CN110830441A - Information safety monitoring system based on big data - Google Patents

Information safety monitoring system based on big data Download PDF

Info

Publication number
CN110830441A
CN110830441A CN201910943183.3A CN201910943183A CN110830441A CN 110830441 A CN110830441 A CN 110830441A CN 201910943183 A CN201910943183 A CN 201910943183A CN 110830441 A CN110830441 A CN 110830441A
Authority
CN
China
Prior art keywords
data
key
signal
input time
account
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201910943183.3A
Other languages
Chinese (zh)
Inventor
黄镇谨
葛祥友
王智文
阳树洪
黄力
何柏灵
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangxi University of Science and Technology
Original Assignee
Guangxi University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangxi University of Science and Technology filed Critical Guangxi University of Science and Technology
Priority to CN201910943183.3A priority Critical patent/CN110830441A/en
Publication of CN110830441A publication Critical patent/CN110830441A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/04Processing captured monitoring data, e.g. for logfile generation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Environmental & Geological Engineering (AREA)
  • Data Mining & Analysis (AREA)
  • Alarm Systems (AREA)

Abstract

The invention discloses an information safety monitoring system based on big data, which comprises a data acquisition module, an identification module, a data analysis module, a processor, an information safety calculation module, a safety judgment module, an alarm unit and intelligent equipment, wherein the data acquisition module is used for acquiring data information, the data information comprises character data and account input data, the account input data comprises input time data, key depression data and key force coefficients, the data acquisition module transmits the character data, the input time data, the key depression data and the key force coefficients to the identification module, the invention acquires the input time data, the key depression data and the key force coefficients through the data acquisition module, calculates the operation force magnitude and the input average time of each key according to the input time data, and compares and analyzes the calculation result with the data detected in the detection module again, thereby obtaining the security of the input of the account password.

Description

Information safety monitoring system based on big data
Technical Field
The invention relates to the technical field of information safety monitoring, in particular to an information safety monitoring system based on big data.
Background
The information security mainly comprises the following five aspects of ensuring the confidentiality, authenticity, integrity, unauthorized copying and security of a parasitic system. The information security itself includes a wide range, including how to prevent the leakage of the secret of the business enterprise, prevent the browsing of bad information by teenagers, the leakage of personal information, etc. The information security system under the network environment is the key for ensuring the information security, and comprises a computer security operating system, various security protocols and security mechanisms, and the global security can be threatened as long as security vulnerabilities exist until reaching the security system. The information security refers to that an information system is protected and is not damaged, changed and leaked due to accidental or malicious reasons, the system continuously, reliably and normally operates, information service is not interrupted, service continuity is finally achieved, and the security of the account number and the password of a user and the health problem of file content need to be detected.
A prior patent application publication No. CN109842794A discloses an emergency broadcast information security monitoring system, the emergency broadcast information safety monitoring system monitors the information safety state of emergency broadcast system resources and emergency broadcast safety modules in real time, alarms when an emergency broadcast system resource and an emergency broadcast safety module are abnormal, stores alarm information into a database, marks the position of the emergency broadcast system resource or the emergency broadcast safety module with a fault on an electronic map, inquires the detail of the emergency broadcast information safety monitoring abnormity, but, the emergency broadcast information safety monitoring system cannot perform safety judgment on account passwords through input data of the account passwords, cannot judge the occurrence rate of sensitive words through analysis on character data, cannot perform safety monitoring on the character data through safety judgment on the character data, and therefore an information safety monitoring system based on big data is provided.
Disclosure of Invention
The invention aims to provide an information safety monitoring system based on big data, an identification module is used for identifying and processing character data, input time data, key depression data, key force coefficient, actual key depression degree, key standard force coefficient and actual input time data so as to solve the problem that the safety of account number password input is difficult to guarantee in the prior art, an information safety calculation module is used for carrying out safety calculation operation on characters Wj, key word combination occurrence times Cp, key word combinations Hc and character numbers Sc so as to solve the problem that the occurrence rate of sensitive words is difficult to judge in the prior art, a safety judgment module is used for carrying out safety judgment operation on danger signals, reminding signals, low-level signals, general-level signals, high-level signals and the ratio B of the character data occupied by the key words, the alarm unit is used for converting the signal generated by the safety judgment module into an alarm, so that the problem that in the prior art, the safety monitoring of the text data is difficult according to different aspects is solved.
The technical problem to be solved by the invention is as follows:
(1) how to acquire input time data, key depression data and key force coefficients through a data acquisition module, calculate the operation force of each key and the input average time according to the input time data, and compare and analyze the calculation result with the data detected in the detection module again so as to obtain the security of account password input, thereby solving the problem that the security of account password input is difficult to guarantee in the prior art;
(2) how to judge the sensitive words of the character data and increase the safety of the data information by setting the data analysis module and the data information safety calculation module so as to solve the problem that the evaluation rate of the sensitive words is difficult to judge in the prior art;
(3) how to judge the safety of data information by setting a safety judgment module and an alarm unit and send out corresponding alarms according to a judgment result so as to solve the problem that the safety monitoring of the text data is difficult according to different aspects in the prior art;
the purpose of the invention can be realized by the following technical scheme: an information safety monitoring system based on big data comprises a data acquisition module, an identification module, a data analysis module, a processor, an information safety calculation module, a safety judgment module, an alarm unit and intelligent equipment;
the data acquisition module is used for acquiring data information, the data information comprises character data and account number input data, the account number input data comprises input time data, key sinking data and key force coefficients, the data acquisition module transmits the character data, the input time data, the key sinking data and the key force coefficients to the identification module, the monitoring module is used for monitoring the actual sinking degree of a key, the key standard force coefficients and the actual input time data and transmitting the actual sinking degree of the key, the key standard force coefficients and the actual input time data to the identification module, the identification module is used for carrying out identification processing on the character data, the input time data, the key sinking data, the key force coefficients, the actual sinking degree of the key, the key standard force coefficients and the actual input time data, and the specific processing process of the identification processing is as follows:
the method comprises the following steps: acquiring password bit data, input time data, key depression data and key force coefficients, sequentially marking the password bit data, the input time data, the key depression data and the key force coefficients as Mi, Jl, Ai and Li, wherein Mi, Ai and Li are in one-to-one correspondence, i is 1,2,3.
Step two: calculating operating force data Di (Ai) Li received by each key according to the key depression data Ai and the key force coefficient Li, wherein i is 1,2,3. The average operation force data is the sum of the operation force data and/or the operation times of each operation, and the average operation force data is obtained
Figure BDA0002223488100000031
Step three: calculating average input time data according to the input time data Ji
Step four: acquiring the monitored key standard force coefficient and average operating force data, comparing the sinking degree of the standard key with the actual sinking degree of the key according to the calculation formula that the sinking degree of the standard key is the average operating force data/key standard force coefficient, judging that the account number input is dangerous when the difference between the sinking degree of the standard key and the actual sinking degree of the key does not belong to K1, and needing verification, and judging that the account number input is safe when the difference between the sinking degree of the standard key and the actual sinking degree of the key belongs to K1, and needing no verification;
step five: comparing the average input time data with the actual input time data, judging that the account number input is dangerous when the ratio of the average input time data to the actual input time data does not belong to K2, and judging that the account number input is safe when the ratio of the average input time data to the actual input time data belongs to K2;
step six: when the difference value between the standard key depression degree and the actual key depression degree belongs to K1, and the ratio of the average input time data to the actual input time data does not belong to K2, the account input safety is judged, when the difference value between the standard key depression degree and the actual key depression degree does not belong to K1, and the ratio of the average input time data to the actual input time data belongs to K2, the account input is judged to be dangerous, wherein K1 and K2 are preset values;
the data acquisition module transmits the character data to the data analysis module through the processor, and the data analysis module performs analysis operation on the character data after receiving the character data to obtain characters Wj, the occurrence times Cp of the keyword combinations, the occurring keyword combinations Hc and the number Sc of the characters and transmits the characters to the information security calculation module;
after receiving the characters Wj, the occurrence times Cp of the keyword combinations, the occurring keyword combinations Hc and the number Sc of the characters, the information safety calculation module performs safety calculation operation on the characters to obtain the ratio B of the keyword characters to the character data and transmits the ratio B to the safety judgment module;
after receiving a danger signal, a reminding signal, a low-level signal, a general-level signal, a high-level signal and a ratio B of the keyword characters to the character data, the safety judgment module performs safety judgment operation on the dangerous signal, the reminding signal, the low-level signal, the general-level signal, the high-level signal and the keyword characters to obtain an account password danger signal, an account password safety signal, a sensitive vocabulary signal and a safe vocabulary signal and transmits the account password danger signal, the account password safety signal, the sensitive vocabulary signal and the;
the alarm unit is used for converting the signal generated by the safety judgment module into an alarm, and the alarm unit sends out a corresponding alarm after receiving the account password danger signal, the account password safety signal, the sensitive vocabulary signal and the safe vocabulary signal, and specifically comprises the following steps: when an account password danger signal is received, an account password danger alarm is sent out, when a sensitive vocabulary signal is received, a sensitive vocabulary alarm is sent out, and when an account password safety signal and a safe vocabulary signal are received, an alarm is not sent out;
the intelligent device is used for a manager to browse the working results of the identification module, the data analysis module and the information safety calculation module.
Preferably, the specific operation process of the analysis operation is as follows:
d1: acquiring character data, and sequentially marking characters in the character data as Wj, wherein j is 1,2 and 3;
d2: setting a keyword combination, and marking the keyword combination as Gp, p is 1,2,3.. b, wherein the keyword is composed of continuous characters or more than two continuous characters, such as G1 abc, G2 dcb and G3 bda;
d3: comparing the text data with the keyword combination to obtain the number of times of the keyword combination appearing in the text data, and marking the number as Cp, wherein p is 1,2,3.
Preferably, the specific operation process of the secure computing operation is as follows:
s1: obtaining the times of appearance of the keyword combination Cp, the appearing keyword combination Hc and the number of characters Sc, and obtaining the word number CpHc Sc appearing in the single keyword according to the calculation formula and the character number Sc appearing in the single keyword
Figure BDA0002223488100000051
Calculate the number of charactersThe number of words Z appearing according to the key word combination in the text;
s2: acquiring the number Z of words appearing in combination of the words Wj and key words in the word data, and calculating according to the formula
Figure BDA0002223488100000052
And calculating the ratio B of the keyword characters to the character data.
Preferably, the specific operation process of the safety judgment operation is as follows:
r1: acquiring a dangerous signal, a low-level signal and a general-level signal, judging the account as a risk account according to the dangerous signal, and generating an account password dangerous signal;
r2: acquiring a reminding signal and a high-level signal, judging the account as a safe account according to the reminding signal and the high-level signal, and generating an account password safe signal;
r3: obtaining a ratio B of the keyword characters to the character data, and comparing the ratio B with a preset value E, so as to judge the safety of the character data, specifically: when B is larger than or equal to E, judging that a large number of sensitive words exist in the character data to influence the health of teenagers, and generating a sensitive word signal, and when B is smaller than E, judging that a small number of sensitive words exist in the character data to not influence the health of the teenagers, and generating a safe word signal.
The invention has the beneficial effects that:
(1) the data acquisition module is used for acquiring data information, the data information comprises character data and account input data, the account input data comprises input time data, key depression data and key force coefficients, the data acquisition module transmits the character data, the input time data, the key depression data and the key force coefficients to the identification module, the monitoring module is used for monitoring the actual depression degree, the key standard force coefficients and the actual input time data of the keys and transmitting the actual depression degree, the key standard force coefficients and the actual input time data to the identification module, the identification module is used for identifying and processing the character data, the input time data, the key depression data, the key force coefficients, the actual depression degree of the keys, the key standard force coefficients and the actual input time data, the data acquisition module acquires the input time data, the key depression data and the key force coefficients and calculates the operation force magnitude and the input average time of each key according to the input time data, comparing and analyzing the calculation result with the data detected in the detection module again to obtain the input security of the account password;
(2) the data acquisition module transmits the character data to the data analysis module through the processor, the data analysis module analyzes and operates the character data after receiving the character data, the information safety calculation module performs safety calculation operation after receiving the characters Wj, the occurrence times Cp of the keyword combinations, the occurrence times Hc of the keyword combinations and the number Sc of the characters, and the data analysis module and the data information safety calculation module judge the sensitive words of the character data, so that the safety of the data information is improved, the influence of unhealthy data information on teenagers is avoided, and the safety monitoring result of the data information is increased.
(3) Safety judgment module is after receiving danger signal, warning signal, low level signal, general level signal, high level signal and the shared literal data's of keyword characters ratio B, carries out the safety judgment operation to it promptly, and the alarm unit is used for converting the signal that safety judgment module generated into the alarm, and the alarm unit sends corresponding alarm after receiving account number password danger signal, account number password safety signal, sensitive vocabulary signal and safe vocabulary signal, specifically is: when an account password danger signal is received, an account password danger alarm is sent, when a sensitive vocabulary signal is received, a sensitive vocabulary alarm is sent, when an account password safety signal and a safe vocabulary signal are received, an alarm is not sent, the safety of the data information is judged through the arrangement of the safety judgment module and the alarm unit, a corresponding alarm is sent according to a judgment result, the safety of the data information is improved, and the efficiency of monitoring work is improved.
Drawings
The invention will be further described with reference to the accompanying drawings.
FIG. 1 is a system block diagram of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention is an information security monitoring system based on big data, which includes a data acquisition module, an identification module, a data analysis module, a processor, an information security calculation module, a security judgment module, an alarm unit and an intelligent device;
the data acquisition module is used for acquiring data information, the data information comprises character data and account input data, the account input data comprises input time data, key depression data and key force coefficients, wherein the key depression data and the key force coefficients refer to depression data and force coefficients of keys corresponding to passwords, the input time data refers to the total time of inputting the passwords each time, the data acquisition module transmits the character data, the input time data, the key depression data and the key force coefficients to the identification module, the monitoring module is used for monitoring the actual depression degree of the keys, the key standard force coefficients and the actual input time data, the key standard force coefficients refer to ratios between different keyboard acting forces and depression degrees, and transmits the actual depression degree of the keys, the key standard force coefficients and the actual input time data to the identification module, the identification module is used for identifying character data, input time data, key depression data, key force coefficient, actual key depression degree, key standard force coefficient and actual input time data, and the specific processing process of the identification processing is as follows:
the method comprises the following steps: acquiring password bit data, input time data, key depression data and key force coefficients, sequentially marking the password bit data, the input time data, the key depression data and the key force coefficients as Mi, Jl, Ai and Li, wherein Mi, Ai and Li are in one-to-one correspondence, i is 1,2,3.
Step two: according to the keyAnd calculating the operating force data Di (Ai) Li received by each key by the sinking data Ai and the key force coefficient Li, wherein i is 1,2,3.. n according to the calculation formula: the average operation force data is the sum of the operation force data and/or the operation times of each operation, and the average operation force data is obtained
Figure BDA0002223488100000081
The key depression data Ai is the depression degree of a used keyboard key of a user and can be detected and calculated by a distance meter in the prior art, the key force coefficient Li is the acting force of the finger of the user on the key and can be detected by a pressure sensor in the prior art, and the average operating force data is the average value of the operating force of the user each time;
step three: calculating average input time data according to the input time data Ji
Step four: acquiring the monitored key standard force coefficient and average operating force data, comparing the sinking degree of the standard key with the actual sinking degree of the key according to the calculation formula that the sinking degree of the standard key is the average operating force data/key standard force coefficient, judging that the account number input is dangerous when the difference between the sinking degree of the standard key and the actual sinking degree of the key does not belong to K1, and needing verification, and judging that the account number input is safe when the difference between the sinking degree of the standard key and the actual sinking degree of the key belongs to K1, and needing no verification;
step five: comparing the average input time data with the actual input time data, judging that the account number input is dangerous when the ratio of the average input time data to the actual input time data does not belong to K2, and judging that the account number input is safe when the ratio of the average input time data to the actual input time data belongs to K2;
step six: when the difference value between the standard key depression degree and the actual key depression degree belongs to K1, and the ratio of the average input time data to the actual input time data does not belong to K2, the account input safety is judged, when the difference value between the standard key depression degree and the actual key depression degree does not belong to K1, and the ratio of the average input time data to the actual input time data belongs to K2, the account input is judged to be dangerous, wherein K1 and K2 are preset values;
the data acquisition module is also used for transmitting the character data to the data analysis module through the processor, the data analysis module is used for analyzing the character data after receiving the character data, and the specific operation process of the analysis operation is as follows:
d1: acquiring character data, and sequentially marking characters in the character data as Wj, wherein j is 1,2 and 3;
d2: setting a keyword combination, and marking the keyword combination as Gp, p is 1,2,3.. b, wherein the keyword is composed of continuous characters or more than two continuous characters, such as G1 abc, G2 dcb and G3 bda;
d3: comparing the text data with the keyword combinations to obtain the times of the keyword combinations appearing in the text data, marking the times as Cp, wherein p is 1,2,3.. b, and the Cp corresponds to Gp one by one, marking the keyword combinations appearing in the text data as Hc, c is 1,2,3.. q, marking the number of characters of each keyword as Sc, and c is 1,2,3.. q, wherein Hc corresponds to Sc one by one, and transmitting the text Wj, the times of keyword combination appearance Cp, the keyword combinations appearing Hc and the number of characters Sc to the information security calculation module;
after receiving the characters Wj, the occurrence times Cp of the keyword combinations, the occurring keyword combinations Hc and the number Sc of the characters, the information security calculation module performs security calculation operation on the characters, wherein the specific operation process of the security calculation operation is as follows:
s1: obtaining the times of appearance of the keyword combination Cp, the appearing keyword combination Hc and the number of characters Sc, and obtaining the word number CpHc Sc appearing in the single keyword according to the calculation formula and the character number Sc appearing in the single keyword
Figure BDA0002223488100000101
Calculating the number Z of the key word combinations in the character data;
s2: obtaining words Wj and words in dataThe number of words Z appearing in the keyword combination is calculated according to the formula
Figure BDA0002223488100000102
Calculating the ratio B of the keyword characters to the character data, and transmitting the ratio B of the keyword characters to the character data to the safety judgment module;
after receiving a dangerous signal, a reminding signal, a low-level signal, a general-level signal, a high-level signal and a ratio B of the keyword characters to the character data, the safety judgment module performs safety judgment operation on the dangerous signal, the reminding signal, the low-level signal, the general-level signal, the high-level signal and the keyword characters, wherein the specific operation process of the specific safety judgment operation is as follows:
r1: acquiring a dangerous signal, a low-level signal and a general-level signal, judging the account as a risk account according to the dangerous signal, and generating an account password dangerous signal;
r2: acquiring a reminding signal and a high-level signal, judging the account as a safe account according to the reminding signal and the high-level signal, and generating an account password safe signal;
r3: obtaining a ratio B of the keyword characters to the character data, and comparing the ratio B with a preset value E, so as to judge the safety of the character data, specifically: when B is larger than or equal to E, judging that a large number of sensitive words exist in the text data to influence the health of teenagers and generating sensitive word signals, when B is smaller than E, judging that a small number of sensitive words exist in the text data and do not influence the health of the teenagers yet, generating safe word signals, and transmitting the account password danger signals, the account password safety signals, the sensitive word signals and the safe word signals to an alarm unit;
the alarm unit is used for converting the signal generated by the safety judgment module into an alarm, and the alarm unit sends out a corresponding alarm after receiving the account password danger signal, the account password safety signal, the sensitive vocabulary signal and the safe vocabulary signal, and specifically comprises the following steps: when an account password danger signal is received, an account password danger alarm is sent out, when a sensitive vocabulary signal is received, a sensitive vocabulary alarm is sent out, and when an account password safety signal and a safe vocabulary signal are received, an alarm is not sent out;
the intelligent device is used for a manager to browse the working results of the identification module, the data analysis module and the information safety calculation module.
The invention uses the data acquisition module to acquire data information, the data information comprises character data and account input data, the account input data comprises input time data, key depression data and key force coefficient, the data acquisition module transmits the character data, the input time data, the key depression data and the key force coefficient to the identification module, the monitoring module is used to monitor the actual depression degree of the key, the key standard force coefficient and the actual input time data and transmit the data to the identification module, the identification module is used to identify and process the character data, the input time data, the key depression data, the key force coefficient, the actual depression degree of the key, the key standard force coefficient and the actual input time data, the data acquisition module acquires the input time data, the key depression data and the key force coefficient and calculates the operation force of each key and the input average time according to the data, comparing and analyzing the calculation result with the data detected in the detection module again to obtain the input security of the account password;
meanwhile, the data acquisition module transmits the character data to the data analysis module through the processor, the data analysis module analyzes and operates the character data after receiving the character data, the information safety calculation module performs safety calculation operation on the character data after receiving the characters Wj, the occurrence times Cp of the keyword combinations, the occurrence times Hc of the keyword combinations and the number Sc of the characters, and the data analysis module and the data information safety calculation module judge the sensitive words of the character data, so that the safety of the data information is improved, the influence of unhealthy data information on teenagers is avoided, and the safety monitoring of the data information is improved.
Meanwhile, after receiving a dangerous signal, a reminding signal, a low-level signal, a general-level signal, a high-level signal and a ratio B of character data occupied by keyword characters, the safety judgment module performs safety judgment operation on the dangerous signal, the alarm unit is used for converting a signal generated by the safety judgment module into an alarm, and the alarm unit sends out a corresponding alarm after receiving an account password dangerous signal, an account password safety signal, a sensitive vocabulary signal and a safe vocabulary signal, and specifically comprises the following steps: when an account password danger signal is received, an account password danger alarm is sent, when a sensitive vocabulary signal is received, a sensitive vocabulary alarm is sent, when an account password safety signal and a safe vocabulary signal are received, an alarm is not sent, the safety of the data information is judged through the arrangement of the safety judgment module and the alarm unit, a corresponding alarm is sent according to a judgment result, the safety of the data information is improved, and the efficiency of monitoring work is improved.
The foregoing is merely exemplary and illustrative of the present invention and various modifications, additions and substitutions may be made by those skilled in the art to the specific embodiments described without departing from the scope of the invention as defined in the following claims.

Claims (4)

1. An information safety monitoring system based on big data is characterized by comprising a data acquisition module, an identification module, a data analysis module, a processor, an information safety calculation module, a safety judgment module, an alarm unit and intelligent equipment;
the data acquisition module is used for acquiring data information, the data information comprises character data and account number input data, the account number input data comprises input time data, key sinking data and key force coefficients, the data acquisition module transmits the character data, the input time data, the key sinking data and the key force coefficients to the identification module, the monitoring module is used for monitoring the actual sinking degree of a key, the key standard force coefficients and the actual input time data and transmitting the actual sinking degree of the key, the key standard force coefficients and the actual input time data to the identification module, the identification module is used for carrying out identification processing on the character data, the input time data, the key sinking data, the key force coefficients, the actual sinking degree of the key, the key standard force coefficients and the actual input time data, and the specific processing process of the identification processing is as follows:
the method comprises the following steps: acquiring password bit data, input time data, key depression data and key force coefficients, sequentially marking the password bit data, the input time data, the key depression data and the key force coefficients as Mi, Jl, Ai and Li, wherein Mi, Ai and Li are in one-to-one correspondence, i is 1,2,3.
Step two: calculating operating force data Di (Ai) Li received by each key according to the key depression data Ai and the key force coefficient Li, wherein i is 1,2,3. The average operation force data is the sum of the operation force data and/or the operation times of each operation, and the average operation force data is obtained
Figure FDA0002223488090000011
Step three: calculating average input time data according to the input time data Ji
Figure FDA0002223488090000012
Step four: acquiring the monitored key standard force coefficient and average operating force data, comparing the sinking degree of the standard key with the actual sinking degree of the key according to the calculation formula that the sinking degree of the standard key is the average operating force data/key standard force coefficient, judging that the account number input is dangerous when the difference between the sinking degree of the standard key and the actual sinking degree of the key does not belong to K1, and needing verification, and judging that the account number input is safe when the difference between the sinking degree of the standard key and the actual sinking degree of the key belongs to K1, and needing no verification;
step five: comparing the average input time data with the actual input time data, judging that the account number input is dangerous when the ratio of the average input time data to the actual input time data does not belong to K2, and judging that the account number input is safe when the ratio of the average input time data to the actual input time data belongs to K2;
step six: when the difference value between the standard key depression degree and the actual key depression degree belongs to K1, and the ratio of the average input time data to the actual input time data does not belong to K2, the account input safety is judged, when the difference value between the standard key depression degree and the actual key depression degree does not belong to K1, and the ratio of the average input time data to the actual input time data belongs to K2, the account input is judged to be dangerous, wherein K1 and K2 are preset values;
the data acquisition module transmits the character data to the data analysis module through the processor, and the data analysis module performs analysis operation on the character data after receiving the character data to obtain characters Wj, the occurrence times Cp of the keyword combinations, the occurring keyword combinations Hc and the number Sc of the characters and transmits the characters to the information security calculation module;
after receiving the characters Wj, the occurrence times Cp of the keyword combinations, the occurring keyword combinations Hc and the number Sc of the characters, the information safety calculation module performs safety calculation operation on the characters to obtain the ratio B of the keyword characters to the character data and transmits the ratio B to the safety judgment module;
after receiving a danger signal, a reminding signal, a low-level signal, a general-level signal, a high-level signal and a ratio B of the keyword characters to the character data, the safety judgment module performs safety judgment operation on the dangerous signal, the reminding signal, the low-level signal, the general-level signal, the high-level signal and the keyword characters to obtain an account password danger signal, an account password safety signal, a sensitive vocabulary signal and a safe vocabulary signal and transmits the account password danger signal, the account password safety signal, the sensitive vocabulary signal and the;
the alarm unit is used for converting the signal generated by the safety judgment module into an alarm, and the alarm unit sends out a corresponding alarm after receiving the account password danger signal, the account password safety signal, the sensitive vocabulary signal and the safe vocabulary signal, and specifically comprises the following steps: when an account password danger signal is received, an account password danger alarm is sent out, when a sensitive vocabulary signal is received, a sensitive vocabulary alarm is sent out, and when an account password safety signal and a safe vocabulary signal are received, an alarm is not sent out;
the intelligent device is used for a manager to browse the working results of the identification module, the data analysis module and the information safety calculation module.
2. The big data-based information security monitoring system according to claim 1, wherein the specific operation process of the analysis operation is as follows:
d1: acquiring character data, and sequentially marking characters in the character data as Wj, wherein j is 1,2 and 3;
d2: setting a keyword combination, and marking the keyword combination as Gp, p is 1,2,3.. b, wherein the keyword is composed of continuous characters or more than two continuous characters, such as G1 abc, G2 dcb and G3 bda;
d3: comparing the text data with the keyword combination to obtain the number of times of the keyword combination appearing in the text data, and marking the number as Cp, wherein p is 1,2,3.
3. The big data-based information security monitoring system according to claim 1, wherein the specific operation process of the security computing operation is as follows:
s1: obtaining the times of appearance of the keyword combination Cp, the appearing keyword combination Hc and the number of characters Sc, and obtaining the word number CpHc Sc appearing in the single keyword according to the calculation formula and the character number Sc appearing in the single keyword
Figure FDA0002223488090000031
Calculating the number Z of the key word combinations in the character data;
s2: acquiring the number Z of words appearing in combination of the words Wj and key words in the word data, and calculating according to the formula
Figure FDA0002223488090000041
And calculating the ratio B of the keyword characters to the character data.
4. The big data-based information security monitoring system according to claim 1, wherein the specific operation process of the security judgment operation is as follows:
r1: acquiring a dangerous signal, a low-level signal and a general-level signal, judging the account as a risk account according to the dangerous signal, and generating an account password dangerous signal;
r2: acquiring a reminding signal and a high-level signal, judging the account as a safe account according to the reminding signal and the high-level signal, and generating an account password safe signal;
r3: obtaining a ratio B of the keyword characters to the character data, and comparing the ratio B with a preset value E, so as to judge the safety of the character data, specifically: when B is larger than or equal to E, judging that a large number of sensitive words exist in the character data to influence the health of teenagers, and generating a sensitive word signal, and when B is smaller than E, judging that a small number of sensitive words exist in the character data to not influence the health of the teenagers, and generating a safe word signal.
CN201910943183.3A 2019-09-30 2019-09-30 Information safety monitoring system based on big data Withdrawn CN110830441A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910943183.3A CN110830441A (en) 2019-09-30 2019-09-30 Information safety monitoring system based on big data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910943183.3A CN110830441A (en) 2019-09-30 2019-09-30 Information safety monitoring system based on big data

Publications (1)

Publication Number Publication Date
CN110830441A true CN110830441A (en) 2020-02-21

Family

ID=69548954

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910943183.3A Withdrawn CN110830441A (en) 2019-09-30 2019-09-30 Information safety monitoring system based on big data

Country Status (1)

Country Link
CN (1) CN110830441A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111416960A (en) * 2020-03-27 2020-07-14 河北凯通信息技术服务有限公司 Video monitoring system based on cloud service
CN111915782A (en) * 2020-02-27 2020-11-10 宁波大学 Intelligent door safety control method
CN112115450A (en) * 2020-09-28 2020-12-22 兰和科技(深圳)有限公司 Campus security information management system based on artificial intelligence technology
CN112509655A (en) * 2020-12-03 2021-03-16 钟爱健康科技(广东)有限公司 Intelligent medical data acquisition system based on block chain
CN113051573A (en) * 2021-02-19 2021-06-29 广州银汉科技有限公司 Host safety real-time monitoring alarm system based on big data
CN113591044A (en) * 2021-07-27 2021-11-02 睿思网盾(北京)科技有限公司 Intrusion protection system based on identity recognition

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105100122A (en) * 2015-09-08 2015-11-25 南京联成科技发展有限公司 Threat detection and alert method and system based on big data analysis
US20170228661A1 (en) * 2014-04-17 2017-08-10 Sas Institute Inc. Systems and methods for machine learning using classifying, clustering, and grouping time series data
CN108090332A (en) * 2017-12-06 2018-05-29 国云科技股份有限公司 A kind of air control method that behavioural analysis is logged in based on user
CN109842631A (en) * 2019-03-21 2019-06-04 安徽威尔信通信科技有限责任公司 A kind of network information security intelligent analysis system
CN109857932A (en) * 2019-01-21 2019-06-07 深圳中利汇信息技术有限公司 A kind of resource management system based on cloud computing
CN109960200A (en) * 2019-03-19 2019-07-02 温州洪启信息科技有限公司 Municipal drainage network monitoring control system based on big data
CN110138087A (en) * 2019-05-31 2019-08-16 河南城建学院 A kind of electric power safety monitoring system based on data acquisition

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170228661A1 (en) * 2014-04-17 2017-08-10 Sas Institute Inc. Systems and methods for machine learning using classifying, clustering, and grouping time series data
CN105100122A (en) * 2015-09-08 2015-11-25 南京联成科技发展有限公司 Threat detection and alert method and system based on big data analysis
CN108090332A (en) * 2017-12-06 2018-05-29 国云科技股份有限公司 A kind of air control method that behavioural analysis is logged in based on user
CN109857932A (en) * 2019-01-21 2019-06-07 深圳中利汇信息技术有限公司 A kind of resource management system based on cloud computing
CN109960200A (en) * 2019-03-19 2019-07-02 温州洪启信息科技有限公司 Municipal drainage network monitoring control system based on big data
CN109842631A (en) * 2019-03-21 2019-06-04 安徽威尔信通信科技有限责任公司 A kind of network information security intelligent analysis system
CN110138087A (en) * 2019-05-31 2019-08-16 河南城建学院 A kind of electric power safety monitoring system based on data acquisition

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111915782A (en) * 2020-02-27 2020-11-10 宁波大学 Intelligent door safety control method
CN111416960A (en) * 2020-03-27 2020-07-14 河北凯通信息技术服务有限公司 Video monitoring system based on cloud service
CN111416960B (en) * 2020-03-27 2021-07-13 深圳普泰电气有限公司 Video monitoring system based on cloud service
CN112115450A (en) * 2020-09-28 2020-12-22 兰和科技(深圳)有限公司 Campus security information management system based on artificial intelligence technology
CN112509655A (en) * 2020-12-03 2021-03-16 钟爱健康科技(广东)有限公司 Intelligent medical data acquisition system based on block chain
CN112509655B (en) * 2020-12-03 2023-08-04 钟爱健康科技(广东)有限公司 Intelligent medical data acquisition system based on blockchain
CN113051573A (en) * 2021-02-19 2021-06-29 广州银汉科技有限公司 Host safety real-time monitoring alarm system based on big data
CN113591044A (en) * 2021-07-27 2021-11-02 睿思网盾(北京)科技有限公司 Intrusion protection system based on identity recognition

Similar Documents

Publication Publication Date Title
CN110830441A (en) Information safety monitoring system based on big data
CN111163087B (en) Database safety protection system based on data acquisition
Ye et al. Multivariate statistical analysis of audit trails for host-based intrusion detection
EP1741223B1 (en) Method, apparatus and computer program for distinguishing relevant network security threats using comparison of refined intrusion detection audits and intelligent security analysis
CN105556526A (en) Hierarchical threat intelligence
CN101459537A (en) Network security situation sensing system and method based on multi-layer multi-angle analysis
CN110543761A (en) big data analysis method applied to information security field
CN109684863B (en) Data leakage prevention method, device, equipment and storage medium
Lin Construction of Computer Network Security System in the Era of Big Data
CN113852633A (en) Method for generating implementation case for information security assessment
CN117614743B (en) Phishing early warning method and system thereof
CN111726355A (en) Network security situation perception system based on big data
CN116886335A (en) Data security management system
KR102590081B1 (en) Security compliance automation method
Melshiyan et al. Information Security Audit Using Open Source Intelligence Methods
CN116389148A (en) Network security situation prediction system based on artificial intelligence
CN115600189A (en) Commercial password application security evaluation system
CN112887288B (en) Internet-based E-commerce platform intrusion detection front-end computer scanning system
CN114676025A (en) Computer data safety detection system based on internet
Kang et al. Multi-dimensional security risk assessment model based on three elements in the IoT system
Najafian et al. Signature-based method and stream data mining technique performance evaluation for security and intrusion detection in advanced metering infrastructures (ami)
CN106993005A (en) The method for early warning and system of a kind of webserver
Zhou et al. A network risk assessment method based on attack-defense graph model
CN111092857A (en) Information security early warning method and device, computer equipment and storage medium
Francia III et al. Critical infrastructure protection and security benchmarks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20200221