CN110311913A - Computer Network Security System, application method, equipment and storage medium - Google Patents
Computer Network Security System, application method, equipment and storage medium Download PDFInfo
- Publication number
- CN110311913A CN110311913A CN201910595961.4A CN201910595961A CN110311913A CN 110311913 A CN110311913 A CN 110311913A CN 201910595961 A CN201910595961 A CN 201910595961A CN 110311913 A CN110311913 A CN 110311913A
- Authority
- CN
- China
- Prior art keywords
- data
- virus
- network
- unit
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/568—Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Abstract
The present invention provides a kind of Computer Network Security System, application method, equipment and storage mediums, including central processor unit, network virus checking unit, checking and killing virus unit, viral isolated location, DEU data encryption unit and data transmission unit;The network virus checking unit, for the internet worm in real-time detection computer network;The virus isolated location, for being isolated to the internet worm detected and being stored in isolated area;The checking and killing virus unit carries out killing for the internet worm to isolated area;The DEU data encryption unit, for network packet to be encrypted, to prevent internet worm from invading;The data transmission unit, for carrying out encrypted transmission again to encrypted network packet.Working principle of the present invention is simple, highly-safe, can be realized detection, isolation, killing to internet worm, while can encrypt to network packet, while can carry out encrypted transmission to data, effectively prevents leaking data.
Description
Technical field
The present invention relates to computer networking technologies, and in particular, to a kind of Computer Network Security System, application method,
Equipment and storage medium.
Background technique
It has an extremely important influence on human production activities and social activities for computer, and with powerful vitality
Rapid development.Computer application field, to the every field of society, has formd rule from initial military research application extension
The huge computer industry of mould, has driven the technological progress of global range, has thus caused deep social change, computer is
Throughout general school, enterprises and institutions, into common people family, become essential tool in information-intensive society.Computer
Apply more and more common in China, after reform and opening-up, the quantity of China Computer Users is constantly soaring, and application level constantly mentions
The application in the fields such as height, especially internet, communication, multimedia achieves good achievement.
Computer network refers to the multiple stage computers and its external equipment with standalone feature that geographical location is different, leads to
Communication line is crossed to connect, it is real under the management and coordination of the network management software and network communication protocol in network operating system
The computer system of existing resource-sharing and information transmitting.
There is a large amount of abnormal viral signal, the static state of traditional network safety theory and technology in current computer network
Property and passivity can not adapt to severe changeable network environment, therefore, it is necessary to design a kind of computer network security system
System.
Summary of the invention
For the defects in the prior art, the object of the present invention is to provide a kind of Computer Network Security Systems, user
Method, equipment and storage medium.
The Computer Network Security System provided according to the present invention, including central processor unit, network virus detection list
Member, checking and killing virus unit, viral isolated location, DEU data encryption unit and data transmission unit;
The central processor unit be separately connected network virus checking unit, checking and killing virus unit, viral isolated location,
DEU data encryption unit;The central processor unit connects background monitoring center by data transmission unit;
The network virus checking unit, for the internet worm in real-time detection computer network;The virus isolation
Unit, for being isolated to the internet worm detected and being stored in isolated area;The checking and killing virus unit, for isolation
The internet worm in area carries out killing;The DEU data encryption unit, for network data to be encrypted, to prevent network sick
Poison invasion;The data transmission unit, for carrying out encrypted transmission again to encrypted network data.
Preferably, the network virus checking unit includes internet worm feature database, network data acquisition module and disease
Malicious characteristic matching module;
The internet worm feature database, for being stored with multiple internet worm features, each virus characteristic corresponding one
A or multiple Virus Infos;
Network data acquisition module: it for acquiring network packet, will be sent out after the parsing of collected network data package-restructuring
It send to virus characteristic matching module and virus characteristic is matched;
Virus characteristic matching module, for when network packet is matched to a virus characteristic, according to being matched to
Virus characteristic, judges whether the network data packet can form Virus Info, and when forming Virus Info, then Virus Info matches
Otherwise success continues virus characteristic judgement.
Preferably, the DEU data encryption unit includes following module:
Network data acquisition module, for obtaining network data to be encrypted, using the network data as clear data;
Encryption data preprocessing module generates clear data to be encrypted for pre-processing to described, by it is each to
The clear data grouping of encryption generates multistage be-encrypted data;
First time encrypting module passes through institute for randomly selecting the first Encryption Algorithm in the Encryption Algorithm pond of preset value
It states the first Encryption Algorithm and first time encryption is carried out to multistage be-encrypted data, generate multistage encryption data, and number is encrypted to multistage
According to signing, multistage encrypted signature data are generated;
Second of encrypting module passes through described for choosing the second Encryption Algorithm in the Encryption Algorithm pond of preset value
Two Encryption Algorithm carry out the second encryption to encrypted signature data, generate the secondary encryption data of multistage.
The application method of Computer Network Security System provided by the invention, which comprises the steps of:
Step S1: being measured in real time computer network by the network virus checking unit, when monitoring network
When viral signal, exceptional instructions are sent to central processor unit;
Step S2: when central processor unit receives exceptional instructions, by central processor unit to the virus
Isolated location sends isolated instructions, so that internet worm is isolated in the virus isolated location, and is stored in isolated area;
Step S3: central processor unit sends killing instruction to checking and killing virus unit, and checking and killing virus unit is to isolated area
Interior internet worm carries out killing;
Step S4: network data is encrypted and is stored by DEU data encryption unit;
Step S5: central processor unit, which is obtained, carries out encrypted transmission into background monitoring for encrypted network data
The heart.
Preferably, when network virus checking unit detects internet worm, include the following steps:
Step M1: creation internet worm feature database, the internet worm feature database are stored with multiple internet worm features, often
A corresponding one or more Virus Infos of the virus characteristic;
Step M2: acquisition network packet, it will be after the parsing of collected network data package-restructuring and in virus characteristic library
Virus characteristic is matched;
Step M3: when network packet is matched to a virus characteristic, according to the virus characteristic being matched to, judge institute
State whether network data packet can form Virus Info, when forming Virus Info, then otherwise Virus Info successful match continues
Carry out virus characteristic judgement.
Preferably, when the DEU data encryption unit encrypts network data, include the following steps:
Step N1: obtaining network data to be encrypted, using the network data as clear data;
Step N2: pre-processing to described, generates clear data to be encrypted, by each clear data to be encrypted point
Group generates multistage be-encrypted data;
Step N3: randomly selecting the first Encryption Algorithm in the Encryption Algorithm pond of preset value, is calculated by first encryption
Method carries out first time encryption to multistage be-encrypted data, generates multistage encryption data, and sign to multistage encryption data, raw
At multistage encrypted signature data;
Step N4: choosing the second Encryption Algorithm in the Encryption Algorithm pond of preset value, by second Encryption Algorithm to label
Name encryption data carries out the second encryption, generates the secondary encryption data of multistage;
Step N5: the secondary encryption data of multistage is merged and generates target encryption data.
Preferably, the second Encryption Algorithm uses asymmetric ECC Encryption Algorithm.
Preferably, the matching of network packet and virus characteristic is carried out using pattern matching algorithm in step M3.
Computer network security equipment provided by the invention, comprising:
Processor;
Memory, wherein being stored with the executable instruction of the processor;
Wherein, the processor is configured to execute the calculation machine network safety system via the executable instruction is executed
Application method the step of.
Computer readable storage medium provided by the invention, for storing program, described program is performed described in realization
The step of application method of calculation machine network safety system.
Compared with prior art, the present invention have it is following the utility model has the advantages that
1, working principle of the present invention is simple, highly-safe, can be realized detection, isolation, killing to internet worm, simultaneously
Network data can be encrypted, while encrypted transmission can be carried out to data, effectively prevent leaking data.
2, it is provided with network virus checking unit in the present invention, a virus can be handled by network virus checking unit
The case where containing a plurality of virus characteristic, is suitble to use in a high-speed network, and detection efficiency is high.
3, DEU data encryption unit is provided in the present invention to adopt, can carry out multi-enciphering by DEU data encryption unit, make to add
Close complexity increases, and considerably increases the difficulty of ciphertext decoding, network data is effectively protected.
Detailed description of the invention
Upon reading the detailed description of non-limiting embodiments with reference to the following drawings, other feature of the invention,
Objects and advantages will become more apparent upon:
Fig. 1 is the module diagram of Computer Network Security System in the present invention;
Fig. 2 is the step flow chart of Computer Network Security System application method in the present invention;
Fig. 3 is the step flow chart that network virus checking unit detects internet worm in the present invention;
Fig. 4 is the step flow chart that DEU data encryption unit encrypts network data in the present invention;
Fig. 5 is the structural schematic diagram of computer Network Security Device in the present invention;And
Fig. 6 is the structural schematic diagram of computer readable storage medium in the present invention.
Specific embodiment
The present invention is described in detail combined with specific embodiments below.Following embodiment will be helpful to the technology of this field
Personnel further understand the present invention, but the invention is not limited in any way.It should be pointed out that the ordinary skill of this field
For personnel, without departing from the inventive concept of the premise, various modifications and improvements can be made.These belong to the present invention
Protection scope.
Fig. 1 is the module diagram of Computer Network Security System in the present invention, as shown in Figure 1, meter provided by the invention
Calculation machine network safety system, including central processor unit 1, network virus checking unit 2, checking and killing virus unit 3, virus isolation
Unit 4, DEU data encryption unit 5 and data transmission unit 6;
The central processor unit 1 is separately connected network virus checking unit 2, checking and killing virus unit 3, virus isolation list
First 4, DEU data encryption unit 5;The central processor unit 1 connects background monitoring center 7 by data transmission unit 6;
The network virus checking unit 2, for the internet worm in real-time detection computer network;The virus isolation
Unit 4, for being isolated to the internet worm detected and being stored in isolated area;The checking and killing virus unit 3, for every
Internet worm from area carries out killing;The DEU data encryption unit 5, for network data to be encrypted, to prevent net
Network poisoning intrusion;The data transmission unit 6, for carrying out encrypted transmission again to encrypted network data.
In the present embodiment, background monitoring center 7 is used to carry out encrypted network data storage and and monitoring.
In the present embodiment, working principle of the present invention is simple, highly-safe, can be realized detection to internet worm, every
From, killing, while network data can be encrypted, while encrypted transmission can be carried out to data, effectively prevent data
Leakage.
In an embodiment of the present invention, the network virus checking unit 2 is adopted including internet worm feature database, network data
Collect module and virus characteristic matching module;
The internet worm feature database, for being stored with multiple internet worm features, each virus characteristic corresponding one
A or multiple Virus Infos;
Network data acquisition module: it for acquiring network packet, will be sent out after the parsing of collected network data package-restructuring
It send to virus characteristic matching module and virus characteristic is matched;
Virus characteristic matching module, for when network packet is matched to a virus characteristic, according to being matched to
Virus characteristic, judges whether the network data packet can form Virus Info, and when forming Virus Info, then Virus Info matches
Otherwise success continues virus characteristic judgement.
It is provided with network virus checking unit in the present invention, a virus can be handled by network virus checking unit and contained
There is the case where a plurality of virus characteristic, is suitble to use in a high-speed network, detection efficiency is high.
In an embodiment of the present invention, the DEU data encryption unit 5 includes following module:
Network data acquisition module, for obtaining network data to be encrypted, using the network data as clear data;
Encryption data preprocessing module generates clear data to be encrypted for pre-processing to described, by it is each to
The clear data grouping of encryption generates multistage be-encrypted data;
First time encrypting module passes through institute for randomly selecting the first Encryption Algorithm in the Encryption Algorithm pond of preset value
It states the first Encryption Algorithm and first time encryption is carried out to multistage be-encrypted data, generate multistage encryption data, and number is encrypted to multistage
According to signing, multistage encrypted signature data are generated;
Second of encrypting module passes through described for choosing the second Encryption Algorithm in the Encryption Algorithm pond of preset value
Two Encryption Algorithm carry out the second encryption to encrypted signature data, generate the secondary encryption data of multistage.
It is provided with DEU data encryption unit in the present invention to adopt, multi-enciphering can be carried out by DEU data encryption unit, make to encrypt
Complexity increase, considerably increase ciphertext decoding difficulty, network data is effectively protected.
Fig. 2 is the step flow chart of Computer Network Security System application method in the present invention, as shown in Fig. 2, of the invention
The application method of the Computer Network Security System of offer, includes the following steps:
Step S1: being measured in real time computer network by the network virus checking unit, when monitoring network
When viral signal, exceptional instructions are sent to central processor unit;
Step S2: when central processor unit receives exceptional instructions, by central processor unit to the virus
Isolated location sends isolated instructions, so that internet worm is isolated in the virus isolated location, and is stored in isolated area;
Step S3: central processor unit sends killing instruction to checking and killing virus unit, and checking and killing virus unit is to isolated area
Interior internet worm carries out killing;
Step S4: network data is encrypted and is stored by DEU data encryption unit;
Step S5: central processor unit, which is obtained, carries out encrypted transmission into background monitoring for encrypted network data
The heart.
Fig. 3 is the step flow chart that network virus checking unit detects internet worm in the present invention, such as Fig. 3 institute
Show, when network virus checking unit 2 detects internet worm, includes the following steps:
Step M1: creation internet worm feature database, the internet worm feature database are stored with multiple internet worm features, often
A corresponding one or more Virus Infos of the virus characteristic;
Step M2: acquisition network packet, it will be after the parsing of collected network data package-restructuring and in virus characteristic library
Virus characteristic is matched;
Step M3: when network packet is matched to a virus characteristic, according to the virus characteristic being matched to, judge institute
State whether network data packet can form Virus Info, when forming Virus Info, then otherwise Virus Info successful match continues
Carry out virus characteristic judgement.
In an embodiment of the present invention, network packet and virus characteristic are carried out using pattern matching algorithm in step M3
Matching.
Fig. 4 is the step flow chart that DEU data encryption unit encrypts network data in the present invention, as shown in figure 4, working as
When the DEU data encryption unit encrypts network data, include the following steps:
Step N1: obtaining network data to be encrypted, using the network data as clear data;
Step N2: pre-processing to described, generates clear data to be encrypted, by each clear data to be encrypted point
Group generates multistage be-encrypted data;
Step N3: randomly selecting the first Encryption Algorithm in the Encryption Algorithm pond of preset value, is calculated by first encryption
Method carries out first time encryption to multistage be-encrypted data, generates multistage encryption data, and sign to multistage encryption data, raw
At multistage encrypted signature data;
Step N4: choosing the second Encryption Algorithm in the Encryption Algorithm pond of preset value, by second Encryption Algorithm to label
Name encryption data carries out the second encryption, generates the secondary encryption data of multistage;
Step N5: the secondary encryption data of multistage is merged and generates target encryption data.
In an embodiment of the present invention, second Encryption Algorithm uses asymmetric ECC Encryption Algorithm.
The computer network security equipment also provided in the embodiment of the present invention, including processor.Memory, wherein being stored with
The executable instruction of processor.Wherein, processor is configured to execute computer network security side via executable instruction is executed
The step of method.
As above, working principle of the present invention is simple in the embodiment, highly-safe, can be realized detection to internet worm,
Isolation, killing, while network data can be encrypted, while encrypted transmission can be carried out to data, it effectively prevents from counting
According to leakage.
Person of ordinary skill in the field it is understood that various aspects of the invention can be implemented as system, method or
Program product.Therefore, various aspects of the invention can be embodied in the following forms, it may be assumed that complete hardware embodiment, complete
The embodiment combined in terms of full Software Implementation (including firmware, microcode etc.) or hardware and software, can unite here
Referred to as " circuit ", " module " or " platform ".
Fig. 5 is the structural schematic diagram of the structural schematic diagram of computer Network Security Device in the present invention.Come referring to Fig. 5
The electronic equipment 600 of this embodiment according to the present invention is described.The electronic equipment 600 that Fig. 5 is shown is only an example,
Should not function to the embodiment of the present invention and use scope bring any restrictions.
As shown in figure 5, electronic equipment 600 is showed in the form of universal computing device.The component of electronic equipment 600 can wrap
Include but be not limited to: at least one processing unit 610, at least one storage unit 620, connection different platform component (including storage
Unit 620 and processing unit 610) bus 630, display unit 640 etc..
Wherein, storage unit is stored with program code, and program code can be executed with unit 610 processed, so that processing is single
Member 610 execute this specification above method part described according to the present invention various illustrative embodiments the step of.For example,
Processing unit 610 can execute step as shown in fig. 1.
Storage unit 620 may include the readable medium of volatile memory cell form, such as Random Access Storage Unit
(RAM) 6201 and/or cache memory unit 6202, it can further include read-only memory unit (ROM) 6203.
Storage unit 620 can also include program/utility with one group of (at least one) program module 6205
6204, such program module 6205 includes but is not limited to: operating system, one or more application program, other program moulds
It may include the realization of network environment in block and program data, each of these examples or certain combination.
Bus 630 can be to indicate one of a few class bus structures or a variety of, including storage unit bus or storage
Cell controller, peripheral bus, graphics acceleration port, processing unit use any bus structures in a variety of bus structures
Local bus.
Electronic equipment 600 can also be with one or more external equipments 700 (such as keyboard, sensing equipment, bluetooth equipment
Deng) communication, can also be enabled a user to one or more equipment interact with the electronic equipment 600 communicate, and/or with make
Any equipment (such as the router, modulation /demodulation that the electronic equipment 600 can be communicated with one or more of the other calculating equipment
Device etc.) communication.This communication can be carried out by input/output (I/O) interface 650.Also, electronic equipment 600 can be with
By network adapter 660 and one or more network (such as local area network (LAN), wide area network (WAN) and/or public network,
Such as internet) communication.Network adapter 660 can be communicated by bus 630 with other modules of electronic equipment 600.It should
Understand, although being not shown in Fig. 5, other hardware and/or software module can be used in conjunction with electronic equipment 600, including unlimited
In: microcode, device driver, redundant processing unit, external disk drive array, RAID system, tape drive and number
According to backup storage platform etc..
A kind of computer readable storage medium is also provided in the embodiment of the present invention, for storing program, program is performed
The step of image split-joint method of realization.In some possible embodiments, various aspects of the invention are also implemented as
A kind of form of program product comprising program code, when program product is run on the terminal device, program code is for making
Terminal device executes described in this specification above method part the step of various illustrative embodiments according to the present invention.
As it appears from the above, the program of the computer readable storage medium of the embodiment is when being executed, working principle letter of the present invention
It is single, it is highly-safe, it can be realized detection, isolation, killing to internet worm, while can encrypt to network data, together
When can to data carry out encrypted transmission, effectively prevent leaking data.
Fig. 6 is the structural schematic diagram of computer readable storage medium of the invention.Refering to what is shown in Fig. 6, describing according to this
The program product 800 for realizing the above method of the embodiment of invention can use the read-only storage of portable compact disc
Device (CD-ROM) and including program code, and can be run on terminal device, such as PC.However, journey of the invention
Sequence product is without being limited thereto, and in this document, readable storage medium storing program for executing can be any tangible medium for including or store program, the journey
Sequence can be commanded execution system, device or device use or in connection.
Program product can be using any combination of one or more readable mediums.Readable medium can be readable signal Jie
Matter or readable storage medium storing program for executing.Readable storage medium storing program for executing for example can be but be not limited to electricity, magnetic, optical, electromagnetic, infrared ray or partly lead
System, device or the device of body, or any above combination.More specific example (the non exhaustive column of readable storage medium storing program for executing
Table) include: electrical connection with one or more conducting wires, portable disc, hard disk, random access memory (RAM), read-only deposit
Reservoir (ROM), erasable programmable read only memory (EPROM or flash memory), optical fiber, portable compact disc read only memory (CD-
ROM), light storage device, magnetic memory device or above-mentioned any appropriate combination.
Computer readable storage medium may include in a base band or as carrier wave a part propagate data-signal,
In carry readable program code.The data-signal of this propagation can take various forms, including but not limited to electromagnetic signal,
Optical signal or above-mentioned any appropriate combination.Readable storage medium storing program for executing can also be any readable Jie other than readable storage medium storing program for executing
Matter, the readable medium can send, propagate or transmit for by instruction execution system, device or device use or and its
The program of combined use.The program code for including on readable storage medium storing program for executing can transmit with any suitable medium, including but not
It is limited to wireless, wired, optical cable, RF etc. or above-mentioned any appropriate combination.
The program for executing operation of the present invention can be write with any combination of one or more programming languages
Code, programming language include object oriented program language-Java, C++ etc., further include conventional process
Formula programming language-such as " C " language or similar programming language.Program code can be calculated fully in user
It executes in equipment, partly execute on a user device, executing, as an independent software package partially in user calculating equipment
Upper part executes on a remote computing or executes in remote computing device or server completely.It is being related to remotely counting
In the situation for calculating equipment, remote computing device can pass through the network of any kind, including local area network (LAN) or wide area network
(WAN), it is connected to user calculating equipment, or, it may be connected to external computing device (such as utilize ISP
To be connected by internet).
In the present embodiment, working principle of the present invention is simple, highly-safe, can be realized detection to internet worm, every
From, killing, while network data can be encrypted, while encrypted transmission can be carried out to data, effectively prevent data
Leakage;It is provided with network virus checking unit in the present invention, a virus can be handled by network virus checking unit and contained
The case where a plurality of virus characteristic, is suitble to use in a high-speed network, and detection efficiency is high;DEU data encryption unit is provided in the present invention
It adopts, multi-enciphering can be carried out by DEU data encryption unit, increase the complexity of encryption, considerably increase the difficulty of ciphertext decoding
Degree, is effectively protected network data.
Specific embodiments of the present invention are described above.It is to be appreciated that the invention is not limited to above-mentioned
Particular implementation, those skilled in the art can make various deformations or amendments within the scope of the claims, this not shadow
Ring substantive content of the invention.
Claims (10)
1. a kind of Computer Network Security System, which is characterized in that including central processor unit (1), network virus detection list
First (2), checking and killing virus unit (3), viral isolated location (4), DEU data encryption unit (5) and data transmission unit (6);
The central processor unit (1) is separately connected network virus checking unit (2), checking and killing virus unit (3), virus isolation
Unit (4), DEU data encryption unit (5);The central processor unit (1) connects background monitoring by data transmission unit (6)
Center (7);
The network virus checking unit (2), for the internet worm in real-time detection computer network;The virus isolation is single
First (4), for being isolated to the internet worm detected and being stored in isolated area;The checking and killing virus unit (3), for pair
The internet worm of isolated area carries out killing;The DEU data encryption unit (5), for network packet to be encrypted, with
Prevent internet worm from invading;The data transmission unit (6), for carrying out encryption biography again to encrypted network packet
It is defeated.
2. Computer Network Security System according to claim 2, which is characterized in that the network virus checking unit
It (2) include internet worm feature database, network data acquisition module and virus characteristic matching module;
The internet worm feature database, for being stored with multiple internet worm features, each virus characteristic it is corresponding one or
Multiple Virus Infos;
Network data acquisition module: it for acquiring network packet, will be sent to after the parsing of collected network data package-restructuring
Virus characteristic matching module matches virus characteristic;
Virus characteristic matching module, for when network packet is matched to a virus characteristic, according to the virus being matched to
Feature, judges whether the network packet may be constructed Virus Info, when constituting Virus Info, then Virus Info matching at
Otherwise function continues the matching of virus characteristic.
3. Computer Network Security System according to claim 2, which is characterized in that DEU data encryption unit (5) packet
Include following module:
Network data acquisition module, for obtaining network data to be encrypted, using the network data as clear data;
Encryption data preprocessing module generates clear data to be encrypted for pre-processing to described, will be each to be encrypted
Clear data grouping generate multistage be-encrypted data;
First time encrypting module passes through described for randomly selecting the first Encryption Algorithm in the Encryption Algorithm pond of preset value
One Encryption Algorithm to multistage be-encrypted data carry out first time encryption, generate multistage encryption data, and to multistage encryption data into
Row signature, generates multistage encrypted signature data;
Second of encrypting module adds for choosing the second Encryption Algorithm in the Encryption Algorithm pond of preset value by described second
Close algorithm carries out the second encryption to encrypted signature data, generates the secondary encryption data of multistage.
4. a kind of application method of the described in any item Computer Network Security Systems of claims 1 to 3, which is characterized in that packet
Include following steps:
Step S1: being measured in real time computer network by the network virus checking unit, when monitoring internet worm
When signal, exceptional instructions are sent to central processor unit;
Step S2: when central processor unit receives exceptional instructions, it is isolated by central processor unit to the virus
Unit sends isolated instructions, so that internet worm is isolated in the virus isolated location, and is stored in isolated area;
Step S3: central processor unit sends killing instruction to checking and killing virus unit, and checking and killing virus unit is in isolated area
Internet worm carries out killing;
Step S4: network packet is encrypted and is stored by DEU data encryption unit;
Step S5: central processor unit, which is obtained, carries out encrypted transmission to background monitoring center for encrypted network packet.
5. the application method of Computer Network Security System according to claim 4, which is characterized in that when internet worm is examined
When survey unit (2) detects internet worm, include the following steps:
Step M1: creation internet worm feature database, the internet worm feature database are stored with multiple internet worm features, Mei Gesuo
State the corresponding one or more Virus Infos of virus characteristic;
Step M2: acquisition network packet, by collected network data package-restructuring parsing after with the virus in virus characteristic library
Feature is matched;
Step M3: when network packet is matched to a virus characteristic, according to the virus characteristic being matched to, judge the net
Whether network data packet may be constructed Virus Info, when constituting Virus Info, then Virus Info successful match, otherwise, continue into
The matching of row virus characteristic.
6. the application method of Computer Network Security System according to claim 4, which is characterized in that when the data add
When close unit encrypts network packet, include the following steps:
Step N1: obtaining network data to be encrypted, using the network data as clear data;
Step N2: pre-processing to described, generates clear data to be encrypted, and each clear data to be encrypted is grouped life
At multistage be-encrypted data;
Step N3: randomly selecting the first Encryption Algorithm in the Encryption Algorithm pond of preset value, passes through first Encryption Algorithm pair
Multistage be-encrypted data carries out first time encryption, generates multistage encryption data, and sign to multistage encryption data, generates more
Section encrypted signature data;
Step N4: choosing the second Encryption Algorithm in the Encryption Algorithm pond of preset value, is added by second Encryption Algorithm to signature
Ciphertext data carries out the second encryption, generates the secondary encryption data of multistage;
Step N5: the secondary encryption data of multistage is merged and generates target encryption data.
7. the application method of Computer Network Security System according to claim 6, which is characterized in that the second Encryption Algorithm
Using asymmetric ECC Encryption Algorithm.
8. the application method of Computer Network Security System according to claim 5, which is characterized in that adopted in step M3
The matching of network packet and virus characteristic is carried out with pattern matching algorithm.
9. a kind of computer network security equipment characterized by comprising
Processor;
Memory, wherein being stored with the executable instruction of the processor;
Wherein, the processor is configured to come any one of perform claim requirement 4 to 8 institutes via the execution executable instruction
The step of stating the application method of calculation machine network safety system.
10. a kind of computer readable storage medium, for storing program, which is characterized in that described program is performed realization power
Benefit require any one of 4 to 8 described in calculation machine network safety system application method the step of.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910595961.4A CN110311913A (en) | 2019-07-03 | 2019-07-03 | Computer Network Security System, application method, equipment and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910595961.4A CN110311913A (en) | 2019-07-03 | 2019-07-03 | Computer Network Security System, application method, equipment and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110311913A true CN110311913A (en) | 2019-10-08 |
Family
ID=68078955
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910595961.4A Pending CN110311913A (en) | 2019-07-03 | 2019-07-03 | Computer Network Security System, application method, equipment and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110311913A (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110650150A (en) * | 2019-10-10 | 2020-01-03 | 上海久誉软件系统有限公司 | Computer wireless propagation neural network method based on 5G network |
CN111709027A (en) * | 2020-06-22 | 2020-09-25 | 湖南大学 | Data storage safety management method |
CN111885069A (en) * | 2020-07-28 | 2020-11-03 | 郑州市鼎晶信息技术有限公司 | Computer network safety system |
CN111917604A (en) * | 2020-07-28 | 2020-11-10 | 苏州浪潮智能科技有限公司 | Method for automatically testing SONiC based on virtual switch simulation platform |
CN112464235A (en) * | 2020-11-26 | 2021-03-09 | 西京学院 | Computer network safety control system and control method |
CN112637840A (en) * | 2020-12-25 | 2021-04-09 | 广东卓维网络有限公司 | Information network virus intrusion detection system and method thereof |
CN112651021A (en) * | 2020-12-23 | 2021-04-13 | 湖南工学院 | Information security defense system based on big data |
CN112995220A (en) * | 2021-05-06 | 2021-06-18 | 广东电网有限责任公司佛山供电局 | Security data security system for computer network |
CN114338084A (en) * | 2021-12-03 | 2022-04-12 | 山西三友和智慧信息技术股份有限公司 | High-encryption security protection system for computer network |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107612933A (en) * | 2017-10-20 | 2018-01-19 | 广东岭南职业技术学院 | A kind of novel computer internet worm system of defense |
CN108712433A (en) * | 2018-05-25 | 2018-10-26 | 南京森林警察学院 | A kind of network security detection method and system |
US10133867B1 (en) * | 2016-03-29 | 2018-11-20 | Amazon Technologies, Inc. | Trusted malware scanning |
CN108985083A (en) * | 2018-07-12 | 2018-12-11 | 江苏慧学堂系统工程有限公司 | A kind of Computer Data Security management system and method |
CN109302420A (en) * | 2018-11-22 | 2019-02-01 | 杭州安恒信息技术股份有限公司 | Network data security transmission method, system and electronic equipment |
-
2019
- 2019-07-03 CN CN201910595961.4A patent/CN110311913A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10133867B1 (en) * | 2016-03-29 | 2018-11-20 | Amazon Technologies, Inc. | Trusted malware scanning |
CN107612933A (en) * | 2017-10-20 | 2018-01-19 | 广东岭南职业技术学院 | A kind of novel computer internet worm system of defense |
CN108712433A (en) * | 2018-05-25 | 2018-10-26 | 南京森林警察学院 | A kind of network security detection method and system |
CN108985083A (en) * | 2018-07-12 | 2018-12-11 | 江苏慧学堂系统工程有限公司 | A kind of Computer Data Security management system and method |
CN109302420A (en) * | 2018-11-22 | 2019-02-01 | 杭州安恒信息技术股份有限公司 | Network data security transmission method, system and electronic equipment |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110650150A (en) * | 2019-10-10 | 2020-01-03 | 上海久誉软件系统有限公司 | Computer wireless propagation neural network method based on 5G network |
CN111709027A (en) * | 2020-06-22 | 2020-09-25 | 湖南大学 | Data storage safety management method |
CN111885069A (en) * | 2020-07-28 | 2020-11-03 | 郑州市鼎晶信息技术有限公司 | Computer network safety system |
CN111917604A (en) * | 2020-07-28 | 2020-11-10 | 苏州浪潮智能科技有限公司 | Method for automatically testing SONiC based on virtual switch simulation platform |
CN112464235A (en) * | 2020-11-26 | 2021-03-09 | 西京学院 | Computer network safety control system and control method |
CN112651021A (en) * | 2020-12-23 | 2021-04-13 | 湖南工学院 | Information security defense system based on big data |
CN112637840A (en) * | 2020-12-25 | 2021-04-09 | 广东卓维网络有限公司 | Information network virus intrusion detection system and method thereof |
CN112995220A (en) * | 2021-05-06 | 2021-06-18 | 广东电网有限责任公司佛山供电局 | Security data security system for computer network |
CN114338084A (en) * | 2021-12-03 | 2022-04-12 | 山西三友和智慧信息技术股份有限公司 | High-encryption security protection system for computer network |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110311913A (en) | Computer Network Security System, application method, equipment and storage medium | |
US11171977B2 (en) | Unsupervised spoofing detection from traffic data in mobile networks | |
Abouzakhar et al. | Internet of things security: A review of risks and threats to healthcare sector | |
Waseem et al. | Incorporation of blockchain technology for different smart grid applications: Architecture, prospects, and challenges | |
CN111327607B (en) | Security threat information management method, system, storage medium and terminal based on big data | |
US10929763B2 (en) | Recommender system for heterogeneous log pattern editing operation | |
CN105981398A (en) | Contents security method and electronic apparatus for providing contents security function | |
Ye et al. | Quantitative vulnerability assessment of cyber security for distribution automation systems | |
EP4083823A2 (en) | Method and apparatus for determining risk level of instance on cloud server and electronic device | |
CN107590014A (en) | Fault detection method, device, system, electronic equipment, storage medium | |
MEdina-Rodríguez et al. | The cyber security in the age of telework: A descriptive research framework through science mapping | |
Yadav et al. | Big data hadoop: Security and privacy | |
CN109598139A (en) | Privacy information processing method, device, electronic equipment and computer-readable medium | |
CN115630374A (en) | Testing method and device of credible numerical control system, computer equipment and storage medium | |
CN114301670B (en) | Terminal authentication method, device, equipment and medium based on IPV6 address | |
EP3729314B1 (en) | Spatial and temporal convolution networks for system calls based process monitoring | |
Dupont | The cyber security environment to 2022: trends, drivers and implications | |
Czekster et al. | Incorporating Cyber Threat Intelligence into Complex Cyber-Physical Systems: A STIX Model for Active Buildings | |
CN110597946A (en) | Case storage method, device, equipment and storage medium | |
CN112035334B (en) | Abnormal equipment detection method and device, storage medium and electronic equipment | |
CN109905366A (en) | Terminal device safe verification method, device, readable storage medium storing program for executing and terminal device | |
CN105069158A (en) | Data mining method and system | |
Bhaskar et al. | Internet of Things for Green Smart City Application Based on Biotechnology Techniques | |
CN115827379A (en) | Abnormal process detection method, device, equipment and medium | |
CN115409512A (en) | Abnormal information detection method, abnormal information detection device, computer equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191008 |