CN112291506A - Method and system for tracing security vulnerability of streaming data in video conference scene - Google Patents

Method and system for tracing security vulnerability of streaming data in video conference scene Download PDF

Info

Publication number
CN112291506A
CN112291506A CN202011555492.2A CN202011555492A CN112291506A CN 112291506 A CN112291506 A CN 112291506A CN 202011555492 A CN202011555492 A CN 202011555492A CN 112291506 A CN112291506 A CN 112291506A
Authority
CN
China
Prior art keywords
scoring
characteristic
tested
stream data
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011555492.2A
Other languages
Chinese (zh)
Other versions
CN112291506B (en
Inventor
王帅
朱敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Telecom Easiness Information Technology Co Ltd
Original Assignee
Beijing Telecom Easiness Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Telecom Easiness Information Technology Co Ltd filed Critical Beijing Telecom Easiness Information Technology Co Ltd
Priority to CN202011555492.2A priority Critical patent/CN112291506B/en
Publication of CN112291506A publication Critical patent/CN112291506A/en
Application granted granted Critical
Publication of CN112291506B publication Critical patent/CN112291506B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/14Systems for two-way working
    • H04N7/15Conference systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Multimedia (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to a method and a system for tracing security vulnerabilities of streaming data in a video conference scene. The method comprises the following steps: video conference stream data acquisition: an analyst simulates an attacker to monitor the video conference by using a flow analysis tool; extracting characteristics of video conference stream data: extracting a feature vector from the video conference stream data according to a feature value extraction scheme; and (3) feature vector grouping analysis: grouping the feature vectors according to a certain rule to ensure that certain data features are mapped in the group; vulnerability mapping and source tracing feedback: and positioning key features, and tracing the problems corresponding to the highest feature group exposed by the privacy. The invention can trace the source of the security vulnerability and improve the data security performance of the video conference.

Description

Method and system for tracing security vulnerability of streaming data in video conference scene
Technical Field
The invention relates to the field of information security, in particular to a method and a system for tracing security vulnerabilities of streaming data in a video conference scene.
Background
The large-scale commercial use of the fifth generation mobile communication technology not only improves the user experience quality of the mobile internet, but also provides a technical basis for a commercial scene with low time delay and high network capacity. With the application of 5G in various industries, the development of Internet office is also met with new opportunities, and particularly, the development of Internet office brings great influence on the video conference industry which is an important scene of Internet office. The video conference refers to an intelligent real-time communication and sharing cooperative work development application system which integrates multiple data transmission technologies such as multi-person video transmission, multi-person voice transmission and multi-person character transmission, and the time utilization efficiency of participants is improved by intelligently controlling network transmission resources. Due to the ultra-high bandwidth brought by 5G, the usability of the video conference is greatly improved, the problems of packet loss and blockage caused by network transmission can be avoided, and the use cost of the video conference can be reduced. But some of the security issues that follow are not negligible. The content displayed in the video conference often contains private data of individuals, enterprises or countries, once the conference content is illegally stolen, the conference content of the enterprises is exposed to competitors, and further a series of losses are caused by leaked information, and finally an irrecoverable situation is caused. With the increasing number of subjects using video conferencing, some security risks need to be discovered, especially due to the security problems caused by the streaming data transmission features.
In a network video conference environment, participating users transmit or receive video information, voice information, character information and the like transmitted in a streaming data form all the time. In video conferencing, threats mainly originate from external air interface wireless signal interference and protocol attacks. Most video conference network equipment still uses SSL/TLS protocol to encrypt flow in the data transmission process, and attackers still can perform characteristic analysis on the flow data encrypted in the mode. When an attacker captures a series of network traffic data packets of stream data, the attacker also obtains some statistical characteristic information in the group of data packets, such as a length system distribution matrix of frame bytes, a length distribution matrix of packet bytes, a time interval distribution matrix of packet arrival, and the like. An attacker can classify the flow of data streams generated in network communication through the application type of the network, namely after specific combination, screening and analysis are carried out on the attribute information, information such as behaviors, performances and conference processes of the participating users are deduced, and accordingly privacy information points in the conference are extracted, such as whether the participating users open a camera, what actions are taken in front of the camera, whether a screen is shared, whether voice communication is carried out and the like. Meanwhile, a large amount of user behavior information is carried in transmitted streaming data, behavior privacy of a user is revealed once the streaming data is deeply mined, for example, when the user carries out video and voice, the size of a generated data packet and the sending time of the data packet are different, if statistical characteristics of network traffic are illegally stolen, network behaviors of participating users are analyzed, and then privacy which is rich behind a specific behavior can be analyzed, so that data safety in a video conference scene is low.
Disclosure of Invention
The invention aims to provide a method and a system for tracing the security vulnerability of streaming data in a video conference scene so as to improve the data security performance in the video conference scene.
In order to achieve the purpose, the invention provides the following scheme:
a tracing method for security vulnerabilities of streaming data under a video conference scene comprises the following steps:
acquiring conference stream data generated by video conference transmission information; the conference flow data comprises flow data of each function module combination to be tested;
cutting the stream data of each function module combination to be tested into a plurality of stream data fragments to obtain a stream data fragment sequence corresponding to each function module to be tested;
according to the stream data characteristics, extracting characteristics of each stream data fragment in the stream data fragment sequence corresponding to each function module to be tested to obtain a characteristic matrix corresponding to each function module to be tested; a p line of the characteristic matrix is a characteristic vector corresponding to a p stream data segment, and a q column represents a characteristic value of a q stream data characteristic corresponding to each stream data segment;
for the t functional module to be tested, data grouping is carried out according to the characteristic matrix corresponding to the t functional module to be tested to obtainkA set of features; each characteristic group comprises a plurality of columns of data in a characteristic matrix corresponding to the tth functional module to be tested;
acquiring detection times; number of detectionsrTo satisfy
Figure DEST_PATH_IMAGE001
The smallest integer value of (c);
determining a feature group set of each detection; the index j of the jth characteristic group is represented by a binary number group, and the characteristic group set detected at the ith time is a set formed by all characteristic groups corresponding to the indexes with the ith bit of the binary number group being 1;
grading the feature group set of each detection by using a grading model to obtain a grading vector of each detection; the scoring vector is a k-dimensional vector, and when the ith detected feature group set does not comprise a jth feature group, the value of the jth position in the ith detected scoring vector is null; when the feature group set of the ith detection comprises the jth feature group, the value of the jth position in the scoring vector of the ith detection is a scoring value;
when the detection times are reached, obtaining a scoring matrix of the tth functional module to be tested; the ith row of the scoring matrix is a scoring vector of the ith detection, and the jth column is a scoring score of each detection of the jth feature group;
determining a scoring result of each feature group according to the scoring matrix of the tth functional module to be tested; the scoring result of each feature group is the scoring average value of all the detection times of the feature group;
determining the stream data characteristics corresponding to the security vulnerability of the tth functional module to be tested according to the grading result of each characteristic group and the stream data characteristics corresponding to each characteristic group;
and sequentially determining the stream data characteristics corresponding to the security vulnerabilities of each functional module to be tested.
Optionally, the acquiring conference stream data generated by the video conference transmission information specifically includes:
determining a functional module to be tested in the video conference;
generating a conference flow data acquisition scheme; the conference flow data acquisition scheme is a scheme for sequentially acquiring data of the functional modules to be tested;
according to the conference flow data acquisition scheme, monitoring the video conference in progress by using a network sniffing tool, storing the conference flow data of each video monitoring and generating a label of each video monitoring; and the conference stream data monitored by the video at each time is the stream data of the currently monitored functional module to be tested.
Optionally, the stream data characteristics include: number of bits per second, number of uploaded bits per second, number of downloaded bits per second, proportion of the number of uploaded or downloaded bits, number of packets per second, number of uploaded packets per second, number of downloaded packets per second, proportion of the number of uploaded or downloaded packets, mean/variance of packet size and 25% segmentation point, packet length distribution frequency sequence, packet length transfer matrix, mean/variance of uploaded packet size and 25% segmentation point, mean/variance of downloaded packet size and 25% segmentation point, upload packet length distribution frequency sequence, download packet length distribution frequency sequence, upload packet length transfer matrix, download packet length transfer matrix, packet time interval mean/variance and 25% segmentation point, packet time interval distribution, upload packet time interval mean/variance and 25% segmentation point, download packet time interval mean/variance and 25% segmentation point, Upload packet time interval, download packet time interval, variance/kurtosis and skewness of the traffic sequence, variance/kurtosis and skewness of the upload traffic sequence, and variance/kurtosis and skewness of the download traffic sequence.
Optionally, the scoring the feature group set detected each time by using the scoring model to obtain a scoring vector detected each time includes:
using formulas
Figure 894729DEST_PATH_IMAGE002
Scoring each feature group in the feature group set of the current detection to obtain a scoring vector of the current detection
Figure DEST_PATH_IMAGE003
Figure 663970DEST_PATH_IMAGE004
(ii) a Wherein the content of the first and second substances,
Figure DEST_PATH_IMAGE005
for the first in the set of currently detected feature groupsiA score for the individual feature set;
Figure 510572DEST_PATH_IMAGE006
representing the recall ratio of the classification model;
Figure DEST_PATH_IMAGE007
representing the precision of the classification model.
Optionally, the determining, according to the scoring result of each feature group, a stream data feature corresponding to the security vulnerability of the tth functional module to be tested by combining the stream data feature corresponding to each feature group specifically includes:
screening T feature groups with the highest scoring results;
determining a plurality of stream data characteristics corresponding to each characteristic group in the T characteristic groups to obtain a stream data characteristic set;
and determining the stream data characteristics with the largest occurrence frequency in the stream data characteristic set as the stream data characteristics corresponding to the security vulnerability of the tth function module to be tested.
The invention also provides a system for tracing the security vulnerabilities of streaming data in a video conference scene, which comprises the following steps:
the conference flow data acquisition module is used for acquiring conference flow data generated by video conference transmission information; the conference flow data comprises flow data of each function module combination to be tested;
the flow data cutting module is used for cutting the flow data of each to-be-tested function module combination into a plurality of flow data fragments to obtain a flow data fragment sequence corresponding to each to-be-tested function module;
the characteristic extraction module is used for extracting the characteristics of each flow data segment in the flow data segment sequence corresponding to each function module to be tested according to the flow data characteristics to obtain a characteristic matrix corresponding to each function module to be tested; a p line of the characteristic matrix is a characteristic vector corresponding to a p stream data segment, and a q column represents a characteristic value of a q stream data characteristic corresponding to each stream data segment;
a characteristic grouping module for grouping data of the tth functional module to be tested according to the characteristic matrix corresponding to the tth functional module to be tested to obtainkA set of features;each characteristic group comprises a plurality of columns of data in a characteristic matrix corresponding to the tth functional module to be tested;
the detection times acquisition module is used for acquiring detection times; number of detectionsrTo satisfy
Figure 125093DEST_PATH_IMAGE008
The smallest integer value of (c);
the characteristic group set determining module is used for determining a characteristic group set detected each time; the index j of the jth characteristic group is represented by a binary number group, and the characteristic group set detected at the ith time is a set formed by all characteristic groups corresponding to the indexes with the ith bit of the binary number group being 1;
the scoring module is used for scoring the feature group set of each detection by using a scoring model to obtain a scoring vector of each detection; the scoring vector is a k-dimensional vector, and when the ith detected feature group set does not comprise a jth feature group, the value of the jth position in the ith detected scoring vector is null; when the feature group set of the ith detection comprises the jth feature group, the value of the jth position in the scoring vector of the ith detection is a scoring value;
the scoring matrix determining module is used for obtaining a scoring matrix of the tth to-be-tested functional module after the detection times are reached; the ith row of the scoring matrix is a scoring vector of the ith detection, and the jth column is a scoring score of each detection of the jth feature group;
the scoring result determining module is used for determining the scoring result of each feature group according to the scoring matrix of the tth to-be-tested function module; the scoring result of each feature group is the scoring average value of all the detection times of the feature group;
the security vulnerability determining module is used for determining the stream data characteristics corresponding to the security vulnerability of the tth functional module to be tested according to the grading result of each characteristic group and by combining the stream data characteristics corresponding to each characteristic group; and determining the stream data characteristics corresponding to the security vulnerabilities of each functional module to be tested in sequence.
Optionally, the conference stream data acquiring module specifically includes:
the to-be-tested function module determining unit is used for determining the to-be-tested function module in the video conference;
the conference flow data acquisition scheme generating unit is used for generating a conference flow data acquisition scheme; the conference flow data acquisition scheme is a scheme for sequentially acquiring data of the functional modules to be tested;
the data acquisition unit is used for monitoring the video conference in progress by using a network sniffing tool according to the conference stream data acquisition scheme, storing the conference stream data of each video monitoring and generating a label of each video monitoring; and the conference stream data monitored by the video at each time is the stream data of the currently monitored functional module to be tested.
Optionally, the stream data characteristics include: number of bits per second, number of uploaded bits per second, number of downloaded bits per second, proportion of the number of uploaded or downloaded bits, number of packets per second, number of uploaded packets per second, number of downloaded packets per second, proportion of the number of uploaded or downloaded packets, mean/variance of packet size and 25% segmentation point, packet length distribution frequency sequence, packet length transfer matrix, mean/variance of uploaded packet size and 25% segmentation point, mean/variance of downloaded packet size and 25% segmentation point, upload packet length distribution frequency sequence, download packet length distribution frequency sequence, upload packet length transfer matrix, download packet length transfer matrix, packet time interval mean/variance and 25% segmentation point, packet time interval distribution, upload packet time interval mean/variance and 25% segmentation point, download packet time interval mean/variance and 25% segmentation point, Upload packet time interval, download packet time interval, variance/kurtosis and skewness of the traffic sequence, variance/kurtosis and skewness of the upload traffic sequence, and variance/kurtosis and skewness of the download traffic sequence.
Optionally, the scoring module specifically includes:
a scoring unit for utilizing a formula
Figure DEST_PATH_IMAGE009
Scoring each feature group in the feature group set of the current detection to obtain a scoring vector of the current detection
Figure 36856DEST_PATH_IMAGE003
Figure 524469DEST_PATH_IMAGE004
(ii) a Wherein the content of the first and second substances,
Figure 405837DEST_PATH_IMAGE005
for the first in the set of currently detected feature groupsiA score for the individual feature set;
Figure 886366DEST_PATH_IMAGE006
representing the recall ratio of the classification model;
Figure 271211DEST_PATH_IMAGE007
representing the precision of the classification model.
Optionally, the security vulnerability determining module specifically includes:
the characteristic group screening unit is used for screening T characteristic groups with the highest scoring results;
the flow data characteristic determining unit is used for determining a plurality of flow data characteristics corresponding to each characteristic group in the T characteristic groups to obtain a flow data characteristic set;
and the security vulnerability determining unit is used for determining the stream data feature with the largest occurrence frequency in the stream data feature set as the stream data feature corresponding to the security vulnerability of the tth function module to be tested.
According to the specific embodiment provided by the invention, the invention discloses the following technical effects:
according to the invention, by grouping, detecting, positioning and tracing suspicious features, the source features exposing data privacy in streaming data are detected quickly, accurately and efficiently, so that a transmission security vulnerability warning is provided for a protector, and the data security performance of a video conference is improved; through the characteristic grouping scheme, each group has unique characteristic detection points, and meanwhile, the detection times are reduced, so that the detection is efficient and accurate.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
FIG. 1 is a schematic flow chart of a method for tracing security vulnerabilities of streaming data in a video conference scene according to the present invention;
fig. 2 is a schematic structural diagram of the streaming data security vulnerability traceability system in the video conference scene.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.
Fig. 1 is a schematic flow chart of a method for tracing security vulnerabilities of streaming data in a video conference scene according to the present invention. As shown in fig. 1, the method for tracing the security vulnerabilities of streaming data in a video conference scene of the present invention includes the following steps:
step 100: and acquiring conference stream data generated by the video conference transmission information. And the conference flow data comprises the flow data of each function module combination to be tested. The method generates a conference flow data acquisition scheme according to the functional modules to be tested, and then acquires the flow data of each functional module combination to be tested according to the conference flow data acquisition scheme, thereby obtaining the conference flow data. The specific process is as follows:
step 1: and analyzing the functional modules to be tested in the video conference, namely the functional modules to be tested. For functional modules to be tested
Figure 929726DEST_PATH_IMAGE010
It is shown that,
Figure DEST_PATH_IMAGE011
in total comprise
Figure 750920DEST_PATH_IMAGE012
And the function module to be tested depends on the streaming data transmission function.
Step 2: and generating a conference flow data acquisition scheme. The method comprises the following steps:
step 2-1: structure of the device
Figure 785872DEST_PATH_IMAGE012
Binary digit of bit
Figure DEST_PATH_IMAGE013
An initial value of
Figure 274491DEST_PATH_IMAGE014
. If it is
Figure 103907DEST_PATH_IMAGE013
To (1) a
Figure DEST_PATH_IMAGE015
The bit is 1, which represents the functional module used by the current round of conference
Figure 680906DEST_PATH_IMAGE016
The collected flow data comprises a function module
Figure 519549DEST_PATH_IMAGE016
(ii) a If it is
Figure 878986DEST_PATH_IMAGE013
To (1) a
Figure 144883DEST_PATH_IMAGE015
Bit is 0, indicating a functional module
Figure 206248DEST_PATH_IMAGE017
Unused and collected flow data does not contain functional modules
Figure 848582DEST_PATH_IMAGE016
Step 2-2: make it
Figure 62526DEST_PATH_IMAGE013
Gradually increase until the value is
Figure DEST_PATH_IMAGE018
Step 2-3: record all scenarios
Figure 217433DEST_PATH_IMAGE019
Namely, the conference flow data acquisition scheme is obtained.
Step 3: and acquiring video conference stream data according to a conference stream data acquisition scheme. Using a traffic analysis tool (such as WireShark, Scapy, etc.) to listen to the video conference in progress, saving conference stream data for each video listening, and sending the conference stream data to a server
Figure 516827DEST_PATH_IMAGE013
As a tag for each video listen.
Step 4: and (5) preprocessing stream data. Reading a physical address of a current test device
Figure DEST_PATH_IMAGE020
The physical address of the source end and the physical address of the physical end in the obtained conference stream data are not
Figure 415382DEST_PATH_IMAGE020
The data of (1).
Step 200: and cutting the stream data of each function module combination to be tested into a plurality of stream data fragments to obtain a stream data fragment sequence corresponding to each function module to be tested. Determining the number of segments in each meeting according to the time length of each meetingmTo the label is
Figure 483832DEST_PATH_IMAGE021
Per each fragment of the stream data
Figure DEST_PATH_IMAGE022
And cutting every second to obtain a stream data fragment sequence corresponding to each functional module to be tested. Then, the number of the data pieces of each label is equal through the form of data piece alignment, and the obtained data pieces
Figure 825951DEST_PATH_IMAGE023
The matrix of stream data fragments of (a),nfor the number of functional modules to be tested, theiIs listed as the firstiThe sequence of the stream data fragments corresponding to the functional module to be tested is expressed as
Figure DEST_PATH_IMAGE024
The corresponding label is
Figure 599260DEST_PATH_IMAGE021
Step 300: and according to the stream data characteristics, performing characteristic extraction on each stream data fragment in the stream data fragment sequence corresponding to each function module to be tested to obtain a characteristic matrix corresponding to each function module to be tested. The p-th row of the feature matrix is a feature vector corresponding to the p-th stream data segment, and the q-th column represents a feature value of the q-th stream data feature corresponding to each stream data segment.
The stream data features of the present invention include: number of bits per second, number of uploaded bits per second, number of downloaded bits per second, proportion of the number of uploaded or downloaded bits, number of packets per second, number of uploaded packets per second, number of downloaded packets per second, proportion of the number of uploaded or downloaded packets, mean/variance of packet size and 25% segmentation point, packet length distribution frequency sequence, packet length transfer matrix, mean/variance of uploaded packet size and 25% segmentation point, mean/variance of downloaded packet size and 25% segmentation point, upload packet length distribution frequency sequence, download packet length distribution frequency sequence, upload packet length transfer matrix, download packet length transfer matrix, packet time interval mean/variance and 25% segmentation point, packet time interval distribution, upload packet time interval mean/variance and 25% segmentation point, download packet time interval mean/variance and 25% segmentation point, The upload packet time interval, the download packet time interval, the variance/kurtosis and skewness of the flow sequence, the variance/kurtosis and skewness of the upload flow sequence, the variance/kurtosis and skewness of the download flow sequence, and the like, and partial features can be selected according to actual situations to perform feature extraction.
The specific process for feature extraction is as follows:
step 1: and determining a characteristic value extraction scheme. All the stream data characteristics described above may be used, or some of the stream data characteristics may be selected according to the actual situation.
Step 2: reading
Figure 52238DEST_PATH_IMAGE025
Each of the stream data fragments
Figure DEST_PATH_IMAGE026
And extracting stream data segments according to the characteristic value extraction scheme
Figure 490041DEST_PATH_IMAGE026
The characteristic value of each stream data characteristic forms a characteristic vector
Figure 268642DEST_PATH_IMAGE027
Step 3: repeat Step2 until the total number is
Figure DEST_PATH_IMAGE028
Stream data fragment of
Figure 277049DEST_PATH_IMAGE026
All converted into eigenvectors to form a matrix
Figure 48565DEST_PATH_IMAGE029
I.e. is the firstiAnd the characteristic matrix corresponds to each functional module to be tested.
Step 4: repeating Step3 until n groups of data are all extracted, and forming a feature matrix of the whole conference data stream
Figure DEST_PATH_IMAGE030
Inheriting the corresponding label matrix from the conference generation scheme
Figure 91607DEST_PATH_IMAGE031
Step 400: for the t functional module to be tested, data grouping is carried out according to the characteristic matrix corresponding to the t functional module to be tested to obtainkAnd (4) a feature group. Each characteristic group comprises a plurality of columns of data in a characteristic matrix corresponding to the tth functional module to be tested. The specific process is as follows:
step 1: and designing a grouping strategy. Grouping data according to grouping rules shown in Table 1, and selecting one of the data according to historical security vulnerabilities
Figure 41108DEST_PATH_IMAGE032
Groups, final as the tth functional module to be testedkAnd (4) a feature group.
TABLE 1 characteristic grouping rules
Figure DEST_PATH_IMAGE033
Step 500: and acquiring detection times. If the data is divided intokGroup, then number of probing scenariosrTo satisfy 2 r k+1 takes the smallest integer value.
Step 600: a set of feature sets for each detection is determined. The index j of the jth characteristic group is represented by a binary number group, and the characteristic group set detected at the ith time is a set formed by characteristic groups corresponding to all indexes with the ith bit of 1 in the binary number group.
Step 700: and scoring the feature group set of each detection by using a scoring model to obtain a scoring vector of each detection. The scoring model is
Figure 520500DEST_PATH_IMAGE009
Figure 846439DEST_PATH_IMAGE005
For the first in the set of currently detected feature groupsiA score for the individual feature set;
Figure 9567DEST_PATH_IMAGE006
representing the recall ratio of the classification model;
Figure 382167DEST_PATH_IMAGE007
representing the precision of the classification model. The scoring vector is a k-dimensional vector, and when the ith detected feature group set does not comprise a jth feature group, the value of the jth position in the ith detected scoring vector is null; and when the feature group set of the ith detection comprises the jth feature group, the value of the jth position in the scoring vector of the ith detection is the scoring value.
Step 800: and when the detection times are reached, obtaining a scoring matrix of the t-th functional module to be tested. The ith row of the scoring matrix is the scoring vector of the ith detection, and the jth column is the scoring score of each detection of the jth feature group.
To be provided withkIf =5, the number of detections isrAnd = 3. At this timekThe individual feature set representations are shown in table 2.
TABLE 2 feature set representation
[0001]Number of feature sets [0002]Characteristic group 1 [0003]Feature group 2 [0004]Feature group 3 [0005]Feature group 4 [0006]Feature group 5
[0007]Indexing [0008] 001 [0009] 010 [0010] 011 [0011] 100 [0012] 101
Detecting for the first time: i =1, and the feature group with the 1 st bit of the small endian being 1 in the binary number group of the index, i.e., feature group 1, feature group 3, and feature group 5, is selected to obtain a score F1.
And (3) second detection: i =2, the feature group with the small endian 2 nd bit of 1 in the binary number group of the index, i.e., feature group 2 and feature group 3, is selected, and a score F2 is obtained.
And (3) third detection: i =3, the feature group with the small endian 3 rd bit of 1 in the binary number group of the index, i.e., feature group 4 and feature group 5, is selected to obtain a score F3.
Then obtain the scoring matrix of
Figure 896325DEST_PATH_IMAGE034
Step 900: and determining the scoring result of each feature group according to the scoring matrix of the tth functional module to be tested. The scoring result of each feature group is the scoring average value of all the detections of the feature group, that is, each column of the scoring matrix is averaged to obtain the scoring average value of the feature group corresponding to the column.
Step 1000: and determining the stream data characteristics corresponding to the security vulnerability of the tth functional module to be tested according to the grading result of each characteristic group and the stream data characteristics corresponding to each characteristic group. Specifically, firstly, screening T feature groups with the highest scoring result, namely positioning key features, and screening the feature groups with the highest traceable privacy exposure, namely corresponding security holes; then, determining a plurality of stream data characteristics corresponding to each characteristic group in the T characteristic groups to obtain a stream data characteristic set; and finally, determining the stream data characteristics with the largest occurrence frequency in the stream data characteristic set as the stream data characteristics corresponding to the security vulnerability of the tth function module to be tested.
Step 1100: and sequentially determining the stream data characteristics corresponding to the security vulnerabilities of each functional module to be tested. The security vulnerability detection of each functional module to be tested in the video conference can be realized.
Based on the method for tracing the security vulnerabilities of the streaming data under the video conference scene, the invention also provides a method for tracing the security vulnerabilities of the streaming data under the video conference scene, and fig. 2 is a schematic structural diagram of the system for tracing the security vulnerabilities of the streaming data under the video conference scene. As shown in fig. 2, the system for tracing security vulnerabilities of streaming data in a video conference scene of the present invention includes:
a conference stream data obtaining module 201, configured to obtain conference stream data generated by video conference transmission information; and the conference flow data comprises flow data of each function module combination to be tested.
The stream data cutting module 202 is configured to cut the stream data of each combination of the function modules to be tested into a plurality of stream data segments, so as to obtain a stream data segment sequence corresponding to each function module to be tested.
The feature extraction module 203 is configured to perform feature extraction on each stream data segment in the stream data segment sequence corresponding to each function module to be tested according to the stream data features to obtain a feature matrix corresponding to each function module to be tested; the p-th row of the feature matrix is a feature vector corresponding to the p-th stream data segment, and the q-th column represents a feature value of the q-th stream data feature corresponding to each stream data segment.
A feature grouping module 204, configured to, for the tth functional module to be tested, perform data grouping according to the feature matrix corresponding to the tth functional module to be tested to obtain a feature matrixkA set of features; each characteristic group comprises multi-column data in a characteristic matrix corresponding to the tth functional module to be tested.
A detection number obtaining module 205, configured to obtain a detection number; number of detectionsrTo satisfy
Figure 760376DEST_PATH_IMAGE008
The smallest integer value of (c).
A feature set determining module 206, configured to determine a feature set for each detection; the index j of the jth characteristic group is represented by a binary number group, and the characteristic group set detected at the ith time is a set formed by characteristic groups corresponding to all indexes with the ith bit of 1 in the binary number group.
The scoring module 207 is configured to score the feature group set of each detection by using a scoring model to obtain a scoring vector of each detection; the scoring vector is a k-dimensional vector, and when the ith detected feature group set does not comprise a jth feature group, the value of the jth position in the ith detected scoring vector is null; and when the feature group set of the ith detection comprises the jth feature group, the value of the jth position in the scoring vector of the ith detection is the scoring value.
A scoring matrix determining module 208, configured to obtain a scoring matrix of the tth to-be-tested function module after the detection times are reached; the ith row of the scoring matrix is a scoring vector of the ith detection, and the jth column is a scoring score of each detection of the jth feature group.
A scoring result determining module 209, configured to determine a scoring result of each feature group according to the scoring matrix of the tth to-be-tested function module; the scoring result for each feature set is the average of the scores for all of the probes of that feature set.
The security vulnerability determining module 2010 is configured to determine, according to the scoring result of each feature group, stream data features corresponding to the security vulnerability of the tth functional module to be tested in combination with the stream data features corresponding to each feature group; and determining the stream data characteristics corresponding to the security vulnerabilities of each functional module to be tested in sequence.
As a specific embodiment, in the system for tracing to the source of the security vulnerability of the streaming data in the video conference scene, the conference streaming data obtaining module 201 specifically includes:
and the to-be-tested function module determining unit is used for determining the to-be-tested function module in the video conference.
The conference flow data acquisition scheme generating unit is used for generating a conference flow data acquisition scheme; the conference flow data acquisition scheme is a scheme for sequentially acquiring the data of the functional modules to be tested.
The data acquisition unit is used for monitoring the video conference in progress by using a network sniffing tool according to the conference stream data acquisition scheme, storing the conference stream data of each video monitoring and generating a label of each video monitoring; and the conference stream data monitored by the video at each time is the stream data of the currently monitored functional module to be tested.
As a specific embodiment, in the system for tracing to the source of the security vulnerability of the streaming data in the video conference scene, the characteristics of the streaming data include: number of bits per second, number of uploaded bits per second, number of downloaded bits per second, proportion of the number of uploaded or downloaded bits, number of packets per second, number of uploaded packets per second, number of downloaded packets per second, proportion of the number of uploaded or downloaded packets, mean/variance of packet size and 25% segmentation point, packet length distribution frequency sequence, packet length transfer matrix, mean/variance of uploaded packet size and 25% segmentation point, mean/variance of downloaded packet size and 25% segmentation point, upload packet length distribution frequency sequence, download packet length distribution frequency sequence, upload packet length transfer matrix, download packet length transfer matrix, packet time interval mean/variance and 25% segmentation point, packet time interval distribution, upload packet time interval mean/variance and 25% segmentation point, download packet time interval mean/variance and 25% segmentation point, Upload packet time interval, download packet time interval, variance/kurtosis and skewness of the traffic sequence, variance/kurtosis and skewness of the upload traffic sequence, and variance/kurtosis and skewness of the download traffic sequence.
As a specific embodiment, in the streaming data security vulnerability traceability system in a video conference scenario, the scoring module 207 specifically includes:
a scoring unit for utilizing a formula
Figure 778011DEST_PATH_IMAGE009
Scoring each feature group in the feature group set of the current detection to obtain a scoring vector of the current detection
Figure 584162DEST_PATH_IMAGE003
Figure 320036DEST_PATH_IMAGE004
(ii) a Wherein the content of the first and second substances,
Figure 987778DEST_PATH_IMAGE005
for the first in the set of currently detected feature groupsiA score for the individual feature set;
Figure 859919DEST_PATH_IMAGE006
representing the recall ratio of the classification model;
Figure 836971DEST_PATH_IMAGE007
representing the precision of the classification model.
As a specific embodiment, in the streaming data security vulnerability traceability system in a video conference scenario, the security vulnerability determining module 2010 specifically includes:
and the feature group screening unit is used for screening the T feature groups with the highest scoring results.
And the stream data characteristic determining unit is used for determining a plurality of stream data characteristics corresponding to each characteristic group in the T characteristic groups to obtain a stream data characteristic set.
And the security vulnerability determining unit is used for determining the stream data feature with the largest occurrence frequency in the stream data feature set as the stream data feature corresponding to the security vulnerability of the tth function module to be tested.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the system disclosed by the embodiment, the description is relatively simple because the system corresponds to the method disclosed by the embodiment, and the relevant points can be referred to the method part for description.
The principles and embodiments of the present invention have been described herein using specific examples, which are provided only to help understand the method and the core concept of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, the specific embodiments and the application range may be changed. In view of the above, the present disclosure should not be construed as limiting the invention.

Claims (10)

1. A tracing method for stream data security vulnerabilities in a video conference scene is characterized by comprising the following steps:
acquiring conference stream data generated by video conference transmission information; the conference flow data comprises flow data of each function module combination to be tested;
cutting the stream data of each function module combination to be tested into a plurality of stream data fragments to obtain a stream data fragment sequence corresponding to each function module to be tested;
according to the stream data characteristics, extracting characteristics of each stream data fragment in the stream data fragment sequence corresponding to each function module to be tested to obtain a characteristic matrix corresponding to each function module to be tested; a p line of the characteristic matrix is a characteristic vector corresponding to a p stream data segment, and a q column represents a characteristic value of a q stream data characteristic corresponding to each stream data segment;
for the t functional module to be tested, data grouping is carried out according to the characteristic matrix corresponding to the t functional module to be tested to obtainkA set of features; each characteristic group comprises a plurality of columns of data in a characteristic matrix corresponding to the tth functional module to be tested;
acquiring detection times; number of detectionsrTo satisfy
Figure DEST_PATH_IMAGE002
The smallest integer value of (c);
determining a feature group set of each detection; the index j of the jth characteristic group is represented by a binary number group, and the characteristic group set detected at the ith time is a set formed by all characteristic groups corresponding to the indexes with the ith bit of the binary number group being 1;
grading the feature group set of each detection by using a grading model to obtain a grading vector of each detection; the scoring vector is a k-dimensional vector, and when the ith detected feature group set does not comprise a jth feature group, the value of the jth position in the ith detected scoring vector is null; when the feature group set of the ith detection comprises the jth feature group, the value of the jth position in the scoring vector of the ith detection is a scoring value;
when the detection times are reached, obtaining a scoring matrix of the tth functional module to be tested; the ith row of the scoring matrix is a scoring vector of the ith detection, and the jth column is a scoring score of each detection of the jth feature group;
determining a scoring result of each feature group according to the scoring matrix of the tth functional module to be tested; the scoring result of each feature group is the scoring average value of all the detection times of the feature group;
determining the stream data characteristics corresponding to the security vulnerability of the tth functional module to be tested according to the grading result of each characteristic group and the stream data characteristics corresponding to each characteristic group;
and sequentially determining the stream data characteristics corresponding to the security vulnerabilities of each functional module to be tested.
2. The method for tracing the security vulnerabilities of the streaming data under the video conference scene according to claim 1, wherein the obtaining of the conference stream data generated by the video conference transmission information specifically includes:
determining a functional module to be tested in the video conference;
generating a conference flow data acquisition scheme; the conference flow data acquisition scheme is a scheme for sequentially acquiring data of the functional modules to be tested;
according to the conference flow data acquisition scheme, monitoring the video conference in progress by using a network sniffing tool, storing the conference flow data of each video monitoring and generating a label of each video monitoring; and the conference stream data monitored by the video at each time is the stream data of the currently monitored functional module to be tested.
3. The method for tracing the security vulnerabilities of streaming data under a video conference scenario as claimed in claim 1, wherein the streaming data features comprise: number of bits per second, number of uploaded bits per second, number of downloaded bits per second, proportion of the number of uploaded or downloaded bits, number of packets per second, number of uploaded packets per second, number of downloaded packets per second, proportion of the number of uploaded or downloaded packets, mean/variance of packet size and 25% segmentation point, packet length distribution frequency sequence, packet length transfer matrix, mean/variance of uploaded packet size and 25% segmentation point, mean/variance of downloaded packet size and 25% segmentation point, upload packet length distribution frequency sequence, download packet length distribution frequency sequence, upload packet length transfer matrix, download packet length transfer matrix, packet time interval mean/variance and 25% segmentation point, packet time interval distribution, upload packet time interval mean/variance and 25% segmentation point, download packet time interval mean/variance and 25% segmentation point, Upload packet time interval, download packet time interval, variance/kurtosis and skewness of the traffic sequence, variance/kurtosis and skewness of the upload traffic sequence, and variance/kurtosis and skewness of the download traffic sequence.
4. The method for tracing the security vulnerabilities of the streaming data under the video conference scene according to claim 1, wherein the scoring model is used to score the feature group set detected each time to obtain a scoring vector detected each time, specifically comprising:
using formulas
Figure DEST_PATH_IMAGE004
Scoring each feature group in the feature group set of the current detection to obtain a scoring vector of the current detection
Figure DEST_PATH_IMAGE006
Figure DEST_PATH_IMAGE008
(ii) a Wherein the content of the first and second substances,
Figure DEST_PATH_IMAGE010
for the first in the set of currently detected feature groupsiA score for the individual feature set;
Figure DEST_PATH_IMAGE012
representing the recall ratio of the classification model;
Figure DEST_PATH_IMAGE014
representing the precision of the classification model.
5. The method for tracing the source of the security vulnerability of the streaming data under the video conference scenario according to claim 1, wherein the determining the streaming data feature corresponding to the security vulnerability of the tth functional module to be tested according to the scoring result of each feature group in combination with the streaming data feature corresponding to each feature group specifically comprises:
screening T feature groups with the highest scoring results;
determining a plurality of stream data characteristics corresponding to each characteristic group in the T characteristic groups to obtain a stream data characteristic set;
and determining the stream data characteristics with the largest occurrence frequency in the stream data characteristic set as the stream data characteristics corresponding to the security vulnerability of the tth function module to be tested.
6. The utility model provides a system of tracing to source of data security vulnerability under video conferencing scene, its characterized in that includes:
the conference flow data acquisition module is used for acquiring conference flow data generated by video conference transmission information; the conference flow data comprises flow data of each function module combination to be tested;
the flow data cutting module is used for cutting the flow data of each to-be-tested function module combination into a plurality of flow data fragments to obtain a flow data fragment sequence corresponding to each to-be-tested function module;
the characteristic extraction module is used for extracting the characteristics of each flow data segment in the flow data segment sequence corresponding to each function module to be tested according to the flow data characteristics to obtain a characteristic matrix corresponding to each function module to be tested; a p line of the characteristic matrix is a characteristic vector corresponding to a p stream data segment, and a q column represents a characteristic value of a q stream data characteristic corresponding to each stream data segment;
a characteristic grouping module for grouping data of the tth functional module to be tested according to the characteristic matrix corresponding to the tth functional module to be tested to obtainkA set of features; each characteristic group comprises a plurality of columns of data in a characteristic matrix corresponding to the tth functional module to be tested;
the detection times acquisition module is used for acquiring detection times; number of detectionsrTo satisfy
Figure DEST_PATH_IMAGE016
The smallest integer value of (c);
the characteristic group set determining module is used for determining a characteristic group set detected each time; the index j of the jth characteristic group is represented by a binary number group, and the characteristic group set detected at the ith time is a set formed by all characteristic groups corresponding to the indexes with the ith bit of the binary number group being 1;
the scoring module is used for scoring the feature group set of each detection by using a scoring model to obtain a scoring vector of each detection; the scoring vector is a k-dimensional vector, and when the ith detected feature group set does not comprise a jth feature group, the value of the jth position in the ith detected scoring vector is null; when the feature group set of the ith detection comprises the jth feature group, the value of the jth position in the scoring vector of the ith detection is a scoring value;
the scoring matrix determining module is used for obtaining a scoring matrix of the tth to-be-tested functional module after the detection times are reached; the ith row of the scoring matrix is a scoring vector of the ith detection, and the jth column is a scoring score of each detection of the jth feature group;
the scoring result determining module is used for determining the scoring result of each feature group according to the scoring matrix of the tth to-be-tested function module; the scoring result of each feature group is the scoring average value of all the detection times of the feature group;
the security vulnerability determining module is used for determining the stream data characteristics corresponding to the security vulnerability of the tth functional module to be tested according to the grading result of each characteristic group and by combining the stream data characteristics corresponding to each characteristic group; and determining the stream data characteristics corresponding to the security vulnerabilities of each functional module to be tested in sequence.
7. The system for tracing to the source of the streaming data security vulnerability under the video conference scene according to claim 6, wherein the conference stream data obtaining module specifically comprises:
the to-be-tested function module determining unit is used for determining the to-be-tested function module in the video conference;
the conference flow data acquisition scheme generating unit is used for generating a conference flow data acquisition scheme; the conference flow data acquisition scheme is a scheme for sequentially acquiring data of the functional modules to be tested;
the data acquisition unit is used for monitoring the video conference in progress by using a network sniffing tool according to the conference stream data acquisition scheme, storing the conference stream data of each video monitoring and generating a label of each video monitoring; and the conference stream data monitored by the video at each time is the stream data of the currently monitored functional module to be tested.
8. The system of claim 6, wherein the stream data security vulnerability traceability system under video conference scenario comprises: number of bits per second, number of uploaded bits per second, number of downloaded bits per second, proportion of the number of uploaded or downloaded bits, number of packets per second, number of uploaded packets per second, number of downloaded packets per second, proportion of the number of uploaded or downloaded packets, mean/variance of packet size and 25% segmentation point, packet length distribution frequency sequence, packet length transfer matrix, mean/variance of uploaded packet size and 25% segmentation point, mean/variance of downloaded packet size and 25% segmentation point, upload packet length distribution frequency sequence, download packet length distribution frequency sequence, upload packet length transfer matrix, download packet length transfer matrix, packet time interval mean/variance and 25% segmentation point, packet time interval distribution, upload packet time interval mean/variance and 25% segmentation point, download packet time interval mean/variance and 25% segmentation point, Upload packet time interval, download packet time interval, variance/kurtosis and skewness of the traffic sequence, variance/kurtosis and skewness of the upload traffic sequence, and variance/kurtosis and skewness of the download traffic sequence.
9. The system of claim 6, wherein the scoring module specifically comprises:
a scoring unit for utilizing a formula
Figure 943875DEST_PATH_IMAGE004
Scoring each feature group in the feature group set of the current detection to obtain a scoring vector of the current detection
Figure 533119DEST_PATH_IMAGE006
Figure 781698DEST_PATH_IMAGE008
(ii) a Wherein the content of the first and second substances,
Figure 645748DEST_PATH_IMAGE010
for the first in the set of currently detected feature groupsiA score for the individual feature set;
Figure 928962DEST_PATH_IMAGE012
representing the recall ratio of the classification model;
Figure 485845DEST_PATH_IMAGE014
representing the precision of the classification model.
10. The system according to claim 6, wherein the vulnerability determining module specifically includes:
the characteristic group screening unit is used for screening T characteristic groups with the highest scoring results;
the flow data characteristic determining unit is used for determining a plurality of flow data characteristics corresponding to each characteristic group in the T characteristic groups to obtain a flow data characteristic set;
and the security vulnerability determining unit is used for determining the stream data feature with the largest occurrence frequency in the stream data feature set as the stream data feature corresponding to the security vulnerability of the tth function module to be tested.
CN202011555492.2A 2020-12-25 2020-12-25 Method and system for tracing security vulnerability of streaming data in video conference scene Active CN112291506B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011555492.2A CN112291506B (en) 2020-12-25 2020-12-25 Method and system for tracing security vulnerability of streaming data in video conference scene

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011555492.2A CN112291506B (en) 2020-12-25 2020-12-25 Method and system for tracing security vulnerability of streaming data in video conference scene

Publications (2)

Publication Number Publication Date
CN112291506A true CN112291506A (en) 2021-01-29
CN112291506B CN112291506B (en) 2021-03-26

Family

ID=74426141

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011555492.2A Active CN112291506B (en) 2020-12-25 2020-12-25 Method and system for tracing security vulnerability of streaming data in video conference scene

Country Status (1)

Country Link
CN (1) CN112291506B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112822432A (en) * 2021-04-16 2021-05-18 北京电信易通信息技术股份有限公司 Video conference system based on block chain and access control method
CN113315788A (en) * 2021-07-28 2021-08-27 北京电信易通信息技术股份有限公司 Lightweight protection method and system for sensitive data of video conference mobile terminal

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8321242B1 (en) * 2008-12-02 2012-11-27 Fox Chase Bank Personalized time release messaging
CN104468507A (en) * 2014-10-28 2015-03-25 刘胜利 Torjan detection method based on uncontrolled end flow analysis
CN105791039A (en) * 2014-12-22 2016-07-20 北京启明星辰信息安全技术有限公司 Method and system for detecting suspicious tunnel based on characteristic fragment self-discovery
CN107577786A (en) * 2017-09-15 2018-01-12 合肥工业大学 A kind of matrix decomposition recommendation method based on joint cluster
CN110457349A (en) * 2019-07-02 2019-11-15 北京人人云图信息技术有限公司 The monitoring method and monitoring device of information outflow
CN110868413A (en) * 2019-11-12 2020-03-06 成都索贝数码科技股份有限公司 Video and audio credible playing method for generating associated abstract based on intra-frame extraction
CN111405234A (en) * 2020-04-17 2020-07-10 杭州大轶科技有限公司 Video conference information system and method with integration of cloud computing and edge computing
CN111444846A (en) * 2020-03-27 2020-07-24 深圳技术大学 Video feature extraction method and device, computer equipment and storage medium

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8321242B1 (en) * 2008-12-02 2012-11-27 Fox Chase Bank Personalized time release messaging
CN104468507A (en) * 2014-10-28 2015-03-25 刘胜利 Torjan detection method based on uncontrolled end flow analysis
CN105791039A (en) * 2014-12-22 2016-07-20 北京启明星辰信息安全技术有限公司 Method and system for detecting suspicious tunnel based on characteristic fragment self-discovery
CN107577786A (en) * 2017-09-15 2018-01-12 合肥工业大学 A kind of matrix decomposition recommendation method based on joint cluster
CN110457349A (en) * 2019-07-02 2019-11-15 北京人人云图信息技术有限公司 The monitoring method and monitoring device of information outflow
CN110868413A (en) * 2019-11-12 2020-03-06 成都索贝数码科技股份有限公司 Video and audio credible playing method for generating associated abstract based on intra-frame extraction
CN111444846A (en) * 2020-03-27 2020-07-24 深圳技术大学 Video feature extraction method and device, computer equipment and storage medium
CN111405234A (en) * 2020-04-17 2020-07-10 杭州大轶科技有限公司 Video conference information system and method with integration of cloud computing and edge computing

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112822432A (en) * 2021-04-16 2021-05-18 北京电信易通信息技术股份有限公司 Video conference system based on block chain and access control method
CN113315788A (en) * 2021-07-28 2021-08-27 北京电信易通信息技术股份有限公司 Lightweight protection method and system for sensitive data of video conference mobile terminal

Also Published As

Publication number Publication date
CN112291506B (en) 2021-03-26

Similar Documents

Publication Publication Date Title
CN111277578B (en) Encrypted flow analysis feature extraction method, system, storage medium and security device
Chae et al. Feature selection for intrusion detection using NSL-KDD
CN112291506B (en) Method and system for tracing security vulnerability of streaming data in video conference scene
CN107733851A (en) DNS tunnels Trojan detecting method based on communication behavior analysis
CN110460502B (en) Application program flow identification method under VPN based on distributed feature random forest
CN105550253B (en) Method and device for acquiring type relationship
CN105447147A (en) Data processing method and apparatus
CN111181930A (en) DDoS attack detection method, device, computer equipment and storage medium
CN110493235A (en) A kind of mobile terminal from malicious software synchronization detection method based on network flow characteristic
Shrestha et al. Leveraging statistical feature points for generalized detection of covert timing channels
Hur et al. Towards smart phone traffic classification
Jiang et al. I know what you are doing with remote desktop
Pham et al. Lightweight Convolutional Neural Network Based Intrusion Detection System.
Altschaffel et al. Statistical pattern recognition based content analysis on encrypted network: Traffic for the teamviewer application
Erdenebaatar et al. Analyzing traffic characteristics of instant messaging applications on android smartphones
CN114679318B (en) Lightweight Internet of things equipment identification method in high-speed network
Zhou et al. IoT unbalanced traffic classification system based on Focal_Attention_LSTM
Kaoprakhon et al. Classification of audio and video traffic over HTTP protocol
Liu et al. Automated behavior identification of home security camera traffic
CN105703930A (en) Session log processing method and session log processing device based on application
Lv et al. Network encrypted traffic classification based on secondary voting enhanced random forest
CN114244779A (en) Traffic identification method and device and storage medium
Kalamaras et al. MoVA: a visual analytics tool providing insight in the big mobile network data
CN113807373A (en) Traffic identification method and device, equipment and storage medium
He et al. Privacy mining of large-scale mobile usage data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: A method and system for tracing security vulnerabilities of streaming data in video conference scenarios

Effective date of registration: 20220726

Granted publication date: 20210326

Pledgee: Bank of Nanjing Limited by Share Ltd. Beijing branch

Pledgor: BEIJING TELECOMMUNICATION YITONG INFORMATION TECHNOLOGY Co.,Ltd.

Registration number: Y2022110000169

PE01 Entry into force of the registration of the contract for pledge of patent right
PC01 Cancellation of the registration of the contract for pledge of patent right

Granted publication date: 20210326

Pledgee: Bank of Nanjing Limited by Share Ltd. Beijing branch

Pledgor: BEIJING TELECOMMUNICATION YITONG INFORMATION TECHNOLOGY Co.,Ltd.

Registration number: Y2022110000169

PC01 Cancellation of the registration of the contract for pledge of patent right
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: A method and system for tracing security vulnerabilities in streaming data in video conferencing scenarios

Granted publication date: 20210326

Pledgee: Bank of Nanjing Limited by Share Ltd. Beijing branch

Pledgor: BEIJING TELECOMMUNICATION YITONG INFORMATION TECHNOLOGY Co.,Ltd.

Registration number: Y2024980016071