CN110311924A - Network security risk data display method, device, electronic equipment - Google Patents

Network security risk data display method, device, electronic equipment Download PDF

Info

Publication number
CN110311924A
CN110311924A CN201910680779.9A CN201910680779A CN110311924A CN 110311924 A CN110311924 A CN 110311924A CN 201910680779 A CN201910680779 A CN 201910680779A CN 110311924 A CN110311924 A CN 110311924A
Authority
CN
China
Prior art keywords
data
security risk
network security
scene
attack
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910680779.9A
Other languages
Chinese (zh)
Inventor
吴迪锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou DPTech Technologies Co Ltd
Original Assignee
Hangzhou DPTech Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou DPTech Technologies Co Ltd filed Critical Hangzhou DPTech Technologies Co Ltd
Priority to CN201910680779.9A priority Critical patent/CN110311924A/en
Publication of CN110311924A publication Critical patent/CN110311924A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/131Protocols for games, networked simulations or virtual reality

Abstract

The application provides a kind of network security risk data display method, device, electronic equipment and machine readable storage medium.In this application, the network security risk data for being directed to the network system are obtained;Three-dimensional modeling is executed to the network security risk data to calculate, and obtains corresponding threedimensional model;Create the corresponding VR scene of the threedimensional model;Man-machine interface for accessing the VR scene is provided, so that the front end VR can carry out human-computer interaction based on the man-machine interface and the VR service subsystem, improves the user experience and the efficiency of decision-making in network security risk decision process.

Description

Network security risk data display method, device, electronic equipment
Technical field
It is aobvious that this application involves field of communication technology, computer software technical field more particularly to network security risk data Show method, apparatus, electronic equipment and machine readable storage medium.
Background technique
VR (Virtual Reality, virtual reality) is a kind of Computer Simulation that can be created with the experiencing virtual world System is the multiple technologies such as emulation technology and computer graphics human-machine interface technology multimedia technology sensing technology network technology Set, it generates a kind of simulated environment using computer, forms a kind of Multi-source Information Fusion, interactive Three-Dimensional Dynamic view The system emulation of scape and entity behavior is immersed to user in the environment, in addition to the visual experience that computer mould is drawn up, can more mention Feel for the sense of hearing, tactile, power, the movement even perception such as smell and the sense of taste, effect greatly promotes user experience.
Information security risk evaluation refers to according to safe practice and administrative standard for information about, to information system and by it Processing, transimission and storage the process evaluated of the security attributes such as confidentiality, integrality and the availability of information.It will be assessed The threat and threaten a possibility that leading to security incident using fragility that assets face, and combine money involved in security incident Value is produced to judge safety time once the influence caused by tissue occurs.
Situational awareness techniques refer to comprehensive, quick, quasi- to that can cause the changed element progress of network safety situation It really captures and fundamental analysis, the security threat that system current and past encounters then is associated backtracking and big data point Analysis, the final following security incident that may be broken out of prediction.It is main logical from the point of view of current most of network security situation sensing systems Cross collection firewall, antivirus software, IDS (Intrusion Detection Systems, intruding detection system) and security audit The various state values of the various security protection systems such as system, utilize the skills such as data fusion, data mining, intellectual analysis and visualization Art, the intuitive actual time safety situation for showing network environment.
Summary of the invention
The application provides a kind of network security risk data display method, and the method is applied to network security risk data Risk server-side in management system;The risk server-side is at least integrated with VR service subsystem, the network security risk Data management system further includes the front end VR of the accessible VR service subsystem, network security risk data management system System is connected communication with the network system that it is monitored, which comprises
Obtain the network security risk data for being directed to the network system;
Three-dimensional modeling is executed to the network security risk data to calculate, and obtains corresponding threedimensional model;
Create the corresponding VR scene of the threedimensional model;
Man-machine interface for accessing the VR scene is provided so that the front end VR can based on the man-machine interface with The VR service subsystem carries out human-computer interaction.
Optionally, the risk server-side is also integrated with data acquisition subsystem, data process subsystem, data storage System, before obtaining the network security risk data, further includes:
The data acquisition subsystem collects several primitive network security risk data of the network system;It is sent to To the data process subsystem;
The data process subsystem executes structuring processing for several primitive network security risk data, and raw At corresponding structured network security risk data;
The structured network security risk data are stored in network security risk basis by the data storage subsystem In database, to be obtained by the VR service subsystem.
Optionally, the corresponding VR scene of the creation threedimensional model, further includes:
On the basis of the VR scene, the attack VR scene for simulating different type network attack is created;Wherein, described It attacks VR scene and includes at least challenge model, attack data;
Man-machine interface for accessing the attack VR scene is provided;
In response to the instruction of the starting attack VR scene of the front end VR, the attack data are loaded into described attack It hits in model, by the man-machine interface of the attack VR scene, updates show to the front end VR in real time.
Optionally, the network security risk data from the data processing equipment follow GB_T20984-2007 mark It is quasi-.
The application also provides a kind of network security risk data presentation device, and described device is applied to network security risk number According to the VR service subsystem that the risk server-side in management system is integrated, the network security risk data management system further includes The front end VR of the accessible VR service subsystem, the network system that the network security risk data management system is monitored with it System, which is connected, to be communicated, and described device includes:
Module is obtained, the network security risk data for being directed to the network system are obtained;
Computing module executes three-dimensional modeling to the network security risk data and calculates, obtains corresponding threedimensional model;
Creation module creates the corresponding VR scene of the threedimensional model;
Display module provides the man-machine interface for accessing the VR scene, so that the front end VR can be based on described Man-machine interface and the VR service subsystem carry out human-computer interaction.
Optionally, the risk server-side is also integrated with data acquisition subsystem, data process subsystem, data storage System, before obtaining the network security risk data, the acquisition module further,
The data acquisition subsystem collects several primitive network security risk data of the network system;It is sent to To the data process subsystem;
The data process subsystem executes structuring processing for several primitive network security risk data, and raw At corresponding structured network security risk data;
The structured network security risk data are stored in network security risk basis by the data storage subsystem In database, to be obtained by the VR service subsystem.
Optionally, the creation module further,
On the basis of the VR scene, the attack VR scene for simulating different type network attack is created;Wherein, described It attacks VR scene and includes at least challenge model, attack data;
Man-machine interface for accessing the attack VR scene is provided;
In response to the instruction of the starting attack VR scene of the front end VR, the attack data are loaded into described attack It hits in model, by the man-machine interface of the attack VR scene, updates show to the front end VR in real time.
Optionally, the creation module further,
Based on the corresponding risk attributes of the network security risk data, to the threedimensional model further execute rendering and Editor;
By rendering and edited threedimensional model, the VR scene is saved as.
The application also provides a kind of electronic equipment, including communication interface, processor, memory and bus, and the communication connects Pass through bus between mouth, the processor and the memory to be connected with each other;
Machine readable instructions are stored in the memory, the processor is executed by calling the machine readable instructions Above-mentioned method.
The application also provides a kind of machine readable storage medium, and the machine readable storage medium is stored with machine readable finger It enables, the machine readable instructions realize the above method when being called and being executed by processor.
By above embodiments, three-dimensional modeling is executed to network security risk data based on risk server-side and to create its right Answer VR scene;And man-machine interface for accessing VR scene is provided, so that the front end VR can be taken based on man-machine interface and risk Business end carries out human-computer interaction, improves the user experience and the efficiency of decision-making in network security risk decision process.
Detailed description of the invention
Fig. 1 is a kind of system group network figure for network security risk data management business that an exemplary embodiment provides;
Fig. 2 is a kind of flow chart for network security risk data display method that an exemplary embodiment provides;
Fig. 3 is a kind of block diagram for network security risk data presentation device that an exemplary embodiment provides;
Fig. 4 is the hardware structure diagram for a kind of electronic equipment that an exemplary embodiment provides.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only to be not intended to be limiting the application merely for for the purpose of describing particular embodiments in term used in this application. It is also intended in the application and the "an" of singular used in the attached claims, " described " and "the" including majority Form, unless the context clearly indicates other meaning.It is also understood that term "and/or" used herein refers to and wraps It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application A little information should not necessarily be limited by these terms.These terms are only used to for same type of information being distinguished from each other out.For example, not departing from In the case where the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as One information.Depending on context, word as used in this " if " can be construed to " ... when " or " when ... When " or " in response to determination ".
In order to make those skilled in the art more fully understand the technical solution in the embodiment of the present application, below first to this Shen Please the relevant technologies that show of the network security risk data that are related to of embodiment, be briefly described.
Referring to Figure 1, Fig. 1 is that a kind of network security risk data management business that one embodiment of this specification provides is System networking diagram.
Networking as shown in Figure 1 includes: network system, network security risk data management system;Wherein, network security wind Dangerous data management system executes network security risk data collection and management for network system.
Network security risk data management system shown in dotted line frame as shown in figure 1, including it is integrated with VR service subsystem Risk server-side (RS), accessible risk server-side VR service subsystem the front end VR (VC).
On the basis of group-network construction illustrated above, the application is directed to one kind, carries out network based on VR technology The technical solution that security risk data are shown.
Realize when, network security risk data management system include the risk server-side for being integrated with VR service subsystem, The front end VR of the accessible VR service subsystem.
Further, risk server-side obtains the network security risk data for being directed to the network system;To the network Security risk data execute three-dimensional modeling and calculate, and obtain corresponding threedimensional model;Create the corresponding VR scene of the threedimensional model; The man-machine interface for accessing the VR scene is provided, so that the front end VR can take based on the man-machine interface and the VR Business subsystem carries out human-computer interaction.
In above scheme, three-dimensional modeling is executed to network security risk data based on risk server-side and creates its correspondence VR scene;And man-machine interface for accessing VR scene is provided, so that the front end VR can be based on man-machine interface and risk service End carries out human-computer interaction, improves the user experience and the efficiency of decision-making in network security risk decision process.
The application is described below by specific embodiment and in conjunction with specific application scenarios.
Referring to FIG. 2, Fig. 2 is a kind of process for network security risk data display method that one embodiment of the application provides Figure, the method are applied to the risk server-side in network security risk data management system;The risk server-side at least collects At there is VR service subsystem, the network security risk data management system further includes the accessible VR service subsystem The front end VR, the network security risk data management system are connected communication with the network system that it is monitored, the above method execute with Lower step:
Step 202 obtains the network security risk data for being directed to the network system.
Step 204 executes three-dimensional modeling calculating to the network security risk data, obtains corresponding threedimensional model.
Step 206, the corresponding VR scene of the creation threedimensional model.
Step 208 provides man-machine interface for accessing the VR scene, so that the front end VR can be based on the people Machine interface and the VR service subsystem carry out human-computer interaction.
In the present specification, above-mentioned VR service subsystem may include that the VR VR server-side of service is provided for VR client.
For example, in practical applications, above-mentioned VR service subsystem can specifically include (including and to be not limited to for VR client VR glasses, the VR helmet, VR gloves, VR seat etc.) VR the VR service processes or thread of service are provided.
In the present specification, above-mentioned risk server-side may include being integrated with above-mentioned VR service subsystem and supporting network Any form of equipment or device clusters of safety risk management.
For example, in practical applications, above-mentioned risk server-side, which can specifically include, is integrated with above-mentioned VR service subsystem, branch Hold the server or server cluster of network security risk management.
In the present specification, the above-mentioned front end VR, including accessible above-mentioned risk server-side are integrated with VR service subsystem Any form of VR client device.
For example, in practical applications, the above-mentioned front end VR can specifically include accessible above-mentioned risk server-side and be integrated with The VR glasses of VR service subsystem, the VR helmet, VR gloves, VR seat etc..
In the present specification, above-mentioned network system refers to, by above-mentioned risk server-side monitoring, by several arbitrary forms The network of network equipment composition.
For example, in practical applications, above-mentioned network system can specifically include by interchanger, router, firewall, IDS, IPS (Intrusion Prevention System, intrusion prevention system), WAF (Web Application Firewall, net Stand application layer intrusion prevention system), in the network equipments such as UAG (Unified Access Gateway, unified to access gateway) The network of any one or more equipment composition.
In the present specification, above-mentioned network security risk data management system refers to, including at least there is above-mentioned risk service End and the above-mentioned front end VR, and the above-mentioned VR service subsystem for supporting the above-mentioned front end VR and above-mentioned risk server-side to integrate carries out VR Interactive, to execute network security risk data management for above-mentioned network system system.
For example, shown in Figure 1, above-mentioned network security risk data management system is shown in dotted line frame as shown in figure 1, Above-mentioned network security risk data management system can be monitored for network system as shown in Figure 1, and be further realized It is managed and safeguards for its network security risk data.
In the present specification, above-mentioned network security risk data refer to above-mentioned risk server-side for the network system of monitoring The structured network security risk data that system obtains.
For example, in practical applications, above-mentioned network security risk data can specifically include the above-mentioned network of structuring The operating system version informations of several network nodes in system, antivirus software information, CPU and memory usage, storage medium State etc.;In another example above-mentioned network security risk data can also include several nets in the above-mentioned network system of structuring Network node is reported to the various logs of above-mentioned risk server-side, alarm etc.;For another example above-mentioned network security risk data can be with The various network configurations in several network nodes, security strategy configuration, account in above-mentioned network system including structuring Application permission configuration etc..For another example above-mentioned network security risk data can also include structuring, it is set by the user, For several network nodes in above-mentioned network system various businesses data (such as: asset data, known bugs data, peace Full management system, safe operation management record, personnel safety management data etc.).
It should be noted that structural data, refers to the determination of texture field meaning, clearly data.Such as: structure Changing data can be the table data in database or has the text file being clearly defined.
In a kind of embodiment shown, above-mentioned risk server-side also collects in addition to being integrated with above-mentioned VR service subsystem At having acquisition subsystem, data process subsystem, data storage subsystem;
Wherein, above-mentioned acquisition subsystem, above-mentioned data process subsystem, above-mentioned data storage subsystem can be to use respectively In being directed to the corresponding primitive network security risk data of above-mentioned network security risk data, it is acquired, structuring is handled and deposited The process or thread of storage.
In the present specification, further, above-mentioned data acquisition subsystem collects several original nets of above-mentioned network system Network security risk data;Send it to above-mentioned data process subsystem;
Wherein, above-mentioned primitive network security risk data may include above-mentioned network security risk data in non-structuring The network security risk data of preceding any type of undressed processing.
For example, in practical applications, above-mentioned network security risk data can specifically include non-structured above-mentioned network The operating system version informations of several network nodes in system, antivirus software information, CPU and memory usage, storage medium State etc.;In another example above-mentioned network security risk data can also include several nets in non-structured above-mentioned network system Network node is reported to the various logs of above-mentioned risk server-side, alarm etc.;For another example above-mentioned network security risk data can be with Including the various network configurations in several network nodes in non-structured above-mentioned network system, security strategy configuration, account Application permission configuration etc..For another example above-mentioned network security risk data can also include it is non-structured, set by the user, For several network nodes in above-mentioned network system various businesses data (such as: asset data, known bugs data, peace Full management system, safe operation management record, personnel safety management data etc.).
It should be noted that unstructured data, refers to the concept opposite with structural data, specifically can also include: Semi-structured data, unstructured data, that is, endless fully or partially have the determination of texture field meaning, clearly data.? In practical application, semi-structured data: having certain data structure, but semantic not determining enough, such as: typical semi-structured number According to may include html web page, some fields in html web page be it is determining (such as: title), some are uncertain (such as: table).Unstructured data, refer to be difficult to go to be extracted according to rule, rambling data, such as: it is typical non- Structural data may include attack message stream, video flowing etc..
In the present specification, further, after receiving above-mentioned several primitive network security risk data, at above-mentioned data It manages subsystem and executes structuring processing for above-mentioned several primitive network security risk data, and generate corresponding structured network Security risk data;
Wherein, above structure network security risk data namely above-mentioned network security risk data, refer to hereinbefore Above-mentioned network security risk data explanation and example.
In the present specification, further, above-mentioned data storage subsystem is by above structure network security risk data It is stored in network security risk basic database, to be obtained by above-mentioned VR service subsystem;
Wherein, above-mentioned network security risk basic database may include any kind of relational database or cluster, non- Relational database or cluster or any of the above may combine.
For example, in practical applications, above-mentioned network security risk basic database can specifically include mysql database or Cluster, PostgreSQL database or cluster, Hadoop cluster etc..
In the present specification, above-mentioned after completing structuring processing for above-mentioned several primitive network security risk data Risk server-side, which obtains, is directed to above-mentioned network security risk data.
For example, above-mentioned risk server-side obtains above-mentioned net from above-mentioned network security risk basic database when realizing Network security risk data.
Certainly, above-mentioned network security risk data due to data volume it is bigger;And, it is also possible to there are partial data weights Multiple, above-mentioned risk server-side can also be directed to above-mentioned network security risk data, execute further data filtering and arrangement, example Such as, in practical applications, above-mentioned risk server-side can be deleted in above-mentioned network security risk data by script or program Repeated data.It, can be by script or program by meeting in above-mentioned network security risk data in another example in practical applications Asset identification data, the assets of national standard " information security technology information security risk evaluation specification " (GB/T20984-2007) Hole Detection data, industry type threat identification data, high-risk loophole warning data, existing safety measure data, asset risk It evaluates the further data classification of carry out such as data, risk disposition data and value calibration arranges, detailed process refers to GB/ T20984-2007 specification, which is not described herein again.
In the present specification, further, above-mentioned risk server-side executes three-dimensional to above-mentioned network security risk data and builds Mould calculates, and obtains corresponding threedimensional model.
When realizing, above-mentioned risk server-side can be provided based on 3dmax (a kind of three-dimensional animation rendering and Software for producing) Developing instrument library, to above-mentioned network security risk data execute three-dimensional modeling calculate, obtain above-mentioned network security risk data Corresponding threedimensional model.
For example, including the network topology of above-mentioned network system, above-mentioned risk service in above-mentioned network security risk data Several topological nodes and its distinct device type of the network topology in above-mentioned network security risk data are input to by end 3dmax developing instrument library executes three-dimensional modeling calculating to it, obtains the corresponding above-mentioned threedimensional model of the network topology;Wherein, exist In above-mentioned threedimensional model, several topological nodes of the network topology, such as: router, interchanger, firewall etc., all by corresponding to Three dimensional device model show that the connection relationship between several topological nodes of the network topology is also connected by corresponding connecting line It connects.
In the present specification, further, above-mentioned risk server-side creates the corresponding VR scene of above-mentioned threedimensional model;
Wherein, above-mentioned VR scene refers to, above-mentioned risk server-side is directed to above-mentioned threedimensional model, is created based on three-dimension developing library The corresponding three-dimensional scenic that can be accessed by VR client.
For example, for above-mentioned threedimensional model, above-mentioned risk server-side can be based on a kind of Unity3d (three-dimensional when realizing Video and development of games software) provide developing instrument library, import above-mentioned threedimensional model, on the basis of above-mentioned threedimensional model, into One step creates corresponding virtual resource and its attribute (including and be not limited to texture, color, size, brightness, reflection etc.), special efficacy is arranged (including and be not limited to dynamic change, sound, alarm, linkage action, the external program of association etc.), creation can be by VR visitor as a result, The above-mentioned VR scene of family end access.
In a kind of embodiment shown, above-mentioned risk server-side is based on the corresponding wind of above-mentioned network security risk data Dangerous attribute, rendering is further executed to above-mentioned threedimensional model and editor saves as rendering and edited threedimensional model above-mentioned VR scene.
Then above example continues to illustrate, in practical applications, the corresponding risk attributes of above-mentioned network security risk data It can specifically include and be not limited to Asset Attributes value, assets value metric, fragility value, threaten influence value, threaten generation can Can be worth etc., GB/T20984-2007 specification is specifically referred to, which is not described herein again.The corresponding wind of above-mentioned network security risk data Default marking system (such as: the marking of 5 points of systems or 100 points of systems are given a mark) can be used to indicate in dangerous attribute.Obtaining above-mentioned network peace After the corresponding risk attributes of full risk data, above-mentioned risk server-side can be based on above-mentioned VR service subsystem to above-mentioned three-dimensional mould Type further executes rendering and editor;By rendering and edited threedimensional model, above-mentioned VR scene is saved as.
In a kind of embodiment shown, further, after above-mentioned VR scene creation, on its basis, above-mentioned wind Dangerous server-side can also create the attack VR scene for simulating different type network attack;
Wherein, above-mentioned attack VR scene includes at least challenge model, attack data;
When realizing, on the basis of above-mentioned VR scene, above-mentioned risk server-side is also based on above-mentioned network security risk In data above-mentioned attack data (such as: including and be not limited to threaten source IP, destination IP, attack message characteristics), above-mentioned attack Model (including and be not limited to threat types, such as: DDos attack (Distributed denial of service attack, Distributed denial of service attack), threaten result, threat frequency, attack number of nodes).
Then above example continues to illustrate, and in practical applications, on the basis of above-mentioned VR scene, is provided based on Unity3d Developing instrument library, above-mentioned risk server-side is on the basis of above-mentioned VR scene, the further corresponding virtual resource threatened of creation And it sets a property (above-mentioned challenge model, above-mentioned attack data) for it, and the special efficacy of dissolution or burning is further set to show During threat detection, indicate to initiate using blue particles dynamic displacement special efficacy from threaten source IP to threatening destination IP Threat attack.
In the present specification, further, above-mentioned risk server-side is provided for accessing the man-machine of above-mentioned attack VR scene Interface;
Then above example continues to illustrate, and in practical applications, above-mentioned risk server-side can be based on the VR of human-computer interaction Program (including and be not limited to the server-side of VR web, VR APP server, VR wechat interface small routine), which provides people Machine interface shows above-mentioned attack VR scene in the man-machine interface, and can receive user and be directed to what the above-mentioned front end VR was triggered Instruction corresponding to the man-machine interface.
In the present specification, further, above-mentioned risk server-side receive and respond to the above-mentioned front end VR starting it is above-mentioned The instruction for attacking VR scene, above-mentioned attack data are loaded into above-mentioned challenge model, the man-machine of above-mentioned attack VR scene is passed through Interface updates to the above-mentioned front end VR show in real time.
Then above example continues to illustrate, in practical applications, above-mentioned in the starting for receiving and responding to the above-mentioned front end VR After the instruction of attack VR scene (such as: simulating the attack VR scene of extensive DDos), above-mentioned risk server-side is by above-mentioned attack Data (such as including attack message characteristics) be loaded into above-mentioned challenge model (such as including attack number of nodes be 10000) in, By the man-machine interface of above-mentioned attack VR scene, display (including 10000 attack nodes initiations are updated to the above-mentioned front end VR in real time The attack animation of DDos and the VR scene of attack effect).
Certainly, when showing to the above-mentioned front end VR, user's above-mentioned attack VR scene can still be existed by the above-mentioned front end VR In the man-machine interface that above-mentioned VR service subsystem provides, above-mentioned attack VR scene is adjusted and modified.
In the present specification, above-mentioned risk server-side provides the man-machine interface for accessing above-mentioned VR scene, so that above-mentioned The front end VR can carry out human-computer interaction based on above-mentioned man-machine interface and above-mentioned VR service subsystem.
Then above example continues to illustrate, and in practical applications, above-mentioned VR scene to the above-mentioned front end VR when showing, user Still it can adjust and modify and is VR above-mentioned by the above-mentioned front end VR in the man-machine interface that above-mentioned VR service subsystem provides Scape;And modify the combination and dependence of above-mentioned attack VR scene Yu above-mentioned VR scene.
In above technical scheme, three-dimensional modeling is executed to network security risk data based on risk server-side and creates it Corresponding VR scene;And man-machine interface for accessing VR scene is provided, so that the front end VR can be based on man-machine interface and risk Server-side carries out human-computer interaction, improves the user experience and the efficiency of decision-making in network security risk decision process, overcomes existing There is network security risk data can only be presented and lack by log and the dispersion of report simple static in technical solution to follow GB/ The problem of network security risk data of T20984-2007 specification.
Fig. 3 is a kind of block diagram for network security risk data presentation device that one exemplary embodiment of the application provides.With Above method embodiment is corresponding, described present invention also provides a kind of embodiment of network security risk data presentation device Device is applied to the integrated VR service subsystem of the risk server-side in network security risk data management system, the network peace Full blast danger data management system further includes the front end VR of the accessible VR service subsystem, the network security risk data Management system is connected communication with the network system that it is monitored, and please refers to a kind of network security risk data exemplified by Fig. 3 and shows Device 30, described device include:
Module 301 is obtained, the network security risk data for being directed to the network system are obtained;
Computing module 302 executes three-dimensional modeling to the network security risk data and calculates, and obtains corresponding three-dimensional mould Type;
Creation module 303 creates the corresponding VR scene of the threedimensional model;
Display module 304 provides the man-machine interface for accessing the VR scene, so that the front end VR can be based on institute It states man-machine interface and the VR service subsystem carries out human-computer interaction.
In the present embodiment, the risk server-side is also integrated with data acquisition subsystem, data process subsystem, data Storage subsystem, before obtaining the network security risk data, the acquisition module 301 further,
The data acquisition subsystem collects several primitive network security risk data of the network system;It is sent to To the data process subsystem;
The data process subsystem executes structuring processing for several primitive network security risk data, and raw At corresponding structured network security risk data;
The structured network security risk data are stored in network security risk basis by the data storage subsystem In database, to be obtained by the VR service subsystem.
In the present embodiment, the creation module 303 further,
On the basis of the VR scene, the attack VR scene for simulating different type network attack is created;Wherein, described It attacks VR scene and includes at least challenge model, attack data;
Man-machine interface for accessing the attack VR scene is provided;
In response to the instruction of the starting attack VR scene of the front end VR, the attack data are loaded into described attack It hits in model, by the man-machine interface of the attack VR scene, updates show to the front end VR in real time.
In the present embodiment, the creation module further,
Based on the corresponding risk attributes of the network security risk data, to the threedimensional model further execute rendering and Editor;
By rendering and edited threedimensional model, the VR scene is saved as.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit The module of explanation may or may not be physically separated, and the component shown as module can be or can also be with It is not physical module, it can it is in one place, or may be distributed on multiple network modules.It can be according to actual The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying Out in the case where creative work, it can understand and implement.
System, device, module or the module that above-described embodiment illustrates can specifically realize by computer chip or entity, Or it is realized by the product with certain function.A kind of typically to realize that equipment is computer, the concrete form of computer can To be personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play In device, navigation equipment, E-mail receiver/send equipment, game console, tablet computer, wearable device or these equipment The combination of any several equipment.
The embodiment of the network security risk data presentation device of the application can apply electronic equipment shown in Fig. 4 On.Installation practice can also be realized by software realization by way of hardware or software and hardware combining.With software reality It is that machine readable storage is situated between by the processor of electronic equipment where it as the device on a logical meaning for existing Corresponding computer program instructions run the machine-executable instruction of formation in matter after reading.For hardware view, such as Fig. 4 institute Show, is a kind of hardware structure diagram of electronic equipment where the network security risk data presentation device of the application, in addition to shown in Fig. 4 Processor, communication interface, except bus and machine readable storage medium, the electronic equipment in embodiment where device is usual According to the actual functional capability of the electronic equipment, it can also include other hardware, this is repeated no more.
Accordingly, it the embodiment of the present application also provides the hardware configuration of a kind of electronic equipment of Fig. 3 shown device, refers to Fig. 4, Fig. 4 are the hardware structural diagram of a kind of electronic equipment provided by the embodiments of the present application.The equipment includes: communication interface 401, processor 402, machine readable storage medium 403 and bus 404;Wherein, communication interface 401, processor 402, machine can It reads storage medium 403 and mutual communication is completed by bus 404.Wherein, communication interface 401, for carrying out network communication.Place Reason device 402 can be a central processing unit (CPU), and processor 402 can execute to be stored in machine readable storage medium 403 Machine readable instructions, to realize process as described above.
Machine readable storage medium 403 referred to herein can be any electronics, magnetism, optics or other physical stores Device may include or store information, such as executable instruction, data, etc..For example, machine readable storage medium may is that easily Lose memory, nonvolatile memory or similar storage medium.Specifically, machine readable storage medium 403 can be RAM (Radom Access Memory, random access memory), flash memory, memory driver (such as hard disk drive), solid state hard disk, Any kind of storage dish (such as CD, DVD) perhaps similar storage medium or their combination.
So far, hardware configuration description shown in Fig. 4 is completed.
In addition, the embodiment of the present application also provides a kind of machine readable storage medium including machine-executable instruction, example Such as the machine-readable readable storage medium storing program for executing 403 in Fig. 4, the machine-executable instruction can be by data processing equipment Device 402 is managed to execute to realize data processing method described above.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus Realization process, details are not described herein.
Those skilled in the art after considering the specification and implementing the invention disclosed here, will readily occur to its of the application Its embodiment.This application is intended to cover any variations, uses, or adaptations of the application, these modifications, purposes or Person's adaptive change follows the general principle of the application and including the undocumented common knowledge in the art of the application Or conventional techniques.The description and examples are only to be considered as illustrative, and the true scope and spirit of the application are by following Claim is pointed out.
It should be understood that the application is not limited to the precise structure that has been described above and shown in the drawings, and And various modifications and changes may be made without departing from the scope thereof.Scope of the present application is only limited by the accompanying claims.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.

Claims (10)

1. a kind of network security risk data display method, which is characterized in that the method is applied to network security risk data Risk server-side in management system;The risk server-side is at least integrated with VR service subsystem, the network security risk Data management system further includes the front end VR of the accessible VR service subsystem, network security risk data management system System is connected communication with the network system that it is monitored, which comprises
Obtain the network security risk data for being directed to the network system;
Three-dimensional modeling is executed to the network security risk data to calculate, and obtains corresponding threedimensional model;
Create the corresponding VR scene of the threedimensional model;
Man-machine interface for accessing the VR scene is provided so that the front end VR can based on the man-machine interface with it is described VR service subsystem carries out human-computer interaction.
2. the method according to claim 1, wherein the risk server-side is also integrated with data acquisition system System, data process subsystem, data storage subsystem, before obtaining the network security risk data, further includes:
The data acquisition subsystem collects several primitive network security risk data of the network system;Send it to institute State data process subsystem;
The data process subsystem executes structuring processing, and generation pair for several primitive network security risk data The structured network security risk data answered;
The structured network security risk data are stored in network security risk basic data by the data storage subsystem In library, to be obtained by the VR service subsystem.
3. the method according to claim 1, wherein the corresponding VR scene of the creation threedimensional model, goes back Include:
On the basis of the VR scene, the attack VR scene for simulating different type network attack is created;Wherein, the attack VR scene includes at least challenge model, attack data;
Man-machine interface for accessing the attack VR scene is provided;
In response to the instruction of the starting attack VR scene of the front end VR, the attack data are loaded into the attack mould In type, by the man-machine interface of the attack VR scene, updates show to the front end VR in real time.
4. the method according to claim 1, wherein the corresponding VR scene of the creation threedimensional model, packet It includes:
Based on the corresponding risk attributes of the network security risk data, rendering is further executed to the threedimensional model and is compiled Volume;
By rendering and edited threedimensional model, the VR scene is saved as.
5. a kind of network security risk data presentation device, which is characterized in that described device is applied to network security risk data The VR service subsystem that risk server-side in management system integrates, the network security risk data management system further includes can To access the front end VR of the VR service subsystem, the network system that the network security risk data management system is monitored with it Be connected communication, and described device includes:
Module is obtained, the network security risk data for being directed to the network system are obtained;
Computing module executes three-dimensional modeling to the network security risk data and calculates, obtains corresponding threedimensional model;
Creation module creates the corresponding VR scene of the threedimensional model;
Display module provides the man-machine interface for accessing the VR scene so that the front end VR can be based on it is described man-machine Interface and the VR service subsystem carry out human-computer interaction.
6. device according to claim 5, which is characterized in that the risk server-side is also integrated with data acquisition system System, data process subsystem, data storage subsystem, before obtaining the network security risk data, the acquisition module Further,
The data acquisition subsystem collects several primitive network security risk data of the network system;Send it to institute State data process subsystem;
The data process subsystem executes structuring processing, and generation pair for several primitive network security risk data The structured network security risk data answered;
The structured network security risk data are stored in network security risk basic data by the data storage subsystem In library, to be obtained by the VR service subsystem.
7. device according to claim 5, which is characterized in that the creation module further,
On the basis of the VR scene, the attack VR scene for simulating different type network attack is created;Wherein, the attack VR scene includes at least challenge model, attack data;
Man-machine interface for accessing the attack VR scene is provided;
In response to the instruction of the starting attack VR scene of the front end VR, the attack data are loaded into the attack mould In type, by the man-machine interface of the attack VR scene, updates show to the front end VR in real time.
8. device according to claim 5, which is characterized in that the creation module further,
Based on the corresponding risk attributes of the network security risk data, rendering is further executed to the threedimensional model and is compiled Volume;
By rendering and edited threedimensional model, the VR scene is saved as.
9. a kind of electronic equipment, which is characterized in that including communication interface, processor, memory and bus, the communication interface, It is connected with each other between the processor and the memory by bus;
Machine readable instructions are stored in the memory, the processor is executed by calling the machine readable instructions as weighed Benefit requires 1 to 4 described in any item methods.
10. a kind of machine readable storage medium, which is characterized in that the machine readable storage medium is stored with machine readable finger It enables, the machine readable instructions realize the described in any item methods of Claims 1-4 when being called and being executed by processor.
CN201910680779.9A 2019-07-26 2019-07-26 Network security risk data display method, device, electronic equipment Pending CN110311924A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910680779.9A CN110311924A (en) 2019-07-26 2019-07-26 Network security risk data display method, device, electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910680779.9A CN110311924A (en) 2019-07-26 2019-07-26 Network security risk data display method, device, electronic equipment

Publications (1)

Publication Number Publication Date
CN110311924A true CN110311924A (en) 2019-10-08

Family

ID=68081843

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910680779.9A Pending CN110311924A (en) 2019-07-26 2019-07-26 Network security risk data display method, device, electronic equipment

Country Status (1)

Country Link
CN (1) CN110311924A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101557324A (en) * 2008-12-17 2009-10-14 天津大学 Real-time visual detection method for DDoS attack
CN105871882A (en) * 2016-05-10 2016-08-17 国家电网公司 Network-security-risk analysis method based on network node vulnerability and attack information
CN106131022A (en) * 2016-07-15 2016-11-16 四川无声信息技术有限公司 A kind of network cooperating attacks storm origin detection method and device
CN106600688A (en) * 2016-12-12 2017-04-26 合肥华耀广告传媒有限公司 Virtual reality system based on three-dimensional modeling technology
US10243904B1 (en) * 2017-05-26 2019-03-26 Wombat Security Technologies, Inc. Determining authenticity of reported user action in cybersecurity risk assessment
CN109728934A (en) * 2018-12-03 2019-05-07 清华大学 Cyberspace cartographic model creation method and device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101557324A (en) * 2008-12-17 2009-10-14 天津大学 Real-time visual detection method for DDoS attack
CN105871882A (en) * 2016-05-10 2016-08-17 国家电网公司 Network-security-risk analysis method based on network node vulnerability and attack information
CN106131022A (en) * 2016-07-15 2016-11-16 四川无声信息技术有限公司 A kind of network cooperating attacks storm origin detection method and device
CN106600688A (en) * 2016-12-12 2017-04-26 合肥华耀广告传媒有限公司 Virtual reality system based on three-dimensional modeling technology
US10243904B1 (en) * 2017-05-26 2019-03-26 Wombat Security Technologies, Inc. Determining authenticity of reported user action in cybersecurity risk assessment
CN109728934A (en) * 2018-12-03 2019-05-07 清华大学 Cyberspace cartographic model creation method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
游魂摩诘: "思科VR让你重新认识网络安全威胁", 《HTTP://WWW.ELECFANS.COM/VR/458941.HTML》 *
韩丹、王劲松、宋密: "基于Snort的多视图网络流量可视化系统", 《天津理工大学学报》 *

Similar Documents

Publication Publication Date Title
US8285790B2 (en) Virtual universe avatar activities review
CN103999091B (en) Geographical mapped system security incident
CN104040550B (en) Integrated security strategy and incident management
US8593453B2 (en) Monitoring user attention in a computer-simulated environment
US9421468B2 (en) Rendering of artifacts in a virtual universe environment in response to user tags
US20180311573A1 (en) Location-based augmented reality game control
CN109191550B (en) Particle rendering method and device, electronic equipment and storage medium
CN109213857A (en) A kind of fraud recognition methods and device
Valluripally et al. Modeling and defense of social virtual reality attacks inducing cybersickness
Khanh Dang et al. A survey on security visualization techniques for web information systems
CN113037545A (en) Network simulation method, device, equipment and storage medium
Lee et al. {AdCube}:{WebVR} Ad Fraud and Practical Confinement of {Third-Party} Ads
CN109478219A (en) For showing the user interface of network analysis
Garae et al. A full-scale security visualization effectiveness measurement and presentation approach
Raymer et al. Virtual reality forensics: Forensic analysis of Meta Quest 2
Aung et al. Edge-Enabled Metaverse: The Convergence of Metaverse and Mobile Edge Computing
CN110493218B (en) Situation awareness virtualization method and device
KR101787267B1 (en) Apparatus and method of modeling and simulation for cyber effect analysis using network models
Etoty et al. A survey of visualization tools assessed for anomaly-based intrusion detection analysis
CN110311924A (en) Network security risk data display method, device, electronic equipment
CN116452786A (en) Virtual reality content generation method, system, computer device and storage medium
Lozano et al. A distributed framework for scalable large-scale crowd simulation
Solanas et al. Detecting fraudulent activity in a cloud using privacy-friendly data aggregates
Manavalan et al. Visualizing the Impact of Cyberattacks on Web-Based Transactions on Large-Scale Data and Knowledge-Based Systems
CN111091626A (en) Disaster simulation method, computer storage medium, and electronic device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20191008