CN111464551A - Network security analysis system - Google Patents
Network security analysis system Download PDFInfo
- Publication number
- CN111464551A CN111464551A CN202010281370.2A CN202010281370A CN111464551A CN 111464551 A CN111464551 A CN 111464551A CN 202010281370 A CN202010281370 A CN 202010281370A CN 111464551 A CN111464551 A CN 111464551A
- Authority
- CN
- China
- Prior art keywords
- module
- electrically connected
- output
- electric connection
- output end
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004458 analytical method Methods 0.000 title claims abstract description 14
- 238000012544 monitoring process Methods 0.000 claims abstract description 22
- 238000001514 detection method Methods 0.000 claims abstract description 21
- 238000004891 communication Methods 0.000 claims abstract description 12
- 238000011084 recovery Methods 0.000 claims abstract description 11
- 230000007123 defense Effects 0.000 claims description 25
- 238000011897 real-time detection Methods 0.000 claims description 8
- 230000009545 invasion Effects 0.000 claims description 5
- 238000012545 processing Methods 0.000 claims description 5
- 230000008595 infiltration Effects 0.000 claims description 2
- 238000001764 infiltration Methods 0.000 claims description 2
- 238000000034 method Methods 0.000 abstract description 4
- 230000002265 prevention Effects 0.000 description 10
- 238000001914 filtration Methods 0.000 description 7
- 230000035515 penetration Effects 0.000 description 5
- 238000011161 development Methods 0.000 description 4
- 230000002457 bidirectional effect Effects 0.000 description 3
- 238000011156 evaluation Methods 0.000 description 3
- 238000007726 management method Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000009828 non-uniform distribution Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000000875 corresponding effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 230000008034 disappearance Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000003012 network analysis Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 239000000047 product Substances 0.000 description 1
- 239000013589 supplement Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1475—Passive attacks, e.g. eavesdropping or listening without modification of the traffic monitored
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a network security analysis system, which comprises a computer host control module, wherein the output end of the computer host control module is electrically connected with the input end of an access control module, the output end of the access control module is electrically connected with the input end of a security vulnerability detection module, the output end of the security vulnerability detection module is electrically connected with the input end of an attack monitoring module, and the output end of the attack monitoring module is electrically connected with the input end of an encryption communication module. The authentication module can perform some procedures for authentication, and the backup and recovery module can backup and recover some files and data.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a network security analysis system.
Background
Because computer networks have characteristics of diverse forms of connection, non-uniform distribution of terminals, and openness and interconnectivity of the networks, the networks are vulnerable to hackers, monster, malware, and other misleading attacks. Network security systems play a significant role in preventing and protecting against attacks and intrusions to secure information on the network.
With the continuous development of computer networks, global informatization has become a big trend of human development. But because computer networks have the characteristics of diverse forms of connection, non-uniform distribution of terminals, and openness and interconnectivity of the networks, the networks are vulnerable to hackers, monster, malware, and other misleading attacks. Then, the network security system plays a great role in preventing and protecting against attacks and intrusions to ensure the security of information on the network. Three types of common network security systems currently in wide application, namely firewalls, IDS (intrusion detection systems) and IPS (intrusion prevention systems).
The existing network security technology needs to be improved in a network analysis aspect, and a network security analysis system is provided for making up for the missing.
Disclosure of Invention
The invention aims to solve the defects in the prior art and provides a network security analysis system.
In order to achieve the purpose, the invention adopts the following technical scheme: the system comprises a computer host control module, wherein the output end of the computer host control module is electrically connected with the input end of an access control module, the output end of the access control module is electrically connected with the input end of a security hole detection module, the output end of the security hole detection module is electrically connected with the input end of an attack monitoring module, the output end of the attack monitoring module is electrically connected with the input end of an encryption communication module, the output end of the encryption communication module is electrically connected with the input end of an authentication module, the output end of the authentication module is electrically connected with the input end of a backup and recovery module, the output end of the backup and recovery module is electrically connected with the input end of a multilayer defense module, the output end of the multilayer defense module is electrically connected with the input end of a hidden internal information module, and the output end of the hidden internal information module is electrically connected with the input end of, the output end of the safety control center module is electrically connected with the input end of the computer host control module.
In a preferred embodiment: the system comprises a computer host control module, an IDS module, an IPS module, a firewall, an internal network module, an output end of the firewall, an input end of the filtering unsafe service module, an output end of the filtering unsafe service module and an input end of the filtering illegal user module, wherein the computer host control module is electrically connected with the firewall in a two-way mode, the computer host control module is electrically connected with the IDS module in a two-way mode, the computer host control module is electrically connected with the IPS module in a two-way mode, the output end of the firewall is electrically connected with the input end of the.
In a preferred embodiment: the output of preventing hot wall and the input electric connection that prevents the invader and be close defense facilities module, the output that prevents the invader and be close defense facilities module and the input electric connection of injecing user's access special website module, the output of injecing user's access special website module and the input electric connection of keeping watch on fnternet safety, the output of IDS module and the input electric connection of detection module, the output of detection module and the input electric connection of system scanning module, the output of system scanning module and the input electric connection of denial of service module, the output of denial of service module and the input electric connection of system infiltration module.
In a preferred embodiment: the output of IPS module and the input electric connection of real-time detection module, the output of real-time detection module and the input electric connection of prevention invasion module, the output of prevention invasion module and the input electric connection of embedded operation mode module.
In a preferred embodiment: the output end of the IPS module is electrically connected with the input end of the perfect security policy module, the output end of the perfect security policy module is electrically connected with the input end of the high-quality intrusion feature module, and the output end of the high-quality intrusion feature module is electrically connected with the input end of the high-efficiency processing data module.
In a preferred embodiment: the output end of the computer host control module is electrically connected with the input end of the safety information collecting module, and the output end of the safety information collecting module is electrically connected with the input end of the safety information evaluating module.
The invention has the following beneficial effects:
1. the invention installs firewall, IDS module and IPS module on the computer host control module, the firewall can achieve the following purposes: firstly, other people can be limited from entering an internal network, and unsafe services and illegal users can be filtered; secondly, preventing the intruder from approaching the defense facility; thirdly, limiting the user to access a special site; and fourthly, convenience is provided for monitoring the fnternet safety. Firewalls are suitable for relatively independent networks because they assume network boundaries and services. Firewalls are now widely used on the Internet and are increasingly more viable outside of fnternet because they are not limited to the features of the TCP/IP protocol. Common types of attacks that IDS modules can detect are: system scanning (systemscearing), denial of Service (Deny of Service), and System Penetration (System networking). The detection method of IDS to attack mainly includes: passive, off-line discovery and real-time, on-line discovery of attackers in a computer network. The main advantage of IDS is to listen to network traffic, but without affecting the performance of the network. As a beneficial supplement to firewalls, IDS can help network systems to quickly discover the occurrence of network attacks, and can expand the security management capabilities of system administrators including security audit, monitoring, attack recognition and response, thereby improving the integrity of information security infrastructures. The IPS module is an active and intelligent intrusion detection, prevention and prevention system, can detect the occurrence of intrusion, can stop the occurrence and development of intrusion behaviors in real time through a certain response mode, and protects an information system from being substantially attacked in real time. The IPS can not only realize detection attack, but also effectively block the attack, provides deep protection and focuses on active defense, and can be said to be a new network security product based on IDS and established on the basis of IDS development.
2. Under the action of the firewall, IDS module and IPS module of the computer host control module, the invention operates an access control module to control the access of websites, a security vulnerability detection module can detect vulnerabilities of the system, an attack monitoring module can attack and monitor intruders or viruses which are not resisted by the defense system, an encryption communication module can encrypt some communication data, an authentication module can carry out procedures with large authentication, a backup and recovery module can backup and recover some files and data to prevent disappearance during security protection, a multilayer defense module carries out security defense in multiple layers, an internal information hiding module can hide internal files, a security control center module is arranged to carry out internal information processing after security monitoring is arranged, a security information collecting module collects security information through the computer host control module and then carries out security analysis and evaluation through a security information evaluation module, so as to ensure the safety of the network system at all times.
Drawings
Fig. 1 is a system flowchart of a network security analysis system according to the present invention.
Illustration of the drawings:
1-computer host control module, 2-access control module, 3-security vulnerability detection module, 4-attack monitoring module, 5-encryption communication module, 6-authentication module, 7-backup and recovery module, 8-multilayer defense module, 9-internal information hiding module, 10-security control center setting module, 11-firewall, 12-IDS module, 13-IPS module, 14-internal network limiting module, 15-unsafe service filtering module, 16-illegal user filtering module, 17-intruder approaching prevention facility preventing module, 18-special site limiting module for user accessing, 19-fnternet monitoring module, 20-detection module, 21-system scanning module, 22-denial service module, 23-a system penetration module, 24-a real-time detection module, 25-an intrusion prevention module, 26-an embedded operation mode module, 27-a perfect security strategy module, 28-a high-quality intrusion characteristic module, 29-a high-efficiency data processing module, 30-a safety information collecting module and 31-a safety information evaluation module.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention provides the following technical solutions: comprises a computer host control module 1, wherein the output end of the computer host control module 1 is electrically connected with the input end of an access control module 2, the output end of the access control module 2 is electrically connected with the input end of a security hole detection module 3, the output end of the security hole detection module 3 is electrically connected with the input end of an attack monitoring module 4, the output end of the attack monitoring module 4 is electrically connected with the input end of an encryption communication module 5, the output end of the encryption communication module 5 is electrically connected with the input end of an authentication module 6, the output end of the authentication module 6 is electrically connected with the input end of a backup and recovery module 7, the output end of the backup and recovery module 7 is electrically connected with the input end of a multilayer defense module 8, the output end of the multilayer defense module 8 is electrically connected with the input end of a hidden internal information module 9, the output end of the hidden internal information module 9 is electrically connected, the output end of a security control center module 10 is electrically connected with the input end of a computer host control module 1, the computer host control module 1 is electrically connected with a firewall 11 in a bidirectional way, the computer host control module 1 is electrically connected with an IDS module 12 in a bidirectional way, the computer host control module 1 is electrically connected with an IPS module 13 in a bidirectional way, the output end of the firewall 11 is electrically connected with the input end which limits other people from entering an internal network module 14, the output end which limits other people from entering the internal network module 14 is electrically connected with the input end which filters an unsafe service module 15, the output end which filters the unsafe service module 15 is electrically connected with the input end which filters an illegal user module 16, the output end of the firewall 11 is electrically connected with the input end which prevents an intruder from approaching a defense facility module 17, and the output end which prevents the intruder from approaching the defense facility, the output end of the special site module 18 for limiting user access is electrically connected with the input end of the monitoring fnternet security 19, the output end of the IDS module 12 is electrically connected with the input end of the detection module 20, the output end of the detection module 20 is electrically connected with the input end of the system scanning module 21, the output end of the system scanning module 21 is electrically connected with the input end of the denial of service module 22, the output end of the denial of service module 22 is electrically connected with the input end of the system penetration module 23, the output end of the IPS module 13 is electrically connected with the input end of the real-time detection module 24, the output end of the real-time detection module 24 is electrically connected with the input end of the intrusion prevention module 25, the output end of the intrusion prevention module 25 is electrically connected with the input end of the embedded operation mode module 26, the output end of the computer host control module 1 is electrically connected with the input end of the security information collecting module 30.
The working principle and the process of the invention are as follows: the invention has the following security system firewall 11, IDS module 12 and IPS module 13 under the control of the computer host control module 1, the firewall 11 includes the defense facilities which can limit others from entering the internal network module 14 to prevent others from invading the internal network through the network function, the unsafe service filtering module 15 can filter unsafe service entries, the illegal user filtering module 16 can filter the invasion of illegal users, the intruder approaching defense facility preventing module 17 can prevent intruders from approaching the defense facilities of the computer, the intruder attacking the system defense is effectively prevented, the user accessing the special site module 18 can be limited to access special websites to prevent users from being deceived or cheated by illegal information, the fnteret security monitoring module 19 can monitor the security of the internet environment, the IDS module 12 includes the detecting module 20 which has the function of monitoring network abnormity, the system scanning module 21 can perform the vulnerability scanning of the system and the clearness of unsafe files in the system, the denial of service module 22 can effectively reject unsafe service information, the system penetration module 23 can perform system penetration to search some unsafe files in the system, the IPS module 13 comprises a real-time detection module 24 to perform real-time monitoring of network security, the intrusion prevention module 25 can effectively prevent intrusion of others, the embedded operation mode module 26 can automatically operate without excessive user intervention and only needs management, the perfect security policy module 27 can continuously perfect security policy, the high-quality intrusion feature module 28 can effectively prevent intrusion according to experience, the high-efficiency processing data module 29 has the capability of efficiently processing files, the following modules can be adjusted under the computer host control module 1 through a defense system, the access control module 2 can access a control system established for a specific network segment and service, preventing most attacks before reaching the attack target; the security vulnerability checking module 3 can make most attacks invalid even if the attacks can reach the attack targets through periodic security vulnerability checking; the attack monitoring module 4 can detect most attacks in real time through an attack monitoring system established for a specific network segment and service, and takes corresponding actions (such as disconnecting network connection, recording attack process, tracking attack, source and the like); the encryption communication module 5 actively encrypts communication, so that an attacker cannot know and modify sensitive information; the authentication module 6 has a good authentication system which can prevent an attacker from impersonating a legal user; the backup and recovery module 7, a good backup and recovery mechanism, can recover data and system service as soon as possible when the attack causes loss; the multilayer defense module 8 delays or blocks an attacker from reaching an attack target after the attacker breaks through the first-path defense line; the internal information module 9 is hidden, so that an attacker cannot know the basic situation in the system; and setting a safety monitoring center module 10 to provide safety system management, monitoring, maintenance and emergency service for the information system.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments or portions thereof without departing from the spirit and scope of the invention.
Claims (6)
1. A network security analysis system comprises a computer host control module (1), and is characterized in that: the output end of the computer host control module (1) is electrically connected with the input end of the access control module (2), the output end of the access control module (2) is electrically connected with the input end of the security hole detection module (3), the output end of the security hole detection module (3) is electrically connected with the input end of the attack monitoring module (4), the output end of the attack monitoring module (4) is electrically connected with the input end of the encryption communication module (5), the output end of the encryption communication module (5) is electrically connected with the input end of the authentication module (6), the output end of the authentication module (6) is electrically connected with the input end of the backup and recovery module (7), the output end of the backup and recovery module (7) is electrically connected with the input end of the multilayer defense module (8), the output end of the multilayer defense module (8) is electrically connected with the input end of the hidden internal information module (9), the output end of the hidden internal information module (9) is electrically connected with the input end of the safety control center module (10), and the output end of the safety control center module (10) is electrically connected with the input end of the computer host control module (1).
2. The network security analysis system according to claim 1, wherein: computer host control module (1) and prevent two-way electric connection of hot wall (11), two-way electric connection of computer host control module (1) and IDS module (12), two-way electric connection of computer host control module (1) and IPS module (13), prevent the output of hot wall (11) and the input electric connection that limits other people to get into internal network module (14), the output that limits other people to get into internal network module (14) and the input electric connection who filters unsafe service module (15), the output that filters unsafe service module (15) and the input electric connection who filters illegal user module (16).
3. The network security analysis system according to claim 1, wherein: the output of firewall (11) and the input that prevents the invader and is close defense facilities module (17) electric connection, the output that prevents the invader and is close defense facilities module (17) and the input electric connection of restricting user access special site module (18), the output that restricts user access special site module (18) and the input electric connection of monitoring fnternet safety (19), the output of IDS module (12) and the input electric connection of detection module (20), the output of detection module (20) and the input electric connection of system scanning module (21), the output of system scanning module (21) and the input electric connection of denial of service module (22), the output of denial of service module (22) and the input electric connection of system infiltration module (23).
4. The network security analysis system according to claim 1, wherein: the output of IPS module (13) and the input electric connection of real-time detection module (24), the output of real-time detection module (24) and the input electric connection who prevents invasion module (25), the output that prevents invasion module (25) and the input electric connection of embedded operation mode module (26).
5. The network security analysis system of claim 4, wherein: the output end of the IPS module (13) is electrically connected with the input end of a perfect security policy module (27), the output end of the perfect security policy module (27) is electrically connected with the input end of a high-quality intrusion characteristic module (28), and the output end of the high-quality intrusion characteristic module (28) is electrically connected with the input end of an efficient processing data module (29).
6. The network security analysis system according to claim 1, wherein: the output end of the computer host control module (1) is electrically connected with the input end of the safety information collecting module (30), and the output end of the safety information collecting module (30) is electrically connected with the input end of the safety information evaluating module (31).
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010281370.2A CN111464551A (en) | 2020-04-10 | 2020-04-10 | Network security analysis system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010281370.2A CN111464551A (en) | 2020-04-10 | 2020-04-10 | Network security analysis system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111464551A true CN111464551A (en) | 2020-07-28 |
Family
ID=71681076
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010281370.2A Pending CN111464551A (en) | 2020-04-10 | 2020-04-10 | Network security analysis system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111464551A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112131625A (en) * | 2020-09-30 | 2020-12-25 | 重庆旷闻科技咨询有限公司 | Platform information security service system |
| CN114374532A (en) * | 2021-12-06 | 2022-04-19 | 国网山东省电力公司聊城供电公司 | Network security monitoring system |
| WO2024155835A1 (en) * | 2023-01-18 | 2024-07-25 | Akamai Technologies, Inc. | Api security based on inspection of obfuscated request and response bodies |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140317717A1 (en) * | 2013-04-23 | 2014-10-23 | Hon Hai Precision Industry Co., Ltd. | Firewall settings controlling method |
| WO2015159294A1 (en) * | 2014-04-17 | 2015-10-22 | Wise-Sec Ltd. | Using a client terminal wireless personal area network (wpan) transceiver for secure element communication |
| CN206162540U (en) * | 2016-08-31 | 2017-05-10 | 王树军 | Intelligent computer network safety isolation device |
| CN107707531A (en) * | 2017-09-13 | 2018-02-16 | 湖南涉外经济学院 | A kind of safe cloud computing system |
| CN108449351A (en) * | 2018-03-27 | 2018-08-24 | 许昌学院 | A kind of information security Initiative Defense and monitoring system |
-
2020
- 2020-04-10 CN CN202010281370.2A patent/CN111464551A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140317717A1 (en) * | 2013-04-23 | 2014-10-23 | Hon Hai Precision Industry Co., Ltd. | Firewall settings controlling method |
| WO2015159294A1 (en) * | 2014-04-17 | 2015-10-22 | Wise-Sec Ltd. | Using a client terminal wireless personal area network (wpan) transceiver for secure element communication |
| CN206162540U (en) * | 2016-08-31 | 2017-05-10 | 王树军 | Intelligent computer network safety isolation device |
| CN107707531A (en) * | 2017-09-13 | 2018-02-16 | 湖南涉外经济学院 | A kind of safe cloud computing system |
| CN108449351A (en) * | 2018-03-27 | 2018-08-24 | 许昌学院 | A kind of information security Initiative Defense and monitoring system |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112131625A (en) * | 2020-09-30 | 2020-12-25 | 重庆旷闻科技咨询有限公司 | Platform information security service system |
| CN114374532A (en) * | 2021-12-06 | 2022-04-19 | 国网山东省电力公司聊城供电公司 | Network security monitoring system |
| WO2024155835A1 (en) * | 2023-01-18 | 2024-07-25 | Akamai Technologies, Inc. | Api security based on inspection of obfuscated request and response bodies |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6405318B1 (en) | Intrusion detection system | |
| Cazorla et al. | Cyber stealth attacks in critical information infrastructures | |
| CN110881049B (en) | Computer network safety intelligent control system | |
| KR101744631B1 (en) | Network security system and a method thereof | |
| CN108809970B (en) | Safety protection method of intelligent home security gateway | |
| WO2020103454A1 (en) | Defense method for configuring weak password vulnerabilities of internal and external network cameras | |
| Sandhu et al. | A survey of intrusion detection & prevention techniques | |
| CN111464551A (en) | Network security analysis system | |
| CN116708210A (en) | Operation and maintenance processing method and terminal equipment | |
| Basholli et al. | Possibility of protection against unauthorized interference in telecommunication systems | |
| Innab et al. | Hybrid system between anomaly based detection system and honeypot to detect zero day attack | |
| Abbas et al. | Subject review: Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) | |
| KR20220081145A (en) | AI-based mysterious symptom intrusion detection and system | |
| Mahlous | Threat model and risk management for a smart home iot system | |
| CN115694980A (en) | Method for carrying out network security protection on Internet of things system | |
| Li | Study on security and prevention strategies of computer network | |
| CN113660222A (en) | Situation awareness defense method and system based on mandatory access control | |
| Behal et al. | Signature-based botnet detection and prevention | |
| Singh | Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) For Network Security: A Critical Analysis | |
| CN112671781A (en) | RASP-based firewall system | |
| CN111885020A (en) | Network attack behavior real-time capturing and monitoring system with distributed architecture | |
| Ashoor et al. | Intrusion detection system (IDS) & intrusion prevention system (IPS): case study | |
| Ahmed et al. | Characterizing strengths of snort-based IDPS | |
| Xiao | Research on computer network information security based on big data technology | |
| Mittal et al. | A Study of Different Intrusion Detection and Prevension System |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200728 |