CN111092861A - Communication network safety prediction system - Google Patents

Communication network safety prediction system Download PDF

Info

Publication number
CN111092861A
CN111092861A CN201911190080.0A CN201911190080A CN111092861A CN 111092861 A CN111092861 A CN 111092861A CN 201911190080 A CN201911190080 A CN 201911190080A CN 111092861 A CN111092861 A CN 111092861A
Authority
CN
China
Prior art keywords
network
data
network data
module
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201911190080.0A
Other languages
Chinese (zh)
Inventor
苏和平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui Jizhao Information Technology Co Ltd
Original Assignee
Anhui Jizhao Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui Jizhao Information Technology Co Ltd filed Critical Anhui Jizhao Information Technology Co Ltd
Priority to CN201911190080.0A priority Critical patent/CN111092861A/en
Publication of CN111092861A publication Critical patent/CN111092861A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/147Network analysis or design for predicting network behaviour

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a communication network security prediction system, which comprises a network information extraction module, a data preprocessing module, a data comparison and analysis module, a network database, a network security posture evaluation module, a screening processing module and a display terminal, wherein the network information extraction module is used for extracting network information; the network information extraction module is connected with the data preprocessing module, the data preprocessing module is connected with the data comparison and analysis module, the network security posture evaluation module is respectively connected with the data comparison and analysis module, the screening processing module, the network database and the display terminal, and the network database is connected with the data comparison and analysis module. The invention can accurately evaluate the security level of the communication network by detecting the network data and carrying out data analysis, extraction and other processing on the detected network data to obtain the security level evaluation coefficients between the network data and each network level, thereby accurately predicting the security of the communication network and providing reliable data support for the management of the later communication network.

Description

Communication network safety prediction system
Technical Field
The invention belongs to the technical field of network data security, and relates to a communication network security prediction system.
Background
The existing network security situation prediction model mainly relies on a Hadoop frame, combines a prediction algorithm and mainly aims at performing security situation prediction on a medium and small-scale network, and most of selected data sources are various log records. The data of the method has the defects of non-real-time property, low prediction precision, low convergence degree and the like, so that the obtained result is not ideal as expected. The existing power communication network has the characteristics of large data volume, high real-time requirement and the like, and the existing power communication network is not enough to meet the requirement of power network safety only by relying on the original single network safety protection technologies such as firewall, intrusion detection, virus prevention and the like.
Aiming at the problems that the significance of a processing result is not large and the prediction precision and the prediction efficiency are low due to the defects that data are non-real-time, the processing speed is low and the like of a network security situation model based on a Hadoop framework in the research of the existing network security situation prediction model framework, a communication network security prediction system is designed.
Disclosure of Invention
The invention aims to provide a communication network safety prediction system, which solves the problems of low prediction precision and low prediction efficiency of a communication network in the prior art.
The purpose of the invention can be realized by the following technical scheme:
a communication network security prediction system comprises a network information extraction module, a data preprocessing module, a data comparison and analysis module, a network database, a network security posture evaluation module, a screening processing module and a display terminal;
the network information extraction module is connected with the data preprocessing module, the data preprocessing module is connected with the data comparison and analysis module, the network security posture evaluation module is respectively connected with the data comparison and analysis module, the screening processing module, the network database and the display terminal, and the network database is connected with the data comparison and analysis module;
the network information extraction module is used for extracting network data at each position and sending the extracted network data to the data preprocessing module;
the data preprocessing module is used for receiving the network data sent by the network information extraction module, cleaning the received network data and sending the cleaned network data to the data comparison and analysis module;
the data comparison and analysis module is used for receiving the cleaned network data sent by the data preprocessing module, dividing the received cleaned network data into different network data grades, comparing each network data under each network data grade with the network data corresponding to each network data grade in the network database one by one, and sending the comparison condition of each network data under each network data grade and the network data under each network data grade in the network database to the network security posture evaluation module;
the network database is used for storing information of each network data under each network data grade and the weight corresponding to each network data under each network data grade;
the network security posture evaluation module is used for receiving the comparison condition of each network data under each network data grade and the network data under each network data grade in the network database, which are sent by the data comparison and analysis module, extracting the weight corresponding to each network data under each network data grade in the network database, counting the comparison condition of the network data and the weight corresponding to each network data under each network grade to obtain the security grade evaluation coefficient between the network data and each network grade, and respectively sending the network data and the security grade evaluation coefficient between each network grade to the screening processing module and the display terminal.
The screening processing module is used for receiving the network data sent by the network security posture evaluation module and the security level evaluation coefficients of all network levels, screening out the network level corresponding to the security level evaluation coefficient with the maximum security level evaluation coefficient of all network levels, and sending the network level corresponding to the security level evaluation coefficient with the maximum screened security level evaluation coefficient to the display terminal;
the display terminal is used for receiving the network data sent by the network security posture evaluation module and the security level evaluation coefficient between each network level, receiving the network level corresponding to the security level evaluation coefficient with the maximum security level evaluation coefficient sent by the screening processing module, and displaying the network data, the security level evaluation coefficient between each network level and the corresponding network level.
Further, when each network data under the network data level is the same as the network data under one of the network data levels in the network database, the contrast value of the network data is 1, and if not, the contrast value of the network data is 0.
Further, the network levels include a level 1, a level 2, ai1,gi2,...,gij,...,gim, and
Figure BDA0002293352180000031
further, the safety level evaluation coefficient is calculated by the formula
Figure BDA0002293352180000032
Wherein, deltaiExpressed as a security level evaluation coefficient at the ith network level, aij is the comparison between the jth network data and the network data in the ith network data level, deltaiEqual to 1 or 0, gij is expressed as a weight coefficient of jth network data at the ith network level.
The invention has the beneficial effects that:
according to the communication network safety prediction system provided by the invention, the network data is detected, and the detected network data is subjected to data analysis, extraction and other processing to obtain the safety level evaluation coefficients between the network data and each network level, so that the communication network safety level can be accurately evaluated, the communication network safety can be accurately predicted, the prediction precision and the prediction efficiency are improved, and reliable data support is provided for the management of a later communication network.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic diagram of a communication network security prediction system according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, a communication network security prediction system includes a network information extraction module, a data preprocessing module, a data comparison and analysis module, a network database, a network security posture evaluation module, a screening processing module, and a display terminal;
the network information extraction module is connected with the data preprocessing module, the data preprocessing module is connected with the data comparison and analysis module, the network security posture evaluation module is respectively connected with the data comparison and analysis module, the screening processing module, the network database and the display terminal, and the network database is connected with the data comparison and analysis module.
The network information extraction module is used for extracting the network data at each position and sending the extracted network data to the data preprocessing module;
the data preprocessing module is used for receiving the network data sent by the network information extraction module, cleaning the received network data to provide interference data in the network data, and comparing and analyzing the cleaned network data sending data;
the data comparison and analysis module is used for receiving the cleaned network data sent by the data preprocessing module, dividing the received cleaned network data into different network data grades, comparing each network data under each network data grade with the network data corresponding to each network data grade in the network database one by one, if the network data under each network data grade is the same as the network data under one network data grade in the network database, the contrast value of the network data is 1, if not, the contrast value of the network data is 0, and sending the contrast condition of each network data under each network data grade and the network data under each network data grade in the network database to the network security posture evaluation module, wherein the network security performance corresponding to different network data grades is different, the higher the network data grade is, the better the required network data security performance is;
the network database is used for storing network data information under each network data level and a weight corresponding to each network data under each network data level, wherein each network level comprises a level 1, a level 2, ai1,gi2,...,gij,...,gim, and
Figure BDA0002293352180000051
the network security posture evaluation module is used for receiving the comparison condition of each network data under each network data grade and the network data under each network data grade in the network database sent by the data comparison analysis module, extracting the weight corresponding to each network data under each network data grade in the network database, counting the comparison condition of the network data and the weight corresponding to each network data under each network grade to obtain the security grade evaluation coefficient between the network data and each network grade, and the calculation formula is
Figure BDA0002293352180000052
Wherein, deltaiExpressed as a security level evaluation coefficient at the ith network level, aij is the comparison between the jth network data and the network data in the ith network data level, deltaiEqual to 1 or 0, gij is a weight coefficient of jth network data under the ith network level, and the network security posture evaluation module sends the network data and the security level evaluation coefficients between the network levels to the screening processing module and the display terminal respectively.
The screening processing module is used for receiving the network data sent by the network security posture evaluation module and the security level evaluation coefficients of all network levels, screening out the network level corresponding to the security level evaluation coefficient with the maximum security level evaluation coefficient of all network levels, and sending the network level corresponding to the security level evaluation coefficient with the maximum screened security level evaluation coefficient to the display terminal.
The display terminal is used for receiving the network data sent by the network security posture evaluation module and the security level evaluation coefficient between each network level, receiving the network level corresponding to the security level evaluation coefficient with the maximum security level evaluation coefficient sent by the screening processing module, and displaying the network data, the security level evaluation coefficient between each network level and the corresponding network level.
The foregoing is merely exemplary and illustrative of the principles of the present invention and various modifications, additions and substitutions of the specific embodiments described herein may be made by those skilled in the art without departing from the principles of the present invention or exceeding the scope of the claims set forth herein.

Claims (4)

1. A communication network security prediction system characterized by: the system comprises a network information extraction module, a data preprocessing module, a data comparison and analysis module, a network database, a network security posture evaluation module, a screening processing module and a display terminal;
the network information extraction module is connected with the data preprocessing module, the data preprocessing module is connected with the data comparison and analysis module, the network security posture evaluation module is respectively connected with the data comparison and analysis module, the screening processing module, the network database and the display terminal, and the network database is connected with the data comparison and analysis module;
the network information extraction module is used for extracting network data at each position and sending the extracted network data to the data preprocessing module;
the data preprocessing module is used for receiving the network data sent by the network information extraction module, cleaning the received network data and sending the cleaned network data to the data comparison and analysis module;
the data comparison and analysis module is used for receiving the cleaned network data sent by the data preprocessing module, dividing the received cleaned network data into different network data grades, comparing each network data under each network data grade with the network data corresponding to each network data grade in the network database one by one, and sending the comparison condition of each network data under each network data grade and the network data under each network data grade in the network database to the network security posture evaluation module;
the network database is used for storing information of each network data under each network data grade and the weight corresponding to each network data under each network data grade;
the network security posture evaluation module is used for receiving the comparison condition of each network data under each network data grade and the network data under each network data grade in the network database, which are sent by the data comparison and analysis module, extracting the weight corresponding to each network data under each network data grade in the network database, counting the comparison condition of the network data and the weight corresponding to each network data under each network grade to obtain the security grade evaluation coefficient between the network data and each network grade, and respectively sending the network data and the security grade evaluation coefficient between each network grade to the screening processing module and the display terminal.
The screening processing module is used for receiving the network data sent by the network security posture evaluation module and the security level evaluation coefficients of all network levels, screening out the network level corresponding to the security level evaluation coefficient with the maximum security level evaluation coefficient of all network levels, and sending the network level corresponding to the security level evaluation coefficient with the maximum screened security level evaluation coefficient to the display terminal;
the display terminal is used for receiving the network data sent by the network security posture evaluation module and the security level evaluation coefficient between each network level, receiving the network level corresponding to the security level evaluation coefficient with the maximum security level evaluation coefficient sent by the screening processing module, and displaying the network data, the security level evaluation coefficient between each network level and the corresponding network level.
2. The system of claim 1, wherein: when each network data under the network data level is the same as the network data under one network data level in the network database, the contrast value of the network data is 1, and if not, the contrast value of the network data is 0.
3. The system of claim 1, wherein: the network levels comprise 1 level, 2 levels, ai1,gi2,...,gij,...,gim, and
Figure FDA0002293352170000021
4. the system of claim 1, wherein: the safety level evaluation coefficient is calculated by the formula
Figure FDA0002293352170000022
Wherein, deltaiExpressed as a security level evaluation coefficient at the ith network level, aij is the comparison between the jth network data and the network data in the ith network data level, deltaiEqual to 1 or 0, gij is expressed as a weight coefficient of jth network data at the ith network level.
CN201911190080.0A 2019-11-28 2019-11-28 Communication network safety prediction system Withdrawn CN111092861A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911190080.0A CN111092861A (en) 2019-11-28 2019-11-28 Communication network safety prediction system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911190080.0A CN111092861A (en) 2019-11-28 2019-11-28 Communication network safety prediction system

Publications (1)

Publication Number Publication Date
CN111092861A true CN111092861A (en) 2020-05-01

Family

ID=70393135

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911190080.0A Withdrawn CN111092861A (en) 2019-11-28 2019-11-28 Communication network safety prediction system

Country Status (1)

Country Link
CN (1) CN111092861A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114338088A (en) * 2021-12-06 2022-04-12 国网安徽省电力有限公司超高压分公司 Evaluation algorithm and evaluation system for network security level of transformer substation power monitoring system
CN115567300A (en) * 2022-09-27 2023-01-03 中国人民解放军军事科学院战略评估咨询中心 Data processing method and device for network security analysis

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114338088A (en) * 2021-12-06 2022-04-12 国网安徽省电力有限公司超高压分公司 Evaluation algorithm and evaluation system for network security level of transformer substation power monitoring system
CN115567300A (en) * 2022-09-27 2023-01-03 中国人民解放军军事科学院战略评估咨询中心 Data processing method and device for network security analysis

Similar Documents

Publication Publication Date Title
CN110909811B (en) OCSVM (online charging management system) -based power grid abnormal behavior detection and analysis method and system
CN111262722B (en) Safety monitoring method for industrial control system network
CN111935170B (en) Network abnormal flow detection method, device and equipment
CN103581186B (en) A kind of network security situational awareness method and system
CN109729090B (en) Slow denial of service attack detection method based on WEDMS clustering
Zhe et al. DoS attack detection model of smart grid based on machine learning method
CN104660464B (en) A kind of network anomaly detection method based on non-extension entropy
Efstathopoulos et al. Operational data based intrusion detection system for smart grid
CN106295349A (en) Risk Identification Method, identification device and the anti-Ore-controlling Role that account is stolen
CN111669375A (en) Online safety situation assessment method and system for power industrial control terminal
CN111092861A (en) Communication network safety prediction system
CN115733762A (en) Monitoring system with big data analysis capability
CN117439916A (en) Network security test evaluation system and method
CN118041581A (en) Network security situation prediction method and system based on artificial intelligence
CN115348080A (en) Network equipment vulnerability comprehensive analysis system and method based on big data
CN116866012A (en) Network risk monitoring method and system for electric power facility management platform
CN117749409A (en) Large-scale network security event analysis system
CN112491849A (en) Power terminal vulnerability attack protection method based on flow characteristics
CN112272176A (en) Network security protection method and system based on big data platform
CN105634781B (en) Multi-fault data decoupling method and device
CN118353667A (en) Network security early warning method and system based on deep learning
Khoshgoftaar et al. Intrusion detection in wireless networks using clustering techniques with expert analysis
CN114189350A (en) LightGBM-based train communication network intrusion detection method
CN117692216A (en) Abnormal login behavior management method and device, storage medium and electronic equipment
CN116488843A (en) User behavior anomaly detection system and method based on cluster analysis

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20200501

WW01 Invention patent application withdrawn after publication