CN112543203A - Terminal access method, device and system - Google Patents

Terminal access method, device and system Download PDF

Info

Publication number
CN112543203A
CN112543203A CN202011579724.8A CN202011579724A CN112543203A CN 112543203 A CN112543203 A CN 112543203A CN 202011579724 A CN202011579724 A CN 202011579724A CN 112543203 A CN112543203 A CN 112543203A
Authority
CN
China
Prior art keywords
terminal
legal
information
monitoring system
video monitoring
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011579724.8A
Other languages
Chinese (zh)
Other versions
CN112543203B (en
Inventor
李奉超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou DPTech Technologies Co Ltd
Original Assignee
Hangzhou DPTech Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou DPTech Technologies Co Ltd filed Critical Hangzhou DPTech Technologies Co Ltd
Priority to CN202011579724.8A priority Critical patent/CN112543203B/en
Publication of CN112543203A publication Critical patent/CN112543203A/en
Application granted granted Critical
Publication of CN112543203B publication Critical patent/CN112543203B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/18Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Power Engineering (AREA)
  • Multimedia (AREA)
  • Alarm Systems (AREA)

Abstract

The disclosure relates to a terminal access method, a terminal access device, electronic equipment and a computer readable medium in a video monitoring system. The method comprises the following steps: acquiring terminal information and message information of a terminal in a video monitoring system; comparing the terminal information with the message information and a feature library to determine the legality of the terminal; when the terminal is a legal terminal, adding the IP address of the terminal into a legal terminal list; and sending the legal terminal list to safety equipment in a video monitoring system. The terminal access method, the terminal access device, the electronic equipment and the computer readable medium in the video monitoring system are beneficial to increasing the security of terminal access in the video monitoring system, improving the convenience of terminal access control and improving the accuracy of terminal access control.

Description

Terminal access method, device and system
Technical Field
The present disclosure relates to the field of computer information processing, and in particular, to a terminal access method and apparatus in a video monitoring system, an electronic device, and a computer readable medium.
Background
With the rapid development of the internet technology, the development speed of the urban video monitoring system is also rapidly increased, and great contribution is made to the security and protection career of the city and the life convenience of people. The Video monitoring system generally includes an access device, a transmission line, and a monitoring device, where the access device may be, but is not limited to, a Network Video Recorder (NVR), an Internet Protocol Camera (IPC), a Personal Computer (PC), and the like. While video monitoring systems are rapidly developing, security problems in video monitoring systems are becoming more and more important, especially the problem of controlling legal terminal access.
The number and the variety of the access terminals in the video monitoring system are various, and the access terminals can be utilized by a person with mind, illegal terminals are accessed in the video monitoring system, illegal tampering and virus injection are carried out on the legal terminals, and the illegal terminals are used for stealing data, so that the normal operation of the video monitoring system can be influenced, and huge loss is more likely to be caused. It is therefore important to control the legal access of terminals in video surveillance systems.
Therefore, a new terminal access method, apparatus, electronic device and computer readable medium in a video surveillance system are needed.
The above information disclosed in this background section is only for enhancement of understanding of the background of the disclosure and therefore it may contain information that does not constitute prior art that is already known to a person of ordinary skill in the art.
Disclosure of Invention
In view of this, the present disclosure provides a terminal access method, a terminal access device, an electronic device, and a computer readable medium in a video monitoring system, which are beneficial to increasing security of terminal access in the video monitoring system, improving convenience of controlling terminal access, and improving accuracy of controlling terminal access.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows, or in part will be obvious from the description, or may be learned by practice of the disclosure.
According to an aspect of the present disclosure, a terminal access method in a video monitoring system is provided, which is applicable to a management platform, and the method includes: acquiring terminal information and message information of a terminal in a video monitoring system; comparing the terminal information with the message information and a feature library to determine the legality of the terminal; when the terminal is a legal terminal, adding the IP address of the terminal into a legal terminal list; and sending the legal terminal list to safety equipment in a video monitoring system.
In an exemplary embodiment of the present disclosure, further comprising: and generating the feature library based on the equipment information, the message rule and the quintuple information of the plurality of terminals.
In an exemplary embodiment of the present disclosure, acquiring terminal information and message information of a terminal in a video monitoring system includes: and acquiring the terminal information and the message information of the terminal by the safety equipment in the video monitoring system.
In an exemplary embodiment of the present disclosure, further comprising: and when the terminal is an illegal terminal, adding the IP address of the terminal into an illegal terminal list.
In an exemplary embodiment of the present disclosure, includes: when the terminal is an illegal terminal, judging whether the terminal exists in the legal terminal list or not; and when the terminal exists in the legal terminal list, updating the legal terminal list.
In an exemplary embodiment of the present disclosure, when the terminal is an illegal terminal, the method includes: and when the number of the illegal messages of the terminal meets a preset condition, determining that the terminal is an illegal terminal.
According to an aspect of the present disclosure, a terminal access method in a video monitoring system is provided, which is applicable to a security device, and the method includes: acquiring message information by a terminal in a video monitoring system; extracting the IP address of the terminal; judging the validity of the IP address based on a preset legal terminal list; and when the terminal is a legal terminal, forwarding the message information to target equipment.
In an exemplary embodiment of the present disclosure, further comprising: and blocking the message information when the terminal is not a legal terminal.
In an exemplary embodiment of the present disclosure, further comprising: when the terminal is not a legal terminal, acquiring terminal information and message information of the terminal; and forwarding the terminal information and the message information to the management platform.
In an exemplary embodiment of the present disclosure, further comprising: and acquiring data by the management platform to update the legal terminal list in real time.
According to an aspect of the present disclosure, a terminal access apparatus in a video monitoring system is provided, which is applicable to a management platform, and the apparatus includes: the information module is used for acquiring terminal information and message information of the terminal in the video monitoring system; the judging module is used for comparing the terminal information with the message information and the feature library to determine the legality of the terminal; the adding module is used for adding the IP address of the terminal into a legal terminal list when the terminal is a legal terminal; and the sending module is used for sending the legal terminal list to the safety equipment in the video monitoring system.
According to an aspect of the present disclosure, a terminal access apparatus in a video monitoring system is provided, which is applicable to a security device, the apparatus including: the message module is used for acquiring message information by a terminal in the video monitoring system; the address module is used for extracting the IP address of the terminal; the list module is used for judging the legality of the IP address based on a preset legal terminal list; and the forwarding module is used for forwarding the message information to the target equipment when the terminal is a legal terminal.
According to an aspect of the present disclosure, a terminal access system in a video monitoring system is provided, the system including: the terminal is used for generating message information based on the real-time video data; the safety equipment is used for acquiring message information by the terminal; extracting the IP address of the terminal; judging the validity of the IP address based on a preset legal terminal list; when the terminal is a legal terminal, forwarding the message information to target equipment; the management platform is used for acquiring terminal information and message information of the terminal; comparing the terminal information with the message information and a feature library to determine the legality of the terminal; when the terminal is a legal terminal, adding the IP address of the terminal into a legal terminal list; and sending the legal terminal list to safety equipment in a video monitoring system.
According to an aspect of the present disclosure, an electronic device is provided, the electronic device including: one or more processors; storage means for storing one or more programs; when executed by one or more processors, cause the one or more processors to implement a method as above.
According to an aspect of the disclosure, a computer-readable medium is proposed, on which a computer program is stored, which program, when being executed by a processor, carries out the method as above.
According to the terminal access method, the terminal access device, the electronic equipment and the computer readable medium in the video monitoring system, the video monitoring system acquires terminal information and message information of a terminal; comparing the terminal information with the message information and a feature library to determine the legality of the terminal; when the terminal is a legal terminal, adding the IP address of the terminal into a legal terminal list; the mode of sending the legal terminal list to the safety equipment in the video monitoring system is beneficial to increasing the safety of terminal access in the video monitoring system, improving the convenience of terminal access and improving the accuracy of terminal access.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The above and other objects, features and advantages of the present disclosure will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawings. The drawings described below are merely some embodiments of the present disclosure, and other drawings may be derived from those drawings by those of ordinary skill in the art without inventive effort.
Fig. 1 is a system block diagram illustrating a terminal access method and apparatus in a video surveillance system according to an exemplary embodiment.
Fig. 2 is a flowchart illustrating a terminal access method in a video surveillance system according to an exemplary embodiment.
Fig. 3 is a flowchart illustrating a terminal access method in a video surveillance system according to another exemplary embodiment.
Fig. 4 is a flowchart illustrating a terminal access method in a video surveillance system according to another exemplary embodiment.
Fig. 5 is a block diagram illustrating a terminal access device in a video surveillance system according to an example embodiment.
Fig. 6 is a block diagram illustrating a terminal access device in a video surveillance system according to another example embodiment.
Fig. 7 is a block diagram illustrating a terminal access system in a video surveillance system according to another example embodiment.
FIG. 8 is a block diagram illustrating an electronic device in accordance with an example embodiment.
FIG. 9 is a block diagram illustrating a computer-readable medium in accordance with an example embodiment.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The same reference numerals denote the same or similar parts in the drawings, and thus, a repetitive description thereof will be omitted.
Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the subject matter of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and so forth. In other instances, well-known methods, devices, implementations, or operations have not been shown or described in detail to avoid obscuring aspects of the disclosure.
The block diagrams shown in the figures are functional entities only and do not necessarily correspond to physically separate entities. I.e. these functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor means and/or microcontroller means.
The flow charts shown in the drawings are merely illustrative and do not necessarily include all of the contents and operations/steps, nor do they necessarily have to be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.
It will be understood that, although the terms first, second, third, etc. may be used herein to describe various components, these components should not be limited by these terms. These terms are used to distinguish one element from another. Thus, a first component discussed below may be termed a second component without departing from the teachings of the disclosed concept. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
It is to be understood by those skilled in the art that the drawings are merely schematic representations of exemplary embodiments, and that the blocks or processes shown in the drawings are not necessarily required to practice the present disclosure and are, therefore, not intended to limit the scope of the present disclosure.
The inventor of the present disclosure finds that in the prior art, there are 2 terminal monitoring schemes, that is, 1, terminals in a video monitoring system are all allowed to access, the terminals are checked manually at regular intervals, and the terminals which are found to be illegally replaced are processed; 2. and configuring a legal IP address list to control the access of the terminal in the video monitoring system. Aiming at the scheme 1, the access permitted by all terminals is unsafe, and the manual inspection mode has hysteresis in time and is not easy to inspect problems. For the scheme 2, the access accuracy of the terminal is not high by configuring the legal IP address, and there is a possibility of misjudgment, for example, an illegal terminal configured with a legal IP, a legal terminal is tampered, and a virus is injected.
The disclosure provides a terminal access method and device in a video monitoring system. The number and the variety of the access terminals in the video monitoring system are various, the access of the terminals is controlled by pre-configuring the characteristics of network communication of various terminals, the safety problem of the video monitoring system can be guaranteed, the legal terminals are judged by management software, compared with manual troubleshooting, the operation is easy, timely and accurate, and the access judgment of the terminals is more accurate relative to the access of the terminals which are singly controlled by IP addresses by configuring richer characteristics. The present disclosure is described in detail below with reference to specific examples.
Fig. 1 is a system block diagram illustrating a terminal access method, apparatus, electronic device and computer readable medium in a video surveillance system according to an example embodiment.
As shown in fig. 1, system architecture 10 may include terminal devices 101, 102, 103, security device 104, network 105, and management platform 106. The network 105 provides the medium of communication links between the terminal devices 101, 102, 103 and the security device 104 management platform 106; the network 105 also serves to provide a medium for communication links between the security device 104 management platforms and 106. Network 105 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 101, 102, 103 to interact with the management platform 106 via the security device 104 to receive or send messages or the like. Various video client applications, such as a video surveillance application, an image recognition application, an instant messaging tool, social platform software, etc., may be installed on the terminal devices 101, 102, 103.
The terminal devices 101, 102, 103 may be various electronic devices having a camera and supporting network interconnection, including but not limited to a smart camera, a smart monitoring device, and the like.
The management platform 106 may be a server providing various services, such as a background management server monitoring message data sent by the terminal devices 101, 102, 103. The backend management server may analyze and perform other processing on the received message information and terminal information, and feed back a processing result (e.g., a legal terminal list) to the security device 104.
The management platform 106 is installed with management software, which may be management software in a video surveillance system, and is capable of managing security devices in the video surveillance system. By means of the management software, a network administrator can manage the security equipment, control the access of the terminal in the video monitoring system through the management of the security equipment and monitor the state of the terminal in the video monitoring system.
The management platform 106 may, for example, obtain terminal information and message information of the terminal in the video monitoring system; management platform 106 may, for example, compare the terminal information and the message information to a feature library to determine the validity of the terminal; the management platform 106 may, for example, add the IP address of the terminal to a list of valid terminals when the terminal is a valid terminal; the management platform 106 may, for example, send the list of legitimate terminals to a security device in the video surveillance system.
The security device 104 is a security device in the video monitoring system, and can identify a terminal in the video monitoring system, control access of the terminal in the video monitoring system, and monitor a state of the terminal in the video monitoring system.
The security device 104 may, for example, obtain message information from a terminal in a video surveillance system; the security device 104 may, for example, extract the IP address of the terminal; the security device 104 may determine the validity of the IP address, for example, based on a preset list of valid terminals; the security device 104 may forward the packet information to the target device, for example, when the terminal is a legitimate terminal.
It should be noted that the terminal access method in the video monitoring system provided by the embodiment of the present disclosure may be executed by the management platform 106 and the security device 104, and accordingly, the terminal access apparatus in the video monitoring system may be disposed in the management platform 106 and the security device 104. Whereas the means provided for generating the message information are typically located in the terminal equipment 101, 102, 103.
Fig. 2 is a flowchart illustrating a terminal access method in a video surveillance system according to an exemplary embodiment. The terminal access method 20 in the video surveillance system is applicable to a management platform and at least includes steps S202 to S210.
As shown in fig. 2, in S202, the terminal information and the message information of the terminal are acquired by the video monitoring system. The terminal information and the message information of the terminal can be acquired by the safety equipment in the video monitoring system. Wherein, the message is a network communication term. Is a data unit exchanged and transmitted in the network, i.e. a data block to be sent by the station at one time. The message contains complete data information to be sent, and the message is very inconsistent in length, unlimited in length and variable.
In S204, the terminal information, the message information, and the feature library are compared to determine the validity of the terminal.
In one embodiment, further comprising: and generating the feature library based on the equipment information, the message rule and the quintuple information of the plurality of terminals. Wherein the quintuple information is a network communication term. Refers to the source IP address, source port, destination IP address, destination port and transport protocol. Each message in the network has corresponding five-tuple information.
Legal characteristics of various terminal network communications can be defined, and the characteristics of the terminal network communications comprise five-tuple (including source IP, source port, destination IP, destination port and transmission protocol), message content rule and terminal model. The video monitoring system has different roles of various terminals and respective responsibilities, and the network communication of various terminals conforms to respective rules. For example, IPC is responsible for transmission of video and pictures, the sent message conforms to the characteristics of the IPC's picture stream and video stream, NVR is responsible for storage, and PC is responsible for monitoring other terminals. The characteristics of various terminal network communication messages are standardized, so that the security of terminal management and terminal access control is facilitated, and illegal terminals and legal terminals which are possibly tampered and injected with viruses can be identified.
In S206, when the terminal is a valid terminal, the IP address of the terminal is added to a valid terminal list.
In S208, the legal terminal list is sent to a security device in the video monitoring system.
In S10, when the terminal is an illegal terminal, the IP address of the terminal is added to an illegal terminal list. When the terminal is an illegal terminal, judging whether the terminal exists in the legal terminal list or not; and when the terminal exists in the legal terminal list, updating the legal terminal list.
And defining the disposal strategy of receiving illegal terminal message. Configuring the illegal terminal message handling policy can determine when the system alarms and change the legal terminal to be an illegal terminal.
And when the number of the illegal messages of the terminal meets a preset condition, determining that the terminal is an illegal terminal. More specifically, for example, the number of times that a certain terminal sends an illegal message within a period of time reaches a configured threshold, or the total number of times that a certain terminal sends an illegal message reaches the configured threshold, it may be considered that the preset condition is satisfied.
According to the terminal access method in the video monitoring system, the terminal information and the message information of the terminal are acquired in the video monitoring system; comparing the terminal information with the message information and a feature library to determine the legality of the terminal; when the terminal is a legal terminal, adding the IP address of the terminal into a legal terminal list; the mode of sending the legal terminal list to the safety equipment in the video monitoring system is beneficial to increasing the safety of terminal access in the video monitoring system, improving the convenience of terminal access and improving the accuracy of terminal access.
It should be clearly understood that this disclosure describes how to make and use particular examples, but the principles of this disclosure are not limited to any details of these examples. Rather, these principles can be applied to many other embodiments based on the teachings of the present disclosure.
Fig. 3 is a flowchart illustrating a terminal access method in a video surveillance system according to another exemplary embodiment. The terminal access method 30 in the video surveillance system is applicable to a security device and includes at least steps S302 to S310.
As shown in fig. 3, in S302, the message information is obtained by the terminal in the video monitoring system.
In S304, the IP address of the terminal is extracted.
In S306, the validity of the IP address is determined based on a preset valid terminal list. Data may be retrieved by the management platform to update the list of legitimate terminals in real-time.
In S308, when the terminal is a legal terminal, the message information is forwarded to the target device. The safety device controls the access of the terminal through a legal terminal list issued by the management software, puts through the messages sent by the terminal in the legal terminal list and blocks the messages sent by the terminal which is not in the legal terminal list.
In S310, blocking the message information when the terminal is not a legal terminal. Further comprising: when the terminal is not a legal terminal, acquiring terminal information and message information of the terminal; and forwarding the terminal information and the message information to the management platform. When receiving the message sent by the illegal terminal in the video monitoring system, the safety device can forward the message information to the management software. The management software compares the message information with the defined feature library, the management software judges the legal terminal IP and then issues the legal terminal IP to the safety equipment, the safety equipment controls the access of the terminal through the legal terminal IP issued by the management software, if the terminal IP is legal, the message is allowed to pass, otherwise, the message is directly blocked.
Fig. 4 is a flowchart illustrating a terminal access method in a video surveillance system according to another exemplary embodiment. The flow 40 shown in fig. 4 is a detailed description of the process performed by the video surveillance system.
As shown in fig. 4, in S401, the management software runs, and configures the feature library. The feature library may store virus-related features for subsequent determination.
In S402, terminal message information sent by the security device is received.
In S403, whether or not the terminal is legitimate is confirmed. The message information sent by the terminal may include message information that the terminal has judged to be legal, and the message information sent by the terminal may also include message information that the terminal has judged to be illegal, or message information that the terminal cannot judge to be legal.
In S404, whether it is in the legitimate terminal list. And judging again according to the locally stored legal terminal list.
In S405, whether or not to match the feature library. Whether a viral signature is matched.
In S406, whether or not the terminal list change condition is satisfied. And if the number of the message errors exceeds the threshold limit, the terminal is determined as a dangerous terminal.
In S407, the terminal is deleted from the legitimate terminal list.
In S408, whether or not to match the feature library. Whether a viral signature is matched
In S409, the illegal terminal list is added.
In S410, it is added to the list of legitimate terminals.
In S411, the information is issued to the security device.
The safety device sends the message information sent by the terminal to the management software, and the management software confirms the legal terminal. When the management software receives the message information of each terminal for the first time (the terminal is not in the legal terminal list and the illegal terminal list of the management software), the message information of the terminal is matched and compared with the defined feature library, the matched legal message is confirmed to be a legal terminal, the terminal is added to the legal terminal list and issued to the safety equipment, and otherwise, the terminal is added to the illegal terminal list.
The management software receives the message information of each terminal (the terminal is in the legal terminal list or the illegal terminal list of the management software) later, and when the terminal is added to the legal terminal list and is an illegal message by comparing the feature library matching, the management software can determine whether to change the terminal into an illegal terminal according to the configuration.
There are two configuration decisions to confirm that a legitimate terminal is changed to an illegitimate terminal: and if one condition is met, the illegal terminal is determined to be an illegal terminal, and the management software deletes the illegal terminal from the legal terminal list and issues the illegal terminal to the safety equipment.
The terminal deletes the problem which must be determined by the administrator offline from the illegal terminal list, and deletes the problem from the illegal terminal list after solving the problem, next time the management software receives the message information of the terminal, the terminal is processed according to the condition of receiving the message information of the terminal for the first time (the terminal is not in the legal terminal list and the illegal terminal list of the management software), and whether the terminal is added into the legal terminal list or the illegal terminal list is judged.
The safety device judges whether the terminal is legal or not only according to the legal terminal list stored by the safety device. When the network flow is large, the safety equipment only transmits the message data of the illegal terminal to the management platform, and the mode can save the network flow and accelerate the message transmission speed. When the service is not busy, the safety device can send all message information to the management software, the management software is responsible for judging whether the legal terminal list changes or not, and the management software can send updated terminals (adding or deleting legal terminals) to the safety device only when the legal terminal list changes. The security device can send all message information to the management software, so that the accuracy of a legal terminal list can be improved, and the security of the whole video monitoring system can be improved.
Those skilled in the art will appreciate that all or part of the steps implementing the above embodiments are implemented as computer programs executed by a CPU. When executed by the CPU, performs the functions defined by the above-described methods provided by the present disclosure. The program may be stored in a computer readable storage medium, which may be a read-only memory, a magnetic or optical disk, or the like.
Furthermore, it should be noted that the above-mentioned figures are only schematic illustrations of the processes involved in the methods according to exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.
The following are embodiments of the disclosed apparatus that may be used to perform embodiments of the disclosed methods. For details not disclosed in the embodiments of the apparatus of the present disclosure, refer to the embodiments of the method of the present disclosure.
Fig. 5 is a block diagram illustrating a terminal access device in a video surveillance system according to an example embodiment. As shown in fig. 5, the terminal access device 50 in the video surveillance system can be used in a management platform, and includes: an information module 502, a judgment module 504, an adding module 506 and a sending module 508.
The information module 502 is used for acquiring terminal information and message information of a terminal in the video monitoring system;
the judging module 504 is configured to compare the terminal information with the message information and the feature library to determine validity of the terminal;
the adding module 506 is configured to add the IP address of the terminal to a legal terminal list when the terminal is a legal terminal;
the sending module 508 is configured to send the legal terminal list to a security device in the video monitoring system.
Fig. 6 is a block diagram illustrating a terminal access device in a video surveillance system according to another example embodiment. As shown in fig. 6, the terminal access device 60 in the video surveillance system can be used in a security apparatus, including: a message module 602, an address module 604, a list module 606, and a forwarding module 608.
The message module 602 is configured to obtain message information from a terminal in the video monitoring system;
the address module 604 is configured to extract an IP address of the terminal;
the list module 606 is configured to determine validity of the IP address based on a preset valid terminal list;
the forwarding module 608 is configured to forward the packet information to the target device when the terminal is a legal terminal.
Fig. 7 is a block diagram illustrating a terminal access system in a video surveillance system according to an example embodiment. As shown in fig. 7, the terminal access device 70 in the video surveillance system includes: a terminal 702, a security device 704, and a management platform 706.
At least one terminal 702 is configured to generate message information based on real-time video data;
at least one security device 704 is used for acquiring message information by the terminal; extracting the IP address of the terminal; judging the validity of the IP address based on a preset legal terminal list; when the terminal is a legal terminal, forwarding the message information to target equipment;
the management platform 706 is used for acquiring terminal information and message information of the terminal; comparing the terminal information with the message information and a feature library to determine the legality of the terminal; when the terminal is a legal terminal, adding the IP address of the terminal into a legal terminal list; and sending the legal terminal list to safety equipment in a video monitoring system.
According to the terminal access device in the video monitoring system, the terminal information and the message information of the terminal are acquired in the video monitoring system; comparing the terminal information with the message information and a feature library to determine the legality of the terminal; when the terminal is a legal terminal, adding the IP address of the terminal into a legal terminal list; the mode of sending the legal terminal list to the safety equipment in the video monitoring system is beneficial to increasing the safety of terminal access in the video monitoring system, improving the convenience of terminal access and improving the accuracy of terminal access.
FIG. 8 is a block diagram illustrating an electronic device in accordance with an example embodiment.
An electronic device 800 according to this embodiment of the disclosure is described below with reference to fig. 8. The electronic device 800 shown in fig. 8 is only an example and should not bring any limitations to the functionality and scope of use of the embodiments of the present disclosure.
As shown in fig. 8, electronic device 800 is in the form of a general purpose computing device. The components of the electronic device 800 may include, but are not limited to: at least one processing unit 810, at least one memory unit 820, a bus 830 connecting the various system components (including the memory unit 820 and the processing unit 810), a display unit 840, and the like.
Wherein the storage unit stores program code that can be executed by the processing unit 810, such that the processing unit 810 performs the steps according to various exemplary embodiments of the present disclosure described in this specification. For example, the processing unit 810 may perform the steps as shown in fig. 2, 3, 4.
The memory unit 820 may include readable media in the form of volatile memory units such as a random access memory unit (RAM)8201 and/or a cache memory unit 8202, and may further include a read only memory unit (ROM) 8203.
The memory unit 820 may also include a program/utility 8204 having a set (at least one) of program modules 8205, such program modules 8205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
Bus 830 may be any of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 800 may also communicate with one or more external devices 800' (e.g., keyboard, pointing device, bluetooth device, etc.) such that a user can communicate with devices with which the electronic device 800 interacts, and/or any devices (e.g., router, modem, etc.) with which the electronic device 800 can communicate with one or more other computing devices. Such communication may occur via input/output (I/O) interfaces 850. Also, the electronic device 800 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) via the network adapter 860. The network adapter 860 may communicate with other modules of the electronic device 800 via the bus 830. It should be appreciated that although not shown, other hardware and/or software modules may be used in conjunction with the electronic device 800, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, as shown in fig. 9, the technical solution according to the embodiment of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, or a network device, etc.) to execute the above method according to the embodiment of the present disclosure.
The software product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable storage medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable storage medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
The computer readable medium carries one or more programs which, when executed by a device, cause the computer readable medium to perform the functions of: acquiring terminal information and message information of a terminal in a video monitoring system; comparing the terminal information with the message information and a feature library to determine the legality of the terminal; when the terminal is a legal terminal, adding the IP address of the terminal into a legal terminal list; and sending the legal terminal list to safety equipment in a video monitoring system. The computer readable medium may also implement the following functions: acquiring message information by a terminal in a video monitoring system; extracting the IP address of the terminal; judging the validity of the IP address based on a preset legal terminal list; and when the terminal is a legal terminal, forwarding the message information to target equipment.
Those skilled in the art will appreciate that the modules described above may be distributed in the apparatus according to the description of the embodiments, or may be modified accordingly in one or more apparatuses unique from the embodiments. The modules of the above embodiments may be combined into one module, or further split into multiple sub-modules.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a mobile terminal, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
Exemplary embodiments of the present disclosure are specifically illustrated and described above. It is to be understood that the present disclosure is not limited to the precise arrangements, instrumentalities, or instrumentalities described herein; on the contrary, the disclosure is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.

Claims (13)

1. A terminal access method in a video monitoring system can be applied to a management platform, and is characterized by comprising the following steps:
acquiring terminal information and message information of a terminal in a video monitoring system;
comparing the terminal information with the message information and a feature library to determine the legality of the terminal;
when the terminal is a legal terminal, adding the IP address of the terminal into a legal terminal list;
and sending the legal terminal list to safety equipment in a video monitoring system.
2. The method of claim 1, further comprising:
and generating the feature library based on the equipment information, the message rule and the quintuple information of the plurality of terminals.
3. The method of claim 1, wherein the obtaining of the terminal information and the message information of the terminal by the video monitoring system comprises:
and acquiring the terminal information and the message information of the terminal by the safety equipment in the video monitoring system.
4. The method of claim 1, further comprising:
and when the terminal is an illegal terminal, adding the IP address of the terminal into an illegal terminal list.
5. The method of claim 1, comprising:
when the terminal is an illegal terminal, judging whether the terminal exists in the legal terminal list or not;
and when the terminal exists in the legal terminal list, updating the legal terminal list.
6. The method as claimed in claim 5, wherein when the terminal is an illegal terminal, comprising:
and when the number of the illegal messages of the terminal meets a preset condition, determining that the terminal is an illegal terminal.
7. A terminal access method in a video monitoring system can be applied to a safety device, and is characterized by comprising the following steps:
acquiring message information by a terminal in a video monitoring system;
extracting the IP address of the terminal;
judging the validity of the IP address based on a preset legal terminal list;
and when the terminal is a legal terminal, forwarding the message information to target equipment.
8. The method of claim 1, further comprising:
and blocking the message information when the terminal is not a legal terminal.
9. The method of claim 1, further comprising:
when the terminal is not a legal terminal, acquiring terminal information and message information of the terminal;
and forwarding the terminal information and the message information to the management platform.
10. The method of claim 9, further comprising:
and acquiring data by the management platform to update the legal terminal list in real time.
11. A terminal access device in a video monitoring system, which can be applied to a management platform, is characterized by comprising:
the information module is used for acquiring terminal information and message information of the terminal in the video monitoring system;
the judging module is used for comparing the terminal information with the message information and the feature library to determine the legality of the terminal;
the adding module is used for adding the IP address of the terminal into a legal terminal list when the terminal is a legal terminal;
and the sending module is used for sending the legal terminal list to the safety equipment in the video monitoring system.
12. A terminal access device in a video monitoring system, which can be applied to a security device, is characterized by comprising:
the message module is used for acquiring message information by a terminal in the video monitoring system;
the address module is used for extracting the IP address of the terminal;
the list module is used for judging the legality of the IP address based on a preset legal terminal list;
and the forwarding module is used for forwarding the message information to the target equipment when the terminal is a legal terminal.
13. A video surveillance system, comprising:
at least one terminal for generating message information based on real-time video data;
at least one safety device, which is used for obtaining message information by the terminal; extracting the IP address of the terminal; judging the validity of the IP address based on a preset legal terminal list; when the terminal is a legal terminal, forwarding the message information to target equipment;
the management platform is used for acquiring terminal information and message information of the terminal; comparing the terminal information with the message information and a feature library to determine the legality of the terminal; when the terminal is a legal terminal, adding the IP address of the terminal into a legal terminal list; and sending the legal terminal list to safety equipment in a video monitoring system.
CN202011579724.8A 2020-12-28 2020-12-28 Terminal access method, device and system Active CN112543203B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011579724.8A CN112543203B (en) 2020-12-28 2020-12-28 Terminal access method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011579724.8A CN112543203B (en) 2020-12-28 2020-12-28 Terminal access method, device and system

Publications (2)

Publication Number Publication Date
CN112543203A true CN112543203A (en) 2021-03-23
CN112543203B CN112543203B (en) 2023-04-28

Family

ID=75017709

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011579724.8A Active CN112543203B (en) 2020-12-28 2020-12-28 Terminal access method, device and system

Country Status (1)

Country Link
CN (1) CN112543203B (en)

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103326882A (en) * 2013-05-16 2013-09-25 浙江宇视科技有限公司 Video monitoring network management method and video monitoring network management device
CN105024999A (en) * 2015-06-02 2015-11-04 江苏恒信和安电子科技有限公司 IP video monitoring network security access method
CN105491007A (en) * 2015-11-13 2016-04-13 浙江宇视科技有限公司 Video monitoring system safe admission method and apparatus
CN107343179A (en) * 2017-08-14 2017-11-10 华北电力大学 A kind of video information encryption and video terminal security certification system, authentication method and its application
CN107948199A (en) * 2017-12-27 2018-04-20 北京奇安信科技有限公司 A kind of method and device being used for quickly detecting to terminal shared access
CN108418806A (en) * 2018-02-05 2018-08-17 新华三信息安全技术有限公司 A kind of processing method and processing device of message
CN109067937A (en) * 2018-09-30 2018-12-21 锐捷网络股份有限公司 Terminal admittance control method, device, equipment, system and storage medium
CN109544870A (en) * 2018-12-20 2019-03-29 同方威视科技江苏有限公司 Alarm decision method and intelligent monitor system for intelligent monitor system
CN110290124A (en) * 2019-06-14 2019-09-27 杭州迪普科技股份有限公司 A kind of interchanger inbound port blocking-up method and device
CN110311809A (en) * 2019-06-12 2019-10-08 杭州迪普科技股份有限公司 The access terminal monitoring and managing method and device of video monitoring system
CN110708336A (en) * 2019-10-29 2020-01-17 杭州迪普科技股份有限公司 Video terminal authentication method and device, electronic equipment and storage medium
CN111277421A (en) * 2018-11-16 2020-06-12 慧盾信息安全科技(苏州)股份有限公司 System and method for network camera access safety protection

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103326882A (en) * 2013-05-16 2013-09-25 浙江宇视科技有限公司 Video monitoring network management method and video monitoring network management device
CN105024999A (en) * 2015-06-02 2015-11-04 江苏恒信和安电子科技有限公司 IP video monitoring network security access method
CN105491007A (en) * 2015-11-13 2016-04-13 浙江宇视科技有限公司 Video monitoring system safe admission method and apparatus
CN107343179A (en) * 2017-08-14 2017-11-10 华北电力大学 A kind of video information encryption and video terminal security certification system, authentication method and its application
CN107948199A (en) * 2017-12-27 2018-04-20 北京奇安信科技有限公司 A kind of method and device being used for quickly detecting to terminal shared access
CN108418806A (en) * 2018-02-05 2018-08-17 新华三信息安全技术有限公司 A kind of processing method and processing device of message
CN109067937A (en) * 2018-09-30 2018-12-21 锐捷网络股份有限公司 Terminal admittance control method, device, equipment, system and storage medium
CN111277421A (en) * 2018-11-16 2020-06-12 慧盾信息安全科技(苏州)股份有限公司 System and method for network camera access safety protection
CN109544870A (en) * 2018-12-20 2019-03-29 同方威视科技江苏有限公司 Alarm decision method and intelligent monitor system for intelligent monitor system
CN110311809A (en) * 2019-06-12 2019-10-08 杭州迪普科技股份有限公司 The access terminal monitoring and managing method and device of video monitoring system
CN110290124A (en) * 2019-06-14 2019-09-27 杭州迪普科技股份有限公司 A kind of interchanger inbound port blocking-up method and device
CN110708336A (en) * 2019-10-29 2020-01-17 杭州迪普科技股份有限公司 Video terminal authentication method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN112543203B (en) 2023-04-28

Similar Documents

Publication Publication Date Title
US10834111B2 (en) Method and system for email phishing attempts identification and notification through organizational cognitive solutions
US20220201042A1 (en) Ai-driven defensive penetration test analysis and recommendation system
Johnson et al. pwnpr3d: an attack-graph-driven probabilistic threat-modeling approach
US6981280B2 (en) Intelligent network scanning system and method
CN112953971B (en) Network security flow intrusion detection method and system
CN104246785A (en) System and method for crowdsourcing of mobile application reputations
CN111416811A (en) Unauthorized vulnerability detection method, system, equipment and storage medium
CN113704767A (en) Vulnerability scanning engine and vulnerability worksheet management fused vulnerability management system
US10389685B2 (en) Systems and methods for securely transferring selective datasets between terminals
CN109547426B (en) Service response method and server
CN110311927B (en) Data processing method and device, electronic device and medium
CN111787030B (en) Network security inspection method, device, equipment and storage medium
CN112615858A (en) Internet of things equipment monitoring method, device and system
CN114679292A (en) Honeypot identification method, device, equipment and medium based on network space mapping
US20150067784A1 (en) Computer network security management system and method
CN112699369A (en) Method and device for detecting abnormal login through stack backtracking
CN116996408A (en) Data transmission monitoring method and device, electronic equipment and storage medium
CN112543203B (en) Terminal access method, device and system
KR20180001907A (en) Method of transmitting secure message through system for classifying hazardous url
US20230086556A1 (en) Interactive Email Warning Tags
CN113297241A (en) Method, device, equipment, medium and program product for judging network flow
CN113836522A (en) Password management method and device of monitoring equipment
CN113420302A (en) Host vulnerability detection method and device
CN111314308A (en) System security check method and device based on port analysis
CN111984893B (en) System log configuration conflict reminding method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant