CN110311913A - Computer Network Security System, application method, equipment and storage medium - Google Patents

Computer Network Security System, application method, equipment and storage medium Download PDF

Info

Publication number
CN110311913A
CN110311913A CN201910595961.4A CN201910595961A CN110311913A CN 110311913 A CN110311913 A CN 110311913A CN 201910595961 A CN201910595961 A CN 201910595961A CN 110311913 A CN110311913 A CN 110311913A
Authority
CN
China
Prior art keywords
data
virus
network
unit
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910595961.4A
Other languages
Chinese (zh)
Inventor
安静
梁鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Institute of Technology
Original Assignee
Shanghai Institute of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Institute of Technology filed Critical Shanghai Institute of Technology
Priority to CN201910595961.4A priority Critical patent/CN110311913A/en
Publication of CN110311913A publication Critical patent/CN110311913A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/568Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms

Abstract

The present invention provides a kind of Computer Network Security System, application method, equipment and storage mediums, including central processor unit, network virus checking unit, checking and killing virus unit, viral isolated location, DEU data encryption unit and data transmission unit;The network virus checking unit, for the internet worm in real-time detection computer network;The virus isolated location, for being isolated to the internet worm detected and being stored in isolated area;The checking and killing virus unit carries out killing for the internet worm to isolated area;The DEU data encryption unit, for network packet to be encrypted, to prevent internet worm from invading;The data transmission unit, for carrying out encrypted transmission again to encrypted network packet.Working principle of the present invention is simple, highly-safe, can be realized detection, isolation, killing to internet worm, while can encrypt to network packet, while can carry out encrypted transmission to data, effectively prevents leaking data.

Description

Computer Network Security System, application method, equipment and storage medium
Technical field
The present invention relates to computer networking technologies, and in particular, to a kind of Computer Network Security System, application method, Equipment and storage medium.
Background technique
It has an extremely important influence on human production activities and social activities for computer, and with powerful vitality Rapid development.Computer application field, to the every field of society, has formd rule from initial military research application extension The huge computer industry of mould, has driven the technological progress of global range, has thus caused deep social change, computer is Throughout general school, enterprises and institutions, into common people family, become essential tool in information-intensive society.Computer Apply more and more common in China, after reform and opening-up, the quantity of China Computer Users is constantly soaring, and application level constantly mentions The application in the fields such as height, especially internet, communication, multimedia achieves good achievement.
Computer network refers to the multiple stage computers and its external equipment with standalone feature that geographical location is different, leads to Communication line is crossed to connect, it is real under the management and coordination of the network management software and network communication protocol in network operating system The computer system of existing resource-sharing and information transmitting.
There is a large amount of abnormal viral signal, the static state of traditional network safety theory and technology in current computer network Property and passivity can not adapt to severe changeable network environment, therefore, it is necessary to design a kind of computer network security system System.
Summary of the invention
For the defects in the prior art, the object of the present invention is to provide a kind of Computer Network Security Systems, user Method, equipment and storage medium.
The Computer Network Security System provided according to the present invention, including central processor unit, network virus detection list Member, checking and killing virus unit, viral isolated location, DEU data encryption unit and data transmission unit;
The central processor unit be separately connected network virus checking unit, checking and killing virus unit, viral isolated location, DEU data encryption unit;The central processor unit connects background monitoring center by data transmission unit;
The network virus checking unit, for the internet worm in real-time detection computer network;The virus isolation Unit, for being isolated to the internet worm detected and being stored in isolated area;The checking and killing virus unit, for isolation The internet worm in area carries out killing;The DEU data encryption unit, for network data to be encrypted, to prevent network sick Poison invasion;The data transmission unit, for carrying out encrypted transmission again to encrypted network data.
Preferably, the network virus checking unit includes internet worm feature database, network data acquisition module and disease Malicious characteristic matching module;
The internet worm feature database, for being stored with multiple internet worm features, each virus characteristic corresponding one A or multiple Virus Infos;
Network data acquisition module: it for acquiring network packet, will be sent out after the parsing of collected network data package-restructuring It send to virus characteristic matching module and virus characteristic is matched;
Virus characteristic matching module, for when network packet is matched to a virus characteristic, according to being matched to Virus characteristic, judges whether the network data packet can form Virus Info, and when forming Virus Info, then Virus Info matches Otherwise success continues virus characteristic judgement.
Preferably, the DEU data encryption unit includes following module:
Network data acquisition module, for obtaining network data to be encrypted, using the network data as clear data;
Encryption data preprocessing module generates clear data to be encrypted for pre-processing to described, by it is each to The clear data grouping of encryption generates multistage be-encrypted data;
First time encrypting module passes through institute for randomly selecting the first Encryption Algorithm in the Encryption Algorithm pond of preset value It states the first Encryption Algorithm and first time encryption is carried out to multistage be-encrypted data, generate multistage encryption data, and number is encrypted to multistage According to signing, multistage encrypted signature data are generated;
Second of encrypting module passes through described for choosing the second Encryption Algorithm in the Encryption Algorithm pond of preset value Two Encryption Algorithm carry out the second encryption to encrypted signature data, generate the secondary encryption data of multistage.
The application method of Computer Network Security System provided by the invention, which comprises the steps of:
Step S1: being measured in real time computer network by the network virus checking unit, when monitoring network When viral signal, exceptional instructions are sent to central processor unit;
Step S2: when central processor unit receives exceptional instructions, by central processor unit to the virus Isolated location sends isolated instructions, so that internet worm is isolated in the virus isolated location, and is stored in isolated area;
Step S3: central processor unit sends killing instruction to checking and killing virus unit, and checking and killing virus unit is to isolated area Interior internet worm carries out killing;
Step S4: network data is encrypted and is stored by DEU data encryption unit;
Step S5: central processor unit, which is obtained, carries out encrypted transmission into background monitoring for encrypted network data The heart.
Preferably, when network virus checking unit detects internet worm, include the following steps:
Step M1: creation internet worm feature database, the internet worm feature database are stored with multiple internet worm features, often A corresponding one or more Virus Infos of the virus characteristic;
Step M2: acquisition network packet, it will be after the parsing of collected network data package-restructuring and in virus characteristic library Virus characteristic is matched;
Step M3: when network packet is matched to a virus characteristic, according to the virus characteristic being matched to, judge institute State whether network data packet can form Virus Info, when forming Virus Info, then otherwise Virus Info successful match continues Carry out virus characteristic judgement.
Preferably, when the DEU data encryption unit encrypts network data, include the following steps:
Step N1: obtaining network data to be encrypted, using the network data as clear data;
Step N2: pre-processing to described, generates clear data to be encrypted, by each clear data to be encrypted point Group generates multistage be-encrypted data;
Step N3: randomly selecting the first Encryption Algorithm in the Encryption Algorithm pond of preset value, is calculated by first encryption Method carries out first time encryption to multistage be-encrypted data, generates multistage encryption data, and sign to multistage encryption data, raw At multistage encrypted signature data;
Step N4: choosing the second Encryption Algorithm in the Encryption Algorithm pond of preset value, by second Encryption Algorithm to label Name encryption data carries out the second encryption, generates the secondary encryption data of multistage;
Step N5: the secondary encryption data of multistage is merged and generates target encryption data.
Preferably, the second Encryption Algorithm uses asymmetric ECC Encryption Algorithm.
Preferably, the matching of network packet and virus characteristic is carried out using pattern matching algorithm in step M3.
Computer network security equipment provided by the invention, comprising:
Processor;
Memory, wherein being stored with the executable instruction of the processor;
Wherein, the processor is configured to execute the calculation machine network safety system via the executable instruction is executed Application method the step of.
Computer readable storage medium provided by the invention, for storing program, described program is performed described in realization The step of application method of calculation machine network safety system.
Compared with prior art, the present invention have it is following the utility model has the advantages that
1, working principle of the present invention is simple, highly-safe, can be realized detection, isolation, killing to internet worm, simultaneously Network data can be encrypted, while encrypted transmission can be carried out to data, effectively prevent leaking data.
2, it is provided with network virus checking unit in the present invention, a virus can be handled by network virus checking unit The case where containing a plurality of virus characteristic, is suitble to use in a high-speed network, and detection efficiency is high.
3, DEU data encryption unit is provided in the present invention to adopt, can carry out multi-enciphering by DEU data encryption unit, make to add Close complexity increases, and considerably increases the difficulty of ciphertext decoding, network data is effectively protected.
Detailed description of the invention
Upon reading the detailed description of non-limiting embodiments with reference to the following drawings, other feature of the invention, Objects and advantages will become more apparent upon:
Fig. 1 is the module diagram of Computer Network Security System in the present invention;
Fig. 2 is the step flow chart of Computer Network Security System application method in the present invention;
Fig. 3 is the step flow chart that network virus checking unit detects internet worm in the present invention;
Fig. 4 is the step flow chart that DEU data encryption unit encrypts network data in the present invention;
Fig. 5 is the structural schematic diagram of computer Network Security Device in the present invention;And
Fig. 6 is the structural schematic diagram of computer readable storage medium in the present invention.
Specific embodiment
The present invention is described in detail combined with specific embodiments below.Following embodiment will be helpful to the technology of this field Personnel further understand the present invention, but the invention is not limited in any way.It should be pointed out that the ordinary skill of this field For personnel, without departing from the inventive concept of the premise, various modifications and improvements can be made.These belong to the present invention Protection scope.
Fig. 1 is the module diagram of Computer Network Security System in the present invention, as shown in Figure 1, meter provided by the invention Calculation machine network safety system, including central processor unit 1, network virus checking unit 2, checking and killing virus unit 3, virus isolation Unit 4, DEU data encryption unit 5 and data transmission unit 6;
The central processor unit 1 is separately connected network virus checking unit 2, checking and killing virus unit 3, virus isolation list First 4, DEU data encryption unit 5;The central processor unit 1 connects background monitoring center 7 by data transmission unit 6;
The network virus checking unit 2, for the internet worm in real-time detection computer network;The virus isolation Unit 4, for being isolated to the internet worm detected and being stored in isolated area;The checking and killing virus unit 3, for every Internet worm from area carries out killing;The DEU data encryption unit 5, for network data to be encrypted, to prevent net Network poisoning intrusion;The data transmission unit 6, for carrying out encrypted transmission again to encrypted network data.
In the present embodiment, background monitoring center 7 is used to carry out encrypted network data storage and and monitoring.
In the present embodiment, working principle of the present invention is simple, highly-safe, can be realized detection to internet worm, every From, killing, while network data can be encrypted, while encrypted transmission can be carried out to data, effectively prevent data Leakage.
In an embodiment of the present invention, the network virus checking unit 2 is adopted including internet worm feature database, network data Collect module and virus characteristic matching module;
The internet worm feature database, for being stored with multiple internet worm features, each virus characteristic corresponding one A or multiple Virus Infos;
Network data acquisition module: it for acquiring network packet, will be sent out after the parsing of collected network data package-restructuring It send to virus characteristic matching module and virus characteristic is matched;
Virus characteristic matching module, for when network packet is matched to a virus characteristic, according to being matched to Virus characteristic, judges whether the network data packet can form Virus Info, and when forming Virus Info, then Virus Info matches Otherwise success continues virus characteristic judgement.
It is provided with network virus checking unit in the present invention, a virus can be handled by network virus checking unit and contained There is the case where a plurality of virus characteristic, is suitble to use in a high-speed network, detection efficiency is high.
In an embodiment of the present invention, the DEU data encryption unit 5 includes following module:
Network data acquisition module, for obtaining network data to be encrypted, using the network data as clear data;
Encryption data preprocessing module generates clear data to be encrypted for pre-processing to described, by it is each to The clear data grouping of encryption generates multistage be-encrypted data;
First time encrypting module passes through institute for randomly selecting the first Encryption Algorithm in the Encryption Algorithm pond of preset value It states the first Encryption Algorithm and first time encryption is carried out to multistage be-encrypted data, generate multistage encryption data, and number is encrypted to multistage According to signing, multistage encrypted signature data are generated;
Second of encrypting module passes through described for choosing the second Encryption Algorithm in the Encryption Algorithm pond of preset value Two Encryption Algorithm carry out the second encryption to encrypted signature data, generate the secondary encryption data of multistage.
It is provided with DEU data encryption unit in the present invention to adopt, multi-enciphering can be carried out by DEU data encryption unit, make to encrypt Complexity increase, considerably increase ciphertext decoding difficulty, network data is effectively protected.
Fig. 2 is the step flow chart of Computer Network Security System application method in the present invention, as shown in Fig. 2, of the invention The application method of the Computer Network Security System of offer, includes the following steps:
Step S1: being measured in real time computer network by the network virus checking unit, when monitoring network When viral signal, exceptional instructions are sent to central processor unit;
Step S2: when central processor unit receives exceptional instructions, by central processor unit to the virus Isolated location sends isolated instructions, so that internet worm is isolated in the virus isolated location, and is stored in isolated area;
Step S3: central processor unit sends killing instruction to checking and killing virus unit, and checking and killing virus unit is to isolated area Interior internet worm carries out killing;
Step S4: network data is encrypted and is stored by DEU data encryption unit;
Step S5: central processor unit, which is obtained, carries out encrypted transmission into background monitoring for encrypted network data The heart.
Fig. 3 is the step flow chart that network virus checking unit detects internet worm in the present invention, such as Fig. 3 institute Show, when network virus checking unit 2 detects internet worm, includes the following steps:
Step M1: creation internet worm feature database, the internet worm feature database are stored with multiple internet worm features, often A corresponding one or more Virus Infos of the virus characteristic;
Step M2: acquisition network packet, it will be after the parsing of collected network data package-restructuring and in virus characteristic library Virus characteristic is matched;
Step M3: when network packet is matched to a virus characteristic, according to the virus characteristic being matched to, judge institute State whether network data packet can form Virus Info, when forming Virus Info, then otherwise Virus Info successful match continues Carry out virus characteristic judgement.
In an embodiment of the present invention, network packet and virus characteristic are carried out using pattern matching algorithm in step M3 Matching.
Fig. 4 is the step flow chart that DEU data encryption unit encrypts network data in the present invention, as shown in figure 4, working as When the DEU data encryption unit encrypts network data, include the following steps:
Step N1: obtaining network data to be encrypted, using the network data as clear data;
Step N2: pre-processing to described, generates clear data to be encrypted, by each clear data to be encrypted point Group generates multistage be-encrypted data;
Step N3: randomly selecting the first Encryption Algorithm in the Encryption Algorithm pond of preset value, is calculated by first encryption Method carries out first time encryption to multistage be-encrypted data, generates multistage encryption data, and sign to multistage encryption data, raw At multistage encrypted signature data;
Step N4: choosing the second Encryption Algorithm in the Encryption Algorithm pond of preset value, by second Encryption Algorithm to label Name encryption data carries out the second encryption, generates the secondary encryption data of multistage;
Step N5: the secondary encryption data of multistage is merged and generates target encryption data.
In an embodiment of the present invention, second Encryption Algorithm uses asymmetric ECC Encryption Algorithm.
The computer network security equipment also provided in the embodiment of the present invention, including processor.Memory, wherein being stored with The executable instruction of processor.Wherein, processor is configured to execute computer network security side via executable instruction is executed The step of method.
As above, working principle of the present invention is simple in the embodiment, highly-safe, can be realized detection to internet worm, Isolation, killing, while network data can be encrypted, while encrypted transmission can be carried out to data, it effectively prevents from counting According to leakage.
Person of ordinary skill in the field it is understood that various aspects of the invention can be implemented as system, method or Program product.Therefore, various aspects of the invention can be embodied in the following forms, it may be assumed that complete hardware embodiment, complete The embodiment combined in terms of full Software Implementation (including firmware, microcode etc.) or hardware and software, can unite here Referred to as " circuit ", " module " or " platform ".
Fig. 5 is the structural schematic diagram of the structural schematic diagram of computer Network Security Device in the present invention.Come referring to Fig. 5 The electronic equipment 600 of this embodiment according to the present invention is described.The electronic equipment 600 that Fig. 5 is shown is only an example, Should not function to the embodiment of the present invention and use scope bring any restrictions.
As shown in figure 5, electronic equipment 600 is showed in the form of universal computing device.The component of electronic equipment 600 can wrap Include but be not limited to: at least one processing unit 610, at least one storage unit 620, connection different platform component (including storage Unit 620 and processing unit 610) bus 630, display unit 640 etc..
Wherein, storage unit is stored with program code, and program code can be executed with unit 610 processed, so that processing is single Member 610 execute this specification above method part described according to the present invention various illustrative embodiments the step of.For example, Processing unit 610 can execute step as shown in fig. 1.
Storage unit 620 may include the readable medium of volatile memory cell form, such as Random Access Storage Unit (RAM) 6201 and/or cache memory unit 6202, it can further include read-only memory unit (ROM) 6203.
Storage unit 620 can also include program/utility with one group of (at least one) program module 6205 6204, such program module 6205 includes but is not limited to: operating system, one or more application program, other program moulds It may include the realization of network environment in block and program data, each of these examples or certain combination.
Bus 630 can be to indicate one of a few class bus structures or a variety of, including storage unit bus or storage Cell controller, peripheral bus, graphics acceleration port, processing unit use any bus structures in a variety of bus structures Local bus.
Electronic equipment 600 can also be with one or more external equipments 700 (such as keyboard, sensing equipment, bluetooth equipment Deng) communication, can also be enabled a user to one or more equipment interact with the electronic equipment 600 communicate, and/or with make Any equipment (such as the router, modulation /demodulation that the electronic equipment 600 can be communicated with one or more of the other calculating equipment Device etc.) communication.This communication can be carried out by input/output (I/O) interface 650.Also, electronic equipment 600 can be with By network adapter 660 and one or more network (such as local area network (LAN), wide area network (WAN) and/or public network, Such as internet) communication.Network adapter 660 can be communicated by bus 630 with other modules of electronic equipment 600.It should Understand, although being not shown in Fig. 5, other hardware and/or software module can be used in conjunction with electronic equipment 600, including unlimited In: microcode, device driver, redundant processing unit, external disk drive array, RAID system, tape drive and number According to backup storage platform etc..
A kind of computer readable storage medium is also provided in the embodiment of the present invention, for storing program, program is performed The step of image split-joint method of realization.In some possible embodiments, various aspects of the invention are also implemented as A kind of form of program product comprising program code, when program product is run on the terminal device, program code is for making Terminal device executes described in this specification above method part the step of various illustrative embodiments according to the present invention.
As it appears from the above, the program of the computer readable storage medium of the embodiment is when being executed, working principle letter of the present invention It is single, it is highly-safe, it can be realized detection, isolation, killing to internet worm, while can encrypt to network data, together When can to data carry out encrypted transmission, effectively prevent leaking data.
Fig. 6 is the structural schematic diagram of computer readable storage medium of the invention.Refering to what is shown in Fig. 6, describing according to this The program product 800 for realizing the above method of the embodiment of invention can use the read-only storage of portable compact disc Device (CD-ROM) and including program code, and can be run on terminal device, such as PC.However, journey of the invention Sequence product is without being limited thereto, and in this document, readable storage medium storing program for executing can be any tangible medium for including or store program, the journey Sequence can be commanded execution system, device or device use or in connection.
Program product can be using any combination of one or more readable mediums.Readable medium can be readable signal Jie Matter or readable storage medium storing program for executing.Readable storage medium storing program for executing for example can be but be not limited to electricity, magnetic, optical, electromagnetic, infrared ray or partly lead System, device or the device of body, or any above combination.More specific example (the non exhaustive column of readable storage medium storing program for executing Table) include: electrical connection with one or more conducting wires, portable disc, hard disk, random access memory (RAM), read-only deposit Reservoir (ROM), erasable programmable read only memory (EPROM or flash memory), optical fiber, portable compact disc read only memory (CD- ROM), light storage device, magnetic memory device or above-mentioned any appropriate combination.
Computer readable storage medium may include in a base band or as carrier wave a part propagate data-signal, In carry readable program code.The data-signal of this propagation can take various forms, including but not limited to electromagnetic signal, Optical signal or above-mentioned any appropriate combination.Readable storage medium storing program for executing can also be any readable Jie other than readable storage medium storing program for executing Matter, the readable medium can send, propagate or transmit for by instruction execution system, device or device use or and its The program of combined use.The program code for including on readable storage medium storing program for executing can transmit with any suitable medium, including but not It is limited to wireless, wired, optical cable, RF etc. or above-mentioned any appropriate combination.
The program for executing operation of the present invention can be write with any combination of one or more programming languages Code, programming language include object oriented program language-Java, C++ etc., further include conventional process Formula programming language-such as " C " language or similar programming language.Program code can be calculated fully in user It executes in equipment, partly execute on a user device, executing, as an independent software package partially in user calculating equipment Upper part executes on a remote computing or executes in remote computing device or server completely.It is being related to remotely counting In the situation for calculating equipment, remote computing device can pass through the network of any kind, including local area network (LAN) or wide area network (WAN), it is connected to user calculating equipment, or, it may be connected to external computing device (such as utilize ISP To be connected by internet).
In the present embodiment, working principle of the present invention is simple, highly-safe, can be realized detection to internet worm, every From, killing, while network data can be encrypted, while encrypted transmission can be carried out to data, effectively prevent data Leakage;It is provided with network virus checking unit in the present invention, a virus can be handled by network virus checking unit and contained The case where a plurality of virus characteristic, is suitble to use in a high-speed network, and detection efficiency is high;DEU data encryption unit is provided in the present invention It adopts, multi-enciphering can be carried out by DEU data encryption unit, increase the complexity of encryption, considerably increase the difficulty of ciphertext decoding Degree, is effectively protected network data.
Specific embodiments of the present invention are described above.It is to be appreciated that the invention is not limited to above-mentioned Particular implementation, those skilled in the art can make various deformations or amendments within the scope of the claims, this not shadow Ring substantive content of the invention.

Claims (10)

1. a kind of Computer Network Security System, which is characterized in that including central processor unit (1), network virus detection list First (2), checking and killing virus unit (3), viral isolated location (4), DEU data encryption unit (5) and data transmission unit (6);
The central processor unit (1) is separately connected network virus checking unit (2), checking and killing virus unit (3), virus isolation Unit (4), DEU data encryption unit (5);The central processor unit (1) connects background monitoring by data transmission unit (6) Center (7);
The network virus checking unit (2), for the internet worm in real-time detection computer network;The virus isolation is single First (4), for being isolated to the internet worm detected and being stored in isolated area;The checking and killing virus unit (3), for pair The internet worm of isolated area carries out killing;The DEU data encryption unit (5), for network packet to be encrypted, with Prevent internet worm from invading;The data transmission unit (6), for carrying out encryption biography again to encrypted network packet It is defeated.
2. Computer Network Security System according to claim 2, which is characterized in that the network virus checking unit It (2) include internet worm feature database, network data acquisition module and virus characteristic matching module;
The internet worm feature database, for being stored with multiple internet worm features, each virus characteristic it is corresponding one or Multiple Virus Infos;
Network data acquisition module: it for acquiring network packet, will be sent to after the parsing of collected network data package-restructuring Virus characteristic matching module matches virus characteristic;
Virus characteristic matching module, for when network packet is matched to a virus characteristic, according to the virus being matched to Feature, judges whether the network packet may be constructed Virus Info, when constituting Virus Info, then Virus Info matching at Otherwise function continues the matching of virus characteristic.
3. Computer Network Security System according to claim 2, which is characterized in that DEU data encryption unit (5) packet Include following module:
Network data acquisition module, for obtaining network data to be encrypted, using the network data as clear data;
Encryption data preprocessing module generates clear data to be encrypted for pre-processing to described, will be each to be encrypted Clear data grouping generate multistage be-encrypted data;
First time encrypting module passes through described for randomly selecting the first Encryption Algorithm in the Encryption Algorithm pond of preset value One Encryption Algorithm to multistage be-encrypted data carry out first time encryption, generate multistage encryption data, and to multistage encryption data into Row signature, generates multistage encrypted signature data;
Second of encrypting module adds for choosing the second Encryption Algorithm in the Encryption Algorithm pond of preset value by described second Close algorithm carries out the second encryption to encrypted signature data, generates the secondary encryption data of multistage.
4. a kind of application method of the described in any item Computer Network Security Systems of claims 1 to 3, which is characterized in that packet Include following steps:
Step S1: being measured in real time computer network by the network virus checking unit, when monitoring internet worm When signal, exceptional instructions are sent to central processor unit;
Step S2: when central processor unit receives exceptional instructions, it is isolated by central processor unit to the virus Unit sends isolated instructions, so that internet worm is isolated in the virus isolated location, and is stored in isolated area;
Step S3: central processor unit sends killing instruction to checking and killing virus unit, and checking and killing virus unit is in isolated area Internet worm carries out killing;
Step S4: network packet is encrypted and is stored by DEU data encryption unit;
Step S5: central processor unit, which is obtained, carries out encrypted transmission to background monitoring center for encrypted network packet.
5. the application method of Computer Network Security System according to claim 4, which is characterized in that when internet worm is examined When survey unit (2) detects internet worm, include the following steps:
Step M1: creation internet worm feature database, the internet worm feature database are stored with multiple internet worm features, Mei Gesuo State the corresponding one or more Virus Infos of virus characteristic;
Step M2: acquisition network packet, by collected network data package-restructuring parsing after with the virus in virus characteristic library Feature is matched;
Step M3: when network packet is matched to a virus characteristic, according to the virus characteristic being matched to, judge the net Whether network data packet may be constructed Virus Info, when constituting Virus Info, then Virus Info successful match, otherwise, continue into The matching of row virus characteristic.
6. the application method of Computer Network Security System according to claim 4, which is characterized in that when the data add When close unit encrypts network packet, include the following steps:
Step N1: obtaining network data to be encrypted, using the network data as clear data;
Step N2: pre-processing to described, generates clear data to be encrypted, and each clear data to be encrypted is grouped life At multistage be-encrypted data;
Step N3: randomly selecting the first Encryption Algorithm in the Encryption Algorithm pond of preset value, passes through first Encryption Algorithm pair Multistage be-encrypted data carries out first time encryption, generates multistage encryption data, and sign to multistage encryption data, generates more Section encrypted signature data;
Step N4: choosing the second Encryption Algorithm in the Encryption Algorithm pond of preset value, is added by second Encryption Algorithm to signature Ciphertext data carries out the second encryption, generates the secondary encryption data of multistage;
Step N5: the secondary encryption data of multistage is merged and generates target encryption data.
7. the application method of Computer Network Security System according to claim 6, which is characterized in that the second Encryption Algorithm Using asymmetric ECC Encryption Algorithm.
8. the application method of Computer Network Security System according to claim 5, which is characterized in that adopted in step M3 The matching of network packet and virus characteristic is carried out with pattern matching algorithm.
9. a kind of computer network security equipment characterized by comprising
Processor;
Memory, wherein being stored with the executable instruction of the processor;
Wherein, the processor is configured to come any one of perform claim requirement 4 to 8 institutes via the execution executable instruction The step of stating the application method of calculation machine network safety system.
10. a kind of computer readable storage medium, for storing program, which is characterized in that described program is performed realization power Benefit require any one of 4 to 8 described in calculation machine network safety system application method the step of.
CN201910595961.4A 2019-07-03 2019-07-03 Computer Network Security System, application method, equipment and storage medium Pending CN110311913A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910595961.4A CN110311913A (en) 2019-07-03 2019-07-03 Computer Network Security System, application method, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910595961.4A CN110311913A (en) 2019-07-03 2019-07-03 Computer Network Security System, application method, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN110311913A true CN110311913A (en) 2019-10-08

Family

ID=68078955

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910595961.4A Pending CN110311913A (en) 2019-07-03 2019-07-03 Computer Network Security System, application method, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN110311913A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110650150A (en) * 2019-10-10 2020-01-03 上海久誉软件系统有限公司 Computer wireless propagation neural network method based on 5G network
CN111709027A (en) * 2020-06-22 2020-09-25 湖南大学 Data storage safety management method
CN111885069A (en) * 2020-07-28 2020-11-03 郑州市鼎晶信息技术有限公司 Computer network safety system
CN111917604A (en) * 2020-07-28 2020-11-10 苏州浪潮智能科技有限公司 Method for automatically testing SONiC based on virtual switch simulation platform
CN112464235A (en) * 2020-11-26 2021-03-09 西京学院 Computer network safety control system and control method
CN112637840A (en) * 2020-12-25 2021-04-09 广东卓维网络有限公司 Information network virus intrusion detection system and method thereof
CN112651021A (en) * 2020-12-23 2021-04-13 湖南工学院 Information security defense system based on big data
CN112995220A (en) * 2021-05-06 2021-06-18 广东电网有限责任公司佛山供电局 Security data security system for computer network
CN114338084A (en) * 2021-12-03 2022-04-12 山西三友和智慧信息技术股份有限公司 High-encryption security protection system for computer network

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107612933A (en) * 2017-10-20 2018-01-19 广东岭南职业技术学院 A kind of novel computer internet worm system of defense
CN108712433A (en) * 2018-05-25 2018-10-26 南京森林警察学院 A kind of network security detection method and system
US10133867B1 (en) * 2016-03-29 2018-11-20 Amazon Technologies, Inc. Trusted malware scanning
CN108985083A (en) * 2018-07-12 2018-12-11 江苏慧学堂系统工程有限公司 A kind of Computer Data Security management system and method
CN109302420A (en) * 2018-11-22 2019-02-01 杭州安恒信息技术股份有限公司 Network data security transmission method, system and electronic equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10133867B1 (en) * 2016-03-29 2018-11-20 Amazon Technologies, Inc. Trusted malware scanning
CN107612933A (en) * 2017-10-20 2018-01-19 广东岭南职业技术学院 A kind of novel computer internet worm system of defense
CN108712433A (en) * 2018-05-25 2018-10-26 南京森林警察学院 A kind of network security detection method and system
CN108985083A (en) * 2018-07-12 2018-12-11 江苏慧学堂系统工程有限公司 A kind of Computer Data Security management system and method
CN109302420A (en) * 2018-11-22 2019-02-01 杭州安恒信息技术股份有限公司 Network data security transmission method, system and electronic equipment

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110650150A (en) * 2019-10-10 2020-01-03 上海久誉软件系统有限公司 Computer wireless propagation neural network method based on 5G network
CN111709027A (en) * 2020-06-22 2020-09-25 湖南大学 Data storage safety management method
CN111885069A (en) * 2020-07-28 2020-11-03 郑州市鼎晶信息技术有限公司 Computer network safety system
CN111917604A (en) * 2020-07-28 2020-11-10 苏州浪潮智能科技有限公司 Method for automatically testing SONiC based on virtual switch simulation platform
CN112464235A (en) * 2020-11-26 2021-03-09 西京学院 Computer network safety control system and control method
CN112651021A (en) * 2020-12-23 2021-04-13 湖南工学院 Information security defense system based on big data
CN112637840A (en) * 2020-12-25 2021-04-09 广东卓维网络有限公司 Information network virus intrusion detection system and method thereof
CN112995220A (en) * 2021-05-06 2021-06-18 广东电网有限责任公司佛山供电局 Security data security system for computer network
CN114338084A (en) * 2021-12-03 2022-04-12 山西三友和智慧信息技术股份有限公司 High-encryption security protection system for computer network

Similar Documents

Publication Publication Date Title
CN110311913A (en) Computer Network Security System, application method, equipment and storage medium
US11171977B2 (en) Unsupervised spoofing detection from traffic data in mobile networks
Abouzakhar et al. Internet of things security: A review of risks and threats to healthcare sector
Waseem et al. Incorporation of blockchain technology for different smart grid applications: Architecture, prospects, and challenges
CN111327607B (en) Security threat information management method, system, storage medium and terminal based on big data
US10929763B2 (en) Recommender system for heterogeneous log pattern editing operation
CN105981398A (en) Contents security method and electronic apparatus for providing contents security function
Ye et al. Quantitative vulnerability assessment of cyber security for distribution automation systems
EP4083823A2 (en) Method and apparatus for determining risk level of instance on cloud server and electronic device
CN107590014A (en) Fault detection method, device, system, electronic equipment, storage medium
MEdina-Rodríguez et al. The cyber security in the age of telework: A descriptive research framework through science mapping
Yadav et al. Big data hadoop: Security and privacy
CN109598139A (en) Privacy information processing method, device, electronic equipment and computer-readable medium
CN115630374A (en) Testing method and device of credible numerical control system, computer equipment and storage medium
CN114301670B (en) Terminal authentication method, device, equipment and medium based on IPV6 address
EP3729314B1 (en) Spatial and temporal convolution networks for system calls based process monitoring
Dupont The cyber security environment to 2022: trends, drivers and implications
Czekster et al. Incorporating Cyber Threat Intelligence into Complex Cyber-Physical Systems: A STIX Model for Active Buildings
CN110597946A (en) Case storage method, device, equipment and storage medium
CN112035334B (en) Abnormal equipment detection method and device, storage medium and electronic equipment
CN109905366A (en) Terminal device safe verification method, device, readable storage medium storing program for executing and terminal device
CN105069158A (en) Data mining method and system
Bhaskar et al. Internet of Things for Green Smart City Application Based on Biotechnology Techniques
CN115827379A (en) Abnormal process detection method, device, equipment and medium
CN115409512A (en) Abnormal information detection method, abnormal information detection device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20191008