CN110708332A - Cigarette network safety protection method - Google Patents
Cigarette network safety protection method Download PDFInfo
- Publication number
- CN110708332A CN110708332A CN201910996094.5A CN201910996094A CN110708332A CN 110708332 A CN110708332 A CN 110708332A CN 201910996094 A CN201910996094 A CN 201910996094A CN 110708332 A CN110708332 A CN 110708332A
- Authority
- CN
- China
- Prior art keywords
- client
- protection method
- cigarette
- strategy
- verifying
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Abstract
The invention discloses a cigarette network security protection method, which comprises the steps of associating networks of a server side and a client side; configuring a white list and a black list strategy at a client side, and verifying the validity; configuring a virus checking and killing strategy at a client, verifying the effectiveness and generating a virus report; and configuring an attack inspection strategy at the client, verifying the effectiveness and generating an attack report. The cigarette network safety protection method provided by the invention can realize the purposes of rapidly detecting the current situation of cigarette network safety, accurately positioning risks and rapidly processing faults.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a cigarette network security protection method.
Background
With the deep integration of informatization and industrialization, the interconnection and intercommunication among a control network, a production network, a management network and the Internet of a cigarette factory become a normal state, the integration level of a tobacco manufacturing and production network becomes higher and higher, a general protocol, general hardware and general software are adopted more and more, the information security problem of an industrial control system becomes more and more prominent, and more complex information security threats face. The main problems of the existing cigarette industrial control network are as follows: lack of information security monitoring mechanisms; system software upgrade is difficult; the means of virus control is lacking. Because the sealing of the cigarette production control network and the real-time requirement of the control system on the service are high, normal system bug repairing operation cannot be carried out, and a large number of security bugs exist in the used operating system. Therefore, it is necessary to research an innovative method for smoothly and effectively protecting the cigarette industry against the network threat without influencing the production.
Disclosure of Invention
The invention aims to provide a cigarette network security protection method, which aims to solve the problems in the prior art and reduce network threats.
The invention provides a cigarette network security protection method, which comprises the following steps:
associating networks of a server side and a client side;
configuring a white list and a black list strategy at the client side, and verifying the validity;
configuring a virus searching and killing strategy at the client, verifying the effectiveness and generating a virus report;
and configuring an attack inspection strategy at the client, verifying the effectiveness and generating an attack report.
The cigarette network security protection method described above, wherein preferably, configuring a white list and a black list policy at the client and verifying validity specifically includes:
monitoring the server side, confirming and counting threat information;
and searching a threat source terminal according to the threat information, and preventing the threat process from running through a white list technology.
The cigarette network security protection method described above, wherein preferably, a virus checking and killing strategy is started according to the virus report.
The cigarette network security protection method described above, wherein preferably, a patch upgrade policy is started according to the attack report.
The network security protection method for cigarettes as described above, wherein preferably, the method further includes:
and analyzing the occupation proportion of the client running program to the resource space, and if the proportion is greater than a set value, generating a warning report.
The cigarette network safety protection method provided by the invention can realize the purposes of rapidly detecting the current situation of cigarette network safety, accurately positioning risks and rapidly processing faults.
Drawings
The following describes embodiments of the present invention in further detail with reference to the accompanying drawings.
Fig. 1 is a flowchart of a cigarette network security protection method provided by an embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative only and should not be construed as limiting the invention.
As shown in fig. 1, an embodiment of the present invention provides a cigarette network security protection method, including the following steps:
and step S1, associating the networks of the server side and the client side.
And step S2, configuring a white list and a black list strategy at the client and verifying the validity.
And step S3, configuring a virus checking and killing strategy at the client, verifying the effectiveness and generating a virus report. Wherein, virus checking and killing strategies can be started according to the virus report.
And step S4, configuring an attack inspection strategy at the client, verifying the validity and generating an attack report. Wherein, the patch upgrading strategy can be started according to the attack report.
It should be noted that, in the prior art, the system in the cigarette industrial control network is old and complex, the resource space is limited, the compatibility is poor, and many loopholes exist; the server and the host are subjected to virus killing and patching with great risk, system breakdown is easily caused, and production is stopped; meanwhile, safety protection software with multiple functions is deployed in the cigarette industrial control system, so that the system resources are occupied frequently, the system is halted easily during operation, and production is influenced. Therefore, the cigarette network safety protection method provided by the application can be used for rapidly detecting the current situation of cigarette network safety and can achieve the purposes of accurately positioning risks and rapidly processing faults.
Specifically, in the white list policy provided by the present application, if a process is not in the white list, the process is considered malicious; in the white list strategy provided by the application, if the process is in the black list, the process is considered to be malicious, so that the operation of stiff, wooden, creeping and illegal programs can be greatly reduced.
Further, step S2 specifically includes:
and step S21, monitoring the server side, confirming and counting threat information. Wherein the threat information may be extracted from the network session.
And step S22, finding a threat source terminal according to the threat information, and preventing the threat process from running through a white list technology.
Further, the method also includes:
and analyzing the occupation proportion of the client running program to the resource space, and if the proportion is greater than a set value, generating a warning report to remind a user to close some processes which are not used currently.
The cigarette network security protection method provided by the embodiment of the invention can realize the purposes of rapidly detecting the current situation of cigarette network security, accurately positioning risks and rapidly processing faults.
The construction, features and functions of the present invention are described in detail in the embodiments illustrated in the drawings, which are only preferred embodiments of the present invention, but the present invention is not limited by the drawings, and all equivalent embodiments modified or changed according to the idea of the present invention should fall within the protection scope of the present invention without departing from the spirit of the present invention covered by the description and the drawings.
Claims (5)
1. A cigarette network security protection method is characterized by comprising the following steps:
associating networks of a server side and a client side;
configuring a white list and a black list strategy at the client side, and verifying the validity;
configuring a virus searching and killing strategy at the client, verifying the effectiveness and generating a virus report;
and configuring an attack inspection strategy at the client, verifying the effectiveness and generating an attack report.
2. The cigarette network security protection method according to claim 1, wherein the configuring of the white list and the black list policy at the client and the verifying of the validity specifically include:
monitoring the server side, confirming and counting threat information;
and searching a threat source terminal according to the threat information, and preventing the threat process from running through a white list technology.
3. The cigarette network security protection method of claim 1, wherein a virus checking and killing strategy is started according to the virus report.
4. The cigarette network security protection method of claim 1, wherein a patch upgrade strategy is started according to the attack statement.
5. The cigarette network security protection method according to any one of claims 1 to 4, wherein the method further comprises:
and analyzing the occupation proportion of the client running program to the resource space, and if the proportion is greater than a set value, generating a warning report.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910996094.5A CN110708332A (en) | 2019-10-18 | 2019-10-18 | Cigarette network safety protection method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910996094.5A CN110708332A (en) | 2019-10-18 | 2019-10-18 | Cigarette network safety protection method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110708332A true CN110708332A (en) | 2020-01-17 |
Family
ID=69201740
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910996094.5A Pending CN110708332A (en) | 2019-10-18 | 2019-10-18 | Cigarette network safety protection method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110708332A (en) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103049702A (en) * | 2013-01-05 | 2013-04-17 | 浪潮电子信息产业股份有限公司 | Server layer based security reinforcing strategy |
CN103780589A (en) * | 2012-10-24 | 2014-05-07 | 腾讯科技(深圳)有限公司 | Virus prompting method, client-terminal device and server |
CN105528543A (en) * | 2015-12-23 | 2016-04-27 | 北京奇虎科技有限公司 | Remote antivirus method, client, console and system |
CN206195821U (en) * | 2016-07-29 | 2017-05-24 | 北京匡恩网络科技有限责任公司 | Industry control network security detection device |
CN107332863A (en) * | 2017-08-16 | 2017-11-07 | 深信服科技股份有限公司 | The safety detection method and system of a kind of main frame based on centralized management |
US20190121959A1 (en) * | 2017-08-01 | 2019-04-25 | PC Pitstop, Inc | System, Method, and Apparatus for Computer Security |
CN109818985A (en) * | 2019-04-11 | 2019-05-28 | 江苏亨通工控安全研究院有限公司 | A kind of industrial control system loophole trend analysis and method for early warning and system |
CN110188543A (en) * | 2019-05-21 | 2019-08-30 | 北京威努特技术有限公司 | White list library, white list program library update method and industrial control system |
-
2019
- 2019-10-18 CN CN201910996094.5A patent/CN110708332A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103780589A (en) * | 2012-10-24 | 2014-05-07 | 腾讯科技(深圳)有限公司 | Virus prompting method, client-terminal device and server |
CN103049702A (en) * | 2013-01-05 | 2013-04-17 | 浪潮电子信息产业股份有限公司 | Server layer based security reinforcing strategy |
CN105528543A (en) * | 2015-12-23 | 2016-04-27 | 北京奇虎科技有限公司 | Remote antivirus method, client, console and system |
CN206195821U (en) * | 2016-07-29 | 2017-05-24 | 北京匡恩网络科技有限责任公司 | Industry control network security detection device |
US20190121959A1 (en) * | 2017-08-01 | 2019-04-25 | PC Pitstop, Inc | System, Method, and Apparatus for Computer Security |
CN107332863A (en) * | 2017-08-16 | 2017-11-07 | 深信服科技股份有限公司 | The safety detection method and system of a kind of main frame based on centralized management |
CN109818985A (en) * | 2019-04-11 | 2019-05-28 | 江苏亨通工控安全研究院有限公司 | A kind of industrial control system loophole trend analysis and method for early warning and system |
CN110188543A (en) * | 2019-05-21 | 2019-08-30 | 北京威努特技术有限公司 | White list library, white list program library update method and industrial control system |
Non-Patent Citations (1)
Title |
---|
袁萌: "内网主机监控与审计系统解决方案", 《计算机安全》 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2968327C (en) | Systems and methods for malicious code detection accuracy assurance | |
CN112702300B (en) | Security vulnerability defense method and device | |
US8898787B2 (en) | Software vulnerability exploitation shield | |
US8566939B2 (en) | Method and device for scanning a plurality of computerized devices connected to a network | |
US7716727B2 (en) | Network security device and method for protecting a computing device in a networked environment | |
US7600259B2 (en) | Critical period protection | |
CN105183504B (en) | Process white list updating method based on software server | |
CN107395395B (en) | Processing method and device of safety protection system | |
US20170061126A1 (en) | Process Launch, Monitoring and Execution Control | |
CN111177706A (en) | Process white list updating method based on trusted software library | |
KR101951730B1 (en) | Total security system in advanced persistent threat | |
US20170099322A1 (en) | Method and system for modifying messages based on user-defined communication model | |
CN115550049A (en) | Vulnerability detection method and system for Internet of things equipment | |
CN104038488A (en) | System network safety protection method and device | |
US20190109824A1 (en) | Rule enforcement in a network | |
CN112583841B (en) | Virtual machine safety protection method and system, electronic equipment and storage medium | |
CN110708332A (en) | Cigarette network safety protection method | |
KR100495777B1 (en) | An integrated client-management system using an agent program | |
CN105825124A (en) | Server illegal operation monitoring method and monitoring system | |
KR101489142B1 (en) | Client system and control method thereof | |
TWI798603B (en) | Malicious program detection method and system | |
CN108737358B (en) | Update protection system for fixed environment and update protection method thereof | |
Duan et al. | Research and application of server security protection based on virtual patch | |
JP2005293246A (en) | Server computer protection device and server computer protection program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200117 |
|
RJ01 | Rejection of invention patent application after publication |