CN110881035B - Network security system based on cloud computing and artificial intelligence - Google Patents
Network security system based on cloud computing and artificial intelligence Download PDFInfo
- Publication number
- CN110881035B CN110881035B CN201911108612.1A CN201911108612A CN110881035B CN 110881035 B CN110881035 B CN 110881035B CN 201911108612 A CN201911108612 A CN 201911108612A CN 110881035 B CN110881035 B CN 110881035B
- Authority
- CN
- China
- Prior art keywords
- signal
- transaction
- communication
- data
- time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/142—Network analysis or design using statistical or mathematical methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/306—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting packet switched data communications, e.g. Web, Internet or IMS communications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Business, Economics & Management (AREA)
- Finance (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Technology Law (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- General Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- Marketing (AREA)
- Theoretical Computer Science (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Economics (AREA)
- Development Economics (AREA)
- Algebra (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Mathematical Physics (AREA)
- Probability & Statistics with Applications (AREA)
- Pure & Applied Mathematics (AREA)
- Alarm Systems (AREA)
Abstract
The invention discloses a network security system based on cloud computing and artificial intelligence, which comprises a data acquisition module, a network analysis module, a processor, an interception unit, a judgment module, an alarm unit and intelligent equipment, wherein the acquisition module is used for acquiring data information, the data information comprises transaction information and communication information, and the transaction information comprises transaction amount data, transaction time data, transaction object data and transaction frequency data. Time is saved, and working efficiency is improved.
Description
Technical Field
The invention relates to the technical field of artificial intelligence networks, in particular to a network security system based on cloud computing and artificial intelligence.
Background
Artificial intelligence is a branch of computer science, which attempts to understand the essence of intelligence and produces a new intelligent machine that can respond in a manner similar to human intelligence, the research in this field includes robots, language recognition, image recognition, natural language processing, expert systems, etc., artificial intelligence has grown in theory and technology since birth, and the application field is expanding, it can be assumed that the scientific and technological products brought by future artificial intelligence will be the ' container ' of human intelligence, artificial intelligence can simulate the information process of human consciousness and thinking, artificial intelligence is not human intelligence but can think like people and can exceed human intelligence, with the development of society, network technology is also perfected, but network technology has some safety problems, many people acquire other people's information through network and communicate through short messages, etc., thereby obtaining the labor achievement of others.
The network security system based on artificial intelligence, which is disclosed in the prior patent publication No. CN108965253A, can perform anti-tracking on Trojan viruses and the like through a cloud computing anti-tracking system, can monitor a network environment through an AI artificial intelligence technology through an artificial intelligence monitoring system, can analyze whether the network environment of data exists safely through a big data analysis platform, can monitor the network where the data exists through a safety environment monitoring module, can intercept fraud data through a fraud data interception system, can isolate Trojan viruses through a Trojan virus isolation system, and can detect and process leak data through a leak data detection module, through the data protection isolated system who sets up for protect the isolation to handle data, structure scientific and reasonable, convenience safe in utilization provides very big help for people, but, this network safety system based on artificial intelligence can't realize the setting of analytical element, carries out accurate analysis to data information, and simultaneously, just judge through single data after data analysis, thereby lack the accuracy of judging, for this reason, we propose a network safety system based on cloud computing and artificial intelligence.
Disclosure of Invention
The invention aims to provide a data acquisition module for acquiring data information and sending the data information to a network analysis module, the network analysis module is used for analyzing transaction amount data, transaction time data, transaction object data, transaction frequency data, communication time data, communication frequency data, communication content data and communication object age data, a judgment module is used for carrying out safety judgment operation on the average age, the occurrence ratio, the adjacent transaction difference, the average communication time, the time difference and the average transaction amount difference of the communication objects and respectively transmitting the obtained permission signal, warning signal and alarm signal to an alarm unit and an interception unit, the alarm unit sends a signal prompt to intelligent equipment after receiving the warning signal and the alarm signal, and the interception unit is used for converting the warning signal and the alarm signal into a warning command and an alarm command, and intercepting the data information according to the data information.
The technical problem to be solved by the invention is as follows:
(1) how to carry out combined calculation on transaction amount data, transaction time data, transaction object data, transaction frequency data, communication time data, communication frequency data, communication content data and communication object age data by setting a network analysis module so as to obtain an average value and a difference value of the data, thereby solving the problem that accurate analysis on data information is difficult in the prior art;
(2) how to judge the average value and the difference value of various data through the setting of the judging module to obtain an accurate judging result, and sending a signal prompt to the intelligent equipment according to the judged result through the setting of the alarm unit and the intercepting unit, and intercepting the corresponding data information to solve the problem that the data information is comprehensively judged through the calculation result in the prior art.
The purpose of the invention can be realized by the following technical scheme: a network security system based on cloud computing and artificial intelligence comprises a data acquisition module, a network analysis module, a processor, an interception unit, a judgment module, an alarm unit and intelligent equipment;
the system comprises an acquisition module, a network analysis module and a network processing module, wherein the acquisition module is used for acquiring data information, the data information comprises transaction information and communication information, the transaction information comprises transaction amount data, transaction time data, transaction object data and transaction frequency data, the transaction frequency data refers to the total transaction frequency within a period of time, the communication information comprises communication time data, communication frequency data, communication content data and communication object age data, the communication frequency data refers to the number of people who communicate with the acquisition module within a period of time, the communication time data represents the time of contact between a user A and a user B, and the communication content data represents the content of short messages and sends the content to the network analysis module;
the network analysis module is used for analyzing the transaction amount data, the transaction time data, the transaction object data, the transaction frequency data, the communication time data, the communication frequency data, the communication content data and the communication object age data to obtain the average age, the appearance ratio, the adjacent transaction difference value, the average communication time, the time difference value and the average transaction amount difference value of the communication objects, and transmitting the average transaction amount data, the transaction time data, the transaction object data, the transaction frequency data, the communication content data and the communication object age data to the judgment module through the processor;
the judging module is used for carrying out safety judgment operation on the average age, the appearance ratio, the adjacent transaction difference, the average communication time, the time difference and the average transaction amount difference of the communication objects to obtain an allowance signal, a warning signal and an alarm signal, and transmitting the allowance signal, the warning signal and the alarm signal to the alarm unit and the intercepting unit respectively;
the alarm unit sends a signal prompt to the intelligent equipment after receiving the warning signal and the alarm signal, and the intelligent equipment is used for prompting a user;
the intercepting unit is used for converting the warning signal and the alarm signal into a warning command and an alarm command successfully and intercepting the data information according to the warning command and the alarm command;
and the alarm unit and the interception unit do not operate the data information when receiving the permission signal.
As a further improvement of the invention: the specific operation process of the analysis operation is as follows:
the method comprises the following steps: acquiring transaction amount data, transaction time data, transaction object data, transaction frequency data, communication time data, communication frequency data, communication content data and communication object age data, and sequentially marking the data as Ji, Si, JDi, Ci, Ti, Xi, Ni and Di, wherein i is 1,2,3.... n;
step two: substituting transaction amount data and transaction frequency data into calculation formulaWherein M is the average transaction amount of the total transaction number, and the transaction amount data is substituted into a calculation formula CZ ═ Ji-M |, wherein CZ represents the difference between the transaction amount of each time and the average transaction amount, and for no two adjacent transactionsCalculating the exchange amount data to obtain the difference value XLL ═ J between adjacent transactionsi-Ji-1,l=1,2,3......j;
Step three: transaction time data is obtained and brought into the calculation formula JGl ═ Si-Si-1J, where JGl is expressed as the time difference between two adjacent transaction times;
step four: obtaining communication time data and communication times data, and bringing them into calculation formulaWherein PTi is expressed as average communication time, and the age data of the communication object is substituted into the calculation formulaWherein PDi is expressed as the average age of the communication objects;
step five: acquiring communication content data Ni, marking character data in the communication content data Ni as Wo, o 1,2,31、K2、K3......KxAnd x is 1,2,3.
As a further improvement of the invention: the specific operation process of the safety judgment operation comprises the following steps:
e1: acquiring a difference value of transaction amount and an adjacent transaction difference value, setting a relative difference value range Q, and comparing the relative difference value range Q with the difference value of the transaction amount and the adjacent transaction difference value, wherein the specific steps are as follows:
r1: when XLL is larger than Q and CZ is larger than Q, the transaction amount is judged to be unstable in floating, and a transaction unstable signal is generated;
r2: when XLL is larger than Q, CZ is smaller than or equal to Q, or XLL is smaller than or equal to Q, and CZ is larger than Q, judging the transaction amount floating rule, and generating a transaction rule signal;
r3: when XLL is less than or equal to Q and CZ is less than or equal to Q, determining that the transaction amount is stable in floating, and generating a transaction stable signal;
e2: setting a time preset value range G, and comparing the time preset value range G with a time difference value, wherein the specific steps are as follows: when JGl is larger than G, the user transaction interval time is judged to be longer, a transaction missing signal is generated, when JGl belongs to G, the user transaction interval time is judged to be general, a transaction normal signal is generated, when JGl is smaller than G, the user transaction interval time is judged to be frequent, and a transaction frequent signal is generated;
e3: setting a communication preset value range q, and comparing the communication preset value range q with the average communication time, specifically: when PTi is larger than q, judging that the communication interval time of the user is longer, generating a communication lack signal, when PTi belongs to q, judging that the communication interval time of the user is general, generating a communication normal signal, and when PTi is smaller than q, judging that the communication interval time of the user is frequent, generating a communication frequent signal;
e4: setting a ratio preset value range H, and comparing the ratio with the appearance ratio, wherein the specific steps are as follows: when V is larger than H, the communication content is judged to be sensitive, a content danger signal is generated, when V belongs to H, the communication content is judged to be dangerous, a content alarm signal is generated, when V is smaller than H, the communication content is judged to be normal, and a content safety signal is generated;
e5: setting a range F of preset age values, and comparing the range F with the average age of the communication objects, wherein the range F specifically comprises the following steps: when PDi is larger than F, judging that the age of the communication object is bigger, and generating an old age signal, when PDi belongs to F, judging that the age of the communication object is moderate, and generating a middle age signal, when PDi is smaller than F, judging that the age of the communication object is smaller, and generating a young age signal;
e6: acquiring the transaction unstable signal, the transaction regular signal, the transaction stable signal, the transaction missing signal, the transaction normal signal, the transaction frequent signal, the communication lack signal, the communication normal signal, the communication frequent signal, the content dangerous signal, the content alarm signal, the content safety signal, the old signal, the middle-aged signal and the young signal in the E1-E5, and performing grade judgment according to the signals, specifically:
ER 1: when a transaction unstable signal, a transaction missing signal, a communication missing signal, a content safety signal and a youth signal occur, judging the safety of the data information and generating an allowable signal;
ER 2: when a transaction rule signal, a transaction normal signal, a communication normal signal, a content alarm signal and a middle-aged signal appear, judging that potential safety hazards exist in the data information, and generating a warning signal;
ER 3: when any three or more than three of the transaction stable signal, the transaction frequent signal, the communication frequent signal, the content dangerous signal and the old signal occur at the same time, the data information is judged to have dangerous information, and an alarm signal is generated.
As a further improvement of the invention: the intelligent device is a tablet computer.
The invention has the beneficial effects that:
(1) the acquisition module is used for acquiring data information and sending the data information to the network analysis module, the network analysis module is used for analyzing and operating transaction amount data, transaction time data, transaction object data, transaction frequency data, communication time data, communication frequency data, communication content data and communication object age data, and the data is obtained through a calculation formulaCZ=|Ji-M|、XLl=Ji-Ji-1、JGl=Si-Si-1、Andobtaining average age, appearance ratio, adjacent transaction difference, average communication time, time difference and average transaction amount difference of communication objects, and setting transaction amount data, transaction time data, transaction object data, transaction frequency data, communication time data, communication frequency data and communication content data by a network analysis moduleAnd the age data of the communication object is combined and calculated, so that the average value and the difference value of the data are obtained, the data information is analyzed more comprehensively and accurately, the judgment is prevented from being influenced due to the analysis error of the data information, the time is saved, and the working efficiency is improved.
(2) The judging module is used for carrying out safety judgment operation on the average age, the occurrence ratio, the adjacent transaction difference, the average communication time, the time difference and the average transaction amount difference of the communication objects, judging the occurrence of the data information safety through a transaction unstable signal, a transaction missing signal, a communication lack signal, a content safety signal and a youth signal, judging the occurrence of the data information safety through a transaction regular signal, a transaction normal signal, a communication normal signal, a content alarm signal and a middle-aged signal, judging the occurrence of potential safety hazards in the data information, and judging the occurrence of dangerous information in the data information when any three or more than three of the transaction stable signal, the transaction frequent signal, the communication frequent signal, the content dangerous signal and the old signal occur simultaneously, generating an allowance signal, a warning signal and an alarm signal, and transmitting the allowance signal, the warning signal and the alarm signal to the alarm unit and the interception unit respectively, the alarm unit sends a signal prompt to the intelligent equipment after receiving the alarm signal and the warning signal, the interception unit is used for converting the alarm signal and the warning signal into a warning command and an alarm command successfully and intercepting the data information according to the warning command and the alarm command, the alarm unit and the interception unit do not operate the data information when receiving the permission signal, the average value and the difference value of various data are judged through the setting of the judgment module to obtain an accurate judgment result, a signal prompt is sent to the intelligent equipment according to the judged result through the setting of the alarm unit and the interception unit, the corresponding data information is intercepted, the judgment is carried out through comprehensive processing of various data, the judgment accuracy is improved, the data information is intercepted, and the situation that a user is influenced after receiving the data information and accordingly loss of various aspects is caused is avoided.
Drawings
The invention will be further described with reference to the accompanying drawings.
FIG. 1 is a system block diagram of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention is a network security system based on cloud computing and artificial intelligence, including a data acquisition module, a network analysis module, a processor, an interception unit, a determination module, an alarm unit, and an intelligent device;
the system comprises an acquisition module, a network analysis module and a network processing module, wherein the acquisition module is used for acquiring data information, the data information comprises transaction information and communication information, the transaction information comprises transaction amount data, transaction time data, transaction object data and transaction frequency data, the transaction frequency data refers to the total transaction frequency within a period of time, the communication information comprises communication time data, communication frequency data, communication content data and communication object age data, the communication frequency data refers to the number of people who communicate with the acquisition module within a period of time, the communication time data represents the time of contact between a user A and a user B, and the communication content data represents the content of short messages and sends the content to the network analysis module;
the network analysis module is used for analyzing transaction amount data, transaction time data, transaction object data, transaction frequency data, communication time data, communication frequency data, communication content data and communication object age data, and the specific operation process of the analysis operation is as follows:
the method comprises the following steps: acquiring transaction amount data, transaction time data, transaction object data, transaction frequency data, communication time data, communication frequency data, communication content data and communication object age data, and sequentially marking the data as Ji, Si, JDi, Ci, Ti, Xi, Ni and Di, wherein i is 1,2,3.... n;
step two: data of transaction amount is processedEasy data substitution calculation formulaM is the average transaction amount of the total transaction number, the average transaction amount and the transaction amount data are brought into a calculation formula CZ ═ Ji-M |, wherein CZ represents the difference between the transaction amount of each time and the average transaction amount, the adjacent transaction amount data of no two times are calculated, and the adjacent transaction difference XLL ═ J is obtainedi-Ji-1,l=1,2,3......j;
Step three: transaction time data is obtained and brought into the calculation formula JGl ═ Si-Si-1J, where JGl is expressed as the time difference between two adjacent transaction times;
step four: obtaining communication time data and communication times data, and bringing them into calculation formulaWherein PTi is expressed as average communication time, and the age data of the communication object is substituted into the calculation formulaWherein PDi is expressed as the average age of the communication objects;
step five: acquiring communication content data Ni, marking character data in the communication content data Ni as Wo, o 1,2,31、K2、K3......KxX is 1,2,3.. d, the set multiple groups of character strings are composed of two or more characters or numbers, the set multiple groups of character strings are compared with the communication content to obtain the number of times of the character strings appearing in the communication content, the number of times of the character strings appearing in the communication content is calibrated to be CK, and V is calculated according to the number of times of the character strings appearing and the total number of the character strings to obtain V is CK/x, wherein V is expressed as the appearance ratio between the number of times of the character strings appearing in the communication content and the multiple groups of character strings;
step six: the average age, the appearance ratio, the difference value of adjacent transactions, the average communication time, the time difference value and the difference value of the average transaction amount of the communication objects are transmitted to a judging module through a processor;
the judging module is used for carrying out safety judgment operation on the average age, the appearance ratio, the adjacent transaction difference value, the average communication time, the time difference value and the average transaction amount difference value of the communication objects, and the specific operation process of the safety judgment operation is as follows:
e1: acquiring a difference value of transaction amount and an adjacent transaction difference value, setting a relative difference value range Q, and comparing the relative difference value range Q with the difference value of the transaction amount and the adjacent transaction difference value, wherein the specific steps are as follows:
r1: when XLL is larger than Q and CZ is larger than Q, the transaction amount is judged to be unstable in floating, and a transaction unstable signal is generated;
r2: when XLL is larger than Q, CZ is smaller than or equal to Q, or XLL is smaller than or equal to Q, and CZ is larger than Q, judging the transaction amount floating rule, and generating a transaction rule signal;
r3: when XLL is less than or equal to Q and CZ is less than or equal to Q, determining that the transaction amount is stable in floating, and generating a transaction stable signal;
e2: setting a time preset value range G, and comparing the time preset value range G with a time difference value, wherein the specific steps are as follows: when JGl is larger than G, the user transaction interval time is judged to be longer, a transaction missing signal is generated, when JGl belongs to G, the user transaction interval time is judged to be general, a transaction normal signal is generated, when JGl is smaller than G, the user transaction interval time is judged to be frequent, and a transaction frequent signal is generated;
e3: setting a communication preset value range q, and comparing the communication preset value range q with the average communication time, specifically: when PTi is larger than q, judging that the communication interval time of the user is longer, generating a communication lack signal, when PTi belongs to q, judging that the communication interval time of the user is general, generating a communication normal signal, and when PTi is smaller than q, judging that the communication interval time of the user is frequent, generating a communication frequent signal;
e4: setting a ratio preset value range H, and comparing the ratio with the appearance ratio, wherein the specific steps are as follows: when V is larger than H, the communication content is judged to be sensitive, a content danger signal is generated, when V belongs to H, the communication content is judged to be dangerous, a content alarm signal is generated, when V is smaller than H, the communication content is judged to be normal, and a content safety signal is generated;
e5: setting a range F of preset age values, and comparing the range F with the average age of the communication objects, wherein the range F specifically comprises the following steps: when PDi is larger than F, judging that the age of the communication object is bigger, and generating an old age signal, when PDi belongs to F, judging that the age of the communication object is moderate, and generating a middle age signal, when PDi is smaller than F, judging that the age of the communication object is smaller, and generating a young age signal;
e6: acquiring the transaction unstable signal, the transaction regular signal, the transaction stable signal, the transaction missing signal, the transaction normal signal, the transaction frequent signal, the communication lack signal, the communication normal signal, the communication frequent signal, the content dangerous signal, the content alarm signal, the content safety signal, the old signal, the middle-aged signal and the young signal in the E1-E5, and performing grade judgment according to the signals, specifically:
ER 1: when a transaction unstable signal, a transaction missing signal, a communication missing signal, a content safety signal and a youth signal occur, judging the safety of the data information and generating an allowable signal;
ER 2: when a transaction rule signal, a transaction normal signal, a communication normal signal, a content alarm signal and a middle-aged signal appear, judging that potential safety hazards exist in the data information, and generating a warning signal;
ER 3: when any three or more than three of a transaction stable signal, a transaction frequent signal, a communication frequent signal, a content dangerous signal and an old signal appear simultaneously, judging that dangerous information appears in the data information, and generating an alarm signal;
e7: acquiring an allowance signal, a warning signal and an alarm signal, and respectively transmitting the allowance signal, the warning signal and the alarm signal to an alarm unit and an interception unit;
the alarm unit sends a signal prompt to the intelligent equipment after receiving the warning signal and the alarm signal, and the intelligent equipment is used for prompting a user;
the intercepting unit is used for converting the warning signal and the alarm signal into a warning command and an alarm command successfully and intercepting the data information according to the warning command and the alarm command;
and the alarm unit and the interception unit do not operate the data information when receiving the permission signal.
When the invention works, the acquisition module is used for acquiring data information and sending the data information to the network analysis module, the network analysis module is used for analyzing transaction amount data, transaction time data, transaction object data, transaction frequency data, communication time data, communication frequency data, communication content data and communication object age data to obtain the average age, appearance ratio, adjacent transaction difference, average communication time, time difference and difference of average transaction amount of the communication object and transmitting the average age, appearance ratio, adjacent transaction difference, average communication time, time difference and difference of average transaction amount to the judgment module by the processor, the judgment module is used for carrying out safety judgment operation on the average age, appearance ratio, adjacent transaction difference, average communication time, time difference and difference of average transaction amount of the communication object, and the data information is sent to the network analysis module through transaction unstable signals, transaction missing signals, communication lack signals, content safety signals and youth signals, judging the occurrence of the safety of the data information, judging the occurrence of potential safety hazard of the data information when any three or more of a transaction rule signal, a transaction normal signal, a communication normal signal, a content alarm signal and a middle-aged signal occur simultaneously, and judging the occurrence of the safety hazard of the data information when any three or more of a transaction stable signal, a transaction frequent signal, a communication frequent signal, a content danger signal and an old signal occur simultaneously, generating an allowance signal, an alarm signal and transmitting the allowance signal, the alarm unit sends a signal prompt to the intelligent equipment after receiving the alarm signal and the alarm signal, the interception unit is used for converting the alarm signal and the alarm signal into a successful alarm command and an alarm command and intercepting the data information according to the successful alarm command, and when the allowance signal is received by the alarm unit and the interception unit, no operation is performed on the data information.
The method comprises the steps of obtaining transaction amount data, transaction time data, transaction object data, transaction frequency data, communication time data, communication frequency data, communication content data and communication object age data, and sequentially marking the data as Ji, Si, JDi, Ci, Ti, Xi, Ni and Di, wherein i is 1,2,3.. n; transaction amount data and transactionFormula for substituting time data into calculationM is the average transaction amount of the total transaction number, the average transaction amount and the transaction amount data are brought into a calculation formula CZ ═ Ji-M |, wherein CZ represents the difference between the transaction amount of each time and the average transaction amount, the adjacent transaction amount data of no two times are calculated, and the adjacent transaction difference XLL ═ J is obtainedi-Ji-1J ═ 1,2,3.. j; transaction time data is obtained and brought into the calculation formula JGl ═ Si-Si-1J, where JGl is expressed as the time difference between two adjacent transaction times; obtaining communication time data and communication times data, and bringing them into calculation formulaWherein PTi is expressed as average communication time, and the age data of the communication object is substituted into the calculation formulaWherein PDi is expressed as the average age of the communication objects; acquiring communication content data Ni, marking character data in the communication content data Ni as Wo, o 1,2,31、K2、K3......KxAnd x is 1,2,3.. d, the set multiple groups of character strings are composed of two or more characters or numbers, the set multiple groups of character strings are compared with the communication content to obtain the number of times of the character strings appearing in the communication content, the number of times of the character strings appearing in the communication content is calibrated to be CK, V is calculated according to the number of times of the character strings appearing and the total number of the character strings to obtain V is CK/x, wherein V is represented by the ratio of the number of times of the character strings appearing in the communication content to the number of times of the character strings appearing among the multiple groups of character strings, and therefore the difference of the average age, the appearance ratio, the adjacent transaction difference, the average communication time, the time difference and the average transaction amount of the communication object is obtained.
The foregoing is merely exemplary and illustrative of the present invention and various modifications, additions and substitutions may be made by those skilled in the art to the specific embodiments described without departing from the scope of the invention as defined in the following claims.
Claims (2)
1. A network safety system based on cloud computing and artificial intelligence is characterized by comprising a data acquisition module, a network analysis module, a processor, an interception unit, a judgment module, an alarm unit and intelligent equipment;
the system comprises an acquisition module, a network analysis module and a network processing module, wherein the acquisition module is used for acquiring data information, the data information comprises transaction information and communication information, the transaction information comprises transaction amount data, transaction time data, transaction object data and transaction frequency data, the transaction frequency data refers to the total transaction frequency within a period of time, the communication information comprises communication time data, communication frequency data, communication content data and communication object age data, the communication frequency data refers to the number of people who communicate with the acquisition module within a period of time, the communication time data represents the time of contact between a user A and a user B, and the communication content data represents the content of short messages and sends the content to the network analysis module;
the network analysis module is used for analyzing transaction amount data, transaction time data, transaction object data, transaction frequency data, communication time data, communication frequency data, communication content data and communication object age data, and the specific operation process of the analysis operation is as follows:
the method comprises the following steps: acquiring transaction amount data, transaction time data, transaction object data, transaction frequency data, communication time data, communication frequency data, communication content data and communication object age data, and sequentially marking the data as Ji, Si, JDi, Ci, Ti, Xi, Ni and Di, wherein i is 1,2,3.... n;
step two: substituting transaction amount data and transaction frequency data into calculation formulaWherein M is the total number of transactionsThe average transaction amount and the transaction amount data are brought into a calculation formula CZ ═ Ji-M |, wherein CZ represents the difference between the transaction amount of each time and the average transaction amount, the adjacent transaction amount data of each time are calculated to obtain the adjacent transaction difference XLL ═ Ji-Ji-1,l=1,2,3......j;
Step three: transaction time data is obtained and brought into the calculation formula JGl ═ Si-Si-1J, where JGl is expressed as the time difference between two adjacent transaction times;
step four: obtaining communication time data and communication times data, and bringing them into calculation formulaWherein PTi is expressed as average communication time, and the age data of the communication object is substituted into the calculation formulaWherein PDi is expressed as the average age of the communication objects;
step five: acquiring communication content data Ni, marking character data in the communication content data Ni as Wo, o 1,2,31、K2、K3......KxX is 1,2,3.. d, the set multiple groups of character strings are composed of two or more characters or numbers, the set multiple groups of character strings are compared with the communication content to obtain the number of times of the character strings appearing in the communication content, the number of times of the character strings appearing in the communication content is calibrated to be CK, and V is calculated according to the number of times of the character strings appearing and the total number of the character strings to obtain V is CK/x, wherein V is expressed as the appearance ratio between the number of times of the character strings appearing in the communication content and the multiple groups of character strings;
step six: the average age, the appearance ratio, the difference value of adjacent transactions, the average communication time, the time difference value and the difference value of the average transaction amount of the communication objects are transmitted to a judging module through a processor;
the judging module is used for carrying out safety judgment operation on the average age, the appearance ratio, the adjacent transaction difference value, the average communication time, the time difference value and the average transaction amount difference value of the communication objects, and the specific operation process of the safety judgment operation is as follows:
e1: acquiring a difference value of transaction amount and an adjacent transaction difference value, setting a relative difference value range Q, and comparing the relative difference value range Q with the difference value of the transaction amount and the adjacent transaction difference value, wherein the specific steps are as follows:
r1: when XLL is larger than Q and CZ is larger than Q, the transaction amount is judged to be unstable in floating, and a transaction unstable signal is generated;
r2: when XLL is larger than Q, CZ is smaller than or equal to Q, or XLL is smaller than or equal to Q, and CZ is larger than Q, judging the transaction amount floating rule, and generating a transaction rule signal;
r3: when XLL is less than or equal to Q and CZ is less than or equal to Q, determining that the transaction amount is stable in floating, and generating a transaction stable signal;
e2: setting a time preset value range G, and comparing the time preset value range G with a time difference value, wherein the specific steps are as follows: when JGl is larger than G, the user transaction interval time is judged to be longer, a transaction missing signal is generated, when JGl belongs to G, the user transaction interval time is judged to be general, a transaction normal signal is generated, when JGl is smaller than G, the user transaction interval time is judged to be frequent, and a transaction frequent signal is generated;
e3: setting a communication preset value range q, and comparing the communication preset value range q with the average communication time, specifically: when PTi is larger than q, judging that the communication interval time of the user is longer, generating a communication lack signal, when PTi belongs to q, judging that the communication interval time of the user is general, generating a communication normal signal, and when PTi is smaller than q, judging that the communication interval time of the user is frequent, generating a communication frequent signal;
e4: setting a ratio preset value range H, and comparing the ratio with the appearance ratio, wherein the specific steps are as follows: when V is larger than H, the communication content is judged to be sensitive, a content danger signal is generated, when V belongs to H, the communication content is judged to be dangerous, a content alarm signal is generated, when V is smaller than H, the communication content is judged to be normal, and a content safety signal is generated;
e5: setting a range F of preset age values, and comparing the range F with the average age of the communication objects, wherein the range F specifically comprises the following steps: when PDi is larger than F, judging that the age of the communication object is bigger, and generating an old age signal, when PDi belongs to F, judging that the age of the communication object is moderate, and generating a middle age signal, when PDi is smaller than F, judging that the age of the communication object is smaller, and generating a young age signal;
e6: acquiring the transaction unstable signal, the transaction regular signal, the transaction stable signal, the transaction missing signal, the transaction normal signal, the transaction frequent signal, the communication lack signal, the communication normal signal, the communication frequent signal, the content dangerous signal, the content alarm signal, the content safety signal, the old signal, the middle-aged signal and the young signal in the E1-E5, and performing grade judgment according to the signals, specifically:
ER 1: when a transaction unstable signal, a transaction missing signal, a communication missing signal, a content safety signal and a youth signal occur, judging the safety of the data information and generating an allowable signal;
ER 2: when a transaction rule signal, a transaction normal signal, a communication normal signal, a content alarm signal and a middle-aged signal appear, judging that potential safety hazards exist in the data information, and generating a warning signal;
ER 3: when any three or more than three of a transaction stable signal, a transaction frequent signal, a communication frequent signal, a content dangerous signal and an old signal appear simultaneously, judging that dangerous information appears in the data information, and generating an alarm signal;
e7: acquiring an allowance signal, a warning signal and an alarm signal, and respectively transmitting the allowance signal, the warning signal and the alarm signal to an alarm unit and an interception unit;
the alarm unit sends a signal prompt to the intelligent equipment after receiving the warning signal and the alarm signal, and the intelligent equipment is used for prompting a user;
the intercepting unit is used for converting the warning signal and the alarm signal into a warning command and an alarm command successfully and intercepting the data information according to the warning command and the alarm command;
and the alarm unit and the interception unit do not operate the data information when receiving the permission signal.
2. The cloud computing and artificial intelligence based network security system of claim 1, wherein the intelligent device is a tablet computer.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911108612.1A CN110881035B (en) | 2019-11-13 | 2019-11-13 | Network security system based on cloud computing and artificial intelligence |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911108612.1A CN110881035B (en) | 2019-11-13 | 2019-11-13 | Network security system based on cloud computing and artificial intelligence |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110881035A CN110881035A (en) | 2020-03-13 |
CN110881035B true CN110881035B (en) | 2020-12-08 |
Family
ID=69729408
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911108612.1A Active CN110881035B (en) | 2019-11-13 | 2019-11-13 | Network security system based on cloud computing and artificial intelligence |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110881035B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111754002B (en) * | 2020-06-05 | 2024-06-11 | 赣州靖扬科技有限公司 | Electric power communication management system for business office building |
CN111770108A (en) * | 2020-07-09 | 2020-10-13 | 海南科技职业大学 | Network safety system based on artificial intelligence |
CN113194080A (en) * | 2021-04-25 | 2021-07-30 | 江苏欣业大数据科技有限公司 | Network security system based on cloud computing and artificial intelligence |
CN114612108B (en) * | 2022-03-22 | 2023-05-23 | 湖南三湘银行股份有限公司 | Public payment safety protection system based on artificial intelligence |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2478554A (en) * | 2010-03-09 | 2011-09-14 | Roke Manor Research | A digital forensic evidence data capture tool for a cloud computing system |
CN106446021B (en) * | 2013-06-24 | 2019-08-02 | 北京奇虎科技有限公司 | A kind of method and system of anomaly data detection processing |
CN103532927A (en) * | 2013-07-30 | 2014-01-22 | 北京中科金财科技股份有限公司 | Financial cloud safety service platform based on mobile terminal and data protection method |
CN109034817A (en) * | 2018-06-11 | 2018-12-18 | 安徽博森互联网科技有限公司 | It is a kind of based on artificial intelligence to public safety of payment guard system |
CN109858947B (en) * | 2018-12-25 | 2021-04-06 | 清华大学 | Retail user value analysis system and method |
CN110059955A (en) * | 2019-04-17 | 2019-07-26 | 灏ゆ捣 | A kind of AI customer account management tracking marketing system |
-
2019
- 2019-11-13 CN CN201911108612.1A patent/CN110881035B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN110881035A (en) | 2020-03-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110881035B (en) | Network security system based on cloud computing and artificial intelligence | |
Khan et al. | An improved convolutional neural network model for intrusion detection in networks | |
Lavrova | An approach to developing the SIEM system for the Internet of Things | |
CN104901971B (en) | The method and apparatus that safety analysis is carried out to network behavior | |
CN112995161B (en) | Network security situation prediction system based on artificial intelligence | |
CN105491055B (en) | A kind of network host accident detection method based on mobile agent | |
CN114021168B (en) | Subway foundation pit excavation risk identification method and device based on federal learning | |
CN111654496B (en) | Safety monitoring and protection system for industrial internet platform system | |
CN208128283U (en) | Information security of computer network monitor system | |
Mugunthan | Decision tree based interference recognition for fog enabled IOT architecture | |
CN103023927A (en) | Method and system for intrusion detection based on non-negative matrix factorization under sparse representation | |
CN108712433A (en) | A kind of network security detection method and system | |
CN117272386B (en) | Internet big data information security encryption method, device, equipment and system | |
CN105827611B (en) | A kind of distributed denial of service network attack detecting method and system based on fuzzy reasoning | |
CN108171054A (en) | The detection method and system of a kind of malicious code for social deception | |
CN113194080A (en) | Network security system based on cloud computing and artificial intelligence | |
WO2019063617A1 (en) | Improved computing device | |
CN109995722A (en) | Magnanimity detection data analysis system towards APT protection | |
CN113902052A (en) | Distributed denial of service attack network anomaly detection method based on AE-SVM model | |
Aveta et al. | Multi-user FSO communication link | |
CN107569246A (en) | A kind of embedded controller's fatigue risk measurement apparatus and its method | |
CN103825875A (en) | Virtual machine detection method for vaccine inoculation strategy | |
CN114172715B (en) | Industrial control intrusion detection system and method based on secure multiparty calculation | |
CN110147659A (en) | Noninductive verification method based on machine learning | |
CN112688911B (en) | Network intrusion detection system based on PCA + ADASYN and Xgboost |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |