CN111314292A - Data security inspection method based on sensitive data identification - Google Patents
Data security inspection method based on sensitive data identification Download PDFInfo
- Publication number
- CN111314292A CN111314292A CN202010042472.9A CN202010042472A CN111314292A CN 111314292 A CN111314292 A CN 111314292A CN 202010042472 A CN202010042472 A CN 202010042472A CN 111314292 A CN111314292 A CN 111314292A
- Authority
- CN
- China
- Prior art keywords
- data
- sensitive
- strategy
- event
- content
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a data security check method based on sensitive data identification, which aims to solve the problems in the existing data security check. The method comprises the following specific steps: step one, configuring a data source; step two, configuring strategy elements; step three, strategy configuration; step four, task configuration; step five, issuing a strategy; step six, task execution and content identification; step seven, event feedback; step eight, event display and query; and step nine, report statistics. The method disclosed by the invention can be used for rapidly and accurately identifying the occurrence of sensitive data in each node of the data life cycle by carrying out sensitive data identification in the processes of acquisition, storage, exchange, use, transmission, destruction and the like in the data life cycle, realizes the automatic safety inspection of the sensitive plaintext data life cycle, realizes the data asset mapping and data safety risk assessment of the whole network by referring to relevant policies, laws, regulations and standards, and has a wide application prospect.
Description
Technical Field
The invention relates to the field of data security inspection, in particular to a data security inspection method based on sensitive data identification.
Background
In recent years, with the wide application of internet and big data technology and the formal promulgation of the network security law, the network security gets high attention from all levels of governments and enterprises and public institutions. How to effectively protect personal privacy and protect organization sensitive information from being leaked has become the focus of attention of more and more security management departments and regulatory agencies. Big data security regulation is important content in the inspection and action of China in recent years, and especially the protection of citizen personal information is important to law enforcement.
Based on the supervision angle, referring to relevant laws, regulations and standards, the following problems need to be solved in the data security inspection process:
1. how can sensitive information be accurately defined, can targets such as a target intranet cloud platform, big data, a Web content server, a database, a document repository be actively scanned at high speed, and can a sensitive data distribution map be intelligently drawn?
2. How can one monitor in real time whether sensitive data within the target network is encrypted during transmission?
3. How can it be detected whether important data stored in the database, document repository are encrypted?
4. How to achieve comprehensive data asset mapping and data flow mapping.
Disclosure of Invention
An embodiment of the present invention provides a data security inspection method based on sensitive data identification, so as to solve the problems in the background art.
In order to achieve the above purpose, the embodiments of the present invention provide the following technical solutions:
a data security inspection method based on sensitive data identification specifically comprises the following steps:
step one, data source configuration: the content configuration of the data storage library for active discovery of the sensitive data can provide an overall environment for active discovery and operation of the sensitive data;
step two, strategy element configuration: setting policy elements for assisting in configuring the policy, wherein the policy elements are used for setting the policy and providing data basis for the policy setting;
step three, strategy configuration: defining a content attention rule of a content identification server;
step four, task configuration: configuring task information of active sensitive data discovery, wherein the task information comprises data sources for sensitive data scanning, strategy groups and scanning task rule configuration, and one task at least comprises data discovery rules matched with the strategies in the data sources;
step five, strategy issuing: the configured strategy is issued to a content identifier, and the content identifier works according to a content attention rule and a response mode of an illegal event specified in the strategy;
step six, task execution and content identification: the content identification is used as a core component of sensitive data identification to clean and filter data, and sensitive data are found according to preset strategy rules. The sensitive data sources were found to have three main aspects: (1) and configuring data in a data source to actively pull data in a database or a file server through an active discovery module. (2) And acquiring data in the network flow through protocol analysis and reduction. (3) Crawling data in the web site through a web crawler;
step seven, event feedback: the content recognizer analyzes the strategy content after receiving the strategy information and completely follows the strategy rules to perform event feedback, and once an event triggering the strategy rules occurs in network flow, a data storage library or a web site captured by a crawler, the content recognizer feeds the event information back to the management platform database;
step eight, event display and query: the event display shows sensitive information identified by active sensitive data discovery, network protocol analysis and crawling in a web site in detail, the system provides rich query functions for the event information, and flexible combined query can be carried out according to data sources, IP addresses, storage modes, sensitive rules, task names, file names, data directories, data classification and other modes. Event details show detailed information and sensitive data fragments of the event, and the system performs detailed report display according to the event information;
step nine, report statistics: and performing statistical report analysis on the event information, wherein the report can be displayed on a large screen and can also be exported to a pdf file form.
As a further scheme of the embodiment of the invention: the data source configuration in the first step comprises database configuration and file source configuration.
As a further scheme of the embodiment of the invention: the database configuration is connection information used for configuring a system connection database, and includes configuration information such as a database type, a database name, an IP address, a port number, a user name, a password, and the like. The file source configuration is used for configuring the connection information of the system connection file repository, and comprises information such as file source type, file directory, IP address, port number, user name and password.
As a further scheme of the embodiment of the invention: and step two, the strategy elements comprise configuration information such as industry data classification and classification, strategy groups, strategy templates and the like.
As a further scheme of the embodiment of the invention: the content in the third step comprises structured data and unstructured data, wherein the structured data comprises rule configuration elements such as table names, field names, data types, data contents, white lists and the like; the unstructured data includes configuration elements such as file name, file size, file type, file content, white list, etc. And flexible logic AND/OR and non-processing can be performed among all the elements, so that complex and accurate sensitive data definition is realized.
As a further scheme of the embodiment of the invention: and in the step eight, the event display displays the sensitive information identified by active sensitive data discovery, network protocol analysis and crawling in the web site in a list or aggregation mode in detail.
As a further scheme of the embodiment of the invention: and step nine, performing statistical report analysis on the event information according to dimensions such as data sources, data classification, rule types, event severity, data source types and data types.
The invention adopts a plurality of technologies: firstly, an intelligent classification and grading technology for structured data and unstructured data: the machine learning and natural language processing algorithm are combined, data are intelligently and quickly processed, structured and unstructured data contents are deeply identified, and intelligent processing and manual interaction are combined to realize automation and intellectualization of data classification;
second, full-network data asset mapping techniques: and supporting html, xml, pdf, rar, tar, zip, 7z, txt, xls, xlsx, msg, ppt, pptx, vsd, doc, docx, mpp, odt, odp, ods, xps, wtf and other types of file detection. Content identification in a multi-layered compressed file is supported. The method supports document nested content identification, supports header, footer and document text content identification. And performing content identification according to file characteristics, and supporting file content identification of modifying the extension name. Common database detection such as ORACLE, DB2, MYSQL, SQLSERVER, GBASE, Greenplus, HIVE, HBASE and the like is supported. Supporting file identification in file storage media such as network sharing, ftp, sftp, network disk, file server, hdfs, es and the like;
thirdly, real-time data asset circulation mapping technology: passively checking data assets in network traffic and detecting confidential information before it leaves the network (covering all network protocols and content types), enabling users to fully understand and quantify data leakage risks;
fourth, structured data fingerprinting and unstructured techniques: data is fingerprinted for continuous accurate detection, the fingerprinting process including extracting text and data, normalizing it, and then using irreversibility to provide protection for it. The method can be configured to automatically index unstructured data at regular intervals, and can also identify sensitive data in file formats other than fingerprint encryption information;
fifthly, web crawler algorithm: the method breaks through the depth priority and breadth priority algorithm of the traditional search engine, and realizes the rapid and accurate identification and circulation mapping of the sensitive content of the Internet.
The data security detection comprises the following components: data asset discovery, a sensitive data recognition engine, a sensitive data recognition rule, data classification grading, data active scanning, data circulation monitoring and website monitoring.
Compared with the prior art, the embodiment of the invention has the beneficial effects that:
the method is mainly used for solving the problem that the data safety inspection process is automatically realized by tools, sensitive data identification is carried out in the processes of acquisition, storage, exchange, use, transmission, destruction and the like in the data life cycle, the condition that sensitive data exist in each node of the data life cycle can be quickly and accurately identified, the automatic safety inspection of the sensitive plaintext data life cycle is realized, the data asset mapping and the data safety risk assessment of the whole network are realized by referring to relevant policies, laws, regulations and standards, and the use prospect is wide.
Drawings
Fig. 1 is a flow chart of a data security inspection method based on sensitive data identification.
Detailed Description
The technical solution of the present patent will be described in further detail with reference to the following embodiments.
Example 1
A data security inspection method based on sensitive data identification specifically comprises the following steps:
step one, data source configuration: the content configuration of the data storage library for active discovery of the sensitive data can provide an overall environment for active discovery and operation of the sensitive data, the data source configuration comprises database configuration and file source configuration, the database configuration is used for configuring connection information of a system connection database, and comprises configuration information such as database types, database names, IP addresses, port numbers, user names and passwords, and the current version supports database types such as ORACLE, DB2, MYSQL, SQLSERVER, GBASE, Greenplus, HIVE and HBASE. The file source configuration is used for configuring the connection information of a system connected with a file repository, and the connection information comprises information such as a file source type, a file directory, an IP address, a port number, a user name, a password and the like, and the current version supports file server types such as file sharing, an ftp server, an sftp server, a web server, an HDFS server, an elastic search server and the like;
step two, strategy element configuration: setting strategy elements for assisting in configuring the strategy, wherein the strategy elements comprise configuration information such as industry data classification and classification, strategy groups, strategy templates and the like, and the strategy elements are used for setting the strategy and providing data basis for strategy setting;
step three, strategy configuration: defining a concern rule of a content identification server to content, wherein the content comprises structured data and unstructured data, and the structured data comprises rule configuration elements such as a table name, a field name, a data type, data content and a white list; the unstructured data includes configuration elements such as file name, file size, file type, file content, white list, etc. Flexible logic AND, OR and non-processing can be carried out among all the elements, so that complex and accurate sensitive data definition is realized;
step four, task configuration: configuring task information of active sensitive data discovery, wherein the task information comprises data sources for sensitive data scanning, strategy groups and scanning task rule configuration, and one task at least comprises data discovery rules matched with the strategies in the data sources;
step five, strategy issuing: the configured strategy is issued to a content identifier, and the content identifier works according to a content attention rule and a response mode of an illegal event specified in the strategy;
step six, task execution and content identification: the content identification is used as a core component of sensitive data identification to clean and filter data, and sensitive data are found according to preset strategy rules. The sensitive data sources were found to have three main aspects: (1) and configuring data in a data source to actively pull data in a database or a file server through an active discovery module. (2) And acquiring data in the network flow through protocol analysis and reduction. (3) Crawling data in the web site through a web crawler;
step seven, event feedback: the content recognizer analyzes the strategy content after receiving the strategy information and completely follows the strategy rules to perform event feedback, and once an event triggering the strategy rules occurs in network flow, a data storage library or a web site captured by a crawler, the content recognizer feeds the event information back to the management platform database;
step eight, event display and query: the event display shows sensitive information identified by active sensitive data discovery, network protocol analysis and crawling in a web site in detail, the system provides rich query functions for the event information, and flexible combined query can be carried out according to data sources, IP addresses, storage modes, sensitive rules, task names, file names, data directories, data classification and other modes. Event details show detailed information and sensitive data fragments of the event, and the system performs detailed report display according to the event information;
step nine, report statistics: and performing statistical report analysis on the event information, wherein the report can be displayed on a large screen and can also be exported to a pdf file form. The invention can realize automatic classification and grading of data and realize data security check on life cycle nodes such as data storage, transmission, use and the like. It is checked whether sensitive data is stored, transmitted and used without de-identification. The method is applied to the intranet, sensitive information can be accurately defined according to relevant laws, regulations and standards, and targets such as a target intranet cloud platform, big data, a file sharing folder, a Web content server, a database, a document storage library and the like are scanned at a high speed so as to detect whether unidentified sensitive data and documents exist. The method can quickly scan data in the designated website page, efficiently find points with leaked citizen personal information, privacy information and sensitive data and give an alarm in time. And monitoring whether the data transmitted in the target network contains plaintext sensitive data or not in real time.
Example 2
A data security inspection method based on sensitive data identification specifically comprises the following steps:
step one, data source configuration: the content configuration of the data storage library for active discovery of the sensitive data can provide an overall environment for active discovery and operation of the sensitive data;
step two, strategy element configuration: setting policy elements for assisting in configuring the policy, wherein the policy elements are used for setting the policy and providing data basis for the policy setting;
step three, strategy configuration: defining a content attention rule of a content identification server;
step four, task configuration: configuring task information of active sensitive data discovery, wherein the task information comprises data sources for sensitive data scanning, strategy groups and scanning task rule configuration, and one task at least comprises data discovery rules matched with the strategies in the data sources;
step five, strategy issuing: the configured strategy is issued to a content identifier, and the content identifier works according to a content attention rule and a response mode of an illegal event specified in the strategy;
step six, task execution and content identification: the content identification is used as a core component of sensitive data identification to clean and filter data, and sensitive data are found according to preset strategy rules. The sensitive data sources were found to have three main aspects: (1) and configuring data in a data source to actively pull data in a database or a file server through an active discovery module. (2) And acquiring data in the network flow through protocol analysis and reduction. (3) Crawling data in the web site through a web crawler;
step seven, event feedback: the content recognizer analyzes the strategy content after receiving the strategy information and completely follows the strategy rules to perform event feedback, and once an event triggering the strategy rules occurs in network flow, a data storage library or a web site captured by a crawler, the content recognizer feeds the event information back to the management platform database;
step eight, event display and query: the event display displays the sensitive information identified by active sensitive data discovery, network protocol analysis and crawling in a web site in detail in a list or aggregation mode, the system provides rich query functions for the event information, and flexible combined query can be performed according to data sources, IP addresses, storage modes, sensitive rules, task names, file names, data directories, data classification and other modes. Event details show detailed information and sensitive data fragments of the event, and the system performs detailed report display according to the event information;
step nine, report statistics: the event information is subjected to statistical report analysis according to dimensions such as data sources, data classification, rule types, event severity, data source types and data types, the report can be displayed on a large screen, and can also be exported to a pdf file form, so that the method is suitable for different working requirements.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
Furthermore, it should be understood that although the present description refers to embodiments, not every embodiment may contain only a single embodiment, and such description is for clarity only, and those skilled in the art should integrate the description, and the embodiments may be combined as appropriate to form other embodiments understood by those skilled in the art.
Claims (8)
1. A data security inspection method based on sensitive data identification is characterized by comprising the following specific steps:
step one, data source configuration: configuring the content of a data storage library for actively discovering the sensitive data;
step two, strategy element configuration: setting a policy element used to assist in configuring a policy;
step three, strategy configuration: defining a content attention rule of a content identification server;
step four, task configuration: configuring task information of active sensitive data discovery;
step five, strategy issuing: the configured strategy is issued to a content identifier, and the content identifier works according to a content attention rule and a response mode of an illegal event specified in the strategy;
step six, task execution and content identification: the content identification is used as a core component of sensitive data identification to clean and filter data, and sensitive data are found according to a preset strategy rule;
step seven, event feedback: the content recognizer analyzes the strategy content after receiving the strategy information and completely follows the strategy rules to perform event feedback, and once an event triggering the strategy rules occurs in network flow, a data storage library or a web site captured by a crawler, the content recognizer feeds the event information back to the management platform database;
step eight, event display and query: the event display is used for displaying sensitive information identified by active sensitive data discovery, network protocol analysis and crawling in a web site in detail, the system provides a rich query function for event information, the event detail displays detailed information and sensitive data fragments of an event, and the system performs detailed report display according to the event information;
step nine, report statistics: and carrying out statistical statement analysis on the event information.
2. The method for security inspection of data based on identification of sensitive data according to claim 1, wherein the data source configuration in the first step comprises a database configuration and a file source configuration.
3. The method for data security check based on sensitive data identification as claimed in claim 2, wherein the database configuration is connection information for configuring a system connection database, and includes a database type, a database name, an IP address, a port number, a user name and a password, and the file source configuration is connection information for configuring a system connection file repository, and includes a file source type, a file directory, an IP address, a port number, a user name and a password.
4. The method for data security check based on sensitive data identification as claimed in claim 1, wherein the policy elements in the second step comprise industry data classification hierarchy, policy group and policy template.
5. The method for data security check based on sensitive data identification as claimed in claim 1, wherein the content in step three includes structured data and unstructured data, the structured data includes table name, field name, data type, data content and white list; the unstructured data includes file name, file size, file type, file content, and white list.
6. The sensitive data identification-based data security check method according to claim 1, wherein the task information in step four comprises a data source for sensitive data scanning, a policy group and a scanning task rule configuration.
7. The method for data security inspection based on sensitive data identification as claimed in claim 1, wherein in the eighth step, the event presentation is performed by displaying the sensitive information identified by active sensitive data discovery, network protocol analysis and crawling in the web site in a list or aggregation manner.
8. The method for data security check based on sensitive data identification as claimed in claim 1 or 7, wherein in the ninth step, the event information is analyzed by statistics according to data source, data classification, rule type, event severity, data source type and data type.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010042472.9A CN111314292A (en) | 2020-01-15 | 2020-01-15 | Data security inspection method based on sensitive data identification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010042472.9A CN111314292A (en) | 2020-01-15 | 2020-01-15 | Data security inspection method based on sensitive data identification |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111314292A true CN111314292A (en) | 2020-06-19 |
Family
ID=71160350
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010042472.9A Pending CN111314292A (en) | 2020-01-15 | 2020-01-15 | Data security inspection method based on sensitive data identification |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111314292A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111783138A (en) * | 2020-06-24 | 2020-10-16 | 中国平安财产保险股份有限公司 | Sensitive data detection method and device, computer equipment and storage medium |
| CN112416943A (en) * | 2020-12-03 | 2021-02-26 | 广东新禾道信息科技有限公司 | Mapping data safety inspection method based on sensitive data identification |
| CN112565196A (en) * | 2020-11-10 | 2021-03-26 | 杭州神甲科技有限公司 | Data leakage prevention method and device with network monitoring capability and storage medium |
| CN113747443A (en) * | 2021-02-26 | 2021-12-03 | 上海观安信息技术股份有限公司 | Machine learning algorithm-based security detection method and device |
| CN115168345A (en) * | 2022-06-27 | 2022-10-11 | 天翼爱音乐文化科技有限公司 | Database classification method, system, device and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101989292A (en) * | 2009-07-31 | 2011-03-23 | 李超 | Sensitive information analysis system and method |
| EP2816774A1 (en) * | 2013-06-17 | 2014-12-24 | Alcatel Lucent | System for enforcing privacy policies in a telecommunication network |
| CN104965894A (en) * | 2015-06-19 | 2015-10-07 | 成都国腾实业集团有限公司 | Data analysis system for IDC hazardous information monitoring platform |
| CN108351946A (en) * | 2015-11-20 | 2018-07-31 | 赛门铁克公司 | System and method for anonymization journal entries |
| CN109271808A (en) * | 2018-09-07 | 2019-01-25 | 北明软件有限公司 | A kind of data inactivity desensitization system and method based on the discovery of database sensitivity |
| CN110019764A (en) * | 2017-12-28 | 2019-07-16 | 中国移动通信集团重庆有限公司 | Discovery method, apparatus, equipment and the storage medium of big data platform sensitive data |
-
2020
- 2020-01-15 CN CN202010042472.9A patent/CN111314292A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101989292A (en) * | 2009-07-31 | 2011-03-23 | 李超 | Sensitive information analysis system and method |
| EP2816774A1 (en) * | 2013-06-17 | 2014-12-24 | Alcatel Lucent | System for enforcing privacy policies in a telecommunication network |
| CN104965894A (en) * | 2015-06-19 | 2015-10-07 | 成都国腾实业集团有限公司 | Data analysis system for IDC hazardous information monitoring platform |
| CN108351946A (en) * | 2015-11-20 | 2018-07-31 | 赛门铁克公司 | System and method for anonymization journal entries |
| CN110019764A (en) * | 2017-12-28 | 2019-07-16 | 中国移动通信集团重庆有限公司 | Discovery method, apparatus, equipment and the storage medium of big data platform sensitive data |
| CN109271808A (en) * | 2018-09-07 | 2019-01-25 | 北明软件有限公司 | A kind of data inactivity desensitization system and method based on the discovery of database sensitivity |
Non-Patent Citations (1)
| Title |
|---|
| 马晓亭: "大数据环境下图书馆敏感数据的识别与保护", 《图书馆论坛》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111783138A (en) * | 2020-06-24 | 2020-10-16 | 中国平安财产保险股份有限公司 | Sensitive data detection method and device, computer equipment and storage medium |
| CN112565196A (en) * | 2020-11-10 | 2021-03-26 | 杭州神甲科技有限公司 | Data leakage prevention method and device with network monitoring capability and storage medium |
| CN112416943A (en) * | 2020-12-03 | 2021-02-26 | 广东新禾道信息科技有限公司 | Mapping data safety inspection method based on sensitive data identification |
| CN113747443A (en) * | 2021-02-26 | 2021-12-03 | 上海观安信息技术股份有限公司 | Machine learning algorithm-based security detection method and device |
| CN113747443B (en) * | 2021-02-26 | 2024-06-07 | 上海观安信息技术股份有限公司 | Safety detection method and device based on machine learning algorithm |
| CN115168345A (en) * | 2022-06-27 | 2022-10-11 | 天翼爱音乐文化科技有限公司 | Database classification method, system, device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111314292A (en) | Data security inspection method based on sensitive data identification | |
| CN112131882B (en) | Multi-source heterogeneous network security knowledge graph construction method and device | |
| Mittal et al. | Cybertwitter: Using twitter to generate alerts for cybersecurity threats and vulnerabilities | |
| US11188657B2 (en) | Method and system for managing electronic documents based on sensitivity of information | |
| CN113486351A (en) | Civil aviation air traffic control network safety detection early warning platform | |
| US7996374B1 (en) | Method and apparatus for automatically correlating related incidents of policy violations | |
| Amato et al. | Analyse digital forensic evidences through a semantic-based methodology and NLP techniques | |
| RU2702269C1 (en) | Intelligent control system for cyberthreats | |
| CN107872454B (en) | Threat information monitoring and analyzing system and method for ultra-large Internet platform | |
| Afzaliseresht et al. | From logs to stories: human-centred data mining for cyber threat intelligence | |
| CN110990836B (en) | Code leakage detection system and method based on natural language processing technology | |
| CN103281177A (en) | Method and system for detecting hostile attack on Internet information system | |
| CN106649429B (en) | A kind of loophole hazard rating fast evaluation method and device based on multidimensional statistics | |
| CN112417492A (en) | Service providing method based on data classification and classification | |
| CN111104579A (en) | Identification method and device for public network assets and storage medium | |
| Singh | Towards data privacy and security framework in big data governance | |
| Nimbalkar et al. | Semantic interpretation of structured log files | |
| CN109829304B (en) | Virus detection method and device | |
| CN111767573A (en) | Database security management method and device, electronic equipment and readable storage medium | |
| CN116361784A (en) | Data detection method and device, storage medium and computer equipment | |
| Pratomo et al. | Data encryption and anonymization techniques for enhanced information system security and privacy | |
| CN112596984A (en) | Data security situation sensing system under weak isolation environment of service | |
| Kishore et al. | Big data as a challenge and opportunity in digital forensic investigation | |
| CN114398428A (en) | Data analysis method, device, equipment and storage medium | |
| Ibrishimova | Cyber incident classification: issues and challenges |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200619 |
|
| RJ01 | Rejection of invention patent application after publication |