CN110175455A - A kind of Risk-recovery method for database - Google Patents

A kind of Risk-recovery method for database Download PDF

Info

Publication number
CN110175455A
CN110175455A CN201910455289.9A CN201910455289A CN110175455A CN 110175455 A CN110175455 A CN 110175455A CN 201910455289 A CN201910455289 A CN 201910455289A CN 110175455 A CN110175455 A CN 110175455A
Authority
CN
China
Prior art keywords
data
module
viral
database
processor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910455289.9A
Other languages
Chinese (zh)
Inventor
解玉祥
赵红敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Financial Information Technology Co Ltd Hebei Branch
Original Assignee
Financial Information Technology Co Ltd Hebei Branch
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Financial Information Technology Co Ltd Hebei Branch filed Critical Financial Information Technology Co Ltd Hebei Branch
Priority to CN201910455289.9A priority Critical patent/CN110175455A/en
Publication of CN110175455A publication Critical patent/CN110175455A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/568Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files

Abstract

The invention discloses a kind of Risk-recovery methods for database, including database, cloud and warning device, level one data acquisition module, secondary data acquisition module, contrast module, time calibrating module, viral data interception module, viral data storage bank and the viral data extraction module for being provided with processor in the cloud and being electrically connected between processor, the virus data extraction module are also electrically connected between viral data storage bank;Data code is acquired by level one data acquisition module, and the viral data in data and viral data storage bank are compared using contrast module, and this data is intercepted by viral data interception module, data secondary acquisition is purified by secondary data acquisition module, and the sensitive word data code in data is detected by processor, effectively contain the sensitive word data code for being not desired to spread, consummating function diversity in defence database.

Description

A kind of Risk-recovery method for database
Technical field
The invention belongs to database defense technique fields, and in particular to a kind of Risk-recovery method for database.
Background technique
Database can be considered the file cabinet of electronization in brief --- the place of storage electronic document, user can be right Data in file newly such as are increased, are intercepted, being updated, being deleted at the operation, so-called database be store in a certain way together, energy With multiple user sharings, have redundancy as small as possible, with application program data acquisition system independent of each other, with internet Develop, comes on more and more business migrations to internet, the safety of database is increasingly taken seriously.
The existing Risk-recovery function for database is not perfect, and it is anti-to carry out risk well for database It is imperial, screening defence can not be carried out for the vocabulary of some sensitivities, so that sensitive vocabulary code is circulated by database To inappropriate occasion.
Summary of the invention
The purpose of the present invention is to provide a kind of Risk-recovery methods for database, to solve in above-mentioned background technique The problem of proposition.
To achieve the above object, the invention provides the following technical scheme: a kind of Risk-recovery method for database, packet Include database, cloud and warning device, the level-one that processor is provided in the cloud and is electrically connected between processor Data acquisition module, secondary data acquisition module, contrast module, time calibrating module, viral data interception module, viral data Repository and viral data extraction module, the virus data extraction module are also electrically connected between viral data storage bank, It is electrically connected between the warning device and processor, steps are as follows for specific defence:
1) viral data and the input of cloud sensitive word pass through the known viral data of extraneous computer input to virus first It is stored in data storage bank, for comparing detection when circulating to data in database, while inputting sensitive word number to cloud According to;
2) database data injection request, step 1) will be infused data using time computing module after the input of viral data Time when entering to database is demarcated;
3) a data acquisition, by level one data acquisition module in database after the injection of step 2) database data The data of circulation are acquired, and send processor for collected data;
4) data of data comparison, the acquisition of step 3) data are sent to contrast module, while viral data by processor Extraction module extracts the known viruse data stored in viral data storage bank and is sent to contrast module by processor, benefit Two kinds of data are compared with contrast module;
5) data alarm, if finding to include viral data storage bank in collected data after step 4) data comparison The viral data of interior storage, then processor control warning device carries out early warning prompting, while viral data interception module is to containing The data of virus are intercepted, and this time data injection request is dangerous;
6) secondary data acquires, and when not finding to have identical code in two data in step 5), then processor is by one The secondary collected data of data acquisition module are sent to secondary data acquisition module, using secondary data acquisition module to data into Row purification acquisition, and it is carried out to detect whether by processor to refuse this number if containing containing sensitive word data code It is injected according to library data, this database data is allowed to inject if not containing.
Preferably, the cloud further includes having the information storage module being electrically connected with processor, is being executed the step 2) It is later sent the time data that time calibrating module is demarcated in information storage module by processor and stored.
Preferably, executing the step the data for 5) later equally viral data interception block intercepts being arrived by processor Information is sent in information storage module and stores.
Preferably, the target that data are injected in the database is Website server, computer or mobile phone terminal equipment.
Preferably, the quantity in the cloud is multiple.
Preferably, the cloud is mounted in the object to be measured of database data code circulation in the form of code plug-in.
Preferably, the information storage module is specially hard disk storage.
Preferably, the warning device is mainly made of alarm lamp and alarming horn.
Compared with prior art, the beneficial effects of the present invention are: being carried out by level one data acquisition module to data code Acquisition, and the viral data in data and viral data storage bank are compared using contrast module, two data match Data be viral data, and this data is intercepted by virus data interception module, mould is acquired by secondary data Block is to data and then secondary acquisition purifies, and is detected by processor to the sensitive word data code in data, effectively anti- Containing the sensitive word data code for being not desired to spread in imperial database, consummating function diversity is contained using the storage of information storage module The viral data that the time and viral data interception module for having the data of viral data code to circulate are intercepted, facilitate the later period to look into Viral data are seen and cleared up, while detecting data circulation alarm lamp and alarming horn hair doped with viral data code Sound-light alarm is reminded out.
Specific embodiment
The technical scheme in the embodiments of the invention will be clearly and completely described below, it is clear that described implementation Example is only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, this field is common Technical staff's every other embodiment obtained without making creative work belongs to the model that the present invention protects It encloses.
Embodiment 1
The present invention provides a kind of technical solution: a kind of Risk-recovery method for database, including database, cloud and Warning device, level one data acquisition module, two series for being provided with processor and being electrically connected between processor in cloud It is mentioned according to acquisition module, contrast module, time calibrating module, viral data interception module, viral data storage bank and viral data Modulus block, viral data extraction module are also electrically connected between viral data storage bank, electric between warning device and processor Property connection, steps are as follows for specific defence:
1) viral data and the input of cloud sensitive word pass through the known viral data of extraneous computer input to virus first It is stored in data storage bank, for comparing detection when circulating to data in database, while inputting sensitive word number to cloud According to;
2) database data injection request, step 1) will be infused data using time computing module after the input of viral data Time when entering to database is demarcated;
3) a data acquisition, by level one data acquisition module in database after the injection of step 2) database data The data of circulation are acquired, and send processor for collected data;
4) data of data comparison, the acquisition of step 3) data are sent to contrast module, while viral data by processor Extraction module extracts the known viruse data stored in viral data storage bank and is sent to contrast module by processor, benefit Two kinds of data are compared with contrast module;
5) data alarm, if finding to include viral data storage bank in collected data after step 4) data comparison The viral data of interior storage, then processor control warning device carries out early warning prompting, while viral data interception module is to containing The data of virus are intercepted, and this time data injection request is dangerous;
6) secondary data acquires, and when not finding to have identical code in two data in step 5), then processor is by one The secondary collected data of data acquisition module are sent to secondary data acquisition module, using secondary data acquisition module to data into Row purification acquisition, and it is carried out to detect whether by processor to refuse this number if containing containing sensitive word data code It is injected according to library data, this database data is allowed to inject if not containing.
Further, the target that data are injected in database is Website server, computer or mobile phone terminal equipment.
Further, the quantity in cloud is multiple.
Further, cloud is mounted in the object to be measured of database data code circulation in the form of code plug-in.
Further, information storage module is specially hard disk storage.
Further, warning device is mainly made of alarm lamp and alarming horn.
Embodiment 2
The present invention provides a kind of technical solution: a kind of Risk-recovery method for database, including database, cloud and Warning device, level one data acquisition module, two series for being provided with processor and being electrically connected between processor in cloud According to acquisition module, contrast module, time calibrating module, viral data interception module, information storage module, viral data storage bank With viral data extraction module, viral data extraction module is also electrically connected between viral data storage bank, warning device with It is electrically connected between processor, steps are as follows for specific defence:
1) viral data and the input of cloud sensitive word pass through the known viral data of extraneous computer input to virus first It is stored in data storage bank, for comparing detection when circulating to data in database, while inputting sensitive word number to cloud According to;
2) database data injection request, step 1) will be infused data using time computing module after the input of viral data Time when entering to database is demarcated, while sending letter for the time data that time calibrating module is demarcated by processor It is stored in breath storage module;
3) a data acquisition, by level one data acquisition module in database after the injection of step 2) database data The data of circulation are acquired, and send processor for collected data;
4) data of data comparison, the acquisition of step 3) data are sent to contrast module, while viral data by processor Extraction module extracts the known viruse data stored in viral data storage bank and is sent to contrast module by processor, benefit Two kinds of data are compared with contrast module;
5) data alarm, if finding to include viral data storage bank in collected data after step 4) data comparison The viral data of interior storage, then processor control warning device carries out early warning prompting, while viral data interception module is to containing The data of virus are intercepted, and this time data injection request is dangerous, while passing through processor for viral data interception module The data information intercepted is sent in information storage module and stores;
6) secondary data acquires, and when not finding to have identical code in two data in step 5), then processor is by one The secondary collected data of data acquisition module are sent to secondary data acquisition module, using secondary data acquisition module to data into Row purification acquisition, and it is carried out to detect whether by processor to refuse this number if containing containing sensitive word data code It is injected according to library data, this database data is allowed to inject if not containing.
Further, the target that data are injected in database is Website server, computer or mobile phone terminal equipment.
Further, the quantity in cloud is multiple.
Further, cloud is mounted in the object to be measured of database data code circulation in the form of code plug-in.
Further, information storage module is specially hard disk storage.
Further, warning device is mainly made of alarm lamp and alarming horn.
It although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with A variety of variations, modification, replacement can be carried out to these embodiments without departing from the principles and spirit of the present invention by understanding And modification, the scope of the present invention is defined by the appended.

Claims (8)

1. a kind of Risk-recovery method for database, including database, cloud and warning device, it is characterised in that: described Level one data acquisition module, the secondary data acquisition mould for being provided with processor in cloud and being electrically connected between processor Block, contrast module, time calibrating module, viral data interception module, viral data storage bank and viral data extraction module, institute It states viral data extraction module to be also electrically connected between viral data storage bank, between the warning device and processor electrically Connection, steps are as follows for specific defence:
1) viral data and the input of cloud sensitive word pass through the known viral data of extraneous computer input to viral data first It is stored in repository, for comparing detection when circulating to data in database, while inputting sensitive word data to cloud;
2) database data injection request, step 1) will be injected into data using time computing module after the input of viral data Time when database is demarcated;
3) data acquisition, by level one data acquisition module to circulating in database after the injection of step 2) database data Data be acquired, and send processor for collected data;
4) data of data comparison, the acquisition of step 3) data are sent to contrast module by processor, while viral data are extracted Module extracts the known viruse data stored in viral data storage bank and is sent to contrast module by processor, using pair Two kinds of data are compared than module;
5) data alarm, if finding after step 4) data comparison includes storage in viral data storage bank in collected data The viral data deposited, then processor control warning device carries out early warning prompting, while viral data interception module is to containing viral Data intercepted, this time data injection request it is dangerous;
6) secondary data acquires, and when not finding to have identical code in two data in step 5), then processor is by a number It is sent to secondary data acquisition module according to the collected data of acquisition module, data are mentioned using secondary data acquisition module Pure acquisition, and it is carried out to detect whether by processor to refuse this database if containing containing sensitive word data code Data injection, allows this database data to inject if not containing.
2. a kind of Risk-recovery method for database according to claim 1, it is characterised in that: also wrap in the cloud The information storage module being electrically connected with processor is included, 2) passes through processor later for time calibrating module executing the step The time data of calibration, which are sent in information storage module, to be stored.
3. a kind of Risk-recovery method for database according to claim 1, it is characterised in that: executing the step 5) it is later same by processor by viral data interception block intercepts to data information be sent in information storage module and store up It deposits.
4. a kind of Risk-recovery method for database according to claim 1, it is characterised in that: in the database The target for injecting data is Website server, computer or mobile phone terminal equipment.
5. a kind of Risk-recovery method for database according to claim 1, it is characterised in that: the number in the cloud Amount is multiple.
6. a kind of Risk-recovery method for database according to claim 1, it is characterised in that: the cloud is with generation The form of code plug-in unit is mounted in the object to be measured of database data code circulation.
7. a kind of Risk-recovery method for database according to claim 2, it is characterised in that: the information storage Module is specially hard disk storage.
8. a kind of Risk-recovery method for database according to claim 1, it is characterised in that: the warning device Mainly it is made of alarm lamp and alarming horn.
CN201910455289.9A 2019-05-29 2019-05-29 A kind of Risk-recovery method for database Pending CN110175455A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910455289.9A CN110175455A (en) 2019-05-29 2019-05-29 A kind of Risk-recovery method for database

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910455289.9A CN110175455A (en) 2019-05-29 2019-05-29 A kind of Risk-recovery method for database

Publications (1)

Publication Number Publication Date
CN110175455A true CN110175455A (en) 2019-08-27

Family

ID=67696702

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910455289.9A Pending CN110175455A (en) 2019-05-29 2019-05-29 A kind of Risk-recovery method for database

Country Status (1)

Country Link
CN (1) CN110175455A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070168678A1 (en) * 2006-01-18 2007-07-19 Sybase, Inc. Secured Database System with Built-in Antivirus Protection
CN205608733U (en) * 2016-04-28 2016-09-28 北京中超伟业信息安全技术有限公司 Safely with audit device based on database server
CN106339305A (en) * 2016-08-30 2017-01-18 孙鸿鹏 Supervision and examination method for security of database
CN106446008A (en) * 2016-08-12 2017-02-22 中国南方电网有限责任公司 Management method and analysis system for database security event
CN107122658A (en) * 2017-05-08 2017-09-01 四川长虹电器股份有限公司 Database system of defense and method with autolearn feature

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070168678A1 (en) * 2006-01-18 2007-07-19 Sybase, Inc. Secured Database System with Built-in Antivirus Protection
CN205608733U (en) * 2016-04-28 2016-09-28 北京中超伟业信息安全技术有限公司 Safely with audit device based on database server
CN106446008A (en) * 2016-08-12 2017-02-22 中国南方电网有限责任公司 Management method and analysis system for database security event
CN106339305A (en) * 2016-08-30 2017-01-18 孙鸿鹏 Supervision and examination method for security of database
CN107122658A (en) * 2017-05-08 2017-09-01 四川长虹电器股份有限公司 Database system of defense and method with autolearn feature

Similar Documents

Publication Publication Date Title
Canali et al. Prophiler: a fast filter for the large-scale detection of malicious web pages
CN105593870B (en) Complexity scoring for malware detection
US20180262521A1 (en) Method for web application layer attack detection and defense based on behavior characteristic matching and analysis
CN105320883B (en) File security loads implementation method and device
KR102160659B1 (en) Detection of anomalous program execution using hardware-based micro-architectural data
CN103034807B (en) Malware detection methods and device
CN107851155A (en) For the system and method across multiple software entitys tracking malicious act
KR20180080449A (en) Method and apparatus for recognizing cyber threats using correlational analytics
CN102945348B (en) Fileinfo collection method and device
CN102945349B (en) unknown file processing method and device
CN102222194A (en) Module and method for LINUX host computing environment safety protection
US20170061126A1 (en) Process Launch, Monitoring and Execution Control
CN105681286A (en) Association analysis method and association analysis system
CN105303107A (en) Abnormal process detection method and apparatus
US10990672B2 (en) Method and apparatus for obtaining virus library, device, server, and system
CN107122657B (en) Database agent device for defending SQL injection attack
CN102833269B (en) The detection method of cross-site attack, device and there is the fire compartment wall of this device
CN106549980A (en) A kind of malice C&C server determines method and device
CN109409113A (en) A kind of electric network data safety protecting method and distributed power grid data safety guard system
CN107666464B (en) Information processing method and server
CN103218561A (en) Tamper-proof method and device for protecting browser
CN105760762A (en) Unknown malicious code detection method for embedded processor
CN103220277B (en) The monitoring method of cross-site scripting attack, Apparatus and system
CN108040036A (en) A kind of industry cloud Webshell safety protecting methods
CN103152356B (en) Detect method, server and the system of paper sample security

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190827