CN111885191B - Computer network communication system - Google Patents
Computer network communication system Download PDFInfo
- Publication number
- CN111885191B CN111885191B CN202010752929.5A CN202010752929A CN111885191B CN 111885191 B CN111885191 B CN 111885191B CN 202010752929 A CN202010752929 A CN 202010752929A CN 111885191 B CN111885191 B CN 111885191B
- Authority
- CN
- China
- Prior art keywords
- computer
- terminal
- terminal computer
- file
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a computer network communication system, which relates to the technical field of computer networks and comprises a terminal computer and a monitoring computer, wherein the terminal computer and the monitoring computer form a local area network through exchange equipment, the terminal computer acquires the use state information of a user in the use process, and the monitoring computer calculates the comprehensive security score of each terminal computer according to the use state information and sends the comprehensive security score to the corresponding terminal computer. When a certain terminal computer initiates sharing, the comprehensive security scores of other terminal computers are marked on the corresponding terminal computer, so that a user can intuitively know the security of each terminal computer, and the security of the shared file is improved from the source.
Description
Technical Field
The invention relates to the technical field of computer networks, in particular to a computer network communication system.
Background
The computer network is a network formed by a large number of computers and network equipment, a network type computer system is widely applied to places such as enterprises, universities, government units and the like, computers in the network can conveniently share files, and management work of the computers is also convenient.
When sharing files in a local area network, it is a common practice that a computer selects a computer having access authority over the files to be shared, and thereafter the selected computer can access the designated files in the shared computer at any time within the local area network. The files are transmitted in the local area network in a sharing mode, the transmission speed is high, the files do not pass through the external network equipment, and the safety can be guaranteed.
However, when the number of computers in the local area network is large, at least a part of the computers are connected to the internet, which results in that the security of each computer is unknown, and if the file is falsely shared to the computer which is not in the knowledge, a security risk is caused to the file and even the shared computer.
Disclosure of Invention
The embodiment of the invention provides a computer network communication system, which can solve the problems in the prior art.
The invention provides a computer network communication system, which comprises a plurality of terminal computers, exchange equipment and a monitoring computer, wherein the terminal computers are connected to the exchange equipment to form a local area network, and the monitoring computer is also connected with the exchange equipment;
the terminal computers send the use state information to the monitoring computer through the exchange equipment, and the monitoring computer analyzes and determines the comprehensive security score of each terminal computer according to the use state information of each terminal computer and sends the comprehensive security score to the corresponding terminal computer through the exchange equipment;
when one terminal computer carries out file sharing, the terminal computer marks the comprehensive security scores of other terminal computers in the local area network on the corresponding terminal computer so as to bring convenience to the attention of a user who initiates sharing.
Preferably, the usage state information includes file transmission and reception information including the number of times of transmitting and receiving files through the mobile device, the local area network, and the internet and characteristic information of the transmitted and received files, the characteristic information of the transmitted and received files including high frequency words in the transmitted and received files and the number of times of occurrence of each high frequency word;
the monitoring computer determines the file receiving and sending attributes of the terminal computer by adopting a high-frequency word counting and template comparison mode on the file receiving and sending information, and then determines the file receiving and sending safety score of the terminal computer according to the times of receiving and sending files in a calculation grade corresponding to the file receiving and sending attributes; and after the security score of the receiving and sending file is obtained, the monitoring computer calculates the comprehensive security score.
Preferably, the usage state information includes web browsing information and attack information, the web browsing information includes web page browsing times, application program browsing times and network address information, and the attack information includes network address information and attacked times;
the monitoring computer determines the network attribute of the terminal computer by comparing the black list and the white list of the network address information in the network browsing information and the attack information, and then determines the network security evaluation of the terminal computer according to the frequency information in the calculation level corresponding to the network attribute; and after the network security score is obtained, the monitoring computer calculates the comprehensive security score.
Preferably, the terminal computer collects information of the installed application programs and frequency information of each application program used by the user, and after obtaining the information, the terminal computer sends the information to the monitoring computer;
the monitoring computer determines the local security attribute of the terminal computer by using a black and white list comparison mode for the application program name for the information of the application program and the use frequency installed by the terminal computer, and then determines the local security score of the terminal computer according to the use frequency in the calculation level corresponding to the local security attribute; and after the local safety score is obtained, the monitoring computer calculates the comprehensive safety score.
Preferably, the monitoring computer calculates and obtains the security scores of multiple aspects of the terminal computer according to the using state information, and the comprehensive security score is calculated and obtained according to the security scores;
and the monitoring computer sends the safety scores and the comprehensive safety scores to the terminal computer.
Preferably, the terminal computer marks the comprehensive security score and the security score of each aspect on the corresponding terminal computer, so that the user can conveniently view the comprehensive security score and the security score of each aspect in a targeted manner.
Preferably, after the user selects the shared file, the terminal computer performs feature analysis on the shared file to determine the attribute of the file, and then judges the sensitive security of the shared file;
and after the sensitive safety of the shared file is obtained, the terminal computers mark or classify other terminal computers according to the grading details of each terminal computer.
Preferably, after the user selects a terminal computer having a sharing qualification, the terminal computer initiating the sharing copies the shared file into the secure space, and takes the file in the secure space as the shared file.
Preferably, after the terminal computer with sharing qualification acquires the shared file from the terminal computer initiating sharing, the terminal computer with sharing qualification monitors the operation behavior of the user on the shared file in real time, analyzes the security of the operation behavior, and determines whether the operation behavior of the user on the shared file is dangerous;
and if the danger exists, recording the operation behavior of the user in the monitoring computer through the exchange equipment.
Preferably, the terminal computer having the sharing qualification also transmits the operation behavior of the user to the terminal computer initiating the sharing.
The invention relates to a computer network communication system, which comprises a terminal computer and a monitoring computer, wherein the terminal computer and the monitoring computer form a local area network through exchange equipment, the terminal computer acquires the use state information of a user in the use process, and the monitoring computer calculates the comprehensive security score of each terminal computer according to the use state information and sends the comprehensive security score to the corresponding terminal computer. When a certain terminal computer initiates sharing, the comprehensive security scores of other terminal computers are marked on the corresponding terminal computer, so that a user can intuitively know the security of each terminal computer, and the security of the shared file is improved from the source.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic diagram illustrating a computer network communication system according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention provides a computer network communication system including a terminal computer 100, a switching device 200, and a monitoring computer 300. The number of the terminal computers 100 is plural, each of which is connected to the switching device 200 to form a local area network, and at least a part of the plural terminal computers 100 is also connected to the internet through the switching device 200. The monitoring computer 300 is also connected to the switching device 200, and thus the monitoring computer 300 is also in a local area network.
The terminal computer 100 is used by a user in a local area network, and the monitoring computer 300 is kept in a normally open state to monitor the security state of the terminal computer 100.
When the terminal computers 100 are used daily, the exchange device 200 periodically sends the use status information to the monitoring computer 300, and the monitoring computer 300 stores the use status information sent by each terminal computer 100. In this embodiment, the usage state information includes file transceiving information including the number of times of transceiving files through the mobile device, the local area network, and the internet and the characteristic information of the transceiving files including the number of times of occurrence of high frequency words and each high frequency word in the transceiving files, web browsing information including the number of times of browsing various web pages, applications, and the like and network address information, attack suffered information including network address information and the number of times of attack, and the like.
In order to further understand whether there is a risk in the operation of the user using the terminal computer 100, the terminal computer 100 collects information of installed applications and information of frequency of use of each application by the user, and the terminal computer 100 transmits the information to the monitoring computer 300.
After the monitoring computer 300 receives the information, it analyzes the information to determine a composite security score for each terminal computer 100. Specifically, the file transmission and reception attributes of the terminal computer 100 may be determined by performing high-frequency word statistics and template comparison on file transmission and reception information, and then determining the file transmission and reception security score of the terminal computer 100 according to the number of times of file transmission and reception in the calculation level corresponding to the file transmission and reception attributes. And determining the network attribute of the terminal computer by comparing the black list and the white list with the network address information in the network browsing information and the attack information, and then determining the network security evaluation of the terminal computer 100 according to the frequency information in the calculation level corresponding to the network attribute.
For the application installed in the terminal computer 100 and the information of the use frequency, the monitoring computer 300 determines the local security attribute of the terminal computer 100 by comparing the black list and the white list with respect to the application name, and then determines the local security score of the terminal computer 100 according to the use frequency in the calculation level corresponding to the local security attribute.
Finally, the monitoring computer 300 combines the security score of the received and transmitted file, the network security score and the local security score together to calculate a comprehensive security score. After obtaining the comprehensive security score of each terminal computer 100, the monitoring computer 300 further sends the comprehensive security score to the corresponding terminal computer 100 through the switching device 200.
When a user of a certain terminal computer 100 performs file sharing, the terminal computer 100 marks the comprehensive security score of other terminal computers 100 in the local area network on the corresponding terminal computer 100, so as to facilitate the user initiating the sharing to pay attention. In other embodiments, the corresponding colors may be marked on other terminal computers 100 according to the comprehensive security score, so that the user can distinguish the terminal computers 100 with different security levels conveniently.
When the monitoring computer 300 sends the comprehensive security score to the terminal computer 100, the security score of the received/transmitted file, the network security score and the local security score may all be sent to the corresponding terminal computer 100. When the sharing is initiated, if the sharer has a question about the comprehensive security score, the detailed scoring details can be checked to determine whether to share the file to a specific terminal computer 100.
The terminal computer 100 further performs a feature analysis on the file after the user selects the file to be shared, so as to determine the attribute of the file, and then determines to which aspect of security the shared file is most sensitive, and the determination result is that the shared file is most sensitive to the security of the file to be transmitted or received, the security of the network, or the security of the local area, or is not sensitive. After obtaining the sensitive security of the shared file, the terminal computer 100 automatically marks or classifies other terminal computers 100 according to the scoring details of each terminal computer 100, so that the sharer can quickly know the security of the other terminal computers 100 to the current shared file.
After the user selects the terminal computer 100 having the sharing qualification, the terminal computer 100 initiating the sharing copies the shared file into the secure space, and takes the file existing in the secure space as the shared file. The terminal computer 100 that simultaneously initiates sharing transmits a sharing alert message to each terminal computer 100 qualified for sharing through the switching device 200. In this embodiment, the secure space is an area separately established on a hard disk of the terminal computer 100, and may be a hidden partition or a separate hard disk.
After the terminal computer 100 with sharing qualification acquires the shared file from the terminal computer 100 initiating the sharing, the terminal computer 100 with sharing qualification also monitors the operation behavior of the user on the shared file in real time, performs security analysis on the operation behavior, and determines whether the operation behavior of the user on the shared file is dangerous. If there is a danger, the operation behavior of the user is recorded in the monitoring computer 300 through the exchange device 200, and at the same time, the operation behavior of the user is also transmitted to the terminal computer 100 initiating the sharing, so that the sharer can know the operation behavior of the shared file by the sharee.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (8)
1. A computer network communication system is characterized by comprising a plurality of terminal computers, exchange equipment and a monitoring computer, wherein the terminal computers are connected to the exchange equipment to form a local area network, and the monitoring computer is also connected with the exchange equipment;
the terminal computers send the use state information to the monitoring computer through the exchange equipment, and the monitoring computer analyzes and determines the comprehensive security score of each terminal computer according to the use state information of each terminal computer and sends the comprehensive security score to the corresponding terminal computer through the exchange equipment;
when one terminal computer carries out file sharing, the terminal computer marks the comprehensive security scores of other terminal computers in the local area network on the corresponding terminal computer so as to bring convenience to the attention of a user who initiates the sharing;
the monitoring computer calculates and obtains the safety scores of multiple aspects of the terminal computer according to the using state information, and the comprehensive safety score is calculated and obtained according to the safety scores;
the monitoring computer sends the safety scores and the comprehensive safety scores to the terminal computer;
after the user selects the shared file, the terminal computer performs characteristic analysis on the shared file to determine the attribute of the file, and then judges the sensitive safety of the shared file;
and after the sensitive safety of the shared file is obtained, the terminal computers mark or classify other terminal computers according to the grading details of each terminal computer.
2. A computer network communication system as claimed in claim 1, wherein the usage state information includes file transceive information including the number of times of transceiving files through the mobile device, the local area network and the internet and the characteristic information of the transceived files, the characteristic information of the transceived files including high frequency words in the transceived files and the number of times each high frequency word occurs;
the monitoring computer determines the file receiving and sending attributes of the terminal computer by adopting a high-frequency word counting and template comparison mode on the file receiving and sending information, and then determines the file receiving and sending safety score of the terminal computer according to the times of receiving and sending files in a calculation grade corresponding to the file receiving and sending attributes; and after the security score of the receiving and sending file is obtained, the monitoring computer calculates the comprehensive security score.
3. A computer network communication system according to claim 1, wherein said usage state information includes web browsing information including the number of times a web page is browsed, an application program and network address information, and hacking information including the number of times a web page is browsed and hacked;
the monitoring computer determines the network attribute of the terminal computer by comparing the black list and the white list of the network address information in the network browsing information and the attack information, and then determines the network security evaluation of the terminal computer according to the frequency information in the calculation level corresponding to the network attribute; and after the network security score is obtained, the monitoring computer calculates the comprehensive security score.
4. A computer network communication system as claimed in claim 1, wherein said terminal computer collects information on installed applications and frequency of use of each application by a user, and after obtaining the information, said terminal computer transmits it to a monitoring computer;
the monitoring computer determines the local security attribute of the terminal computer by using a black and white list comparison mode for the application program name for the information of the application program and the use frequency installed by the terminal computer, and then determines the local security score of the terminal computer according to the use frequency in the calculation level corresponding to the local security attribute; and after the local safety score is obtained, the monitoring computer calculates the comprehensive safety score.
5. The computer network communication system of claim 1, wherein said terminal computers mark the composite security score and the security score for each aspect on the corresponding terminal computer for easy user-directed viewing.
6. A computer network communication system as claimed in claim 1, wherein, after the user selects a terminal computer qualified for sharing, the terminal computer initiating the sharing copies the shared file into the secure space and treats the file in the secure space as the shared file.
7. The computer network communication system according to claim 6, wherein after the terminal computer with sharing qualification acquires the shared file from the terminal computer initiating the sharing, the terminal computer with sharing qualification monitors the operation behavior of the user on the shared file in real time, and performs security analysis on the operation behavior to determine whether the operation behavior of the user on the shared file is dangerous;
and if the danger exists, recording the operation behavior of the user in the monitoring computer through the exchange equipment.
8. A computer network communication system as claimed in claim 7, wherein the sharing-eligible end computers also transmit the user's action to the sharing-initiating end computer.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010752929.5A CN111885191B (en) | 2020-07-30 | 2020-07-30 | Computer network communication system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010752929.5A CN111885191B (en) | 2020-07-30 | 2020-07-30 | Computer network communication system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111885191A CN111885191A (en) | 2020-11-03 |
CN111885191B true CN111885191B (en) | 2021-08-17 |
Family
ID=73205719
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010752929.5A Active CN111885191B (en) | 2020-07-30 | 2020-07-30 | Computer network communication system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111885191B (en) |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107733895A (en) * | 2017-10-19 | 2018-02-23 | 国云科技股份有限公司 | A kind of method for quantitatively evaluating of cloud computing platform safety |
CN110914809A (en) * | 2017-07-19 | 2020-03-24 | 国际商业机器公司 | Compliance-aware runtime generation based on application schema and risk assessment |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4146653B2 (en) * | 2002-02-28 | 2008-09-10 | 株式会社日立製作所 | Storage device |
CN103260161B (en) * | 2008-02-29 | 2016-01-27 | 华为技术有限公司 | A kind of method for evaluating security state of terminal, the network equipment and system |
CN102413011B (en) * | 2011-11-18 | 2015-09-30 | 北京奇虎科技有限公司 | A kind of method and system of LAN safety assessment |
CN102572832B (en) * | 2012-02-08 | 2015-02-04 | 华为终端有限公司 | Secure sharing method and mobile terminal |
-
2020
- 2020-07-30 CN CN202010752929.5A patent/CN111885191B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110914809A (en) * | 2017-07-19 | 2020-03-24 | 国际商业机器公司 | Compliance-aware runtime generation based on application schema and risk assessment |
CN107733895A (en) * | 2017-10-19 | 2018-02-23 | 国云科技股份有限公司 | A kind of method for quantitatively evaluating of cloud computing platform safety |
Also Published As
Publication number | Publication date |
---|---|
CN111885191A (en) | 2020-11-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US12047396B2 (en) | System and method for monitoring security attack chains | |
CN110620759B (en) | Multi-dimensional association-based network security event hazard index evaluation method and system | |
Gisdakis et al. | SHIELD: A data verification framework for participatory sensing systems | |
KR100745044B1 (en) | Apparatus and method for protecting access of phishing site | |
CN111586046A (en) | Network traffic analysis method and system combining threat intelligence and machine learning | |
Yen et al. | Browser fingerprinting from coarse traffic summaries: Techniques and implications | |
Cao et al. | Dipot: A distributed industrial honeypot system | |
CN114615016B (en) | Enterprise network security assessment method and device, mobile terminal and storage medium | |
CN112769833B (en) | Method and device for detecting command injection attack, computer equipment and storage medium | |
CN117478433B (en) | Network and information security dynamic early warning system | |
US20200244693A1 (en) | Systems and methods for cybersecurity risk assessment of users of a computer network | |
US11228485B2 (en) | Dynamic action dashlet for real-time systems operation management | |
US11930030B1 (en) | Detecting and responding to malicious acts directed towards machine learning models | |
JP2021027505A (en) | Monitoring device, monitoring method, and monitoring program | |
CN108092970A (en) | A kind of wireless network maintaining method and its equipment, storage medium, terminal | |
GB2575755A (en) | Assessment program, assessment method, and information processing device | |
CN107046516A (en) | A kind of air control control method and device for recognizing mobile terminal identity | |
CN114329450A (en) | Data security processing method, device, equipment and storage medium | |
CN110381047B (en) | Network attack surface tracking method, server and system | |
CN110365673B (en) | Method, server and system for isolating network attack plane | |
CN111885191B (en) | Computer network communication system | |
CN108667642A (en) | A kind of risk balance device of the server based on risk assessment | |
CN115952563A (en) | Data security communication system based on Internet of things | |
US20240333748A1 (en) | Information management system, information management method, and information sharing system | |
CN109067764A (en) | A kind of method and device for establishing equipment list item |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |