CN110708332A - Cigarette network safety protection method - Google Patents

Cigarette network safety protection method Download PDF

Info

Publication number
CN110708332A
CN110708332A CN201910996094.5A CN201910996094A CN110708332A CN 110708332 A CN110708332 A CN 110708332A CN 201910996094 A CN201910996094 A CN 201910996094A CN 110708332 A CN110708332 A CN 110708332A
Authority
CN
China
Prior art keywords
client
protection method
cigarette
strategy
verifying
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910996094.5A
Other languages
Chinese (zh)
Inventor
王新峰
李琦
徐晓光
韩东伟
韩彦福
赵旭东
李准峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Tobacco Henan Industrial Co Ltd
Original Assignee
China Tobacco Henan Industrial Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Tobacco Henan Industrial Co Ltd filed Critical China Tobacco Henan Industrial Co Ltd
Priority to CN201910996094.5A priority Critical patent/CN110708332A/en
Publication of CN110708332A publication Critical patent/CN110708332A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Abstract

The invention discloses a cigarette network security protection method, which comprises the steps of associating networks of a server side and a client side; configuring a white list and a black list strategy at a client side, and verifying the validity; configuring a virus checking and killing strategy at a client, verifying the effectiveness and generating a virus report; and configuring an attack inspection strategy at the client, verifying the effectiveness and generating an attack report. The cigarette network safety protection method provided by the invention can realize the purposes of rapidly detecting the current situation of cigarette network safety, accurately positioning risks and rapidly processing faults.

Description

Cigarette network safety protection method
Technical Field
The invention relates to the technical field of network security, in particular to a cigarette network security protection method.
Background
With the deep integration of informatization and industrialization, the interconnection and intercommunication among a control network, a production network, a management network and the Internet of a cigarette factory become a normal state, the integration level of a tobacco manufacturing and production network becomes higher and higher, a general protocol, general hardware and general software are adopted more and more, the information security problem of an industrial control system becomes more and more prominent, and more complex information security threats face. The main problems of the existing cigarette industrial control network are as follows: lack of information security monitoring mechanisms; system software upgrade is difficult; the means of virus control is lacking. Because the sealing of the cigarette production control network and the real-time requirement of the control system on the service are high, normal system bug repairing operation cannot be carried out, and a large number of security bugs exist in the used operating system. Therefore, it is necessary to research an innovative method for smoothly and effectively protecting the cigarette industry against the network threat without influencing the production.
Disclosure of Invention
The invention aims to provide a cigarette network security protection method, which aims to solve the problems in the prior art and reduce network threats.
The invention provides a cigarette network security protection method, which comprises the following steps:
associating networks of a server side and a client side;
configuring a white list and a black list strategy at the client side, and verifying the validity;
configuring a virus searching and killing strategy at the client, verifying the effectiveness and generating a virus report;
and configuring an attack inspection strategy at the client, verifying the effectiveness and generating an attack report.
The cigarette network security protection method described above, wherein preferably, configuring a white list and a black list policy at the client and verifying validity specifically includes:
monitoring the server side, confirming and counting threat information;
and searching a threat source terminal according to the threat information, and preventing the threat process from running through a white list technology.
The cigarette network security protection method described above, wherein preferably, a virus checking and killing strategy is started according to the virus report.
The cigarette network security protection method described above, wherein preferably, a patch upgrade policy is started according to the attack report.
The network security protection method for cigarettes as described above, wherein preferably, the method further includes:
and analyzing the occupation proportion of the client running program to the resource space, and if the proportion is greater than a set value, generating a warning report.
The cigarette network safety protection method provided by the invention can realize the purposes of rapidly detecting the current situation of cigarette network safety, accurately positioning risks and rapidly processing faults.
Drawings
The following describes embodiments of the present invention in further detail with reference to the accompanying drawings.
Fig. 1 is a flowchart of a cigarette network security protection method provided by an embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative only and should not be construed as limiting the invention.
As shown in fig. 1, an embodiment of the present invention provides a cigarette network security protection method, including the following steps:
and step S1, associating the networks of the server side and the client side.
And step S2, configuring a white list and a black list strategy at the client and verifying the validity.
And step S3, configuring a virus checking and killing strategy at the client, verifying the effectiveness and generating a virus report. Wherein, virus checking and killing strategies can be started according to the virus report.
And step S4, configuring an attack inspection strategy at the client, verifying the validity and generating an attack report. Wherein, the patch upgrading strategy can be started according to the attack report.
It should be noted that, in the prior art, the system in the cigarette industrial control network is old and complex, the resource space is limited, the compatibility is poor, and many loopholes exist; the server and the host are subjected to virus killing and patching with great risk, system breakdown is easily caused, and production is stopped; meanwhile, safety protection software with multiple functions is deployed in the cigarette industrial control system, so that the system resources are occupied frequently, the system is halted easily during operation, and production is influenced. Therefore, the cigarette network safety protection method provided by the application can be used for rapidly detecting the current situation of cigarette network safety and can achieve the purposes of accurately positioning risks and rapidly processing faults.
Specifically, in the white list policy provided by the present application, if a process is not in the white list, the process is considered malicious; in the white list strategy provided by the application, if the process is in the black list, the process is considered to be malicious, so that the operation of stiff, wooden, creeping and illegal programs can be greatly reduced.
Further, step S2 specifically includes:
and step S21, monitoring the server side, confirming and counting threat information. Wherein the threat information may be extracted from the network session.
And step S22, finding a threat source terminal according to the threat information, and preventing the threat process from running through a white list technology.
Further, the method also includes:
and analyzing the occupation proportion of the client running program to the resource space, and if the proportion is greater than a set value, generating a warning report to remind a user to close some processes which are not used currently.
The cigarette network security protection method provided by the embodiment of the invention can realize the purposes of rapidly detecting the current situation of cigarette network security, accurately positioning risks and rapidly processing faults.
The construction, features and functions of the present invention are described in detail in the embodiments illustrated in the drawings, which are only preferred embodiments of the present invention, but the present invention is not limited by the drawings, and all equivalent embodiments modified or changed according to the idea of the present invention should fall within the protection scope of the present invention without departing from the spirit of the present invention covered by the description and the drawings.

Claims (5)

1. A cigarette network security protection method is characterized by comprising the following steps:
associating networks of a server side and a client side;
configuring a white list and a black list strategy at the client side, and verifying the validity;
configuring a virus searching and killing strategy at the client, verifying the effectiveness and generating a virus report;
and configuring an attack inspection strategy at the client, verifying the effectiveness and generating an attack report.
2. The cigarette network security protection method according to claim 1, wherein the configuring of the white list and the black list policy at the client and the verifying of the validity specifically include:
monitoring the server side, confirming and counting threat information;
and searching a threat source terminal according to the threat information, and preventing the threat process from running through a white list technology.
3. The cigarette network security protection method of claim 1, wherein a virus checking and killing strategy is started according to the virus report.
4. The cigarette network security protection method of claim 1, wherein a patch upgrade strategy is started according to the attack statement.
5. The cigarette network security protection method according to any one of claims 1 to 4, wherein the method further comprises:
and analyzing the occupation proportion of the client running program to the resource space, and if the proportion is greater than a set value, generating a warning report.
CN201910996094.5A 2019-10-18 2019-10-18 Cigarette network safety protection method Pending CN110708332A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910996094.5A CN110708332A (en) 2019-10-18 2019-10-18 Cigarette network safety protection method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910996094.5A CN110708332A (en) 2019-10-18 2019-10-18 Cigarette network safety protection method

Publications (1)

Publication Number Publication Date
CN110708332A true CN110708332A (en) 2020-01-17

Family

ID=69201740

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910996094.5A Pending CN110708332A (en) 2019-10-18 2019-10-18 Cigarette network safety protection method

Country Status (1)

Country Link
CN (1) CN110708332A (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103049702A (en) * 2013-01-05 2013-04-17 浪潮电子信息产业股份有限公司 Server layer based security reinforcing strategy
CN103780589A (en) * 2012-10-24 2014-05-07 腾讯科技(深圳)有限公司 Virus prompting method, client-terminal device and server
CN105528543A (en) * 2015-12-23 2016-04-27 北京奇虎科技有限公司 Remote antivirus method, client, console and system
CN206195821U (en) * 2016-07-29 2017-05-24 北京匡恩网络科技有限责任公司 Industry control network security detection device
CN107332863A (en) * 2017-08-16 2017-11-07 深信服科技股份有限公司 The safety detection method and system of a kind of main frame based on centralized management
US20190121959A1 (en) * 2017-08-01 2019-04-25 PC Pitstop, Inc System, Method, and Apparatus for Computer Security
CN109818985A (en) * 2019-04-11 2019-05-28 江苏亨通工控安全研究院有限公司 A kind of industrial control system loophole trend analysis and method for early warning and system
CN110188543A (en) * 2019-05-21 2019-08-30 北京威努特技术有限公司 White list library, white list program library update method and industrial control system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103780589A (en) * 2012-10-24 2014-05-07 腾讯科技(深圳)有限公司 Virus prompting method, client-terminal device and server
CN103049702A (en) * 2013-01-05 2013-04-17 浪潮电子信息产业股份有限公司 Server layer based security reinforcing strategy
CN105528543A (en) * 2015-12-23 2016-04-27 北京奇虎科技有限公司 Remote antivirus method, client, console and system
CN206195821U (en) * 2016-07-29 2017-05-24 北京匡恩网络科技有限责任公司 Industry control network security detection device
US20190121959A1 (en) * 2017-08-01 2019-04-25 PC Pitstop, Inc System, Method, and Apparatus for Computer Security
CN107332863A (en) * 2017-08-16 2017-11-07 深信服科技股份有限公司 The safety detection method and system of a kind of main frame based on centralized management
CN109818985A (en) * 2019-04-11 2019-05-28 江苏亨通工控安全研究院有限公司 A kind of industrial control system loophole trend analysis and method for early warning and system
CN110188543A (en) * 2019-05-21 2019-08-30 北京威努特技术有限公司 White list library, white list program library update method and industrial control system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
袁萌: "内网主机监控与审计系统解决方案", 《计算机安全》 *

Similar Documents

Publication Publication Date Title
CA2968327C (en) Systems and methods for malicious code detection accuracy assurance
CN112702300B (en) Security vulnerability defense method and device
US8898787B2 (en) Software vulnerability exploitation shield
US8566939B2 (en) Method and device for scanning a plurality of computerized devices connected to a network
US7716727B2 (en) Network security device and method for protecting a computing device in a networked environment
US7600259B2 (en) Critical period protection
CN105183504B (en) Process white list updating method based on software server
CN107395395B (en) Processing method and device of safety protection system
US20170061126A1 (en) Process Launch, Monitoring and Execution Control
CN111177706A (en) Process white list updating method based on trusted software library
KR101951730B1 (en) Total security system in advanced persistent threat
US20170099322A1 (en) Method and system for modifying messages based on user-defined communication model
CN115550049A (en) Vulnerability detection method and system for Internet of things equipment
CN104038488A (en) System network safety protection method and device
US20190109824A1 (en) Rule enforcement in a network
CN112583841B (en) Virtual machine safety protection method and system, electronic equipment and storage medium
CN110708332A (en) Cigarette network safety protection method
KR100495777B1 (en) An integrated client-management system using an agent program
CN105825124A (en) Server illegal operation monitoring method and monitoring system
KR101489142B1 (en) Client system and control method thereof
TWI798603B (en) Malicious program detection method and system
CN108737358B (en) Update protection system for fixed environment and update protection method thereof
Duan et al. Research and application of server security protection based on virtual patch
JP2005293246A (en) Server computer protection device and server computer protection program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200117

RJ01 Rejection of invention patent application after publication