CN111885106A - Internet of things safety management and control method and system based on terminal equipment characteristic information - Google Patents
Internet of things safety management and control method and system based on terminal equipment characteristic information Download PDFInfo
- Publication number
- CN111885106A CN111885106A CN202010550285.1A CN202010550285A CN111885106A CN 111885106 A CN111885106 A CN 111885106A CN 202010550285 A CN202010550285 A CN 202010550285A CN 111885106 A CN111885106 A CN 111885106A
- Authority
- CN
- China
- Prior art keywords
- characteristic information
- information
- terminal equipment
- network
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 25
- 238000012795 verification Methods 0.000 claims abstract description 14
- 238000004891 communication Methods 0.000 claims description 9
- 238000010276 construction Methods 0.000 claims description 6
- 238000007405 data analysis Methods 0.000 claims description 3
- 230000006855 networking Effects 0.000 claims 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000005206 flow analysis Methods 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 241001622623 Coeliadinae Species 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000002360 explosive Substances 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000006698 induction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 239000000523 sample Substances 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Abstract
The invention relates to a method and a system for managing and controlling the safety of an internet of things based on characteristic information of terminal equipment. The invention obtains the multi-dimensional characteristic information of each terminal device in the network in advance, and constructs a characteristic information database taking the terminal device as a unit; carrying out high-speed polling on terminal equipment in a network, collecting partial or all characteristic information of the terminal equipment and comparing the characteristic information with the multi-dimensional characteristic information of the terminal equipment stored in the characteristic information database; if the comparison consistency is greater than a preset threshold value, passing the safety verification; otherwise network operation is blocked. By extracting various characteristic information of the terminal equipment, comprehensive 'portrait' is carried out on each terminal network equipment from multiple dimensions, and therefore uniqueness and legality of the equipment are determined.
Description
Technical Field
The invention relates to the technical field of Internet of things, in particular to a method and a system for security management and control of Internet of things based on characteristic information of terminal equipment.
Background
With the rapid development of the technology of the internet of things, various front-end devices of the internet of things (such as video monitoring, electronic policemen, bayonets, signal machines, induction screens, automobile electronic identifications and the like) have explosive growth trends in types and quantity, the front-end devices are distributed on each road and each corner of a city, are large in quantity, wide in distribution and difficult to monitor, a communication hanging box on each front-end rod piece is a network access point, and each terminal device is possible to be forged or replaced by a hacker, so that network security risks are caused.
In order to prevent security risks similar to those from network terminals, traditional security manufacturers often adopt a flow analysis mode, that is, flow analysis devices are physically connected in series (or logically connected in series, such as drainage and the like) in a network to identify, clean and filter data packets in network flow, so that threats are discovered and blocked. The network fault points are increased physically, the network complexity is increased logically, network cutover is often required in the deployment and implementation process, service interruption is caused, the implementation difficulty is high, and the implementation risk is high. And a large number of network access rules need to be configured on the security equipment at the later stage, the requirements on the professional skill level of implementation and operation and maintenance personnel are high, and a large-area network fault can be caused by carelessness.
Disclosure of Invention
Aiming at the technical problems in the prior art, the invention provides the method and the system for managing and controlling the safety of the internet of things based on the characteristic information of the terminal equipment.
The technical scheme for solving the technical problems is as follows:
in a first aspect, the invention provides a method for managing and controlling the security of the internet of things based on characteristic information of terminal equipment, which comprises the following steps:
obtaining multi-dimensional characteristic information of each terminal device in a network in advance, and constructing a characteristic information database with the terminal device as a unit;
carrying out high-speed polling on terminal equipment in a network, collecting partial or all characteristic information of the terminal equipment and comparing the partial or all characteristic information with the multi-dimensional characteristic information of the terminal equipment stored in the characteristic information database;
if the comparison consistency is greater than a preset threshold value, passing the safety verification; otherwise network operation is blocked.
Further, the multi-dimensional feature information includes an IP address, an MAC address, a network access path, open port information, service type information, operating system information, software and hardware version information, a device manufacturer, a device type, and a device model.
Further, the acquiring part or all of the characteristic information of the terminal device and comparing the acquired part or all of the characteristic information with the multi-dimensional characteristic information of the terminal device stored in the characteristic information database includes:
acquiring an MAC address and a network access path by analyzing an ARP table, scanning and acquiring open port information, service type information and operating system information of the terminal equipment by network fingerprint information, and detecting and acquiring software and hardware version information, equipment manufacturers, equipment types and models of the terminal equipment by different private communication protocols; one item of feature information is sequentially selected to be matched with feature information stored in the feature information database;
and if the matching is successful, comparing the collected other characteristic information with other characteristic information of the equipment terminal corresponding to the successfully matched characteristic information in the characteristic information database one by one.
Further, the method further comprises: classifying the terminal equipment according to the multi-dimensional characteristic information of each terminal equipment, and grading the characteristic information aiming at different classified equipment terminals.
Further, for different classified device terminals, the preset thresholds corresponding to the security verification are different.
In a second aspect, the present invention further provides an internet of things security management and control system based on terminal device feature information, including:
the database construction module is used for acquiring multi-dimensional characteristic information of each terminal device in the network in advance and constructing a characteristic information database taking the network-access terminal device as a unit;
the information comparison module is used for carrying out high-speed polling on the terminal equipment in the network, acquiring partial or all characteristic information of the terminal equipment and comparing the acquired partial or all characteristic information with the multidimensional characteristic information of the terminal equipment stored in the characteristic information database;
the safety control module is used for carrying out safety control according to the comparison result, and if the comparison consistency is greater than a preset threshold value, the safety verification is passed; otherwise network operation is blocked.
Further, the information comparison module includes:
the information acquisition module is used for acquiring an MAC address and a network access path by analyzing an ARP table, scanning and acquiring open port information, service type information and operating system information of the terminal equipment through network fingerprint information, and detecting and acquiring software and hardware version information, equipment manufacturers, equipment types and models of the terminal equipment through different private communication protocols;
the matching module is used for sequentially selecting one item of feature information to match with the feature information stored in the feature information database; and the characteristic information database is used for comparing the collected other characteristic information with other characteristic information of the equipment terminal corresponding to the characteristic information which is successfully matched in the characteristic information database one by one.
Further, the database construction module is further configured to classify the terminal devices according to the multidimensional feature information of each terminal device, and rank the feature information for different classified device terminals.
In a third aspect, the present invention provides an internet of things security management and control system based on terminal device feature information, including:
the scanner is used for acquiring multi-dimensional characteristic information of each terminal device in the network;
and the data analysis server is used for realizing the safety verification of the network access terminal equipment by adopting the method of the first aspect of the invention.
In a fourth aspect, the present invention provides a non-transitory computer-readable storage medium, in which a computer software program for implementing the method for controlling security of an internet of things based on feature information of a terminal device according to the first aspect of the present invention is stored.
The invention has the beneficial effects that: the system has zero transformation on the network structure and zero perception on the service system, all equipment only needs to be accessed into the network, the original network structure does not need to be transformed or cut off in any form, and the risks of service interruption, network interruption and the like in the deployment and implementation process do not exist. After deployment is completed, operation and maintenance personnel operate simply and conveniently without professional knowledge background in the aspect of network security. Compared with the traditional network security solution, the system does not need a large number of optical splitters, flow dividers and protocol analysis equipment, thereby greatly reducing the cost.
Drawings
Fig. 1 is a flow chart of a method for managing and controlling the security of the internet of things based on the characteristic information of terminal equipment;
fig. 2 is a frame diagram of an internet of things security management and control system based on terminal device characteristic information.
Detailed Description
The principles and features of this invention are described below in conjunction with the following drawings, which are set forth by way of illustration only and are not intended to limit the scope of the invention.
Example 1
As shown in fig. 1, an embodiment of the present invention provides a method for security management and control of an internet of things based on terminal device feature information, including the following steps:
step 1, obtaining multi-dimensional characteristic information of each terminal device in a network in advance, and constructing a characteristic information database taking the terminal device as a unit.
The multi-dimensional characteristic information comprises an IP address, an MAC address, a network access path, open port information, service type information, operating system information, software and hardware version information, equipment manufacturers, equipment types, models and the like.
When the data acquisition is carried out,
1) obtaining an MAC address and a network access path by analyzing an ARP table;
2) acquiring open port information, service type information and operating system information of the terminal equipment through network fingerprint information scanning; the network fingerprint in the system mainly refers to TCP/IP protocol stack fingerprint, and in RFC specification, the realization of TCP/IP is not compulsorily stipulated in some places, so that different TCP/IP schemes may have own special processing modes; the system mainly judges the type of the operating system and the type of the service according to the difference of the details;
3) detecting and acquiring software and hardware version information, equipment manufacturers, equipment types and models of terminal equipment through different private communication protocols;
specifically, hardware, software versions, equipment manufacturers, equipment types, specific models and the like of the equipment are acquired through various protocols aiming at different types of internet of things terminal equipment. If various monitoring cameras can be scanned by using an ONVIF protocol, and annunciators can be scanned by using an NTCIP protocol, and deep characteristic information of the annunciators can be clarified by analyzing a return message; the deep-level network characteristics refer to private information of some devices except for an IP address, a MAC address, an open port, and an operating system, such as a manufacturer of the device, a type of the device, a specific model of the device, a software version of the device, a hardware version of the device, and the like. The system also integrates a large number of private communication protocol libraries of different types of Internet of things equipment, such as an ONVIF protocol for network video protocol transmission, an NTCIP protocol for data transmission between electronic equipment of an intelligent transportation system, and private communication protocols of manufacturers such as Dahua, Haican, Yu-Vis, Kodao, Siemens and Haixin, and the deep-level characteristics of the equipment are detected and acquired through various private protocols.
After the above feature information extraction operation, the following part or all of the information of the terminal device can be clarified:
1. who is it? A MAC address;
2. from where it came? A network access path;
3. what do it possess? The service type can be provided externally;
4. its privacy information? The protocol probes the identified deep device characteristics.
After the information is clarified, a 'make-up fixation picture' is shot for the equipment, and a characteristic information database taking the terminal equipment as a unit is constructed.
And 2, performing high-speed polling on the terminal equipment in the network, collecting partial or whole characteristic information of the terminal equipment and comparing the partial or whole characteristic information with the multi-dimensional characteristic information of the terminal equipment stored in the characteristic information database.
Specifically, in the polling process, the feature information of the current terminal device is collected. It should be noted that, due to different types of terminal devices (for example, the terminal device may be a camera used only for video capture, or may be a terminal or a server with a separate operating system), the feature information of the current terminal device does not necessarily include all the feature information mentioned in step 1.
After the characteristic information group of the current terminal equipment is obtained, one item of characteristic information in the characteristic information group is sequentially selected to be matched with the characteristic information stored in the characteristic information database.
And if the matching is successful, comparing the collected other characteristic information with other characteristic information of the equipment terminal corresponding to the characteristic information successfully matched in the characteristic information database one by one.
Because a large amount of characteristic information is stored in the characteristic information base, one of the characteristic information base is selected for matching, so that the matching amount is reduced, and the matching efficiency is improved. When one feature information is successfully matched, it indicates that the current terminal device may be a certain type of terminal device already stored in the database, which greatly reduces the matching range, and at this time, the unmatched other feature information is compared with the other feature information of the type of terminal device one by one.
Step 3, if the comparison consistency is greater than a preset threshold value, passing the safety verification; otherwise network operation is blocked.
The comparison consistency can be represented by a feature information matching rate, that is, the feature information of the comparison consistency is divided by the number of the feature information of the current terminal equipment. And if the matching rate of the characteristic information is greater than a preset threshold value, passing the safety verification. Otherwise, adding the mac address of the terminal equipment into the blacklist, and blocking the network operation of the terminal equipment.
It should be noted that the preset threshold may be different for different types of networks. For example, in a local information network with a high security level, when a terminal accesses, it is necessary that the matching rate of the feature information reaches 100% before the terminal can effectively access the network. For some local information networks with lower security level, it may only need to compare mac addresses or network access paths to be consistent.
Preferably, the method further comprises: and classifying the terminal equipment according to the multi-dimensional characteristic information of each terminal equipment. The terminal devices are classified, in practice, to reduce the amount of data matching. Since the number of terminal devices of the urban internet of things can be described in a huge amount, even if matching is performed by using only one piece of characteristic information, a large amount of time is consumed. And classifying the terminal equipment. When the feature information of the terminal device is obtained through polling, which device type the current terminal device belongs to can be judged according to the obtained feature information, and when matching, matching is performed in the feature set corresponding to the device type. The data matching amount is greatly seen.
And grading the characteristic information aiming at different classified equipment terminals. For different classified device terminals, the preset threshold values corresponding to the security verification may be different.
Example 2
As shown in fig. 2, an embodiment of the present invention provides an internet of things security management and control system based on terminal device feature information, including:
the database construction module is used for acquiring multi-dimensional characteristic information of each terminal device in the network in advance and constructing a characteristic information database taking the network-access terminal device as a unit;
the information comparison module is used for carrying out high-speed polling on the terminal equipment in the network, acquiring partial or all characteristic information of the terminal equipment and comparing the acquired partial or all characteristic information with the multidimensional characteristic information of the terminal equipment stored in the characteristic information database;
the safety control module is used for carrying out safety control according to the comparison result, and if the comparison consistency is greater than a preset threshold value, the safety verification is passed; otherwise network operation is blocked.
Further, the information comparison module includes:
the information acquisition module is used for acquiring an MAC address and a network access path by analyzing an ARP table, scanning and acquiring open port information, service type information and operating system information of the terminal equipment through network fingerprint information, and detecting and acquiring software and hardware version information, equipment manufacturers, equipment types and models of the terminal equipment through different private communication protocols;
the matching module is used for sequentially selecting one item of feature information to match with the feature information stored in the feature information database; and the characteristic information database is used for comparing the collected other characteristic information with other characteristic information of the equipment terminal corresponding to the characteristic information which is successfully matched in the characteristic information database one by one.
Further, the database construction module is further configured to classify the terminal devices according to the multidimensional feature information of each terminal device, and rank the feature information for different classified device terminals.
Example 3
The invention provides an Internet of things safety management and control system based on terminal equipment characteristic information, which comprises:
the scanner is used for acquiring multi-dimensional characteristic information of each terminal device in the network;
and the data analysis server is used for realizing the safety verification of the network access terminal equipment by adopting the method in the embodiment 1 of the invention.
It should be noted that the logic instructions in the computer software program can be realized in the form of software functional units and stored in a computer readable storage medium when the software functional units are sold or used as independent products. Based on such understanding, the technical solutions of the embodiments of the present invention may be essentially implemented or contributed to by the prior art, or may be implemented in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method of the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (10)
1. An Internet of things safety management and control method based on terminal equipment characteristic information is characterized by comprising the following steps:
obtaining multi-dimensional characteristic information of each terminal device in a network in advance, and constructing a characteristic information database taking the terminal device as a unit;
carrying out high-speed polling on terminal equipment in a network, collecting partial or all characteristic information of the terminal equipment and comparing the characteristic information with the multi-dimensional characteristic information of the terminal equipment stored in the characteristic information database;
if the comparison consistency is greater than a preset threshold value, passing the safety verification; otherwise network operation is blocked.
2. The method of claim 1, wherein the multi-dimensional feature information comprises an IP address, a MAC address, a network access path, open port information, service type information, operating system information, software and hardware version information, a device manufacturer, a device type, and a device model.
3. The method according to claim 1 or 2, wherein the collecting of part or all of the feature information of the terminal device and the comparing with the multi-dimensional feature information of the terminal device stored in the feature information database comprises:
acquiring an MAC address and a network access path by analyzing an ARP table, scanning and acquiring open port information, service type information and operating system information of the terminal equipment by network fingerprint information, and detecting and acquiring software and hardware version information, equipment manufacturers, equipment types and models of the terminal equipment by different private communication protocols;
one item of feature information is sequentially selected to be matched with feature information stored in the feature information database;
and if the matching is successful, comparing the collected other characteristic information with other characteristic information of the equipment terminal corresponding to the characteristic information successfully matched in the characteristic information database one by one.
4. The method according to claim 1 or 2, characterized in that the method further comprises: classifying the terminal equipment according to the multi-dimensional characteristic information of each terminal equipment, and grading the characteristic information aiming at different classified equipment terminals.
5. The method according to claim 4, wherein the preset threshold corresponding to the security verification is different for different classes of device terminals.
6. The utility model provides a thing networking safety control system based on terminal equipment characteristic information which characterized in that includes:
the database construction module is used for acquiring multi-dimensional characteristic information of each terminal device in the network in advance and constructing a characteristic information database taking the network-access terminal device as a unit;
the information comparison module is used for carrying out high-speed polling on the terminal equipment in the network, acquiring partial or all characteristic information of the terminal equipment and comparing the acquired partial or all characteristic information with the multi-dimensional characteristic information of the terminal equipment stored in the characteristic information database;
the safety control module is used for carrying out safety control according to the comparison result, and if the comparison consistency is greater than a preset threshold value, the safety verification is passed; otherwise network operation is blocked.
7. The system of claim 6, wherein the information comparison module comprises:
the information acquisition module is used for acquiring an MAC address and a network access path by analyzing an ARP table, acquiring open port information, service type information and operating system information of the terminal equipment by scanning network fingerprint information, and acquiring software and hardware version information, equipment manufacturers, equipment types and models of the terminal equipment by detecting different private communication protocols;
the matching module is used for sequentially selecting one item of feature information to match with the feature information stored in the feature information database; and the characteristic information database is used for comparing the collected other characteristic information with other characteristic information of the equipment terminal corresponding to the characteristic information which is successfully matched in the characteristic information database one by one.
8. The system according to claim 6, wherein the database construction module is further configured to classify the terminal devices according to the multidimensional feature information of each terminal device, and rank the feature information for different classes of device terminals.
9. The utility model provides a thing networking safety control system based on terminal equipment characteristic information which characterized in that includes:
the scanner is used for acquiring multi-dimensional characteristic information of each terminal device in the network;
data analysis server, for implementing security verification of network-accessing terminal equipment by adopting the method of any one of claims 1-5.
10. A non-transitory computer-readable storage medium, wherein the storage medium stores therein a computer software program for implementing the method for security management of internet of things based on the feature information of the terminal device according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010550285.1A CN111885106A (en) | 2020-06-16 | 2020-06-16 | Internet of things safety management and control method and system based on terminal equipment characteristic information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010550285.1A CN111885106A (en) | 2020-06-16 | 2020-06-16 | Internet of things safety management and control method and system based on terminal equipment characteristic information |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111885106A true CN111885106A (en) | 2020-11-03 |
Family
ID=73156788
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010550285.1A Pending CN111885106A (en) | 2020-06-16 | 2020-06-16 | Internet of things safety management and control method and system based on terminal equipment characteristic information |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111885106A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112468500A (en) * | 2020-11-28 | 2021-03-09 | 武汉零感网御网络科技有限公司 | Risk processing method and system based on multi-dimensional data dynamic change scene |
| CN112491888A (en) * | 2020-11-27 | 2021-03-12 | 深圳万物安全科技有限公司 | Method and system for preventing equipment from being falsely used |
| CN112766891A (en) * | 2021-01-11 | 2021-05-07 | 东方网力科技股份有限公司 | Information acquisition method, device and equipment based on urban informatization equipment |
| CN113706100A (en) * | 2021-08-24 | 2021-11-26 | 国网辽宁省电力有限公司电力科学研究院 | Real-time detection and identification method and system for distribution network Internet of things terminal equipment |
| CN114124436A (en) * | 2021-09-27 | 2022-03-01 | 广东电力信息科技有限公司 | APN access trusted computing management system based on electric power Internet of things universal terminal |
| CN114338373A (en) * | 2021-12-16 | 2022-04-12 | 中国电信股份有限公司 | Network element configuration data storage method and device, electronic equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050138417A1 (en) * | 2003-12-19 | 2005-06-23 | Mcnerney Shaun C. | Trusted network access control system and method |
| CN109922160A (en) * | 2019-03-28 | 2019-06-21 | 全球能源互联网研究院有限公司 | A kind of terminal security cut-in method, apparatus and system based on electric power Internet of Things |
| CN110808951A (en) * | 2019-09-25 | 2020-02-18 | 国网思极网安科技(北京)有限公司 | Method and device for discovering abnormal behavior of terminal based on equipment image |
| CN110855605A (en) * | 2019-09-26 | 2020-02-28 | 山东鲁能软件技术有限公司 | Safety protection method, system, equipment and readable storage medium for terminal equipment |
| CN111147527A (en) * | 2020-03-09 | 2020-05-12 | 深信服科技股份有限公司 | Internet of things system and equipment authentication method, device, equipment and medium thereof |
-
2020
- 2020-06-16 CN CN202010550285.1A patent/CN111885106A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050138417A1 (en) * | 2003-12-19 | 2005-06-23 | Mcnerney Shaun C. | Trusted network access control system and method |
| CN109922160A (en) * | 2019-03-28 | 2019-06-21 | 全球能源互联网研究院有限公司 | A kind of terminal security cut-in method, apparatus and system based on electric power Internet of Things |
| CN110808951A (en) * | 2019-09-25 | 2020-02-18 | 国网思极网安科技(北京)有限公司 | Method and device for discovering abnormal behavior of terminal based on equipment image |
| CN110855605A (en) * | 2019-09-26 | 2020-02-28 | 山东鲁能软件技术有限公司 | Safety protection method, system, equipment and readable storage medium for terminal equipment |
| CN111147527A (en) * | 2020-03-09 | 2020-05-12 | 深信服科技股份有限公司 | Internet of things system and equipment authentication method, device, equipment and medium thereof |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112491888A (en) * | 2020-11-27 | 2021-03-12 | 深圳万物安全科技有限公司 | Method and system for preventing equipment from being falsely used |
| CN112468500A (en) * | 2020-11-28 | 2021-03-09 | 武汉零感网御网络科技有限公司 | Risk processing method and system based on multi-dimensional data dynamic change scene |
| CN112766891A (en) * | 2021-01-11 | 2021-05-07 | 东方网力科技股份有限公司 | Information acquisition method, device and equipment based on urban informatization equipment |
| CN113706100A (en) * | 2021-08-24 | 2021-11-26 | 国网辽宁省电力有限公司电力科学研究院 | Real-time detection and identification method and system for distribution network Internet of things terminal equipment |
| CN113706100B (en) * | 2021-08-24 | 2023-12-05 | 国网辽宁省电力有限公司电力科学研究院 | Real-time detection and identification method and system for Internet of things terminal equipment of power distribution network |
| CN114124436A (en) * | 2021-09-27 | 2022-03-01 | 广东电力信息科技有限公司 | APN access trusted computing management system based on electric power Internet of things universal terminal |
| CN114124436B (en) * | 2021-09-27 | 2024-01-16 | 广东电力信息科技有限公司 | APN access trusted computing management system based on electric power Internet of things universal terminal |
| CN114338373A (en) * | 2021-12-16 | 2022-04-12 | 中国电信股份有限公司 | Network element configuration data storage method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111885106A (en) | Internet of things safety management and control method and system based on terminal equipment characteristic information | |
| CN111935170B (en) | Network abnormal flow detection method, device and equipment | |
| CN112260861A (en) | Network asset topology identification method based on flow perception | |
| CN107135093B (en) | Internet of things intrusion detection method and detection system based on finite automaton | |
| CN111277570A (en) | Data security monitoring method and device, electronic equipment and readable medium | |
| CN101572691B (en) | Method, system and device for intrusion detection | |
| KR101391781B1 (en) | Apparatus and Method for Detecting HTTP Botnet based on the Density of Web Transaction | |
| EP3905622A1 (en) | Botnet detection method and system, and storage medium | |
| CN107360118B (en) | Advanced persistent threat attack protection method and device | |
| CN111683097A (en) | Cloud network flow monitoring system based on two-stage architecture | |
| CN107733867B (en) | Botnet discovery and protection method, system and storage medium | |
| CN113328985B (en) | Passive Internet of things equipment identification method, system, medium and equipment | |
| CN109587156A (en) | Abnormal network access connection identification and blocking-up method, system, medium and equipment | |
| DE202022102631U1 (en) | Intelligent defense system against distributed Denial of Service (DDoS) attacks in Internet of Things (IoT) networks | |
| CN111654486A (en) | Server equipment judgment and identification method | |
| WO2020027250A1 (en) | Infection spread attack detection device, attack origin specification method, and program | |
| CN114598499A (en) | Network risk behavior analysis method combined with business application | |
| CN111368595A (en) | System for identifying equipment fingerprint | |
| CN111478925B (en) | Port scanning detection method and system applied to industrial control environment | |
| CN115190056B (en) | Method, device and equipment for identifying and analyzing programmable flow protocol | |
| CN116170227A (en) | Flow abnormality detection method and device, electronic equipment and storage medium | |
| CN113595958B (en) | Security detection system and method for Internet of things equipment | |
| CN109309679A (en) | A kind of Network scan detection method and detection system based on TCP flow state | |
| CN112565259B (en) | Method and device for filtering DNS tunnel Trojan communication data | |
| CN111901138B (en) | Visual auditing method for illegal access of industrial network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201103 |