CN111147521B - Enterprise private network security event management system - Google Patents
Enterprise private network security event management system Download PDFInfo
- Publication number
- CN111147521B CN111147521B CN202010002982.3A CN202010002982A CN111147521B CN 111147521 B CN111147521 B CN 111147521B CN 202010002982 A CN202010002982 A CN 202010002982A CN 111147521 B CN111147521 B CN 111147521B
- Authority
- CN
- China
- Prior art keywords
- module
- security
- network equipment
- safety
- terminal network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a security event management system of a special network for enterprises, which comprises: the system comprises a plurality of terminal network equipment management systems, a network security management platform and a security event library, wherein the terminal network equipment management systems are arranged in a shared mode, and the plurality of terminal network equipment management systems are all connected with the network security management platform. According to the invention, the scanning of the risk loopholes in the terminal network equipment system and the software installed on the terminal network equipment is realized through the security loophole scanning unit, the scanning of the risk loopholes on the system server, the router and the switch related to the terminal network equipment is realized at the same time, when network security monitoring and information acquisition are carried out, the network security status data connected with the terminal network equipment is acquired in time, the information acquisition of the terminal network equipment is realized at the same time, and the security scanning of the related equipment of the terminal network equipment is also realized, so that the acquired information is more comprehensive, and the comprehensive and effective network security management is realized.
Description
Technical Field
The invention relates to the technical field of network security management systems, in particular to a special network security event management system for enterprises.
Background
The computer network is an important means and way for people to know the society and obtain information through modern information technology means, network security management is the fundamental guarantee that people can safely surf the internet, surf the internet in a green way and surf the internet in a healthy way, and meanwhile, the network security management is particularly important for enterprises, effectively prevents enterprise data from being stolen, and protects the navigation for the normal development and operation of the enterprises.
The enterprise private network security incident management system is a network security management control system for enterprises, the network security incident management system used by the enterprise at present only realizes the collection of the connection network security and the state of the terminal network equipment when the security collection is carried out on each terminal network equipment, the system leak of the terminal network equipment and the correlated server, the router and the switch are lack of leak monitoring, the collected information is not comprehensive enough, the network security management can not be carried out comprehensively and effectively, the mode of carrying out security analysis processing at the same time is mostly that the information collected by the terminal network equipment is analyzed one by one, the analysis mode is single, and the accuracy and the comprehensiveness of the analysis are influenced.
Disclosure of Invention
The invention aims to solve the defects in the prior art and provides an enterprise private network security event management system.
In order to achieve the purpose, the invention adopts the following technical scheme: an enterprise private network security event management system comprising: a terminal network equipment management system, a network security management platform and a security event library;
the terminal network equipment management systems are all connected with a network security management platform, and the network security management platform is connected with a security event library;
the terminal network equipment management system comprises a safety monitoring unit and a safety control unit;
the safety monitoring unit is used for monitoring the network safety of the terminal network equipment, acquiring information and transmitting the acquired information to the network safety management platform;
the safety control unit is used for receiving a control instruction transmitted by the network safety management platform to realize safety control management on the terminal network equipment;
the network security management platform is used for receiving the security event information uploaded by the terminal network equipment management system and performing feature matching abnormity analysis on the received security event information and the security event library, and is also used for issuing a control instruction to the terminal network equipment management system;
the security event library is used for storing security event information.
As a further description of the above technical solution:
the safety monitoring unit comprises a network safety monitoring module, a network state monitoring module and a data acquisition module;
the network security monitoring module is used for monitoring network security data connected with the terminal network equipment, discovering network security events and generating corresponding monitoring logs;
the network state monitoring module is used for monitoring and collecting network condition data connected with the terminal network equipment;
the data acquisition module is used for transmitting the data acquired by the network security monitoring module and the network state monitoring module to the network security management platform.
As a further description of the above technical solution:
the security monitoring unit also comprises a security vulnerability scanning unit, the security vulnerability scanning unit is connected with the data acquisition module, and the information acquired by the security vulnerability scanning unit is transmitted to the network security management platform through the data acquisition module;
the security vulnerability scanning unit consists of a host vulnerability scanning module and a network vulnerability scanning module;
the host vulnerability scanning module is used for scanning a system of the terminal network equipment and risk vulnerabilities in software installed on the terminal network equipment and collecting host security vulnerability information;
and the network vulnerability scanning module is used for scanning risk vulnerabilities of a system server, a router and a switch which are connected with the terminal network equipment and collecting security vulnerability information.
As a further description of the above technical solution:
the safety control unit comprises a safety limiting module, an early warning limiting module and a limitation releasing module;
the safety limiting module is used for limiting the networking of the terminal network equipment after receiving a control instruction of the network safety management platform so as to disconnect the network connection of the terminal network equipment;
the early warning limiting module is used for limiting the access of the terminal network equipment after receiving a control instruction of the network security management platform, so that the terminal network equipment cannot access the enterprise confidential website;
and the limitation removing module is used for carrying out contact limitation on the terminal network equipment after receiving the control instruction of the network security management platform so as to recover the network connection of the terminal network equipment.
As a further description of the above technical solution:
the network security management platform comprises a data transmission module, a security detection analysis unit and an information display module;
the data transmission module is used for receiving the terminal network equipment safety information acquired by the safety monitoring unit;
the safety detection analysis unit is used for analyzing and processing the received terminal network equipment safety information and carrying out early warning;
the information display module is used for displaying the safety information analysis processing result of the terminal network equipment.
As a further description of the above technical solution:
the safety detection and analysis unit comprises an abnormality detection and analysis module, a data integration module, a collaborative detection and analysis module and a feature matching module;
the anomaly detection and analysis module and the data integration module are sequentially connected with each other, and the anomaly detection and analysis module and the collaborative detection and analysis module are both connected with the feature matching module, wherein the feature matching module is also connected with the security event library;
the anomaly detection and analysis module is used for analyzing various safety information of the terminal network equipment received by the data output and transmission module one by one, and comparing and analyzing the safety events stored in the safety event library through the characteristic matching module to obtain the network safety condition of the terminal network equipment;
the data integration module is used for integrating various safety information acquired by a plurality of terminal network equipment management systems to obtain total information, and then transmitting the integrated total information to the system detection and analysis module;
the collaborative detection analysis module is used for analyzing the total information after the integration processing of various safety information of the terminal network equipment management system, and comparing and analyzing the safety events stored in the safety event library through the characteristic matching module to obtain the network safety condition of the terminal network equipment.
As a further description of the above technical solution:
the network security management platform also comprises a terminal management module;
the terminal management module is used for the staff to realize the control instruction issuing to the safety control unit in the plurality of terminal network equipment management systems according to the information displayed by the display module, and then the safety control unit is used for carrying out the safety control on the terminal network equipment.
Advantageous effects
The invention provides a security event management system for an enterprise private network. The method has the following beneficial effects:
(1): the enterprise private network security incident management system scans risk vulnerabilities in a terminal network equipment system and software installed on the terminal network equipment through a security vulnerability scanning unit, simultaneously scans risk vulnerabilities of a system server, a router and a switch which are associated with the terminal network equipment, collects network security condition data connected with the terminal network equipment in time when network security monitoring and information collection are carried out, simultaneously collects information of the terminal network equipment, and also safely scans equipment associated with the terminal network equipment, so that the collected information is more comprehensive, and comprehensive and effective network security management is realized.
(2): the enterprise special network security event management system realizes one-to-one analysis and processing of various pieces of acquired terminal network equipment and feature matching analysis with the security event library, realizes collaborative analysis and processing of various pieces of acquired terminal network equipment after integration, and performs feature matching analysis with the security event library, realizes analysis and processing of network security states in two analysis modes, and improves accuracy and comprehensiveness of network security event analysis.
Drawings
Fig. 1 is a schematic diagram of an overall structure of an enterprise private network security event management system according to the present invention;
FIG. 2 is a schematic diagram of a safety monitoring unit according to the present invention;
FIG. 3 is a schematic diagram of a security vulnerability scanning unit according to the present invention;
FIG. 4 is a schematic diagram of a safety control unit of the present invention;
FIG. 5 is a diagram of a network security management platform according to the present invention;
FIG. 6 is a schematic diagram of a security detection and analysis unit according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
As shown in fig. 1-6, an enterprise private network security event management system includes: a terminal network equipment management system, a network security management platform and a security event library;
the terminal network equipment management systems are arranged in a plurality, are connected with the network security management platform, and are connected with the security event library;
the terminal network equipment management system comprises a safety monitoring unit and a safety control unit;
the safety monitoring unit is used for monitoring the network safety of the terminal network equipment, acquiring information and transmitting the acquired information to the network safety management platform;
the safety control unit is used for receiving a control instruction transmitted by the network safety management platform to realize safety control management on the terminal network equipment;
the network security management platform is used for receiving the security event information uploaded by the terminal network equipment management system and performing feature matching abnormity analysis on the received security event information and the security event library, and is also used for issuing a control instruction to the terminal network equipment management system;
the security event library is used for storing security event information.
The safety monitoring unit comprises a network safety monitoring module, a network state monitoring module and a data acquisition module;
the network security monitoring module is used for monitoring network security data connected with the terminal network equipment, discovering network security events and generating corresponding monitoring logs;
the network state monitoring module is used for monitoring and collecting network condition data connected with the terminal network equipment;
the data acquisition module is used for transmitting the data acquired by the network security monitoring module and the network state monitoring module to the network security management platform.
The security monitoring unit also comprises a security vulnerability scanning unit, the security vulnerability scanning unit is connected with the data acquisition module, and the information acquired by the security vulnerability scanning unit is transmitted to the network security management platform through the data acquisition module;
the security vulnerability scanning unit consists of a host vulnerability scanning module and a network vulnerability scanning module;
the host vulnerability scanning module is used for scanning risk vulnerabilities in a system of the terminal network equipment and software installed in the terminal network equipment and collecting host security vulnerability information;
and the network vulnerability scanning module is used for scanning risk vulnerabilities of a system server, a router and a switch which are connected with the terminal network equipment and acquiring security vulnerability information.
The method has the advantages that the scanning of the risk loopholes in the terminal network equipment system and the software installed in the terminal network equipment is realized through the host loophole scanning module and the network loophole scanning module in the security loophole scanning unit, meanwhile, the scanning of the risk loopholes of the system server, the router and the switch related to the terminal network equipment is realized, the network security monitoring module and the network state monitoring module are matched to realize the acquisition of network security status data connected with the terminal network equipment when the network security monitoring and the information acquisition are carried out, the information acquisition of the terminal network equipment is simultaneously realized, and the security scanning of the equipment related to the terminal network equipment is also realized, so that the acquired information is more comprehensive, and the comprehensive and effective network security management is realized.
The safety control unit comprises a safety limiting module, an early warning limiting module and a limitation releasing module;
the safety limiting module is used for limiting the networking of the terminal network equipment after receiving a control instruction of the network safety management platform so as to disconnect the network connection of the terminal network equipment;
the early warning limiting module is used for limiting the access of the terminal network equipment after receiving a control instruction of the network security management platform, so that the terminal network equipment cannot access the enterprise confidential website;
and the limitation removing module is used for carrying out contact limitation on the terminal network equipment after receiving the control instruction of the network security management platform so as to recover the network connection of the terminal network equipment.
The safety limiting module, the early warning limiting module and the limitation releasing module are used for realizing various safety limiting management on the terminal network equipment, and the terminal network equipment can be subjected to networking limitation, access limitation and connection recovery according to actual needs, so that the flexibility of management operation on the terminal network equipment is improved.
The network security management platform comprises a data transmission module, a security detection and analysis unit and an information display module;
the data transmission module is used for receiving the terminal network equipment safety information acquired by the safety monitoring unit;
the safety detection analysis unit is used for analyzing and processing the received safety information of the terminal network equipment and carrying out early warning;
the information display module is used for displaying the safety information analysis processing result of the terminal network equipment.
The safety detection and analysis unit comprises an abnormality detection and analysis module, a data integration module, a collaborative detection and analysis module and a feature matching module;
the abnormality detection and analysis module and the data integration module are connected in sequence, and the abnormality detection and analysis module and the collaborative detection and analysis module are both connected with the feature matching module, wherein the feature matching module is also connected with the security event library;
the abnormal detection analysis module is used for analyzing various safety information of the terminal network equipment received by the data output transmission module one by one, and comparing and analyzing the safety events stored in the safety event library through the characteristic matching module to obtain the network safety condition of the terminal network equipment;
the data integration module is used for integrating various safety information acquired by the terminal network equipment management systems to obtain total information, and then transmitting the integrated total information to the system detection and analysis module;
the collaborative detection analysis module is used for analyzing the total information after the integration processing of various safety information of the terminal network equipment management system, and comparing and analyzing the safety events stored in the safety event library through the characteristic matching module to obtain the network safety condition of the terminal network equipment.
The abnormity detection and analysis module is used for analyzing and processing all information of the acquired terminal network equipment one by one and performing characteristic matching analysis with the security event library, the cooperation detection and analysis module is used for realizing the cooperation of analysis and processing after integrating all information of the acquired terminal network equipment and performing characteristic matching analysis with the security event library, so that two analysis modes are matched to analyze and process the network security state, and the accuracy and the comprehensiveness of network security event analysis are improved.
The network security management platform also comprises a terminal management module;
the terminal management module is used for the staff to realize the control instruction to the safety control unit in the management system of a plurality of terminal network devices according to the information displayed by the display module, and then the safety control unit is used for carrying out safety control on the terminal network devices.
In the description herein, references to the description of "one embodiment," "an example," "a specific example" or the like are intended to mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art should be considered as the technical solutions and the inventive concepts of the present invention within the technical scope of the present invention.
Claims (4)
1. An enterprise private network security event management system, comprising: a terminal network equipment management system, a network security management platform and a security event library; the terminal network equipment management systems are all connected with a network security management platform, and the network security management platform is connected with a security event library; the terminal network equipment management system comprises a safety monitoring unit and a safety control unit; the safety monitoring unit is used for monitoring the network safety of the terminal network equipment, acquiring information and transmitting the acquired information to the network safety management platform;
the safety control unit is used for receiving a control instruction transmitted by the network safety management platform to realize safety control management on the terminal network equipment; the network security management platform is used for receiving the security event information uploaded by the terminal network equipment management system and performing feature matching abnormity analysis on the received security event information and the security event library, and is also used for issuing a control instruction to the terminal network equipment management system; the security event library is used for storing security event information; the security monitoring unit also comprises a security vulnerability scanning unit, the security vulnerability scanning unit is connected with the data acquisition module, and the information acquired by the security vulnerability scanning unit is transmitted to the network security management platform through the data acquisition module;
the security vulnerability scanning unit consists of a host vulnerability scanning module and a network vulnerability scanning module; the host vulnerability scanning module is used for scanning a system of the terminal network equipment and risk vulnerabilities in software installed on the terminal network equipment and collecting host security vulnerability information; the network vulnerability scanning module is used for scanning risk vulnerabilities of a system server, a router and a switch which are connected with the terminal network equipment and collecting security vulnerability information;
the network security management platform comprises a data transmission module, a security detection and analysis unit and an information display module; the data transmission module is used for receiving the terminal network equipment safety information acquired by the safety monitoring unit; the safety detection analysis unit is used for analyzing and processing the received terminal network equipment safety information and carrying out early warning; the information display module is used for displaying the safety information analysis processing result of the terminal network equipment;
the safety detection and analysis unit comprises an abnormality detection and analysis module, a data integration module, a collaborative detection and analysis module and a feature matching module; the abnormality detection and analysis module and the data integration module are connected in sequence, and the abnormality detection and analysis module and the collaborative detection and analysis module are both connected with the feature matching module, wherein the feature matching module is also connected with the security event library; the abnormity detection and analysis module is used for analyzing various safety information of the terminal network equipment received by the data output transmission module one by one, and comparing and analyzing the safety events stored in the safety event library through the characteristic matching module to obtain the network safety condition of the terminal network equipment; the data integration module is used for integrating various safety information collected by a plurality of terminal network equipment management systems to obtain overall information, and then transmitting the integrated overall information to the system detection and analysis module; the collaborative detection analysis module is used for analyzing the total information after the integration processing of various safety information of the terminal network equipment management system, and comparing and analyzing the safety events stored in the safety event library through the characteristic matching module to obtain the network safety condition of the terminal network equipment.
2. The system according to claim 1, wherein the security monitoring unit comprises a network security monitoring module, a network status monitoring module and a data collecting module;
the network security monitoring module is used for monitoring network security data connected with the terminal network equipment, discovering network security events and generating corresponding monitoring logs;
the network state monitoring module is used for monitoring and collecting network condition data connected with the terminal network equipment;
the data acquisition module is used for transmitting the data acquired by the network security monitoring module and the network state monitoring module to the network security management platform.
3. The enterprise-specific network security event management system of claim 1, wherein the security control unit comprises a security restriction module, an early warning restriction module, and a restriction release module;
the safety limiting module is used for limiting the networking of the terminal network equipment after receiving a control instruction of the network safety management platform so as to disconnect the network connection of the terminal network equipment;
the early warning limiting module is used for limiting the access of the terminal network equipment after receiving a control instruction of the network security management platform, so that the terminal network equipment cannot access the enterprise confidential website;
and the limitation removing module is used for carrying out contact limitation on the terminal network equipment after receiving the control instruction of the network security management platform so as to recover the network connection of the terminal network equipment.
4. The system of claim 1, wherein the network security management platform further comprises a terminal management module;
the terminal management module is used for the staff to realize the control instruction issuing to the safety control unit in the plurality of terminal network equipment management systems according to the information displayed by the display module, and then the safety control unit is used for carrying out the safety control on the terminal network equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010002982.3A CN111147521B (en) | 2020-01-02 | 2020-01-02 | Enterprise private network security event management system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010002982.3A CN111147521B (en) | 2020-01-02 | 2020-01-02 | Enterprise private network security event management system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111147521A CN111147521A (en) | 2020-05-12 |
| CN111147521B true CN111147521B (en) | 2022-10-18 |
Family
ID=70523311
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010002982.3A Active CN111147521B (en) | 2020-01-02 | 2020-01-02 | Enterprise private network security event management system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111147521B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112751927A (en) * | 2020-12-30 | 2021-05-04 | 北京中辰普安电气科技有限公司 | Network safety monitoring system applied to electric power monitoring system |
| CN113328991A (en) * | 2021-04-22 | 2021-08-31 | 慧谷人工智能研究院(南京)有限公司 | Network security test system |
| CN113987472B (en) * | 2021-09-14 | 2023-07-18 | 北京纽盾网安信息技术有限公司 | Webpage browsing security detection method, device and system |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101526962A (en) * | 2009-04-03 | 2009-09-09 | 成都市华为赛门铁克科技有限公司 | Generation method for security events of database, device and database system |
| CN101582883A (en) * | 2009-06-26 | 2009-11-18 | 西安电子科技大学 | System and method for managing security of general network |
| CN104834860A (en) * | 2015-05-09 | 2015-08-12 | 福建六壬网安股份有限公司 | Dynamic warehousing method for security events |
| CN104901838A (en) * | 2015-06-23 | 2015-09-09 | 中国电建集团成都勘测设计研究院有限公司 | Enterprise network safety event management system and method thereof |
| CN107517214A (en) * | 2017-09-05 | 2017-12-26 | 合肥丹朋科技有限公司 | System and method for providing computer network security |
| CN108494727A (en) * | 2018-02-06 | 2018-09-04 | 成都清华永新网络科技有限公司 | A kind of security incident closed-loop process method for network security management |
| CN108683549A (en) * | 2018-06-08 | 2018-10-19 | 湖北鑫英泰系统技术股份有限公司 | A kind of network security applied in electric power monitoring system monitors system |
| CN208227074U (en) * | 2018-02-09 | 2018-12-11 | 鼎信信息科技有限责任公司 | Electric power monitoring system network security monitors terminal |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11044270B2 (en) * | 2016-03-15 | 2021-06-22 | Carbon Black, Inc. | Using private threat intelligence in public cloud |
-
2020
- 2020-01-02 CN CN202010002982.3A patent/CN111147521B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101526962A (en) * | 2009-04-03 | 2009-09-09 | 成都市华为赛门铁克科技有限公司 | Generation method for security events of database, device and database system |
| CN101582883A (en) * | 2009-06-26 | 2009-11-18 | 西安电子科技大学 | System and method for managing security of general network |
| CN104834860A (en) * | 2015-05-09 | 2015-08-12 | 福建六壬网安股份有限公司 | Dynamic warehousing method for security events |
| CN104901838A (en) * | 2015-06-23 | 2015-09-09 | 中国电建集团成都勘测设计研究院有限公司 | Enterprise network safety event management system and method thereof |
| CN107517214A (en) * | 2017-09-05 | 2017-12-26 | 合肥丹朋科技有限公司 | System and method for providing computer network security |
| CN108494727A (en) * | 2018-02-06 | 2018-09-04 | 成都清华永新网络科技有限公司 | A kind of security incident closed-loop process method for network security management |
| CN208227074U (en) * | 2018-02-09 | 2018-12-11 | 鼎信信息科技有限责任公司 | Electric power monitoring system network security monitors terminal |
| CN108683549A (en) * | 2018-06-08 | 2018-10-19 | 湖北鑫英泰系统技术股份有限公司 | A kind of network security applied in electric power monitoring system monitors system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111147521A (en) | 2020-05-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111147521B (en) | Enterprise private network security event management system | |
| CN111404909B (en) | Safety detection system and method based on log analysis | |
| CN106462702B (en) | Method and system for acquiring and analyzing electronic forensic data in a distributed computer infrastructure | |
| CN108270716A (en) | A kind of audit of information security method based on cloud computing | |
| CN107483438A (en) | A kind of network security situation awareness early warning system and method based on big data | |
| CN111212035A (en) | Host computer defect confirming and automatic repairing method and system based on same | |
| US20140366139A1 (en) | Data center infrastructure management system incorporating security for managed infrastructure devices | |
| KR101444250B1 (en) | System for monitoring access to personal information and method therefor | |
| CN112039858A (en) | Block chain service security reinforcement system and method | |
| Qureshi et al. | Network Forensics: A Comprehensive Review of Tools and Techniques | |
| CN110049015B (en) | Network security situation awareness system | |
| CN114050937B (en) | Mailbox service unavailability processing method and device, electronic equipment and storage medium | |
| CN116861419B (en) | Active defending log alarming method on SSR | |
| Alotaibi et al. | A Conceptual Digital Forensic Investigation Model Applicable to the Drone Forensics Field | |
| CN112134870B (en) | Network security threat blocking method, device, equipment and storage medium | |
| CN117220917A (en) | Network real-time monitoring method based on cloud computing | |
| KR101973728B1 (en) | Integration security anomaly symptom monitoring system | |
| KR20140055103A (en) | Detection server and method for detecting abnormal sign of the same | |
| CN114756870A (en) | Multi-dimensional information security risk assessment system based on SoS system | |
| KR20010047844A (en) | A remote computer anti-virus system and process on the network | |
| Khyavi | ISMS role in the improvement of digital forensics related process in SOC's | |
| CN101995857A (en) | EHS (environmental health system) monitoring (watching) dynamic management control system | |
| Chen et al. | Dynamic forensics based on intrusion tolerance | |
| CN220874562U (en) | Police key personnel monitoring and analyzing big data device | |
| CN112925805B (en) | Big data intelligent analysis application method based on network security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |