CN112187792A - Network information safety protection system based on internet - Google Patents
Network information safety protection system based on internet Download PDFInfo
- Publication number
- CN112187792A CN112187792A CN202011035999.5A CN202011035999A CN112187792A CN 112187792 A CN112187792 A CN 112187792A CN 202011035999 A CN202011035999 A CN 202011035999A CN 112187792 A CN112187792 A CN 112187792A
- Authority
- CN
- China
- Prior art keywords
- account
- user
- intrusion
- network information
- signal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Abstract
The invention discloses an internet-based network information security protection system, which comprises a cloud platform, a registration login unit, a database, an information auditing unit, an intrusion detection module, a user management module, an alarm unit and a protection unit, wherein the cloud platform is used for storing information; detecting system data through an intrusion detection module, acquiring illegal access times of a system, virus category quantity and vulnerability quantity of the system, acquiring a system intrusion coefficient Y through a formula, and comparing the system intrusion coefficient Y with an intrusion coefficient threshold value: if the system intrusion coefficient Y is smaller than or equal to the intrusion coefficient threshold value, judging that the system does not have intrusion, generating a system security signal and sending the system security signal to the cloud platform; if the system intrusion coefficient Y is larger than the intrusion coefficient threshold value, judging that the system is intruded, generating a system danger signal and sending the system danger signal to an alarm unit; the system is detected, viruses are eliminated before system data are lost, the data safety is improved, and the risk of data loss is reduced.
Description
Technical Field
The invention relates to the technical field of network information safety protection, in particular to a network information safety protection system based on the internet.
Background
With the rapid development of computer technology, computer information security issues are receiving more and more attention. It is very necessary for students to grasp necessary information security management and security technology. Through learning the course, students can master the basic principle of computer information security and the strategies and implementation of the current popular information security setting, security loophole, firewall and hacker principle and precaution, so that the students can be competent in the implementation, operation, management, maintenance and other related work of the information system.
The patent with the publication number of CN111614597A discloses the technical field of artificial intelligence, in particular to an artificial intelligence network safety information protection early warning system, which comprises a rule set processing engine, wherein the rule set processing engine is associated with rule design and modification, audit records, creation/extraction rules and update/historical activity conditions, the audit records are associated with clock and main body activities, the creation/extraction rules are associated with abnormal records, and the update/historical activity conditions are associated with activity profiles. The invention collects information through a plurality of key points of the network and the system and analyzes the information, finds out whether the network and the system have behaviors violating the security policy or signs of invasion, and takes measures and early warning according to the established policy.
However, in this patent, when the system is invaded, emergency measures cannot be taken in the first time, and meanwhile, the invading virus and patch cannot be stored, so that the built firewall has poor pertinence.
Disclosure of Invention
The invention aims to provide an internet-based network information security protection system, which detects system data through an intrusion detection module, obtains the number of times of illegal access of the system, the number of virus types and the number of system bugs, obtains a system intrusion coefficient Y through a formula, and compares the system intrusion coefficient Y with an intrusion coefficient threshold value: if the system intrusion coefficient Y is smaller than or equal to the intrusion coefficient threshold value, judging that the system does not have intrusion, generating a system security signal and sending the system security signal to the cloud platform; if the system intrusion coefficient Y is larger than the intrusion coefficient threshold value, judging that the system is intruded, generating a system danger signal and sending the system danger signal to an alarm unit; the system is detected, viruses are eliminated before system data are lost, the data safety is improved, and the risk of data loss is reduced.
The purpose of the invention can be realized by the following technical scheme:
a network information security protection system based on the Internet comprises a cloud platform, a registration unit, a database, an information auditing unit, an intrusion detection module, a user management module, a maintenance unit, an alarm unit and a protection unit;
the information auditing unit is used for auditing network information, the network information comprises characters, pictures and voice issued on a network, and the specific auditing steps are as follows:
step one, acquiring the reporting times of the network information, and marking the reporting times of the network information as CC;
step two, acquiring the browsing time of the network information, and marking a browsing time mark bit LL of the network information;
thirdly, obtaining the number of times of commenting the network information, and marking the number of times of commenting the network information as PP;
step four, passing through a formula
Acquiring a safety factor X of network information, wherein c1, c2 and c3 are all preset proportional coefficients, c1 is larger than c2 and is larger than c3, c1+ c2+ c3 is 2.03125, and beta is a correction factor and is 1.023658;
step five, comparing the safety factor X of the network information with a safety factor setting threshold value:
if the safety factor X of the network information is larger than or equal to the safety factor setting threshold, judging the safety of the network information, generating a network information safety signal and sending the network information safety signal to the cloud platform, and after receiving the network information safety signal, the cloud platform generates a normal release signal and normally releases the network information;
if the safety factor X of the network information is smaller than the safety factor setting threshold, the network information is judged to be dangerous, a network information dangerous signal is generated and sent to the cloud platform, and the cloud platform receives the network information dangerous signal and then generates a dangerous shielding signal and shields the network information.
Further, the registration login module is used for the user and the manager to send user data and manager data through the mobile phone terminal for registration and send the user data and the manager data which are successfully registered to the database for storage, after the registration is successful, the registration login unit sends a login account to the mobile phone terminal of the user, after the user receives the login account, the user sets a login password and a login attribution and sends the login password and the login attribution to the database for storage, when the user logs in through the account which is successfully registered, the user can inquire the attribution through internet positioning, if the number of times of abnormality of the attribution exceeds the threshold of the number of times of abnormality, the account is paused to be marked as a risk account, a risk signal is generated and sent to the mobile phone terminal of the user, after the user receives the risk signal, the user needs to send risk release information to the registration login unit through a friend account in the risk account together, the registration login unit marks the risk account as a normal account after receiving the risk relief information, and simultaneously sends a login password and a login attribution change instruction to a mobile phone terminal of a user, wherein user data comprises the name, the age, the position and a mobile phone number for real name authentication of the user, and manager data comprises the name, the age, the time for entering the position and the mobile phone number for real name authentication of the user.
Further, the intrusion detection module is configured to detect system data, where the system data includes the number of times of illegal access of the system, the number of types of viruses, and the number of vulnerabilities, and the specific detection steps are as follows:
s1: obtaining the illegal access times of the system, and marking the illegal access times of the system as FC;
s2: acquiring the virus category number of a system, and marking the virus category number of the system as BD;
s3: acquiring the number of vulnerabilities of a system, and marking the number of vulnerabilities of the system as LD;
s4: by the formula
Acquiring a system intrusion coefficient Y, wherein b1, b2 and b3 are all preset proportional coefficients, b1, b2 and b3 correspond to FC, BD and LD one by one, b1 & gt b2 & gt b3, and b1+ b2+ b3 is 3.320563;
s5: comparing the system intrusion coefficient Y with an intrusion coefficient threshold value:
if the system intrusion coefficient Y is smaller than or equal to the intrusion coefficient threshold value, judging that the system does not have intrusion, generating a system security signal and sending the system security signal to the cloud platform;
if the system intrusion coefficient Y is larger than the intrusion coefficient threshold value, judging that the system is intruded, generating a system danger signal and sending the system danger signal to an alarm unit;
the alarm unit is used for receiving system danger signals, generating alarm signals and sending the alarm signals to the protection unit.
Further, the protection unit protects the system after receiving the alarm signal, and the specific protection measures are as follows:
SS 1: after receiving the alarm signal, the protection unit sends data stored in the cloud platform to a standby hard disk of the server for storage;
SS 2: the network connection between the server and the internet is disconnected, and the transmitted data is comprehensively cleaned through antivirus software carried by the system;
SS 3: the method comprises the steps of checking a vulnerability utilized by an intrusion system by analyzing a system log file, determining the name of the vulnerability, searching a vulnerability patch of a matched application program for repairing, and simultaneously sending the vulnerability patch of the matched application program to a database for storage;
SS 4: recording the intrusion time and sending the intrusion time to a maintenance unit;
the maintenance unit is used for receiving the time of the system being invaded and sending the invaded time to a mobile phone terminal of a manager, and the manager specifically maintains the following steps:
p1: after detecting the bug repair, adding a corresponding firewall;
p2: changing the attribute of the network, setting the network used inside as an independent local area network, and completely separating the internal local area network from the public network;
p3: and upgrading the virus library, marking the viruses of the intrusion system as cracked viruses, and sending the cracked viruses and the corresponding cracked patches to the virus library, wherein the virus library is a virus virtual storage platform of the intrusion system.
Further, the user management module is configured to perform detection management on user account data, where the user account data includes time for a user to register an account and login times of the user, and the specific detection management steps include:
t1: detecting a user account in a database, acquiring registration time of the user account, comparing the registration time of the user account with current time, acquiring registration time of the user account, and marking the registration time of the user account as Zi, i is 1, 2, and.
T2: acquiring the use times of the account in the registration time, and marking the use times of the account as Ci;
t3: by the formula
Acquiring an account active coefficient Bi, wherein g1 and g2 are preset proportional coefficients, g1 is greater than g2, and g1+ g2 is 3.625314;
t4: comparing the account number activity coefficient Bi with an activity coefficient threshold value:
if the activity coefficient Bi is larger than or equal to the activity coefficient threshold value, judging that the account is normally used, marking the account as a normally used account, and sending the normally used account to a database for storage;
if the active coefficient Bi is less than the active coefficient threshold value, the account is judged to be used infrequently, the account is marked as an infrequent account, an account logout signal is generated and sent to a mobile phone terminal of the user, if the user receives the account logout signal and then determines to logout, a user management module generates a logout signal, marks the account as a logout account, and then deletes the logout account from a database.
Compared with the prior art, the invention has the beneficial effects that:
1. detecting system data through an intrusion detection module, acquiring illegal access times of a system, virus category quantity and vulnerability quantity of the system, acquiring a system intrusion coefficient Y through a formula, and comparing the system intrusion coefficient Y with an intrusion coefficient threshold value: if the system intrusion coefficient Y is smaller than or equal to the intrusion coefficient threshold value, judging that the system does not have intrusion, generating a system security signal and sending the system security signal to the cloud platform; if the system intrusion coefficient Y is larger than the intrusion coefficient threshold value, judging that the system is intruded, generating a system danger signal and sending the system danger signal to an alarm unit; the system is detected, and viruses are eliminated before the system data are lost, so that the data security is improved, and the risk of data loss is reduced;
2. the protection unit receives the alarm signal and then protects the system, and after receiving the alarm signal, the protection unit sends the data stored in the cloud platform to a standby hard disk of the server for storage; the network connection between the server and the internet is disconnected, and the transmitted data is comprehensively cleaned through antivirus software carried by the system; the method comprises the steps of checking a vulnerability utilized by an intrusion system by analyzing a system log file, determining the name of the vulnerability, searching a vulnerability patch of a matched application program for repairing, and simultaneously sending the vulnerability patch of the matched application program to a database for storage; when the system is invaded by the virus, the system firstly carries out vulnerability repair, reduces the influence of the virus invasion on system data, and improves the security of network information;
3. detecting and managing user account data through a user management module, acquiring registration time of a user account, comparing the registration time of the user account with current time, acquiring registration time of the user account, acquiring the number of use times of the account within the registration time, acquiring an account activity coefficient Bi through a formula, and comparing the account activity coefficient Bi with an activity coefficient threshold value: if the activity coefficient Bi is larger than or equal to the activity coefficient threshold value, judging that the account is normally used, marking the account as a normally used account, and sending the normally used account to a database for storage; if the active coefficient Bi is less than the active coefficient threshold value, judging that the account is not frequently used, marking the account as an account which is not frequently used, generating an account logout signal and sending the account logout signal to a mobile phone terminal of the user, if the user receives the account logout signal and then determines to logout, generating a logout signal by a user management module, marking the account as a logout account, and then deleting the logout account from a database; the account number of the user is detected, partial account number deactivation is prevented, safety performance is reduced, other people are prevented from intruding the system by taking the account number deactivation as a breach, and the risk of the system being intruded is reduced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic block diagram of the present invention.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the following embodiments, and it should be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, a network information security protection system based on the internet includes a cloud platform, a registration unit, a database, an information auditing unit, an intrusion detection module, a user management module, a maintenance unit, an alarm unit, and a protection unit;
the registration login module is used for a user and a manager to send user data and manager data to a mobile phone terminal for registration and send the successful user data and manager data to a database for storage, after the registration is successful, a registration login unit sends a login account to the mobile phone terminal of the user, after receiving the login account, the user sets a login password and a login attribution and sends the login password and the login attribution to the database for storage, when the user logs in through the account with successful registration, the login is carried out through Internet positioning for attribution inquiry, if the attribution abnormal times exceed an abnormal times threshold value, the account is suspended for login and marked as a risk account, a risk signal is generated and sent to the mobile phone terminal of the user, and after receiving the risk signal, the user needs to send risk relief information to the registration login unit through a friend account in the risk account together, the method comprises the steps that after a registration login unit receives risk relief information, a risk account is marked as a normal account, a login password and a login attribution change instruction are sent to a mobile phone terminal of a user, user data comprise the name, the age, the position and the mobile phone number of real name authentication of the user, and manager data comprise the name, the age, the time of entry and the mobile phone number of real name authentication of the user;
the information auditing unit is used for auditing network information, the network information comprises characters, pictures and voice issued on a network, and the specific auditing steps are as follows:
step one, acquiring the reporting times of the network information, and marking the reporting times of the network information as CC;
step two, acquiring the browsing time of the network information, and marking a browsing time mark bit LL of the network information;
thirdly, obtaining the number of times of commenting the network information, and marking the number of times of commenting the network information as PP;
step four, passing through a formula
Acquiring a safety factor X of network information, wherein c1, c2 and c3 are all preset proportional coefficients, c1 is larger than c2 and is larger than c3, c1+ c2+ c3 is 2.03125, and beta is a correction factor and is 1.023658;
step five, comparing the safety factor X of the network information with a safety factor setting threshold value:
if the safety factor X of the network information is larger than or equal to the safety factor setting threshold, judging the safety of the network information, generating a network information safety signal and sending the network information safety signal to the cloud platform, and after receiving the network information safety signal, the cloud platform generates a normal release signal and normally releases the network information;
if the safety factor X of the network information is smaller than the safety factor setting threshold, judging that the network information is dangerous, generating a network information dangerous signal and sending the network information dangerous signal to the cloud platform, and generating a dangerous shielding signal and shielding the network information after the cloud platform receives the network information dangerous signal;
the intrusion detection module is used for detecting system data, the system data comprises the illegal access times, the virus category number and the vulnerability number of a system, and the specific detection steps are as follows:
s1: obtaining the illegal access times of the system, and marking the illegal access times of the system as FC;
s2: acquiring the virus category number of a system, and marking the virus category number of the system as BD;
s3: acquiring the number of vulnerabilities of a system, and marking the number of vulnerabilities of the system as LD;
s4: by the formula
Acquiring a system intrusion coefficient Y, wherein b1, b2 and b3 are all preset proportional coefficients, b1, b2 and b3 correspond to FC, BD and LD one by one, b1 & gt b2 & gt b3, and b1+ b2+ b3 is 3.320563;
s5: comparing the system intrusion coefficient Y with an intrusion coefficient threshold value:
if the system intrusion coefficient Y is smaller than or equal to the intrusion coefficient threshold value, judging that the system does not have intrusion, generating a system security signal and sending the system security signal to the cloud platform;
if the system intrusion coefficient Y is larger than the intrusion coefficient threshold value, judging that the system is intruded, generating a system danger signal and sending the system danger signal to an alarm unit;
the alarm unit is used for receiving a system danger signal, generating an alarm signal and sending the alarm signal to the protection unit;
the protection unit protects the system after receiving the alarm signal, and the specific protection measures are as follows:
SS 1: after receiving the alarm signal, the protection unit sends data stored in the cloud platform to a standby hard disk of the server for storage;
SS 2: the network connection between the server and the internet is disconnected, and the transmitted data is comprehensively cleaned through antivirus software carried by the system;
SS 3: the method comprises the steps of checking a vulnerability utilized by an intrusion system by analyzing a system log file, determining the name of the vulnerability, searching a vulnerability patch of a matched application program for repairing, and simultaneously sending the vulnerability patch of the matched application program to a database for storage;
SS 4: recording the intrusion time and sending the intrusion time to a maintenance unit;
the maintenance unit is used for receiving the time of the system being invaded and sending the invaded time to a mobile phone terminal of a manager, and the manager specifically maintains the following steps:
p1: after detecting the bug repair, adding a corresponding firewall;
p2: changing the attribute of the network, setting the network used inside as an independent local area network, and completely separating the internal local area network from the public network;
p3: upgrading a virus library, marking viruses of the intrusion system as cracked viruses, and sending the cracked viruses and corresponding cracked patches to the virus library, wherein the virus library is a virus virtual storage platform of the intrusion system;
the user management module is used for detecting and managing user account data, the user account data comprises the time of a user registering an account and the login times of the user, and the specific detection and management steps are as follows:
t1: detecting a user account in a database, acquiring registration time of the user account, comparing the registration time of the user account with current time, acquiring registration time of the user account, and marking the registration time of the user account as Zi, i is 1, 2, and.
T2: acquiring the use times of the account in the registration time, and marking the use times of the account as Ci;
t3: by the formula
Acquiring an account active coefficient Bi, wherein g1 and g2 are preset proportional coefficients, g1 is greater than g2, and g1+ g2 is 3.625314;
t4: comparing the account number activity coefficient Bi with an activity coefficient threshold value:
if the activity coefficient Bi is larger than or equal to the activity coefficient threshold value, judging that the account is normally used, marking the account as a normally used account, and sending the normally used account to a database for storage;
if the active coefficient Bi is less than the active coefficient threshold value, judging that the account is not frequently used, marking the account as an account which is not frequently used, generating an account logout signal and sending the account logout signal to a mobile phone terminal of the user, if the user receives the account logout signal and then determines to logout, generating a logout signal by a user management module, marking the account as a logout account, and then deleting the logout account from a database;
the prediction module is used for carrying out virus intrusion prediction on the system, acquiring the reaction time and the network communication buffering time of the system in the whole day, correspondingly marking the reaction time and the network communication buffering time of the system as M1 and M2, and carrying out virus intrusion prediction on the system through a formula
And calculating a prediction coefficient O, wherein both v1 and v2 are preset proportionality coefficients, if the prediction coefficient O is larger than a coefficient set threshold, judging that the system has a virus plug-in and generates a virus intrusion signal, and if the prediction coefficient O is smaller than or equal to the coefficient set threshold, judging that the system is safe and generating a system safety signal.
The working principle of the invention is as follows: detecting system data through an intrusion detection module, acquiring the number of times of illegal access of the system, the number of virus types and the number of loopholes of the system, and sequentially marking the system data as FC, BD and LD; obtaining a system intrusion coefficient Y through a formula, and comparing the system intrusion coefficient Y with an intrusion coefficient threshold value: if the system intrusion coefficient Y is smaller than or equal to the intrusion coefficient threshold value, judging that the system does not have intrusion, generating a system security signal and sending the system security signal to the cloud platform; if the system intrusion coefficient Y is larger than the intrusion coefficient threshold value, judging that the system is intruded, generating a system danger signal and sending the system danger signal to an alarm unit; receiving a system danger signal through an alarm unit, generating an alarm signal and sending the alarm signal to a protection unit;
the protection unit receives the alarm signal and then protects the system, and after receiving the alarm signal, the protection unit sends the data stored in the cloud platform to a standby hard disk of the server for storage; the network connection between the server and the internet is disconnected, and the transmitted data is comprehensively cleaned through antivirus software carried by the system; the method comprises the steps of checking a vulnerability utilized by an intrusion system by analyzing a system log file, determining the name of the vulnerability, searching a vulnerability patch of a matched application program for repairing, and simultaneously sending the vulnerability patch of the matched application program to a database for storage; recording the intrusion time and sending the intrusion time to a maintenance unit;
the system intrusion time is received through the maintenance unit, the intrusion time is sent to a mobile phone terminal of a manager, and the manager specifically performs the following maintenance steps: after detecting the bug repair, adding a corresponding firewall; changing the attribute of the network, setting the network used inside as an independent local area network, and completely separating the internal local area network from the public network; and upgrading the virus library, marking the viruses of the intrusion system as cracked viruses, and sending the cracked viruses and the corresponding cracked patches to the virus library, wherein the virus library is a virus virtual storage platform of the intrusion system.
The above formulas are all quantitative calculation, the formula is a formula obtained by acquiring a large amount of data and performing software simulation to obtain the latest real situation, and the preset parameters in the formula are set by the technical personnel in the field according to the actual situation.
The foregoing is merely exemplary and illustrative of the present invention and various modifications, additions and substitutions may be made by those skilled in the art to the specific embodiments described without departing from the scope of the invention as defined in the following claims.
Claims (5)
1. A network information security protection system based on the Internet is characterized by comprising a cloud platform, a registration login unit, a database, an information auditing unit, an intrusion detection module, a user management module, a maintenance unit, an alarm unit and a protection unit;
the information auditing unit is used for auditing network information, the network information comprises characters, pictures and voice issued on a network, and the specific auditing steps are as follows:
step one, acquiring the reporting times of the network information, and marking the reporting times of the network information as CC;
step two, acquiring the browsing time of the network information, and marking a browsing time mark bit LL of the network information;
thirdly, obtaining the number of times of commenting the network information, and marking the number of times of commenting the network information as PP;
step four, passing through a formula
Acquiring a safety factor X of network information, wherein c1, c2 and c3 are all preset proportional coefficients, c1 is larger than c2 and is larger than c3, c1+ c2+ c3 is 2.03125, and beta is a correction factor and is 1.023658;
step five, comparing the safety factor X of the network information with a safety factor setting threshold value:
if the safety factor X of the network information is larger than or equal to the safety factor setting threshold, judging the safety of the network information, generating a network information safety signal and sending the network information safety signal to the cloud platform, and after receiving the network information safety signal, the cloud platform generates a normal release signal and normally releases the network information;
if the safety factor X of the network information is smaller than the safety factor setting threshold, the network information is judged to be dangerous, a network information dangerous signal is generated and sent to the cloud platform, and the cloud platform receives the network information dangerous signal and then generates a dangerous shielding signal and shields the network information.
2. The system of claim 1, wherein the login module is configured to send user data and manager data to a mobile phone terminal for login by a user and a manager, and send the user data and the manager data that have been successfully registered to the database for storage, after the login is successful, the login unit sends a login account to the mobile phone terminal of the user, after the user receives the login account, the login password and the login home location are set and sent to the database for storage, when the user logs in through the account that has been successfully registered, the user performs home location query by internet positioning, and when the number of abnormal home locations exceeds the threshold of abnormal times, the user suspends the login of the account and marks the account as a risk account, and simultaneously generates a risk signal and sends the risk signal to the mobile phone terminal of the user, after receiving the risk signal, the user needs to send risk relief information to the registration login unit through a friend account in the risk account, after receiving the risk relief information, the registration login unit marks the risk account as a normal account, and sends a login password and a login attribution change instruction to a mobile phone terminal of the user, wherein user data comprises the name, the age, the position and the mobile phone number for real name authentication of the user, and manager data comprises the name, the age, the time length for entering the position and the mobile phone number for real name authentication of the user.
3. The internet-based network information security protection system of claim 1, wherein the intrusion detection module is configured to detect system data, the system data including the number of times of illegal access of the system, the number of types of viruses, and the number of vulnerabilities, and the specific detection steps are as follows:
s1: obtaining the illegal access times of the system, and marking the illegal access times of the system as FC;
s2: acquiring the virus category number of a system, and marking the virus category number of the system as BD;
s3: acquiring the number of vulnerabilities of a system, and marking the number of vulnerabilities of the system as LD;
s4: by the formula
Acquiring a system intrusion coefficient Y, wherein b1, b2 and b3 are all preset proportional coefficients, b1, b2 and b3 correspond to FC, BD and LD one by one, b1 & gt b2 & gt b3, and b1+ b2+ b3 is 3.320563;
s5: comparing the system intrusion coefficient Y with an intrusion coefficient threshold value:
if the system intrusion coefficient Y is smaller than or equal to the intrusion coefficient threshold value, judging that the system does not have intrusion, generating a system security signal and sending the system security signal to the cloud platform;
if the system intrusion coefficient Y is larger than the intrusion coefficient threshold value, judging that the system is intruded, generating a system danger signal and sending the system danger signal to an alarm unit;
the alarm unit is used for receiving system danger signals, generating alarm signals and sending the alarm signals to the protection unit.
4. The internet-based network information security protection system of claim 1, wherein the protection unit protects the system after receiving the alarm signal, and the specific protection measures are as follows:
SS 1: after receiving the alarm signal, the protection unit sends data stored in the cloud platform to a standby hard disk of the server for storage;
SS 2: the network connection between the server and the internet is disconnected, and the transmitted data is comprehensively cleaned through antivirus software carried by the system;
SS 3: the method comprises the steps of checking a vulnerability utilized by an intrusion system by analyzing a system log file, determining the name of the vulnerability, searching a vulnerability patch of a matched application program for repairing, and simultaneously sending the vulnerability patch of the matched application program to a database for storage;
SS 4: recording the intrusion time and sending the intrusion time to a maintenance unit;
the maintenance unit is used for receiving the time of the system being invaded and sending the invaded time to a mobile phone terminal of a manager, and the manager specifically maintains the following steps:
p1: after detecting the bug repair, adding a corresponding firewall;
p2: changing the attribute of the network, setting the network used inside as an independent local area network, and completely separating the internal local area network from the public network;
p3: and upgrading the virus library, marking the viruses of the intrusion system as cracked viruses, and sending the cracked viruses and the corresponding cracked patches to the virus library, wherein the virus library is a virus virtual storage platform of the intrusion system.
5. The internet-based network information security protection system of claim 1, wherein the user management module is configured to perform detection management on user account data, the user account data includes time for a user to register an account and login times of the user, and the specific detection management steps include:
t1: detecting a user account in a database, acquiring registration time of the user account, comparing the registration time of the user account with current time, acquiring registration time of the user account, and marking the registration time of the user account as Zi, i is 1, 2, and.
T2: acquiring the use times of the account in the registration time, and marking the use times of the account as Ci;
t3: by the formula
Obtaining account number activity coefficientBi, wherein g1 and g2 are preset proportionality coefficients, and g1 is greater than g2, and g1+ g2 is 3.625314;
t4: comparing the account number activity coefficient Bi with an activity coefficient threshold value:
if the activity coefficient Bi is larger than or equal to the activity coefficient threshold value, judging that the account is normally used, marking the account as a normally used account, and sending the normally used account to a database for storage;
if the active coefficient Bi is less than the active coefficient threshold value, the account is judged to be used infrequently, the account is marked as an infrequent account, an account logout signal is generated and sent to a mobile phone terminal of the user, if the user receives the account logout signal and then determines to logout, a user management module generates a logout signal, marks the account as a logout account, and then deletes the logout account from a database.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011035999.5A CN112187792A (en) | 2020-09-27 | 2020-09-27 | Network information safety protection system based on internet |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011035999.5A CN112187792A (en) | 2020-09-27 | 2020-09-27 | Network information safety protection system based on internet |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112187792A true CN112187792A (en) | 2021-01-05 |
Family
ID=73944663
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011035999.5A Withdrawn CN112187792A (en) | 2020-09-27 | 2020-09-27 | Network information safety protection system based on internet |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112187792A (en) |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112788601A (en) * | 2021-03-04 | 2021-05-11 | 彭松英 | Mobile terminal information safety protection system and method based on big data |
| CN112866231A (en) * | 2021-01-13 | 2021-05-28 | 南方电网数字电网研究院有限公司 | Information security operation remote situation sensing system |
| CN112905982A (en) * | 2021-01-19 | 2021-06-04 | 青岛至心传媒有限公司 | Internet-based E-commerce platform intrusion detection method and monitoring system |
| CN113179347A (en) * | 2021-03-31 | 2021-07-27 | 深圳市磐锋精密技术有限公司 | Internet-based mobile phone safety protection system |
| CN113411353A (en) * | 2021-08-03 | 2021-09-17 | 广州汇图计算机信息技术有限公司 | Network security protection method and system |
| CN113726769A (en) * | 2021-08-28 | 2021-11-30 | 睿思网盾(北京)科技有限公司 | Network security prevention and control system based on data acquisition |
| CN113721922A (en) * | 2021-09-01 | 2021-11-30 | 中建电子信息技术有限公司 | Big data internet of things management system based on micro-service |
| CN114513336A (en) * | 2022-01-18 | 2022-05-17 | 国家广播电视总局广播电视规划院 | Network security platform construction method based on threat intelligence and intelligent identification algorithm |
| CN115086010A (en) * | 2022-06-13 | 2022-09-20 | 北京融讯智晖技术有限公司 | Network risk assessment system based on video cloud command system |
| CN115865427A (en) * | 2022-11-14 | 2023-03-28 | 重庆伏特猫科技有限公司 | Data acquisition and monitoring method based on data routing gateway |
| CN115955363A (en) * | 2023-03-13 | 2023-04-11 | 江苏先驰物联网技术有限公司 | Communication terminal based on desktop fusion |
| CN116112280A (en) * | 2023-02-24 | 2023-05-12 | 杭州珍林网络技术有限公司 | Network safety protection system based on artificial intelligence |
| CN116187936A (en) * | 2023-02-03 | 2023-05-30 | 上海麦德通软件技术有限公司 | Work order intelligent generation system based on cloud platform |
| CN116886370A (en) * | 2023-07-19 | 2023-10-13 | 广东网安科技有限公司 | Protection system for network security authentication |
| CN116886953A (en) * | 2023-09-06 | 2023-10-13 | 湖南马栏山视频先进技术研究院有限公司 | Cloud storage video data protection system |
| CN117390707A (en) * | 2023-10-20 | 2024-01-12 | 广东全芯半导体有限公司 | Data security detection system and detection method based on data storage equipment |
| CN117670264A (en) * | 2024-02-01 | 2024-03-08 | 武汉软件工程职业学院(武汉开放大学) | Automatic flow processing system and method for accounting data |
-
2020
- 2020-09-27 CN CN202011035999.5A patent/CN112187792A/en not_active Withdrawn
Cited By (25)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112866231A (en) * | 2021-01-13 | 2021-05-28 | 南方电网数字电网研究院有限公司 | Information security operation remote situation sensing system |
| CN112905982A (en) * | 2021-01-19 | 2021-06-04 | 青岛至心传媒有限公司 | Internet-based E-commerce platform intrusion detection method and monitoring system |
| CN112788601A (en) * | 2021-03-04 | 2021-05-11 | 彭松英 | Mobile terminal information safety protection system and method based on big data |
| CN113179347B (en) * | 2021-03-31 | 2022-03-29 | 深圳市磐锋精密技术有限公司 | Internet-based mobile phone safety protection system |
| CN113179347A (en) * | 2021-03-31 | 2021-07-27 | 深圳市磐锋精密技术有限公司 | Internet-based mobile phone safety protection system |
| CN113411353A (en) * | 2021-08-03 | 2021-09-17 | 广州汇图计算机信息技术有限公司 | Network security protection method and system |
| CN113726769A (en) * | 2021-08-28 | 2021-11-30 | 睿思网盾(北京)科技有限公司 | Network security prevention and control system based on data acquisition |
| CN113721922A (en) * | 2021-09-01 | 2021-11-30 | 中建电子信息技术有限公司 | Big data internet of things management system based on micro-service |
| CN114513336A (en) * | 2022-01-18 | 2022-05-17 | 国家广播电视总局广播电视规划院 | Network security platform construction method based on threat intelligence and intelligent identification algorithm |
| CN115086010A (en) * | 2022-06-13 | 2022-09-20 | 北京融讯智晖技术有限公司 | Network risk assessment system based on video cloud command system |
| CN115086010B (en) * | 2022-06-13 | 2023-10-24 | 北京融讯智晖技术有限公司 | Network risk assessment system based on video cloud command system |
| CN115865427A (en) * | 2022-11-14 | 2023-03-28 | 重庆伏特猫科技有限公司 | Data acquisition and monitoring method based on data routing gateway |
| CN116187936B (en) * | 2023-02-03 | 2023-08-29 | 上海麦德通软件技术有限公司 | Work order intelligent generation system based on cloud platform |
| CN116187936A (en) * | 2023-02-03 | 2023-05-30 | 上海麦德通软件技术有限公司 | Work order intelligent generation system based on cloud platform |
| CN116112280A (en) * | 2023-02-24 | 2023-05-12 | 杭州珍林网络技术有限公司 | Network safety protection system based on artificial intelligence |
| CN116112280B (en) * | 2023-02-24 | 2024-04-09 | 杭州珍林网络技术有限公司 | Network safety protection system based on artificial intelligence |
| CN115955363A (en) * | 2023-03-13 | 2023-04-11 | 江苏先驰物联网技术有限公司 | Communication terminal based on desktop fusion |
| CN116886370A (en) * | 2023-07-19 | 2023-10-13 | 广东网安科技有限公司 | Protection system for network security authentication |
| CN116886370B (en) * | 2023-07-19 | 2023-12-08 | 广东网安科技有限公司 | Protection system for network security authentication |
| CN116886953A (en) * | 2023-09-06 | 2023-10-13 | 湖南马栏山视频先进技术研究院有限公司 | Cloud storage video data protection system |
| CN116886953B (en) * | 2023-09-06 | 2023-11-24 | 湖南马栏山视频先进技术研究院有限公司 | Cloud storage video data protection system |
| CN117390707A (en) * | 2023-10-20 | 2024-01-12 | 广东全芯半导体有限公司 | Data security detection system and detection method based on data storage equipment |
| CN117390707B (en) * | 2023-10-20 | 2024-03-22 | 广东全芯半导体有限公司 | Data security detection system and detection method based on data storage equipment |
| CN117670264A (en) * | 2024-02-01 | 2024-03-08 | 武汉软件工程职业学院(武汉开放大学) | Automatic flow processing system and method for accounting data |
| CN117670264B (en) * | 2024-02-01 | 2024-04-19 | 武汉软件工程职业学院(武汉开放大学) | Automatic flow processing system and method for accounting data |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112187792A (en) | Network information safety protection system based on internet | |
| US10848514B2 (en) | Data surveillance for privileged assets on a computer network | |
| RU2477929C2 (en) | System and method for prevention safety incidents based on user danger rating | |
| CN112787992B (en) | Method, device, equipment and medium for detecting and protecting sensitive data | |
| CN111683157B (en) | Network security protection method for Internet of things equipment | |
| JP6703616B2 (en) | System and method for detecting security threats | |
| US20210160249A1 (en) | Systems and methods for role-based computer security configurations | |
| CN108268354A (en) | Data safety monitoring method, background server, terminal and system | |
| CN110213226B (en) | Network attack scene reconstruction method and system based on risk full-factor identification association | |
| JP2005526311A (en) | Method and apparatus for monitoring a database system | |
| WO2009037333A2 (en) | Intrusion detection method and system | |
| US11916964B2 (en) | Dynamic, runtime application programming interface parameter labeling, flow parameter tracking and security policy enforcement using API call graph | |
| CN108259202A (en) | A kind of CA monitoring and pre-alarming methods and CA monitoring and warning systems | |
| KR20140035146A (en) | Apparatus and method for information security | |
| CN113132318A (en) | Active defense method and system for information safety of power distribution automation system master station | |
| CN114553720A (en) | User operation abnormity detection method and device | |
| CN107944293B (en) | Fictitious assets guard method, system, equipment and storage medium | |
| US11503053B2 (en) | Security management of an autonomous vehicle | |
| CN113411297A (en) | Situation awareness defense method and system based on attribute access control | |
| US10515187B2 (en) | Artificial intelligence (AI) techniques for learning and modeling internal networks | |
| CN116112211A (en) | Knowledge-graph-based network attack chain reduction method | |
| KR101180092B1 (en) | Method and system for analyzing security event, and recording medium thereof | |
| CN117478433A (en) | Network and information security dynamic early warning system | |
| CN117201188A (en) | IT safe operation risk prediction method, system and medium based on big data | |
| US11651313B1 (en) | Insider threat detection using access behavior analysis |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 230000 room 605, building 6, fengqingyuan, Jiajing, West 11th Road and South 13th Road, Hefei Economic and Technological Development Zone, Anhui Province Applicant after: Anhui sipote Information Technology Co.,Ltd. Address before: 230000 room 605, building 6, fengqingyuan, Jiajing, West 11th Road and South 13th Road, Hefei Economic and Technological Development Zone, Anhui Province Applicant before: Anhui Sprint Technology Co.,Ltd. |
|
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20210105 |