CN110311924A - Network security risk data display method, device, electronic equipment - Google Patents
Network security risk data display method, device, electronic equipment Download PDFInfo
- Publication number
- CN110311924A CN110311924A CN201910680779.9A CN201910680779A CN110311924A CN 110311924 A CN110311924 A CN 110311924A CN 201910680779 A CN201910680779 A CN 201910680779A CN 110311924 A CN110311924 A CN 110311924A
- Authority
- CN
- China
- Prior art keywords
- data
- security risk
- network security
- scene
- attack
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/131—Protocols for games, networked simulations or virtual reality
Abstract
The application provides a kind of network security risk data display method, device, electronic equipment and machine readable storage medium.In this application, the network security risk data for being directed to the network system are obtained;Three-dimensional modeling is executed to the network security risk data to calculate, and obtains corresponding threedimensional model;Create the corresponding VR scene of the threedimensional model;Man-machine interface for accessing the VR scene is provided, so that the front end VR can carry out human-computer interaction based on the man-machine interface and the VR service subsystem, improves the user experience and the efficiency of decision-making in network security risk decision process.
Description
Technical field
It is aobvious that this application involves field of communication technology, computer software technical field more particularly to network security risk data
Show method, apparatus, electronic equipment and machine readable storage medium.
Background technique
VR (Virtual Reality, virtual reality) is a kind of Computer Simulation that can be created with the experiencing virtual world
System is the multiple technologies such as emulation technology and computer graphics human-machine interface technology multimedia technology sensing technology network technology
Set, it generates a kind of simulated environment using computer, forms a kind of Multi-source Information Fusion, interactive Three-Dimensional Dynamic view
The system emulation of scape and entity behavior is immersed to user in the environment, in addition to the visual experience that computer mould is drawn up, can more mention
Feel for the sense of hearing, tactile, power, the movement even perception such as smell and the sense of taste, effect greatly promotes user experience.
Information security risk evaluation refers to according to safe practice and administrative standard for information about, to information system and by it
Processing, transimission and storage the process evaluated of the security attributes such as confidentiality, integrality and the availability of information.It will be assessed
The threat and threaten a possibility that leading to security incident using fragility that assets face, and combine money involved in security incident
Value is produced to judge safety time once the influence caused by tissue occurs.
Situational awareness techniques refer to comprehensive, quick, quasi- to that can cause the changed element progress of network safety situation
It really captures and fundamental analysis, the security threat that system current and past encounters then is associated backtracking and big data point
Analysis, the final following security incident that may be broken out of prediction.It is main logical from the point of view of current most of network security situation sensing systems
Cross collection firewall, antivirus software, IDS (Intrusion Detection Systems, intruding detection system) and security audit
The various state values of the various security protection systems such as system, utilize the skills such as data fusion, data mining, intellectual analysis and visualization
Art, the intuitive actual time safety situation for showing network environment.
Summary of the invention
The application provides a kind of network security risk data display method, and the method is applied to network security risk data
Risk server-side in management system;The risk server-side is at least integrated with VR service subsystem, the network security risk
Data management system further includes the front end VR of the accessible VR service subsystem, network security risk data management system
System is connected communication with the network system that it is monitored, which comprises
Obtain the network security risk data for being directed to the network system;
Three-dimensional modeling is executed to the network security risk data to calculate, and obtains corresponding threedimensional model;
Create the corresponding VR scene of the threedimensional model;
Man-machine interface for accessing the VR scene is provided so that the front end VR can based on the man-machine interface with
The VR service subsystem carries out human-computer interaction.
Optionally, the risk server-side is also integrated with data acquisition subsystem, data process subsystem, data storage
System, before obtaining the network security risk data, further includes:
The data acquisition subsystem collects several primitive network security risk data of the network system;It is sent to
To the data process subsystem;
The data process subsystem executes structuring processing for several primitive network security risk data, and raw
At corresponding structured network security risk data;
The structured network security risk data are stored in network security risk basis by the data storage subsystem
In database, to be obtained by the VR service subsystem.
Optionally, the corresponding VR scene of the creation threedimensional model, further includes:
On the basis of the VR scene, the attack VR scene for simulating different type network attack is created;Wherein, described
It attacks VR scene and includes at least challenge model, attack data;
Man-machine interface for accessing the attack VR scene is provided;
In response to the instruction of the starting attack VR scene of the front end VR, the attack data are loaded into described attack
It hits in model, by the man-machine interface of the attack VR scene, updates show to the front end VR in real time.
Optionally, the network security risk data from the data processing equipment follow GB_T20984-2007 mark
It is quasi-.
The application also provides a kind of network security risk data presentation device, and described device is applied to network security risk number
According to the VR service subsystem that the risk server-side in management system is integrated, the network security risk data management system further includes
The front end VR of the accessible VR service subsystem, the network system that the network security risk data management system is monitored with it
System, which is connected, to be communicated, and described device includes:
Module is obtained, the network security risk data for being directed to the network system are obtained;
Computing module executes three-dimensional modeling to the network security risk data and calculates, obtains corresponding threedimensional model;
Creation module creates the corresponding VR scene of the threedimensional model;
Display module provides the man-machine interface for accessing the VR scene, so that the front end VR can be based on described
Man-machine interface and the VR service subsystem carry out human-computer interaction.
Optionally, the risk server-side is also integrated with data acquisition subsystem, data process subsystem, data storage
System, before obtaining the network security risk data, the acquisition module further,
The data acquisition subsystem collects several primitive network security risk data of the network system;It is sent to
To the data process subsystem;
The data process subsystem executes structuring processing for several primitive network security risk data, and raw
At corresponding structured network security risk data;
The structured network security risk data are stored in network security risk basis by the data storage subsystem
In database, to be obtained by the VR service subsystem.
Optionally, the creation module further,
On the basis of the VR scene, the attack VR scene for simulating different type network attack is created;Wherein, described
It attacks VR scene and includes at least challenge model, attack data;
Man-machine interface for accessing the attack VR scene is provided;
In response to the instruction of the starting attack VR scene of the front end VR, the attack data are loaded into described attack
It hits in model, by the man-machine interface of the attack VR scene, updates show to the front end VR in real time.
Optionally, the creation module further,
Based on the corresponding risk attributes of the network security risk data, to the threedimensional model further execute rendering and
Editor;
By rendering and edited threedimensional model, the VR scene is saved as.
The application also provides a kind of electronic equipment, including communication interface, processor, memory and bus, and the communication connects
Pass through bus between mouth, the processor and the memory to be connected with each other;
Machine readable instructions are stored in the memory, the processor is executed by calling the machine readable instructions
Above-mentioned method.
The application also provides a kind of machine readable storage medium, and the machine readable storage medium is stored with machine readable finger
It enables, the machine readable instructions realize the above method when being called and being executed by processor.
By above embodiments, three-dimensional modeling is executed to network security risk data based on risk server-side and to create its right
Answer VR scene;And man-machine interface for accessing VR scene is provided, so that the front end VR can be taken based on man-machine interface and risk
Business end carries out human-computer interaction, improves the user experience and the efficiency of decision-making in network security risk decision process.
Detailed description of the invention
Fig. 1 is a kind of system group network figure for network security risk data management business that an exemplary embodiment provides;
Fig. 2 is a kind of flow chart for network security risk data display method that an exemplary embodiment provides;
Fig. 3 is a kind of block diagram for network security risk data presentation device that an exemplary embodiment provides;
Fig. 4 is the hardware structure diagram for a kind of electronic equipment that an exemplary embodiment provides.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to
When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended
The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only to be not intended to be limiting the application merely for for the purpose of describing particular embodiments in term used in this application.
It is also intended in the application and the "an" of singular used in the attached claims, " described " and "the" including majority
Form, unless the context clearly indicates other meaning.It is also understood that term "and/or" used herein refers to and wraps
It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application
A little information should not necessarily be limited by these terms.These terms are only used to for same type of information being distinguished from each other out.For example, not departing from
In the case where the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as
One information.Depending on context, word as used in this " if " can be construed to " ... when " or " when ...
When " or " in response to determination ".
In order to make those skilled in the art more fully understand the technical solution in the embodiment of the present application, below first to this Shen
Please the relevant technologies that show of the network security risk data that are related to of embodiment, be briefly described.
Referring to Figure 1, Fig. 1 is that a kind of network security risk data management business that one embodiment of this specification provides is
System networking diagram.
Networking as shown in Figure 1 includes: network system, network security risk data management system;Wherein, network security wind
Dangerous data management system executes network security risk data collection and management for network system.
Network security risk data management system shown in dotted line frame as shown in figure 1, including it is integrated with VR service subsystem
Risk server-side (RS), accessible risk server-side VR service subsystem the front end VR (VC).
On the basis of group-network construction illustrated above, the application is directed to one kind, carries out network based on VR technology
The technical solution that security risk data are shown.
Realize when, network security risk data management system include the risk server-side for being integrated with VR service subsystem,
The front end VR of the accessible VR service subsystem.
Further, risk server-side obtains the network security risk data for being directed to the network system;To the network
Security risk data execute three-dimensional modeling and calculate, and obtain corresponding threedimensional model;Create the corresponding VR scene of the threedimensional model;
The man-machine interface for accessing the VR scene is provided, so that the front end VR can take based on the man-machine interface and the VR
Business subsystem carries out human-computer interaction.
In above scheme, three-dimensional modeling is executed to network security risk data based on risk server-side and creates its correspondence
VR scene;And man-machine interface for accessing VR scene is provided, so that the front end VR can be based on man-machine interface and risk service
End carries out human-computer interaction, improves the user experience and the efficiency of decision-making in network security risk decision process.
The application is described below by specific embodiment and in conjunction with specific application scenarios.
Referring to FIG. 2, Fig. 2 is a kind of process for network security risk data display method that one embodiment of the application provides
Figure, the method are applied to the risk server-side in network security risk data management system;The risk server-side at least collects
At there is VR service subsystem, the network security risk data management system further includes the accessible VR service subsystem
The front end VR, the network security risk data management system are connected communication with the network system that it is monitored, the above method execute with
Lower step:
Step 202 obtains the network security risk data for being directed to the network system.
Step 204 executes three-dimensional modeling calculating to the network security risk data, obtains corresponding threedimensional model.
Step 206, the corresponding VR scene of the creation threedimensional model.
Step 208 provides man-machine interface for accessing the VR scene, so that the front end VR can be based on the people
Machine interface and the VR service subsystem carry out human-computer interaction.
In the present specification, above-mentioned VR service subsystem may include that the VR VR server-side of service is provided for VR client.
For example, in practical applications, above-mentioned VR service subsystem can specifically include (including and to be not limited to for VR client
VR glasses, the VR helmet, VR gloves, VR seat etc.) VR the VR service processes or thread of service are provided.
In the present specification, above-mentioned risk server-side may include being integrated with above-mentioned VR service subsystem and supporting network
Any form of equipment or device clusters of safety risk management.
For example, in practical applications, above-mentioned risk server-side, which can specifically include, is integrated with above-mentioned VR service subsystem, branch
Hold the server or server cluster of network security risk management.
In the present specification, the above-mentioned front end VR, including accessible above-mentioned risk server-side are integrated with VR service subsystem
Any form of VR client device.
For example, in practical applications, the above-mentioned front end VR can specifically include accessible above-mentioned risk server-side and be integrated with
The VR glasses of VR service subsystem, the VR helmet, VR gloves, VR seat etc..
In the present specification, above-mentioned network system refers to, by above-mentioned risk server-side monitoring, by several arbitrary forms
The network of network equipment composition.
For example, in practical applications, above-mentioned network system can specifically include by interchanger, router, firewall, IDS,
IPS (Intrusion Prevention System, intrusion prevention system), WAF (Web Application Firewall, net
Stand application layer intrusion prevention system), in the network equipments such as UAG (Unified Access Gateway, unified to access gateway)
The network of any one or more equipment composition.
In the present specification, above-mentioned network security risk data management system refers to, including at least there is above-mentioned risk service
End and the above-mentioned front end VR, and the above-mentioned VR service subsystem for supporting the above-mentioned front end VR and above-mentioned risk server-side to integrate carries out VR
Interactive, to execute network security risk data management for above-mentioned network system system.
For example, shown in Figure 1, above-mentioned network security risk data management system is shown in dotted line frame as shown in figure 1,
Above-mentioned network security risk data management system can be monitored for network system as shown in Figure 1, and be further realized
It is managed and safeguards for its network security risk data.
In the present specification, above-mentioned network security risk data refer to above-mentioned risk server-side for the network system of monitoring
The structured network security risk data that system obtains.
For example, in practical applications, above-mentioned network security risk data can specifically include the above-mentioned network of structuring
The operating system version informations of several network nodes in system, antivirus software information, CPU and memory usage, storage medium
State etc.;In another example above-mentioned network security risk data can also include several nets in the above-mentioned network system of structuring
Network node is reported to the various logs of above-mentioned risk server-side, alarm etc.;For another example above-mentioned network security risk data can be with
The various network configurations in several network nodes, security strategy configuration, account in above-mentioned network system including structuring
Application permission configuration etc..For another example above-mentioned network security risk data can also include structuring, it is set by the user,
For several network nodes in above-mentioned network system various businesses data (such as: asset data, known bugs data, peace
Full management system, safe operation management record, personnel safety management data etc.).
It should be noted that structural data, refers to the determination of texture field meaning, clearly data.Such as: structure
Changing data can be the table data in database or has the text file being clearly defined.
In a kind of embodiment shown, above-mentioned risk server-side also collects in addition to being integrated with above-mentioned VR service subsystem
At having acquisition subsystem, data process subsystem, data storage subsystem;
Wherein, above-mentioned acquisition subsystem, above-mentioned data process subsystem, above-mentioned data storage subsystem can be to use respectively
In being directed to the corresponding primitive network security risk data of above-mentioned network security risk data, it is acquired, structuring is handled and deposited
The process or thread of storage.
In the present specification, further, above-mentioned data acquisition subsystem collects several original nets of above-mentioned network system
Network security risk data;Send it to above-mentioned data process subsystem;
Wherein, above-mentioned primitive network security risk data may include above-mentioned network security risk data in non-structuring
The network security risk data of preceding any type of undressed processing.
For example, in practical applications, above-mentioned network security risk data can specifically include non-structured above-mentioned network
The operating system version informations of several network nodes in system, antivirus software information, CPU and memory usage, storage medium
State etc.;In another example above-mentioned network security risk data can also include several nets in non-structured above-mentioned network system
Network node is reported to the various logs of above-mentioned risk server-side, alarm etc.;For another example above-mentioned network security risk data can be with
Including the various network configurations in several network nodes in non-structured above-mentioned network system, security strategy configuration, account
Application permission configuration etc..For another example above-mentioned network security risk data can also include it is non-structured, set by the user,
For several network nodes in above-mentioned network system various businesses data (such as: asset data, known bugs data, peace
Full management system, safe operation management record, personnel safety management data etc.).
It should be noted that unstructured data, refers to the concept opposite with structural data, specifically can also include:
Semi-structured data, unstructured data, that is, endless fully or partially have the determination of texture field meaning, clearly data.?
In practical application, semi-structured data: having certain data structure, but semantic not determining enough, such as: typical semi-structured number
According to may include html web page, some fields in html web page be it is determining (such as: title), some are uncertain (such as:
table).Unstructured data, refer to be difficult to go to be extracted according to rule, rambling data, such as: it is typical non-
Structural data may include attack message stream, video flowing etc..
In the present specification, further, after receiving above-mentioned several primitive network security risk data, at above-mentioned data
It manages subsystem and executes structuring processing for above-mentioned several primitive network security risk data, and generate corresponding structured network
Security risk data;
Wherein, above structure network security risk data namely above-mentioned network security risk data, refer to hereinbefore
Above-mentioned network security risk data explanation and example.
In the present specification, further, above-mentioned data storage subsystem is by above structure network security risk data
It is stored in network security risk basic database, to be obtained by above-mentioned VR service subsystem;
Wherein, above-mentioned network security risk basic database may include any kind of relational database or cluster, non-
Relational database or cluster or any of the above may combine.
For example, in practical applications, above-mentioned network security risk basic database can specifically include mysql database or
Cluster, PostgreSQL database or cluster, Hadoop cluster etc..
In the present specification, above-mentioned after completing structuring processing for above-mentioned several primitive network security risk data
Risk server-side, which obtains, is directed to above-mentioned network security risk data.
For example, above-mentioned risk server-side obtains above-mentioned net from above-mentioned network security risk basic database when realizing
Network security risk data.
Certainly, above-mentioned network security risk data due to data volume it is bigger;And, it is also possible to there are partial data weights
Multiple, above-mentioned risk server-side can also be directed to above-mentioned network security risk data, execute further data filtering and arrangement, example
Such as, in practical applications, above-mentioned risk server-side can be deleted in above-mentioned network security risk data by script or program
Repeated data.It, can be by script or program by meeting in above-mentioned network security risk data in another example in practical applications
Asset identification data, the assets of national standard " information security technology information security risk evaluation specification " (GB/T20984-2007)
Hole Detection data, industry type threat identification data, high-risk loophole warning data, existing safety measure data, asset risk
It evaluates the further data classification of carry out such as data, risk disposition data and value calibration arranges, detailed process refers to GB/
T20984-2007 specification, which is not described herein again.
In the present specification, further, above-mentioned risk server-side executes three-dimensional to above-mentioned network security risk data and builds
Mould calculates, and obtains corresponding threedimensional model.
When realizing, above-mentioned risk server-side can be provided based on 3dmax (a kind of three-dimensional animation rendering and Software for producing)
Developing instrument library, to above-mentioned network security risk data execute three-dimensional modeling calculate, obtain above-mentioned network security risk data
Corresponding threedimensional model.
For example, including the network topology of above-mentioned network system, above-mentioned risk service in above-mentioned network security risk data
Several topological nodes and its distinct device type of the network topology in above-mentioned network security risk data are input to by end
3dmax developing instrument library executes three-dimensional modeling calculating to it, obtains the corresponding above-mentioned threedimensional model of the network topology;Wherein, exist
In above-mentioned threedimensional model, several topological nodes of the network topology, such as: router, interchanger, firewall etc., all by corresponding to
Three dimensional device model show that the connection relationship between several topological nodes of the network topology is also connected by corresponding connecting line
It connects.
In the present specification, further, above-mentioned risk server-side creates the corresponding VR scene of above-mentioned threedimensional model;
Wherein, above-mentioned VR scene refers to, above-mentioned risk server-side is directed to above-mentioned threedimensional model, is created based on three-dimension developing library
The corresponding three-dimensional scenic that can be accessed by VR client.
For example, for above-mentioned threedimensional model, above-mentioned risk server-side can be based on a kind of Unity3d (three-dimensional when realizing
Video and development of games software) provide developing instrument library, import above-mentioned threedimensional model, on the basis of above-mentioned threedimensional model, into
One step creates corresponding virtual resource and its attribute (including and be not limited to texture, color, size, brightness, reflection etc.), special efficacy is arranged
(including and be not limited to dynamic change, sound, alarm, linkage action, the external program of association etc.), creation can be by VR visitor as a result,
The above-mentioned VR scene of family end access.
In a kind of embodiment shown, above-mentioned risk server-side is based on the corresponding wind of above-mentioned network security risk data
Dangerous attribute, rendering is further executed to above-mentioned threedimensional model and editor saves as rendering and edited threedimensional model above-mentioned
VR scene.
Then above example continues to illustrate, in practical applications, the corresponding risk attributes of above-mentioned network security risk data
It can specifically include and be not limited to Asset Attributes value, assets value metric, fragility value, threaten influence value, threaten generation can
Can be worth etc., GB/T20984-2007 specification is specifically referred to, which is not described herein again.The corresponding wind of above-mentioned network security risk data
Default marking system (such as: the marking of 5 points of systems or 100 points of systems are given a mark) can be used to indicate in dangerous attribute.Obtaining above-mentioned network peace
After the corresponding risk attributes of full risk data, above-mentioned risk server-side can be based on above-mentioned VR service subsystem to above-mentioned three-dimensional mould
Type further executes rendering and editor;By rendering and edited threedimensional model, above-mentioned VR scene is saved as.
In a kind of embodiment shown, further, after above-mentioned VR scene creation, on its basis, above-mentioned wind
Dangerous server-side can also create the attack VR scene for simulating different type network attack;
Wherein, above-mentioned attack VR scene includes at least challenge model, attack data;
When realizing, on the basis of above-mentioned VR scene, above-mentioned risk server-side is also based on above-mentioned network security risk
In data above-mentioned attack data (such as: including and be not limited to threaten source IP, destination IP, attack message characteristics), above-mentioned attack
Model (including and be not limited to threat types, such as: DDos attack (Distributed denial of service attack,
Distributed denial of service attack), threaten result, threat frequency, attack number of nodes).
Then above example continues to illustrate, and in practical applications, on the basis of above-mentioned VR scene, is provided based on Unity3d
Developing instrument library, above-mentioned risk server-side is on the basis of above-mentioned VR scene, the further corresponding virtual resource threatened of creation
And it sets a property (above-mentioned challenge model, above-mentioned attack data) for it, and the special efficacy of dissolution or burning is further set to show
During threat detection, indicate to initiate using blue particles dynamic displacement special efficacy from threaten source IP to threatening destination IP
Threat attack.
In the present specification, further, above-mentioned risk server-side is provided for accessing the man-machine of above-mentioned attack VR scene
Interface;
Then above example continues to illustrate, and in practical applications, above-mentioned risk server-side can be based on the VR of human-computer interaction
Program (including and be not limited to the server-side of VR web, VR APP server, VR wechat interface small routine), which provides people
Machine interface shows above-mentioned attack VR scene in the man-machine interface, and can receive user and be directed to what the above-mentioned front end VR was triggered
Instruction corresponding to the man-machine interface.
In the present specification, further, above-mentioned risk server-side receive and respond to the above-mentioned front end VR starting it is above-mentioned
The instruction for attacking VR scene, above-mentioned attack data are loaded into above-mentioned challenge model, the man-machine of above-mentioned attack VR scene is passed through
Interface updates to the above-mentioned front end VR show in real time.
Then above example continues to illustrate, in practical applications, above-mentioned in the starting for receiving and responding to the above-mentioned front end VR
After the instruction of attack VR scene (such as: simulating the attack VR scene of extensive DDos), above-mentioned risk server-side is by above-mentioned attack
Data (such as including attack message characteristics) be loaded into above-mentioned challenge model (such as including attack number of nodes be 10000) in,
By the man-machine interface of above-mentioned attack VR scene, display (including 10000 attack nodes initiations are updated to the above-mentioned front end VR in real time
The attack animation of DDos and the VR scene of attack effect).
Certainly, when showing to the above-mentioned front end VR, user's above-mentioned attack VR scene can still be existed by the above-mentioned front end VR
In the man-machine interface that above-mentioned VR service subsystem provides, above-mentioned attack VR scene is adjusted and modified.
In the present specification, above-mentioned risk server-side provides the man-machine interface for accessing above-mentioned VR scene, so that above-mentioned
The front end VR can carry out human-computer interaction based on above-mentioned man-machine interface and above-mentioned VR service subsystem.
Then above example continues to illustrate, and in practical applications, above-mentioned VR scene to the above-mentioned front end VR when showing, user
Still it can adjust and modify and is VR above-mentioned by the above-mentioned front end VR in the man-machine interface that above-mentioned VR service subsystem provides
Scape;And modify the combination and dependence of above-mentioned attack VR scene Yu above-mentioned VR scene.
In above technical scheme, three-dimensional modeling is executed to network security risk data based on risk server-side and creates it
Corresponding VR scene;And man-machine interface for accessing VR scene is provided, so that the front end VR can be based on man-machine interface and risk
Server-side carries out human-computer interaction, improves the user experience and the efficiency of decision-making in network security risk decision process, overcomes existing
There is network security risk data can only be presented and lack by log and the dispersion of report simple static in technical solution to follow GB/
The problem of network security risk data of T20984-2007 specification.
Fig. 3 is a kind of block diagram for network security risk data presentation device that one exemplary embodiment of the application provides.With
Above method embodiment is corresponding, described present invention also provides a kind of embodiment of network security risk data presentation device
Device is applied to the integrated VR service subsystem of the risk server-side in network security risk data management system, the network peace
Full blast danger data management system further includes the front end VR of the accessible VR service subsystem, the network security risk data
Management system is connected communication with the network system that it is monitored, and please refers to a kind of network security risk data exemplified by Fig. 3 and shows
Device 30, described device include:
Module 301 is obtained, the network security risk data for being directed to the network system are obtained;
Computing module 302 executes three-dimensional modeling to the network security risk data and calculates, and obtains corresponding three-dimensional mould
Type;
Creation module 303 creates the corresponding VR scene of the threedimensional model;
Display module 304 provides the man-machine interface for accessing the VR scene, so that the front end VR can be based on institute
It states man-machine interface and the VR service subsystem carries out human-computer interaction.
In the present embodiment, the risk server-side is also integrated with data acquisition subsystem, data process subsystem, data
Storage subsystem, before obtaining the network security risk data, the acquisition module 301 further,
The data acquisition subsystem collects several primitive network security risk data of the network system;It is sent to
To the data process subsystem;
The data process subsystem executes structuring processing for several primitive network security risk data, and raw
At corresponding structured network security risk data;
The structured network security risk data are stored in network security risk basis by the data storage subsystem
In database, to be obtained by the VR service subsystem.
In the present embodiment, the creation module 303 further,
On the basis of the VR scene, the attack VR scene for simulating different type network attack is created;Wherein, described
It attacks VR scene and includes at least challenge model, attack data;
Man-machine interface for accessing the attack VR scene is provided;
In response to the instruction of the starting attack VR scene of the front end VR, the attack data are loaded into described attack
It hits in model, by the man-machine interface of the attack VR scene, updates show to the front end VR in real time.
In the present embodiment, the creation module further,
Based on the corresponding risk attributes of the network security risk data, to the threedimensional model further execute rendering and
Editor;
By rendering and edited threedimensional model, the VR scene is saved as.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality
Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit
The module of explanation may or may not be physically separated, and the component shown as module can be or can also be with
It is not physical module, it can it is in one place, or may be distributed on multiple network modules.It can be according to actual
The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying
Out in the case where creative work, it can understand and implement.
System, device, module or the module that above-described embodiment illustrates can specifically realize by computer chip or entity,
Or it is realized by the product with certain function.A kind of typically to realize that equipment is computer, the concrete form of computer can
To be personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play
In device, navigation equipment, E-mail receiver/send equipment, game console, tablet computer, wearable device or these equipment
The combination of any several equipment.
The embodiment of the network security risk data presentation device of the application can apply electronic equipment shown in Fig. 4
On.Installation practice can also be realized by software realization by way of hardware or software and hardware combining.With software reality
It is that machine readable storage is situated between by the processor of electronic equipment where it as the device on a logical meaning for existing
Corresponding computer program instructions run the machine-executable instruction of formation in matter after reading.For hardware view, such as Fig. 4 institute
Show, is a kind of hardware structure diagram of electronic equipment where the network security risk data presentation device of the application, in addition to shown in Fig. 4
Processor, communication interface, except bus and machine readable storage medium, the electronic equipment in embodiment where device is usual
According to the actual functional capability of the electronic equipment, it can also include other hardware, this is repeated no more.
Accordingly, it the embodiment of the present application also provides the hardware configuration of a kind of electronic equipment of Fig. 3 shown device, refers to
Fig. 4, Fig. 4 are the hardware structural diagram of a kind of electronic equipment provided by the embodiments of the present application.The equipment includes: communication interface
401, processor 402, machine readable storage medium 403 and bus 404;Wherein, communication interface 401, processor 402, machine can
It reads storage medium 403 and mutual communication is completed by bus 404.Wherein, communication interface 401, for carrying out network communication.Place
Reason device 402 can be a central processing unit (CPU), and processor 402 can execute to be stored in machine readable storage medium 403
Machine readable instructions, to realize process as described above.
Machine readable storage medium 403 referred to herein can be any electronics, magnetism, optics or other physical stores
Device may include or store information, such as executable instruction, data, etc..For example, machine readable storage medium may is that easily
Lose memory, nonvolatile memory or similar storage medium.Specifically, machine readable storage medium 403 can be RAM
(Radom Access Memory, random access memory), flash memory, memory driver (such as hard disk drive), solid state hard disk,
Any kind of storage dish (such as CD, DVD) perhaps similar storage medium or their combination.
So far, hardware configuration description shown in Fig. 4 is completed.
In addition, the embodiment of the present application also provides a kind of machine readable storage medium including machine-executable instruction, example
Such as the machine-readable readable storage medium storing program for executing 403 in Fig. 4, the machine-executable instruction can be by data processing equipment
Device 402 is managed to execute to realize data processing method described above.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus
Realization process, details are not described herein.
Those skilled in the art after considering the specification and implementing the invention disclosed here, will readily occur to its of the application
Its embodiment.This application is intended to cover any variations, uses, or adaptations of the application, these modifications, purposes or
Person's adaptive change follows the general principle of the application and including the undocumented common knowledge in the art of the application
Or conventional techniques.The description and examples are only to be considered as illustrative, and the true scope and spirit of the application are by following
Claim is pointed out.
It should be understood that the application is not limited to the precise structure that has been described above and shown in the drawings, and
And various modifications and changes may be made without departing from the scope thereof.Scope of the present application is only limited by the accompanying claims.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application
Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.
Claims (10)
1. a kind of network security risk data display method, which is characterized in that the method is applied to network security risk data
Risk server-side in management system;The risk server-side is at least integrated with VR service subsystem, the network security risk
Data management system further includes the front end VR of the accessible VR service subsystem, network security risk data management system
System is connected communication with the network system that it is monitored, which comprises
Obtain the network security risk data for being directed to the network system;
Three-dimensional modeling is executed to the network security risk data to calculate, and obtains corresponding threedimensional model;
Create the corresponding VR scene of the threedimensional model;
Man-machine interface for accessing the VR scene is provided so that the front end VR can based on the man-machine interface with it is described
VR service subsystem carries out human-computer interaction.
2. the method according to claim 1, wherein the risk server-side is also integrated with data acquisition system
System, data process subsystem, data storage subsystem, before obtaining the network security risk data, further includes:
The data acquisition subsystem collects several primitive network security risk data of the network system;Send it to institute
State data process subsystem;
The data process subsystem executes structuring processing, and generation pair for several primitive network security risk data
The structured network security risk data answered;
The structured network security risk data are stored in network security risk basic data by the data storage subsystem
In library, to be obtained by the VR service subsystem.
3. the method according to claim 1, wherein the corresponding VR scene of the creation threedimensional model, goes back
Include:
On the basis of the VR scene, the attack VR scene for simulating different type network attack is created;Wherein, the attack
VR scene includes at least challenge model, attack data;
Man-machine interface for accessing the attack VR scene is provided;
In response to the instruction of the starting attack VR scene of the front end VR, the attack data are loaded into the attack mould
In type, by the man-machine interface of the attack VR scene, updates show to the front end VR in real time.
4. the method according to claim 1, wherein the corresponding VR scene of the creation threedimensional model, packet
It includes:
Based on the corresponding risk attributes of the network security risk data, rendering is further executed to the threedimensional model and is compiled
Volume;
By rendering and edited threedimensional model, the VR scene is saved as.
5. a kind of network security risk data presentation device, which is characterized in that described device is applied to network security risk data
The VR service subsystem that risk server-side in management system integrates, the network security risk data management system further includes can
To access the front end VR of the VR service subsystem, the network system that the network security risk data management system is monitored with it
Be connected communication, and described device includes:
Module is obtained, the network security risk data for being directed to the network system are obtained;
Computing module executes three-dimensional modeling to the network security risk data and calculates, obtains corresponding threedimensional model;
Creation module creates the corresponding VR scene of the threedimensional model;
Display module provides the man-machine interface for accessing the VR scene so that the front end VR can be based on it is described man-machine
Interface and the VR service subsystem carry out human-computer interaction.
6. device according to claim 5, which is characterized in that the risk server-side is also integrated with data acquisition system
System, data process subsystem, data storage subsystem, before obtaining the network security risk data, the acquisition module
Further,
The data acquisition subsystem collects several primitive network security risk data of the network system;Send it to institute
State data process subsystem;
The data process subsystem executes structuring processing, and generation pair for several primitive network security risk data
The structured network security risk data answered;
The structured network security risk data are stored in network security risk basic data by the data storage subsystem
In library, to be obtained by the VR service subsystem.
7. device according to claim 5, which is characterized in that the creation module further,
On the basis of the VR scene, the attack VR scene for simulating different type network attack is created;Wherein, the attack
VR scene includes at least challenge model, attack data;
Man-machine interface for accessing the attack VR scene is provided;
In response to the instruction of the starting attack VR scene of the front end VR, the attack data are loaded into the attack mould
In type, by the man-machine interface of the attack VR scene, updates show to the front end VR in real time.
8. device according to claim 5, which is characterized in that the creation module further,
Based on the corresponding risk attributes of the network security risk data, rendering is further executed to the threedimensional model and is compiled
Volume;
By rendering and edited threedimensional model, the VR scene is saved as.
9. a kind of electronic equipment, which is characterized in that including communication interface, processor, memory and bus, the communication interface,
It is connected with each other between the processor and the memory by bus;
Machine readable instructions are stored in the memory, the processor is executed by calling the machine readable instructions as weighed
Benefit requires 1 to 4 described in any item methods.
10. a kind of machine readable storage medium, which is characterized in that the machine readable storage medium is stored with machine readable finger
It enables, the machine readable instructions realize the described in any item methods of Claims 1-4 when being called and being executed by processor.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910680779.9A CN110311924A (en) | 2019-07-26 | 2019-07-26 | Network security risk data display method, device, electronic equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910680779.9A CN110311924A (en) | 2019-07-26 | 2019-07-26 | Network security risk data display method, device, electronic equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110311924A true CN110311924A (en) | 2019-10-08 |
Family
ID=68081843
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910680779.9A Pending CN110311924A (en) | 2019-07-26 | 2019-07-26 | Network security risk data display method, device, electronic equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110311924A (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101557324A (en) * | 2008-12-17 | 2009-10-14 | 天津大学 | Real-time visual detection method for DDoS attack |
CN105871882A (en) * | 2016-05-10 | 2016-08-17 | 国家电网公司 | Network-security-risk analysis method based on network node vulnerability and attack information |
CN106131022A (en) * | 2016-07-15 | 2016-11-16 | 四川无声信息技术有限公司 | A kind of network cooperating attacks storm origin detection method and device |
CN106600688A (en) * | 2016-12-12 | 2017-04-26 | 合肥华耀广告传媒有限公司 | Virtual reality system based on three-dimensional modeling technology |
US10243904B1 (en) * | 2017-05-26 | 2019-03-26 | Wombat Security Technologies, Inc. | Determining authenticity of reported user action in cybersecurity risk assessment |
CN109728934A (en) * | 2018-12-03 | 2019-05-07 | 清华大学 | Cyberspace cartographic model creation method and device |
-
2019
- 2019-07-26 CN CN201910680779.9A patent/CN110311924A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101557324A (en) * | 2008-12-17 | 2009-10-14 | 天津大学 | Real-time visual detection method for DDoS attack |
CN105871882A (en) * | 2016-05-10 | 2016-08-17 | 国家电网公司 | Network-security-risk analysis method based on network node vulnerability and attack information |
CN106131022A (en) * | 2016-07-15 | 2016-11-16 | 四川无声信息技术有限公司 | A kind of network cooperating attacks storm origin detection method and device |
CN106600688A (en) * | 2016-12-12 | 2017-04-26 | 合肥华耀广告传媒有限公司 | Virtual reality system based on three-dimensional modeling technology |
US10243904B1 (en) * | 2017-05-26 | 2019-03-26 | Wombat Security Technologies, Inc. | Determining authenticity of reported user action in cybersecurity risk assessment |
CN109728934A (en) * | 2018-12-03 | 2019-05-07 | 清华大学 | Cyberspace cartographic model creation method and device |
Non-Patent Citations (2)
Title |
---|
游魂摩诘: "思科VR让你重新认识网络安全威胁", 《HTTP://WWW.ELECFANS.COM/VR/458941.HTML》 * |
韩丹、王劲松、宋密: "基于Snort的多视图网络流量可视化系统", 《天津理工大学学报》 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8285790B2 (en) | Virtual universe avatar activities review | |
CN103999091B (en) | Geographical mapped system security incident | |
CN104040550B (en) | Integrated security strategy and incident management | |
US8593453B2 (en) | Monitoring user attention in a computer-simulated environment | |
US9421468B2 (en) | Rendering of artifacts in a virtual universe environment in response to user tags | |
US20180311573A1 (en) | Location-based augmented reality game control | |
CN109191550B (en) | Particle rendering method and device, electronic equipment and storage medium | |
CN109213857A (en) | A kind of fraud recognition methods and device | |
Valluripally et al. | Modeling and defense of social virtual reality attacks inducing cybersickness | |
Khanh Dang et al. | A survey on security visualization techniques for web information systems | |
CN113037545A (en) | Network simulation method, device, equipment and storage medium | |
Lee et al. | {AdCube}:{WebVR} Ad Fraud and Practical Confinement of {Third-Party} Ads | |
CN109478219A (en) | For showing the user interface of network analysis | |
Garae et al. | A full-scale security visualization effectiveness measurement and presentation approach | |
Raymer et al. | Virtual reality forensics: Forensic analysis of Meta Quest 2 | |
Aung et al. | Edge-Enabled Metaverse: The Convergence of Metaverse and Mobile Edge Computing | |
CN110493218B (en) | Situation awareness virtualization method and device | |
KR101787267B1 (en) | Apparatus and method of modeling and simulation for cyber effect analysis using network models | |
Etoty et al. | A survey of visualization tools assessed for anomaly-based intrusion detection analysis | |
CN110311924A (en) | Network security risk data display method, device, electronic equipment | |
CN116452786A (en) | Virtual reality content generation method, system, computer device and storage medium | |
Lozano et al. | A distributed framework for scalable large-scale crowd simulation | |
Solanas et al. | Detecting fraudulent activity in a cloud using privacy-friendly data aggregates | |
Manavalan et al. | Visualizing the Impact of Cyberattacks on Web-Based Transactions on Large-Scale Data and Knowledge-Based Systems | |
CN111091626A (en) | Disaster simulation method, computer storage medium, and electronic device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191008 |