning device carries out early warning prompting, while viral data interception module is to containing
The data of virus are intercepted, and this time data injection request is dangerous;
6) secondary data acquires, and when not finding to have identical code in two data in step 5), then processor is by one
The secondary collected data of data acquisition module are sent to secondary data acquisition module, using secondary data acquisition module to data into
Row purification acquisition, and it is carried out to detect whether by processor to refuse this number if containing containing sensitive word data code
It is injected according to library data, this database data is allowed to inject if not containing.
Preferably, the cloud further includes having the information storage module being electrically connected with processor, is being executed the step 2)
It is later sent the time data that time calibrating module is demarcated in information storage module by processor and stored.
Preferably, executing the step the data for 5) later equally viral data interception block intercepts being arrived by processor
Information is sent in information storage module and stores.
Preferably, the target that data are injected in the database is Website server, computer or mobile phone terminal equipment.
Preferably, the quantity in the cloud is multiple.
Preferably, the cloud is mounted in the object to be measured of database data code circulation in the form of code plug-in.
Preferably, the information storage module is specially hard disk storage.
Preferably, the warning device is mainly made of alarm lamp and alarming horn.
Compared with prior art, the beneficial effects of the present invention are: being carried out by level one data acquisition module to data code
Acquisition, and the viral data in data and viral data storage bank are compared using contrast module, two data match
Data be viral data, and this data is intercepted by virus data interception module, mould is acquired by secondary data
Block is to data and then secondary acquisition purifies, and is detected by processor to the sensitive word data code in data, effectively anti-
Containing the sensitive word data code for being not desired to spread in imperial database, consummating function diversity is contained using the storage of information storage module
The viral data that the time and viral data interception module for having the data of viral data code to circulate are intercepted, facilitate the later period to look into
Viral data are seen and cleared up, while detecting data circulation alarm lamp and alarming horn hair doped with viral data code
Sound-light alarm is reminded out.
Specific embodiment
The technical scheme in the embodiments of the invention will be clearly and completely described below, it is clear that described implementation
Example is only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, this field is common
Technical staff's every other embodiment obtained without making creative work belongs to the model that the present invention protects
It encloses.
Embodiment 1
The present invention provides a kind of technical solution: a kind of Risk-recovery method for database, including database, cloud and
Warning device, level one data acquisition module, two series for being provided with processor and being electrically connected between processor in cloud
It is mentioned according to acquisition module, contrast module, time calibrating module, viral data interception module, viral data storage bank and viral data
Modulus block, viral data extraction module are also electrically connected between viral data storage bank, electric between warning device and processor
Property connection, steps are as follows for specific defence:
1) viral data and the input of cloud sensitive word pass through the known viral data of extraneous computer input to virus first
It is stored in data storage bank, for comparing detection when circulating to data in database, while inputting sensitive word number to cloud
According to;
2) database data injection request, step 1) will be infused data using time computing module after the input of viral data
Time when entering to database is demarcated;
3) a data acquisition, by level one data acquisition module in database after the injection of step 2) database data
The data of circulation are acquired, and send processor for collected data;
4) data of data comparison, the acquisition of step 3) data are sent to contrast module, while viral data by processor
Extraction module extracts the known viruse data stored in viral data storage bank and is sent to contrast module by processor, benefit
Two kinds of data are compared with contrast module;
5) data alarm, if finding to include viral data storage bank in collected data after step 4) data comparison
The viral data of interior storage, then processor control warning device carries out early warning prompting, while viral data interception module is to containing
The data of virus are intercepted, and this time data injection request is dangerous;
6) secondary data acquires, and when not finding to have identical code in two data in step 5), then processor is by one
The secondary collected data of data acquisition module are sent to secondary data acquisition module, using secondary data acquisition module to data into
Row purification acquisition, and it is carried out to detect whether by processor to refuse this number if containing containing sensitive word data code
It is injected according to library data, this database data is allowed to inject if not containing.
Further, the target that data are injected in database is Website server, computer or mobile phone terminal equipment.
Further, the quantity in cloud is multiple.
Further, cloud is mounted in the object to be measured of database data code circulation in the form of code plug-in.
Further, information storage module is specially hard disk storage.
Further, warning device is mainly made of alarm lamp and alarming horn.
Embodiment 2
The present invention provides a kind of technical solution: a kind of Risk-recovery method for database, including database, cloud and
Warning device, level one data acquisition module, two series for being provided with processor and being electrically connected between processor in cloud
According to acquisition module, contrast module, time calibrating module, viral data interception module, information storage module, viral data storage bank
With viral data extraction module, viral data extraction module is also electrically connected between viral data storage bank, warning device with
It is electrically connected between processor, steps are as follows for specific defence:
1) viral data and the input of cloud sensitive word pass through the known viral data of extraneous computer input to virus first
It is stored in data storage bank, for comparing detection when circulating to data in database, while inputting sensitive word number to cloud
According to;
2) database data injection request, step 1) will be infused data using time computing module after the input of viral data
Time when entering to database is demarcated, while sending letter for the time data that time calibrating module is demarcated by processor
It is stored in breath storage module;
3) a data acquisition, by level one data acquisition module in database after the injection of step 2) database data
The data of circulation are acquired, and send processor for collected data;
4) data of data comparison, the acquisition of step 3) data are sent to contrast module, while viral data by processor
Extraction module extracts the known viruse data stored in viral data storage bank and is sent to contrast module by processor, benefit
Two kinds of data are compared with contrast module;
5) data alarm, if finding to include viral data storage bank in collected data after step 4) data comparison
The viral data of interior storage, then processor control warning device carries out early warning prompting, while viral data interception module is to containing
The data of virus are intercepted, and this time data injection request is dangerous, while passing through processor for viral data interception module
The data information intercepted is sent in information storage module and stores;
6) secondary data acquires, and when not finding to have identical code in two data in step 5), then processor is by one
The secondary collected data of data acquisition module are sent to secondary data acquisition module, using secondary data acquisition module to data into
Row purification acquisition, and it is carried out to detect whether by processor to refuse this number if containing containing sensitive word data code
It is injected according to library data, this database data is allowed to inject if not containing.
Further, the target that data are injected in database is Website server, computer or mobile phone terminal equipment.
Further, the quantity in cloud is multiple.
Further, cloud is mounted in the object to be measured of database data code circulation in the form of code plug-in.
Further, information storage module is specially hard disk storage.
Further, warning device is mainly made of alarm lamp and alarming horn.
It although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with
A variety of variations, modification, replacement can be carried out to these embodiments without departing from the principles and spirit of the present invention by understanding
And modification, the scope of the present invention is defined by the appended.
Claims (8)
1. a kind of Risk-recovery method for database, including database, cloud and warning device, it is characterised in that: described
Level one data acquisition module, the secondary data acquisition mould for being provided with processor in cloud and being electrically connected between processor
Block, contrast module, time calibrating module, viral data interception module, viral data storage bank and viral data extraction module, institute
It states viral data extraction module to be also electrically connected between viral data storage bank, between the warning device and processor electrically
Connection, steps are as follows for specific defence:
1) viral data and the input of cloud sensitive word pass through the known viral data of extraneous computer input to viral data first
It is stored in repository, for comparing detection when circulating to data in database, while inputting sensitive word data to cloud;
2) database data injection request, step 1) will be injected into data using time computing module after the input of viral data
Time when database is demarcated;
3) data acquisition, by level one data acquisition module to circulating in database after the injection of step 2) database data
Data be acquired, and send processor for collected data;
4) data of data comparison, the acquisition of step 3) data are sent to contrast module by processor, while viral data are extracted
Module extracts the known viruse data stored in viral data storage bank and is sent to contrast module by processor, using pair
Two kinds of data are compared than module;
5) data alarm, if finding after step 4) data comparison includes storage in viral data storage bank in collected data
The viral data deposited, then processor control warning device carries out early warning prompting, while viral data interception module is to containing viral
Data intercepted, this time data injection request it is dangerous;
6) secondary data acquires, and when not finding to have identical code in two data in step 5), then processor is by a number
It is sent to secondary data acquisition module according to the collected data of acquisition module, data are mentioned using secondary data acquisition module
Pure acquisition, and it is carried out to detect whether by processor to refuse this database if containing containing sensitive word data code
Data injection, allows this database data to inject if not containing.
2. a kind of Risk-recovery method for database according to claim 1, it is characterised in that: also wrap in the cloud
The information storage module being electrically connected with processor is included, 2) passes through processor later for time calibrating module executing the step
The time data of calibration, which are sent in information storage module, to be stored.
3. a kind of Risk-recovery method for database according to claim 1, it is characterised in that: executing the step
5) it is later same by processor by viral data interception block intercepts to data information be sent in information storage module and store up
It deposits.
4. a kind of Risk-recovery method for database according to claim 1, it is characterised in that: in the database
The target for injecting data is Website server, computer or mobile phone terminal equipment.
5. a kind of Risk-recovery method for database according to claim 1, it is characterised in that: the number in the cloud
Amount is multiple.
6. a kind of Risk-recovery method for database according to claim 1, it is characterised in that: the cloud is with generation
The form of code plug-in unit is mounted in the object to be measured of database data code circulation.
7. a kind of Risk-recovery method for database according to claim 2, it is characterised in that: the information storage
Module is specially hard disk storage.
8. a kind of Risk-recovery method for database according to claim 1, it is characterised in that: the warning device
Mainly it is made of alarm lamp and alarming horn.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910455289.9A CN110175455A (en) | 2019-05-29 | 2019-05-29 | A kind of Risk-recovery method for database |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910455289.9A CN110175455A (en) | 2019-05-29 | 2019-05-29 | A kind of Risk-recovery method for database |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110175455A true CN110175455A (en) | 2019-08-27 |
Family
ID=67696702
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910455289.9A Pending CN110175455A (en) | 2019-05-29 | 2019-05-29 | A kind of Risk-recovery method for database |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110175455A (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070168678A1 (en) * | 2006-01-18 | 2007-07-19 | Sybase, Inc. | Secured Database System with Built-in Antivirus Protection |
CN205608733U (en) * | 2016-04-28 | 2016-09-28 | 北京中超伟业信息安全技术有限公司 | Safely with audit device based on database server |
CN106339305A (en) * | 2016-08-30 | 2017-01-18 | 孙鸿鹏 | Supervision and examination method for security of database |
CN106446008A (en) * | 2016-08-12 | 2017-02-22 | 中国南方电网有限责任公司 | Management method and analysis system for database security event |
CN107122658A (en) * | 2017-05-08 | 2017-09-01 | 四川长虹电器股份有限公司 | Database system of defense and method with autolearn feature |
-
2019
- 2019-05-29 CN CN201910455289.9A patent/CN110175455A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070168678A1 (en) * | 2006-01-18 | 2007-07-19 | Sybase, Inc. | Secured Database System with Built-in Antivirus Protection |
CN205608733U (en) * | 2016-04-28 | 2016-09-28 | 北京中超伟业信息安全技术有限公司 | Safely with audit device based on database server |
CN106446008A (en) * | 2016-08-12 | 2017-02-22 | 中国南方电网有限责任公司 | Management method and analysis system for database security event |
CN106339305A (en) * | 2016-08-30 | 2017-01-18 | 孙鸿鹏 | Supervision and examination method for security of database |
CN107122658A (en) * | 2017-05-08 | 2017-09-01 | 四川长虹电器股份有限公司 | Database system of defense and method with autolearn feature |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Canali et al. | Prophiler: a fast filter for the large-scale detection of malicious web pages | |
CN105593870B (en) | Complexity scoring for malware detection | |
US20180262521A1 (en) | Method for web application layer attack detection and defense based on behavior characteristic matching and analysis | |
CN105320883B (en) | File security loads implementation method and device | |
KR102160659B1 (en) | Detection of anomalous program execution using hardware-based micro-architectural data | |
CN103034807B (en) | Malware detection methods and device | |
CN107851155A (en) | For the system and method across multiple software entitys tracking malicious act | |
KR20180080449A (en) | Method and apparatus for recognizing cyber threats using correlational analytics | |
CN102945348B (en) | Fileinfo collection method and device | |
CN102945349B (en) | unknown file processing method and device | |
CN102222194A (en) | Module and method for LINUX host computing environment safety protection | |
US20170061126A1 (en) | Process Launch, Monitoring and Execution Control | |
CN105681286A (en) | Association analysis method and association analysis system | |
CN105303107A (en) | Abnormal process detection method and apparatus | |
US10990672B2 (en) | Method and apparatus for obtaining virus library, device, server, and system | |
CN107122657B (en) | Database agent device for defending SQL injection attack | |
CN102833269B (en) | The detection method of cross-site attack, device and there is the fire compartment wall of this device | |
CN106549980A (en) | A kind of malice C&C server determines method and device | |
CN109409113A (en) | A kind of electric network data safety protecting method and distributed power grid data safety guard system | |
CN107666464B (en) | Information processing method and server | |
CN103218561A (en) | Tamper-proof method and device for protecting browser | |
CN105760762A (en) | Unknown malicious code detection method for embedded processor | |
CN103220277B (en) | The monitoring method of cross-site scripting attack, Apparatus and system | |
CN108040036A (en) | A kind of industry cloud Webshell safety protecting methods | |
CN103152356B (en) | Detect method, server and the system of paper sample security |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190827 |