CN112073391A - Method and device for monitoring network traffic - Google Patents
Method and device for monitoring network traffic Download PDFInfo
- Publication number
- CN112073391A CN112073391A CN202010863923.5A CN202010863923A CN112073391A CN 112073391 A CN112073391 A CN 112073391A CN 202010863923 A CN202010863923 A CN 202010863923A CN 112073391 A CN112073391 A CN 112073391A
- Authority
- CN
- China
- Prior art keywords
- data
- picture
- network traffic
- illegal information
- acquiring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 52
- 238000012544 monitoring process Methods 0.000 title claims abstract description 47
- 238000000605 extraction Methods 0.000 claims abstract description 8
- 238000004590 computer program Methods 0.000 claims description 10
- 239000000126 substance Substances 0.000 claims description 2
- 238000012545 processing Methods 0.000 abstract description 8
- 238000012790 confirmation Methods 0.000 abstract description 6
- 238000005516 engineering process Methods 0.000 description 4
- 238000001514 detection method Methods 0.000 description 3
- 238000003062 neural network model Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 238000013075 data extraction Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000644 propagated effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/308—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information retaining data, e.g. retaining successful, unsuccessful communication attempts, internet access, or e-mail, internet telephony, intercept related information or call content
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/24—Traffic characterised by specific attributes, e.g. priority or QoS
- H04L47/2441—Traffic characterised by specific attributes, e.g. priority or QoS relying on flow classification, e.g. using integrated services [IntServ]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Technology Law (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method and a device for monitoring network flow, wherein the method comprises the following steps: monitoring network flow, and extracting characteristics of the monitored flow; acquiring the data type of the network flow according to the result of the feature extraction; acquiring data with a data type of network flow as a specified data type and storing the data; identifying the stored data, and judging whether the stored data has illegal information or not; if the illegal information exists, reporting the data to a manual identification system, acquiring an identification result of the manual identification system, and executing corresponding operation on the data according to the identification result; and if the illegal information does not exist, deleting the data. According to the embodiment of the invention, illegal information such as pornography and the like is screened by capturing the picture and the streaming media, generated and reported, and corresponding operation is executed after manual secondary confirmation, so that the labor cost is reduced, and the processing efficiency of illegal information in the network is improved.
Description
Technical Field
The present invention relates to the field of network security technologies, and in particular, to a method and an apparatus for monitoring network traffic.
Background
The network technology integrates the dispersed resources on the Internet into an organic whole, realizes the comprehensive sharing and organic cooperation of the resources, and enables people to transparently use the integral capability of the resources and acquire information as required; resources include high performance computers, storage resources, data resources, information resources, knowledge resources, expert resources, large databases, networks, sensors, and the like.
With the development of network technology, the network technology is more and more applied in life, and various services and services are provided for people. However, there are often lawless persons using network traffic to distribute data such as pictures or videos containing illegal information. The existing illegal information identification method mainly depends on manual work to monitor picture or video content, submit information after monitoring illegal information, or manually process data such as pictures or videos containing illegal information after being reported by network users, which consumes a large amount of labor cost and has low processing efficiency.
Accordingly, the prior art is yet to be improved and developed.
Disclosure of Invention
In view of the above deficiencies of the prior art, an object of the present invention is to provide a method and an apparatus for monitoring network traffic, which are used to solve the technical problems of high labor cost and low processing efficiency in the prior art that an illegal information identification method mainly relies on manual monitoring of picture or video content, submits information after monitoring illegal information, or processes data such as picture or video containing illegal information manually after being reported by a network user.
The technical scheme of the invention is as follows:
a method of monitoring network traffic, the method comprising:
monitoring network flow, and extracting characteristics of the monitored flow;
acquiring the data type of the network flow according to the result of the feature extraction;
acquiring data with a data type of network flow as a specified data type and storing the data;
identifying the stored data, and judging whether the stored data has illegal information or not;
if the illegal information exists, reporting the data to a manual identification system, acquiring an identification result of the manual identification system, and executing corresponding operation on the data according to the identification result;
and if the illegal information does not exist, deleting the data.
Further, the acquiring the data type of the network traffic as the data of the specified data type for storage includes:
and when the data type of the network flow is detected to be picture and/or streaming media data, storing the network flow.
Further preferably, when the data type of the detected network traffic is a picture,
the storing the network traffic includes:
and storing the picture locally.
Further preferably, when the data type of the detected network traffic is streaming media data,
the storing the network traffic includes:
and converting the streaming media data into pictures, and storing the pictures to the local.
Preferably, the identifying the stored data and determining whether the stored data has illegal information includes:
and acquiring a locally stored picture, carrying out image recognition on the picture, and judging whether the picture has illegal information according to an image recognition result.
Further, if there is illegal information, reporting the data to the manual identification system, obtaining an identification result of the manual identification system, and performing corresponding operations on the data according to the identification result, including:
if the picture has illegal information, reporting the picture to a manual identification system;
acquiring a manual identification result of a manual identification system;
if the manual identification result is that the picture has illegal information, monitoring the flow direction of the picture in the network;
and if the manual identification result is that the picture does not have illegal information, marking the current picture as false alarm.
Further, the monitoring the flow direction of the picture in the network further includes:
and acquiring a picture source, and tracking the IP of the picture source.
Another embodiment of the present invention provides an apparatus for monitoring network traffic, the apparatus comprising at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method for monitoring network traffic described above.
Yet another embodiment of the present invention provides a non-transitory computer-readable storage medium storing computer-executable instructions that, when executed by one or more processors, cause the one or more processors to perform the above-described method of monitoring network traffic.
Another embodiment of the invention provides a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions which, when executed by a processor, cause the processor to perform the above-described method of monitoring network traffic.
Has the advantages that: according to the embodiment of the invention, illegal information such as pornography and the like is screened by capturing the picture and the streaming media, generated and reported, and corresponding operation is executed after manual secondary confirmation, so that the labor cost is reduced, and the processing efficiency of illegal information in the network is improved.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a flow chart of a preferred embodiment of a method for monitoring network traffic in accordance with the present invention;
fig. 2 is a schematic hardware structure diagram of an apparatus for monitoring network traffic according to a preferred embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and effects of the present invention clearer and clearer, the present invention is described in further detail below. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. Embodiments of the present invention will be described below with reference to the accompanying drawings.
The embodiment of the invention provides a method for monitoring network traffic. Referring to fig. 1, fig. 1 is a flowchart illustrating a method for monitoring network traffic according to a preferred embodiment of the present invention. As shown in fig. 1, it includes the steps of:
s100, monitoring network flow, and extracting characteristics of the monitored flow;
s200, acquiring the data type of the network flow according to the result of the feature extraction;
step S300, acquiring data of which the data type of the network flow is the data of the specified data type and storing the data;
step S400, identifying the stored data, judging whether the stored data has illegal information, if so, executing step S500, and if not, executing step S600;
s500, reporting the data to a manual identification system, acquiring an identification result of the manual identification system, and executing corresponding operation on the data according to the identification result;
and step S600, deleting the data.
In specific implementation, the embodiment of the invention mainly monitors the network flow. The network traffic refers to network data such as pictures, streaming media, and characters in the network. The illegal information in the embodiment of the invention includes but is not limited to pornography and other information. In the prior art, illegal information detection is not available, and the success rate of mass data extraction and illegal image identification cannot be realized.
The embodiment of the invention controls the network flow to extract the characteristics of the monitored flow, taking P2P flow as an example, wherein the characteristic extraction technical algorithm of P2P flow data comprises a Port identification method, a deep packet detection identification method, a deep flow detection identification method, a TCP/UDP identification method and an IP Port identification method. The specific algorithms are prior art and will not be described here.
And acquiring the data type of the current network flow according to the result of the feature extraction. And when the data type of the network flow is the specified data type, storing the data, and when the data of the network flow is not the specified data type, discarding the data and not processing the data.
Identifying the stored data, and judging whether illegal information such as pornography is stored in the stored data according to the identification result;
if the illegal information exists, the data is reported to a manual identification system, the illegal information is confirmed again manually, and the data is operated according to the confirmation result.
And if the illegal information does not exist, deleting the stored data, and reducing the storage pressure of the memory.
Further, acquiring the data type of the network traffic as the data of the specified data type for storage, including:
and when the data type of the network flow is detected to be picture and/or streaming media data, storing the network flow.
In specific implementation, the designated data in the embodiment of the present invention mainly refers to pictures and streaming media data. And when the pictures and/or the streaming media data are detected, storing the network traffic.
Further, when it is detected that the data type of the network traffic is a picture, the storing the network traffic includes: and storing the picture locally.
When the method is specifically implemented, if the currently detected data type is a picture, the picture is directly stored locally, and convenience is provided for further confirmation.
Further, when the data type of the network traffic is detected to be streaming media data,
the storing the network traffic includes:
and converting the streaming media data into pictures, and storing the pictures to the local.
In specific implementation, if the data type of the network traffic is streaming media, the streaming media data is analyzed into pictures, and the analyzed pictures are stored locally.
Further, identifying the stored data and judging whether the stored data has illegal information includes:
and acquiring a locally stored picture, carrying out image recognition on the picture, and judging whether the picture has illegal information according to an image recognition result.
And in specific implementation, whether the picture has illegal information is judged through image identification. Specifically, a neural network model can be trained according to the characteristics of the illegal information by presetting the characteristics of the illegal information, and a target neural network model with the function of identifying the illegal information is generated. And identifying the locally stored picture through the target neural network model, and judging whether the picture has illegal information according to an identification result.
Further, if there is illegal information, reporting the data to the manual identification system, obtaining the identification result of the manual identification system, and performing corresponding operations on the data according to the identification result, including:
if the picture has illegal information, reporting the picture to a manual identification system;
acquiring a manual identification result of a manual identification system;
if the manual identification result is that the picture has illegal information, monitoring the flow direction of the picture in the network;
and if the manual identification result is that the picture does not have illegal information, marking the current picture as false alarm.
In specific implementation, if the picture has illegal information, a manual identification system is reported on the picture, whether the picture has illegal information is identified manually, and if the picture has illegal information, the picture needs to be subjected to flow direction monitoring processing;
and if the picture is judged to have no illegal information manually, marking the current picture as false alarm.
In a further embodiment, monitoring the flow direction of the picture in the network further includes:
and acquiring a picture source, and tracking the IP of the picture source.
In specific implementation, when the picture has the illegal information, an initial propagation source of the picture is obtained, an IP of the picture source is obtained, the IP of the picture source is tracked, the position of the IP is determined, the IP is further monitored, and if the picture or the streaming media containing the illegal information is continuously propagated, the IP can be sealed, a server where the IP is located is obtained, and the server is monitored. The embodiment of the invention can be used for capturing the streaming media and generating the image for discriminating the pornography and other information by a technical means through deploying the monitoring application in the gateway, reporting the information, reporting the police after manual secondary confirmation, early warning the illegal events such as the network pornography and tracing the address and personnel of the illegal server.
As can be seen from the above method embodiments, the embodiments of the present invention provide a method for monitoring network traffic, where the method monitors the network traffic and performs feature extraction on the monitored traffic; acquiring the data type of the network flow according to the result of the feature extraction; acquiring data with a data type of network flow as a specified data type and storing the data; identifying the stored data, and judging whether the stored data has illegal information or not; if the illegal information exists, reporting the data to a manual identification system, acquiring an identification result of the manual identification system, and executing corresponding operation on the data according to the identification result; and if the illegal information does not exist, deleting the data. According to the embodiment of the invention, illegal information such as pornography and the like is screened by capturing the picture and the streaming media, generated and reported, and corresponding operation is executed after manual secondary confirmation, so that the labor cost is reduced, and the processing efficiency of illegal information in the network is improved.
It should be noted that, a certain order does not necessarily exist between the above steps, and those skilled in the art can understand, according to the description of the embodiment of the present invention, that in different embodiments, the above steps may have different execution orders, that is, may be executed in parallel, may be executed interchangeably, and the like.
Another embodiment of the present invention provides an apparatus for monitoring network traffic, as shown in fig. 2, the apparatus 10 includes:
one or more processors 110 and a memory 120, where one processor 110 is illustrated in fig. 2, the processor 110 and the memory 120 may be connected by a bus or other means, and the connection by the bus is illustrated in fig. 2.
The processor 110 is used to implement the various control logic of the apparatus 10, which may be a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA), a single chip, an ARM (Acorn RISC machine) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination of these components. Also, the processor 110 may be any conventional processor, microprocessor, or state machine. Processor 110 may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
The memory 120 is a non-volatile computer-readable storage medium, and can be used to store non-volatile software programs, non-volatile computer-executable programs, and modules, such as program instructions corresponding to the method for monitoring network traffic in the embodiment of the present invention. The processor 110 executes various functional applications and data processing of the apparatus 10 by executing the nonvolatile software programs, instructions and units stored in the memory 120, that is, implements the method for monitoring network traffic in the above method embodiment.
The memory 120 may include a storage program area and a storage data area, wherein the storage program area may store an application program required for operating the device, at least one function; the storage data area may store data created according to the use of the device 10, and the like. Further, the memory 120 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some embodiments, memory 120 optionally includes memory located remotely from processor 110, which may be connected to device 10 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
One or more units are stored in the memory 120, and when executed by the one or more processors 110, perform the method for monitoring network traffic in any of the above-described method embodiments, for example, performing the above-described method steps S100 to S600 in fig. 1.
Embodiments of the present invention provide a non-transitory computer-readable storage medium storing computer-executable instructions for execution by one or more processors, for example, to perform method steps S100-S600 in fig. 1 described above.
By way of example, non-volatile storage media can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), electrically erasable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM), which acts as external cache memory. By way of illustration and not limitation, RAM is available in many forms such as Synchronous RAM (SRAM), dynamic RAM, (DRAM), Synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), Enhanced SDRAM (ESDRAM), Synchlink DRAM (SLDRAM), and Direct Rambus RAM (DRRAM). The disclosed memory components or memory of the operating environment described herein are intended to comprise one or more of these and/or any other suitable types of memory.
Another embodiment of the present invention provides a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions which, when executed by a processor, cause the processor to perform the method of monitoring network traffic of the above-described method embodiment. For example, the method steps S100 to S600 in fig. 1 described above are performed.
The above-described embodiments are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the embodiment.
Through the above description of the embodiments, those skilled in the art will clearly understand that the embodiments may be implemented by software plus a general hardware platform, and may also be implemented by hardware. Based on such understanding, the above technical solutions essentially or contributing to the related art can be embodied in the form of a software product, which can be stored in a computer-readable storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and includes several instructions for enabling a computer device (which can be a personal computer, a server, or a network device, etc.) to execute the methods of the various embodiments or some parts of the embodiments.
Conditional language such as "can," "might," or "may" is generally intended to convey that a particular embodiment can include (yet other embodiments do not include) particular features, elements, and/or operations, among others, unless specifically stated otherwise or otherwise understood within the context as used. Thus, such conditional language is also generally intended to imply that features, elements, and/or operations are in any way required for one or more embodiments or that one or more embodiments must include logic for deciding, with or without input or prompting, whether such features, elements, and/or operations are included or are to be performed in any particular embodiment.
What has been described herein in the specification and drawings includes examples of methods and apparatus that can provide for monitoring network traffic. It will, of course, not be possible to describe every conceivable combination of components and/or methodologies for purposes of describing the various features of the disclosure, but it can be appreciated that many further combinations and permutations of the disclosed features are possible. It is therefore evident that various modifications can be made to the disclosure without departing from the scope or spirit thereof. In addition, or in the alternative, other embodiments of the disclosure may be apparent from consideration of the specification and drawings and from practice of the disclosure as presented herein. It is intended that the examples set forth in this specification and the drawings be considered in all respects as illustrative and not restrictive. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.
Claims (10)
1. A method of monitoring network traffic, the method comprising:
monitoring network flow, and extracting characteristics of the monitored flow;
acquiring the data type of the network flow according to the result of the feature extraction;
acquiring data with a data type of network flow as a specified data type and storing the data;
identifying the stored data, and judging whether the stored data has illegal information or not;
if the illegal information exists, reporting the data to a manual identification system, acquiring an identification result of the manual identification system, and executing corresponding operation on the data according to the identification result;
and if the illegal information does not exist, deleting the data.
2. The method for monitoring network traffic according to claim 1, wherein the acquiring data type of the network traffic is storing data of a specified data type, and the method includes:
and when the data type of the network flow is detected to be picture and/or streaming media data, storing the network flow.
3. The method for monitoring network traffic of claim 2, wherein if the data type of the network traffic is detected as a picture,
the storing the network traffic includes:
and storing the picture locally.
4. The method for monitoring network traffic according to claim 2, wherein when the data type of the network traffic is detected to be streaming media data,
the storing the network traffic includes:
and converting the streaming media data into pictures, and storing the pictures to the local.
5. The method for monitoring network traffic according to claim 3 or 4, wherein the identifying the stored data and determining whether the stored data has illegal information comprises:
and acquiring a locally stored picture, carrying out image recognition on the picture, and judging whether the picture has illegal information according to an image recognition result.
6. The method for monitoring network traffic according to claim 5, wherein if there is illegal information, reporting the data to the manual identification system, obtaining an identification result of the manual identification system, and performing corresponding operations on the data according to the identification result, includes:
if the picture has illegal information, reporting the picture to a manual identification system;
acquiring a manual identification result of a manual identification system;
if the manual identification result is that the picture has illegal information, monitoring the flow direction of the picture in the network;
and if the manual identification result is that the picture does not have illegal information, marking the current picture as false alarm.
7. The method for monitoring network traffic according to claim 6, wherein the monitoring the flow direction of the picture in the network further comprises:
and acquiring a picture source, and tracking the IP of the picture source.
8. An apparatus for monitoring network traffic, the apparatus comprising at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of monitoring network traffic of any of claims 1-7.
9. A non-transitory computer-readable storage medium storing computer-executable instructions that, when executed by one or more processors, cause the one or more processors to perform the method of monitoring network traffic of any one of claims 1-7.
10. A computer program product, characterized in that the computer program product comprises a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions which, when executed by a processor, cause the processor to carry out the method of monitoring network traffic according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010863923.5A CN112073391A (en) | 2020-08-25 | 2020-08-25 | Method and device for monitoring network traffic |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010863923.5A CN112073391A (en) | 2020-08-25 | 2020-08-25 | Method and device for monitoring network traffic |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112073391A true CN112073391A (en) | 2020-12-11 |
Family
ID=73659288
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010863923.5A Pending CN112073391A (en) | 2020-08-25 | 2020-08-25 | Method and device for monitoring network traffic |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112073391A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112700357A (en) * | 2020-12-22 | 2021-04-23 | 深圳市安络科技有限公司 | Network case data sharing method, device and equipment |
| CN114039741A (en) * | 2021-09-26 | 2022-02-11 | 深圳供电局有限公司 | Sniffing method, system and device for internet surfing behavior and readable storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101431434A (en) * | 2008-12-17 | 2009-05-13 | 中国移动通信集团四川有限公司 | Content monitoring and plugging system and method based on WAP |
| CN104486765A (en) * | 2014-12-22 | 2015-04-01 | 上海斐讯数据通信技术有限公司 | Wireless intrusion detecting system and detecting method |
| CN108319888A (en) * | 2017-01-17 | 2018-07-24 | 阿里巴巴集团控股有限公司 | The recognition methods of video type and device, terminal |
| CN110933049A (en) * | 2019-11-16 | 2020-03-27 | 杭州安恒信息技术股份有限公司 | Network illegal information monitoring method and system based on video capture |
| CN111259968A (en) * | 2020-01-17 | 2020-06-09 | 腾讯科技(深圳)有限公司 | Illegal image recognition method, device, equipment and computer readable storage medium |
-
2020
- 2020-08-25 CN CN202010863923.5A patent/CN112073391A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101431434A (en) * | 2008-12-17 | 2009-05-13 | 中国移动通信集团四川有限公司 | Content monitoring and plugging system and method based on WAP |
| CN104486765A (en) * | 2014-12-22 | 2015-04-01 | 上海斐讯数据通信技术有限公司 | Wireless intrusion detecting system and detecting method |
| CN108319888A (en) * | 2017-01-17 | 2018-07-24 | 阿里巴巴集团控股有限公司 | The recognition methods of video type and device, terminal |
| CN110933049A (en) * | 2019-11-16 | 2020-03-27 | 杭州安恒信息技术股份有限公司 | Network illegal information monitoring method and system based on video capture |
| CN111259968A (en) * | 2020-01-17 | 2020-06-09 | 腾讯科技(深圳)有限公司 | Illegal image recognition method, device, equipment and computer readable storage medium |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112700357A (en) * | 2020-12-22 | 2021-04-23 | 深圳市安络科技有限公司 | Network case data sharing method, device and equipment |
| CN114039741A (en) * | 2021-09-26 | 2022-02-11 | 深圳供电局有限公司 | Sniffing method, system and device for internet surfing behavior and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Kumar et al. | A distributed intrusion detection system to detect DDoS attacks in blockchain-enabled IoT network | |
| CN107294982B (en) | Webpage backdoor detection method and device and computer readable storage medium | |
| CN109067780B (en) | Crawler user detection method and device, computer equipment and storage medium | |
| CN112073391A (en) | Method and device for monitoring network traffic | |
| CN110602445B (en) | Video monitoring data acquisition method and device, computer equipment and storage medium | |
| KR20080037909A (en) | A method and a device for network-based internet worm detection with the vulnerability analysis and attack modeling | |
| CN111614599A (en) | Webshell detection method and device based on artificial intelligence | |
| CN110929589B (en) | Method, apparatus, computer apparatus and storage medium for identifying vehicle characteristics | |
| CN112822147B (en) | Method, system and equipment for analyzing attack chain | |
| KR102104397B1 (en) | Method, computing device and program for executing harmful object control | |
| US20230350945A1 (en) | Systems and methods for efficiently sending video metadata | |
| WO2020108268A1 (en) | Face recognition system, method and apparatus | |
| CN110942456B (en) | Tamper image detection method, device, equipment and storage medium | |
| WO2022078353A1 (en) | Vehicle driving state determination method and apparatus, and computer device and storage medium | |
| CN114398449B (en) | Data processing method, device, video monitoring system and storage medium | |
| CN113472803A (en) | Vulnerability attack state detection method and device, computer equipment and storage medium | |
| CN113949527A (en) | Abnormal access detection method and device, electronic equipment and readable storage medium | |
| CN111464526A (en) | Network intrusion detection method, device, equipment and readable storage medium | |
| CN111953665B (en) | Server attack access identification method and system, computer equipment and storage medium | |
| CN111046212A (en) | Traffic accident processing method and device and electronic equipment | |
| CN111049783A (en) | Network attack detection method, device, equipment and storage medium | |
| CN103944788A (en) | Unknown trojan detecting method based on network communication behaviors | |
| WO2023045196A1 (en) | Access request capturing method and apparatus, computer device, and storage medium | |
| CN110795980A (en) | Network video-based evasion identification method, equipment, storage medium and device | |
| Gopi et al. | Classification of denial-of-service attacks in IoT networks using AlexNet |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201211 |