CN112272172A - Internet of things video monitoring safety management system - Google Patents
Internet of things video monitoring safety management system Download PDFInfo
- Publication number
- CN112272172A CN112272172A CN202011129811.3A CN202011129811A CN112272172A CN 112272172 A CN112272172 A CN 112272172A CN 202011129811 A CN202011129811 A CN 202011129811A CN 112272172 A CN112272172 A CN 112272172A
- Authority
- CN
- China
- Prior art keywords
- internet
- things
- video monitoring
- management
- private network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y30/00—IoT infrastructure
- G16Y30/10—Security thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/18—Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Multimedia (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to the technical field of Internet of things video monitoring safety management, and discloses an Internet of things video monitoring safety management system, which comprises: the internet of things virtual private network is deployed between the internet of things monitoring operation platform and the internet of things remote management or use terminal, the internet of things virtual private network is used for encrypting data communication between the internet of things monitoring operation platform and the internet of things remote management or use terminal, and an internet of things private network channel between the internet of things monitoring operation platform and the internet of things remote management or use terminal is established; an internet of things security situation and management and control system is deployed at a network access port of the internet of things video monitoring system; web application firewall equipment is deployed in a data center area of the Internet of things video monitoring system. The invention solves the technical problem that the video monitoring system of the Internet of things is directly or indirectly butted with a public network and is easy to be attacked and damaged from the outside.
Description
Technical Field
The invention relates to the technical field of Internet of things video monitoring safety management, in particular to an Internet of things video monitoring safety management system.
Background
The Internet of things video monitoring is a comprehensive system with strong prevention capability and mainly comprises three pieces of front-end acquisition equipment, a transmission network and a monitoring operation platform. The interconnection between objects and people is realized by monitoring and collecting videos and sounds and analyzing and extracting data in time. At present, the video monitoring of the internet of things is mainly used for security monitoring of large-scale stadiums and areas with dense people streams, important equipment and facilities and is often deployed in an intranet environment; however, for the convenience of remote management and use, a considerable part of the system is connected with the public network or directly deployed in the public network, and the system is directly or indirectly connected with the public network, so that the system is easily attacked and damaged from the outside, and an attacker can damage or even tamper with data on the server, thereby causing a serious security problem.
Disclosure of Invention
Technical problem to be solved
Aiming at the defects of the prior art, the invention provides an Internet of things video monitoring safety management system, which aims to solve the technical problem that the Internet of things video monitoring system is directly or indirectly butted with a public network and is easily attacked and damaged from the outside.
(II) technical scheme
In order to achieve the purpose, the invention provides the following technical scheme:
an Internet of things video monitoring safety management system comprises: the internet of things virtual private network is deployed between the internet of things monitoring operation platform and the internet of things remote management or use terminal, the internet of things virtual private network is used for encrypting data communication between the internet of things monitoring operation platform and the internet of things remote management or use terminal, and an internet of things private network channel between the internet of things monitoring operation platform and the internet of things remote management or use terminal is established;
the virtual private network of the Internet of things is characterized in that a VPN server is erected in an internal network of the Internet of things, after the Internet of things is remotely managed or a user terminal is connected with the Internet, the Internet of things is connected with the VPN server, and then the Internet of things enters the internal network of the Internet of things through the VPN server.
Further, the internet of things video monitoring safety management system further comprises: an internet of things security situation and management and control system is deployed at a network access port of the internet of things video monitoring system, and Web application firewall equipment is deployed in a data center area of the internet of things video monitoring system.
Further, the internet of things security situation and management and control system carries out state monitoring, behavior auditing, anomaly analysis and security management and control on the front-end equipment of the internet of things video monitoring system, and senses security states, vulnerability, anomaly threats and illegal access of the front-end equipment in the massive internet of things video monitoring system.
Further, the Web application firewall device protects a Web application server of the Internet of things video monitoring platform and monitors the access of a website of the Internet of things video monitoring system for 7x24 hours in real time.
(III) advantageous technical effects
Compared with the prior art, the invention has the following beneficial technical effects:
according to the invention, the Internet of things virtual private network is deployed between the Internet of things monitoring operation platform and the Internet of things remote management or use terminal, and the Internet of things virtual private network realizes encryption of data communication between the Internet of things monitoring operation platform and the Internet of things remote management or use terminal, and establishes an Internet of things private network channel between the Internet of things monitoring operation platform and the Internet of things remote management or use terminal;
the virtual private network of the Internet of things provides a method for remotely managing and using video monitoring data of the Internet of things, which has high cost efficiency and good safety performance; the internet of things security situation and management and control system deployed at the network access port of the internet of things video monitoring system realizes the asset threat visualization of the whole internet of things video monitoring system, and the whole network asset security can be managed and controlled; the method comprises the steps that Web application firewall equipment deployed in a data center area of an Internet of things video monitoring system monitors the access of a website for 7x24 hours in real time;
therefore, the technical problem that the video monitoring system of the Internet of things is directly or indirectly connected with a public network and is easily attacked and damaged from the outside is solved.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
An Internet of things video monitoring safety management system comprises: the internet of things virtual private network is deployed between the internet of things monitoring operation platform and the internet of things remote management or use terminal, the internet of things virtual private network is used for encrypting data communication between the internet of things monitoring operation platform and the internet of things remote management or use terminal, and an internet of things private network channel between the internet of things monitoring operation platform and the internet of things remote management or use terminal is established;
the virtual private network of the Internet of things establishes a VPN server in an internal network of the Internet of things, after the Internet of things is remotely managed or a terminal is connected with the Internet, the Internet of things is connected with the VPN server through the Internet, and then the Internet of things enters the internal network of the Internet of things through the VPN server;
wherein, the VPN is a virtual private network;
in order to ensure the safety of video monitoring data of the Internet of things, communication data between a VPN server and a remote management or use terminal of the Internet of things are encrypted;
the working process of the virtual private network of the Internet of things comprises the following steps:
firstly, a VPN gateway of an Internet of things virtual private network adopts a double-network card structure, and an external network card accesses the Internet by using a public network IP;
remotely managing the Internet of things of the Internet or accessing the Internet of things monitoring operation platform of the Internet of things by using a terminal, wherein the target address of the access data packet sent by the Internet of things monitoring operation platform is the internal IP address of the Internet of things monitoring operation platform;
checking a target address of an access data packet sent by an Internet of things remote management or using terminal by a VPN gateway of the Internet, if the target address belongs to the address of the Internet of things, packaging the data packet, and using the original packaged data packet as the load of the VPN data packet, wherein the target address of the VPN data packet is the external address of the VPN gateway of the Internet of things;
the VPN gateway of the Internet sends the VPN data packet to the Internet, and the data packet is correctly sent to the VPN gateway of the Internet of things by the route in the Internet because the target address of the VPN data packet is the external address of the VPN gateway of the Internet of things;
fifthly, the VPN gateway of the Internet of things checks the received data packet, if the data packet is sent from the VPN gateway of the Internet, the data packet can be judged to be the VPN data packet, and the data packet is unpacked, wherein the unpacking process mainly comprises the steps of stripping a packet header of the VPN data packet and then reversely processing the data packet to restore the data packet into an original data packet;
sixthly, the VPN gateway of the Internet of things sends the restored original data packet to the Internet of things monitoring operation platform, and the target address of the original data packet is the IP of the Internet of things monitoring operation platform, so that the data packet can be correctly sent to the Internet of things monitoring operation platform, and the received data packet is the same as that directly sent from the remote management or use terminal of the Internet of things in view of the Internet of things monitoring operation platform;
the processing process of the data packet returned from the Internet of things monitoring operation platform to the Internet of things remote management or the use terminal is the same as the process, so that the terminals in the two networks can communicate with each other;
furthermore, an internet of things security situation and management and control system is deployed at a network access port of the internet of things video monitoring system, and the internet of things security situation and management and control system performs state monitoring, behavior auditing, anomaly analysis and security management and control on front-end equipment of the internet of things video monitoring system and senses security conditions such as security states, vulnerabilities, anomaly threats, illegal access and the like of the front-end equipment in the massive internet of things video monitoring system;
the method comprises the steps that for the prediction, protection, monitoring and response of the security situation of front-end equipment of the video monitoring system of the Internet of things, the overall security capability is improved from a plurality of aspects of end point security, boundary security, data security and management security, so that the visualization of the asset threat of the whole video monitoring system of the Internet of things is realized, and the whole network asset security can be managed and controlled;
furthermore, a Web application firewall device is deployed in a data center area of the Internet of things video monitoring system, and the Web application firewall device protects a Web application server of the Internet of things video monitoring platform, namely, the website access is monitored in real time within 7x24 hours, and through the deployment of the Web application firewall, various website safety problems of the Web application server can be solved, such as SQL injection attack, cross-site attack, malicious coding, buffer overflow, application layer DDoS attack and the like, so that the occurrence of security events which seriously affect the image, such as webpage tampering, trojan hanging and the like, is prevented;
the Web application firewall equipment is directly connected in a link by adopting an HA dual-computer hot standby deployment mode, and external Web application is protected before a Web server of the Internet of things video monitoring platform is deployed.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (4)
1. The utility model provides a thing networking video monitoring safety control system which characterized in that includes: the internet of things virtual private network is deployed between the internet of things monitoring operation platform and the internet of things remote management or use terminal, the internet of things virtual private network is used for encrypting data communication between the internet of things monitoring operation platform and the internet of things remote management or use terminal, and an internet of things private network channel between the internet of things monitoring operation platform and the internet of things remote management or use terminal is established;
the virtual private network of the Internet of things is characterized in that a VPN server is erected in an internal network of the Internet of things, after the Internet of things is remotely managed or a user terminal is connected with the Internet, the Internet of things is connected with the VPN server, and then the Internet of things enters the internal network of the Internet of things through the VPN server.
2. The internet of things video monitoring security management system according to claim 1, further comprising: an internet of things security situation and management and control system is deployed at a network access port of the internet of things video monitoring system, and Web application firewall equipment is deployed in a data center area of the internet of things video monitoring system.
3. The internet of things video monitoring security management system according to claim 2, wherein the internet of things security situation and management and control system performs state monitoring, behavior auditing, anomaly analysis and security management and control on the front-end equipment of the internet of things video monitoring system, and senses security states, vulnerability, anomaly threats and illegal access of the front-end equipment in the massive internet of things video monitoring system.
4. The internet of things video monitoring security management system according to claim 3, wherein the Web application firewall device protects a Web application server of the internet of things video monitoring platform and monitors access to a website of the internet of things video monitoring system for 7x24 hours in real time.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011129811.3A CN112272172A (en) | 2020-10-21 | 2020-10-21 | Internet of things video monitoring safety management system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011129811.3A CN112272172A (en) | 2020-10-21 | 2020-10-21 | Internet of things video monitoring safety management system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112272172A true CN112272172A (en) | 2021-01-26 |
Family
ID=74342598
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011129811.3A Withdrawn CN112272172A (en) | 2020-10-21 | 2020-10-21 | Internet of things video monitoring safety management system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112272172A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112671808A (en) * | 2021-03-16 | 2021-04-16 | 北京顺谋科技有限公司 | Internet data transmission anti-tampering sentinel system and internet data transmission system |
CN114338136A (en) * | 2021-12-27 | 2022-04-12 | 深圳前海同益网络技术有限公司 | System and method for realizing private network communication based on universal Internet of things equipment |
-
2020
- 2020-10-21 CN CN202011129811.3A patent/CN112272172A/en not_active Withdrawn
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112671808A (en) * | 2021-03-16 | 2021-04-16 | 北京顺谋科技有限公司 | Internet data transmission anti-tampering sentinel system and internet data transmission system |
CN112671808B (en) * | 2021-03-16 | 2021-07-13 | 北京顺谋科技有限公司 | Internet data transmission anti-tampering sentinel system and internet data transmission system |
CN114338136A (en) * | 2021-12-27 | 2022-04-12 | 深圳前海同益网络技术有限公司 | System and method for realizing private network communication based on universal Internet of things equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102821081B (en) | Method and system for monitoring DDOS (distributed denial of service) attacks in small flow | |
CN104954764A (en) | Video monitoring system based on video resource safety gateway | |
KR100947211B1 (en) | System for active security surveillance | |
CN112272172A (en) | Internet of things video monitoring safety management system | |
Bowen et al. | Next generation SCADA security: best practices and client puzzles | |
CN104660572A (en) | Novel method and device for controlling mode data for denial of service attack in access network | |
Patidar et al. | Information theory-based techniques to detect DDoS in SDN: A survey | |
Ahmed et al. | A Linux-based IDPS using Snort | |
Ma | An effective method for defense against IP spoofing attack | |
CN1176421C (en) | Intraconnection network computer and Internet unauthorized connection monitoring system and its method | |
CN111885020A (en) | Network attack behavior real-time capturing and monitoring system with distributed architecture | |
Zhang et al. | VOIP voice network technology security strategies | |
Ye et al. | Research on network security protection strategy | |
Hwang et al. | NetShield: Protocol anomaly detection with datamining against DDoS attacks | |
Maynard et al. | Towards understanding man-on-the-side attacks (MotS) in SCADA networks | |
Mudgal et al. | Spark-Based Network Security Honeypot System: Detailed Performance Analysis | |
Abhijith et al. | First Level Security System for Intrusion Detection and Prevention in LAN | |
Xiang et al. | An active distributed defense system to protect web applications from DDoS attacks | |
KR100422807B1 (en) | Security gateway apparatus for controlling of policy-based network security and its proceeding method | |
Yang et al. | Cybersecurity testing technology in smart substations | |
KR20090116206A (en) | System for defending client distribute denial of service and method therefor | |
Hareesh et al. | Passive security monitoring for IEC-60870-5-104 based SCADA systems | |
Abdulrezzak et al. | Enhancing Intrusion Prevention in Snort System | |
Xiang et al. | Protect grids from DDoS attacks | |
Ao | Design and deployment of border security in multimedia network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20210126 |
|
WW01 | Invention patent application withdrawn after publication |