CN112583788B - Intelligent generation method and system for vehicle-mounted firewall strategy - Google Patents
Intelligent generation method and system for vehicle-mounted firewall strategy Download PDFInfo
- Publication number
- CN112583788B CN112583788B CN202011206897.5A CN202011206897A CN112583788B CN 112583788 B CN112583788 B CN 112583788B CN 202011206897 A CN202011206897 A CN 202011206897A CN 112583788 B CN112583788 B CN 112583788B
- Authority
- CN
- China
- Prior art keywords
- firewall
- information
- strategy
- address
- communication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Abstract
The invention provides a vehicle-mounted firewall strategy intelligent generation method and a vehicle-mounted firewall strategy intelligent generation system, wherein effective communication information is obtained by cleaning and learning log information of a weblog file; and then, learning communication information by adopting a netfilter/iptables grammar and a strategy learning module to generate a corresponding firewall strategy, and in order to further improve the applicability of the generated firewall strategy, adjusting the firewall strategy structure by adopting a strategy adjusting module to finally generate a complete packet filtering firewall strategy file, thereby realizing the flexible generation and adjustment of the firewall strategy, greatly reducing the programming cost and reducing the occurrence of security loopholes.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a method and a system for intelligently generating a vehicle-mounted firewall strategy.
Background
A firewall is a technical measure for protecting the security of a computer network, and isolates an internal network from an external network by establishing a corresponding network communication monitoring system on a network boundary so as to block network intrusion from the outside. The firewall policy refers to a regulation, rule, requirement or filtering term referred by the firewall, and the policy information generally includes information such as a source IP address, a destination IP address, a protocol, a destination port and the like. When a packet filtering firewall policy of a system is constructed, a traditional method is to manually design and write the firewall policy according to the requirements of a client, which is also easy to cause the condition of missing the requirements, and the problem of communication incapability is caused by unreasonable packet filtering firewall policy design due to incomplete requirements; manual design and writing of the packet filtering firewall strategy are time-consuming, high in workload and low in efficiency, and syntax problems and logic problems of the strategy are easy to occur; in addition, if the experience of the policy designer and writer is insufficient, security holes are easily caused in the design of the packet filtering firewall policy, and the risk of system intrusion is increased.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a vehicle-mounted firewall strategy intelligent generation method and a vehicle-mounted firewall strategy intelligent generation system.
Specifically, the intelligent vehicle firewall policy generation method provided by the invention comprises the following steps:
s1: before the network function of the system is started, a firewall policy is set for a network data packet which needs to be released, and then a firewall policy for printing a network data packet log is set;
s2: when the network function of the system is started, starting an information acquisition module, reading a log file by the information acquisition module every other preset time period, and acquiring log information related to a packet filtering firewall;
s3: cleaning the log information by using an information cleaning module to obtain effective communication information;
s4: the communication information is learned through a strategy learning module, and corresponding firewall strategies are generated and collected into the firewall chain to which the corresponding firewall strategies belong;
s5: and the strategy adjusting module performs structural adjustment on the firewall strategy in the S4 to generate a complete packet filtering firewall strategy file.
The communication information includes at least: source port information, destination port information, source IP address, destination IP address, communication protocol, communication network port, and communication traffic size information.
The S4 further includes at least:
s41: judging whether the source IP address and the destination IP address are random or not, if so, continuously judging whether the source IP address and the destination IP address belong to a preset range value or not, and if so, turning to S43; if not, ignoring the current source IP address and the current destination IP address; otherwise, turning to S43;
s42: judging whether the source port information and the destination port information are random, if so, continuously judging whether the source port information and the destination port information belong to a preset range value, and if so, turning to S43; if not, ignoring the current source port information and the destination port information; otherwise, turning to S43;
s43: and combining the source port information, the destination port information, the source IP address and the destination IP address obtained from the S41 and the S42 by using the netfilter/iptables grammar, and adding the communication protocol parameters and the communication network port parameters to generate a netfilter/iptables strategy.
Further, the S4 at least further includes:
and setting a threshold value of the communication flow by using netfilter/iptables grammar according to the size of the communication flow.
Wherein, the threshold value of the communication flow is as follows: the number of times of occurrence of the same log information + the number of times of occurrence of the same log information
。
Further, the S4 at least further includes: and collecting the netfilter/iptables strategy generated in the step S43 according to the source IP address, generating a corresponding firewall chain, and collecting the firewall chain according to the communication network port to generate another corresponding firewall chain.
Further, the S5 at least further includes:
s51, acquiring any two firewall chains, judging whether the chain names of the firewall chains are consistent, and if so, classifying the firewall chains into the same firewall chain set; otherwise, acquiring again until all firewall chains are traversed;
s52, randomly acquiring two firewall chains from the firewall chain set, and setting the passing firewall policy in front of the blocking firewall policy if the firewall chains respectively belong to the passing firewall policy and the blocking firewall policy; if the firewall chains are all the passing firewall policies or the blocking firewall policies, turning to S53;
s53, the firewall chain which is read first is arranged in front of the firewall chain which is read later;
s54: and repeating S52 and S53 until all the firewall chain sets are traversed.
As another preferable aspect, the present invention further provides a system adopting the vehicle-mounted firewall policy intelligent generation method, including:
the network communication port firewall is used for setting a firewall policy for a network data packet which needs to be released before the network function of the system is started, and then setting a firewall policy for printing a network data packet log;
the log file system is used for acquiring and storing the log file of the network data packet;
the firewall policy control center is used for generating a firewall policy according to the data information acquired by the log file system, and comprises:
the information acquisition module is used for reading log files every other preset time period when the network function of the system is started, and acquiring the log information related to the packet filtering firewall;
the information cleaning module is used for cleaning the log information to obtain effective communication information;
the strategy learning module is used for learning the communication information through the strategy learning module, generating a corresponding firewall strategy and collecting the firewall strategy into the firewall chain to which the corresponding firewall strategy belongs;
and the strategy adjusting module is used for structurally adjusting the firewall strategy generated in the strategy learning module to generate a complete packet filtering firewall strategy file.
Wherein the communication information at least comprises: source port information, destination port information, source IP address, destination IP address, communication protocol, communication port, and communication traffic size information.
Preferably, the system of the invention is used for matching embedded and vehicle-mounted communication systems, and the packet filtering firewall policy file automatically updates, deletes and adds data within a preset period.
In summary, the present invention provides a method and a system for intelligently generating a policy of a vehicle-mounted firewall, which obtain effective communication information according to the log information of a weblog file cleaned and learned; and then, learning the communication information by adopting a netfilter/iptables grammar and a strategy learning module to generate a corresponding firewall strategy, and in order to further improve the applicability of the generated firewall strategy, adopting a strategy adjusting module to adjust the firewall strategy structure, and finally generating a complete packet filtering firewall strategy file.
Drawings
Fig. 1 is a flowchart of an intelligent vehicle firewall policy generation method in an embodiment.
FIG. 2 is a flow diagram illustrating an implementation of a system that employs the method of FIG. 1, under an embodiment.
Detailed Description
The following describes a method and a system for intelligently generating a vehicle-mounted firewall policy according to the present invention in detail with reference to specific embodiments and accompanying drawings.
Fig. 1 shows that the method for intelligently generating the vehicle-mounted firewall policy provided by the present invention includes the following steps:
step 1: before the network function of the networking system is started, a firewall policy is set for a network data packet which needs to be released, then a firewall policy for printing a log of the network data packet is set, and a result is stored in a log file system for later learning of firewall policy construction.
Step 2: when the network function of the networking system is started, starting an information acquisition module, reading log files from a log file system by the information acquisition module every other preset time period, and acquiring log information related to a packet filtering firewall;
and step 3: and cleaning the collected log information by using an information cleaning module to obtain effective communication information. The communication information at least includes source port information, destination port information, source IP address, destination IP address, communication protocol, communication port, and communication traffic size information, but is not limited thereto.
And 4, step 4: and the strategy learning module is used for learning the communication information to generate a corresponding firewall strategy, and the firewall strategy is collected into the firewall chain to which the corresponding firewall strategy belongs.
And 5: and the strategy adjusting module performs structural adjustment on the firewall strategy in the S4 to generate a complete packet filtering firewall strategy file.
Wherein, the step 4 further comprises the following steps:
s41: judging whether the source IP address and the destination IP address are random or not, if so, continuously judging whether the source IP address and the destination IP address belong to a preset range value or not, and if so, turning to S43; if not, ignoring the current source IP address and the current destination IP address; otherwise, go to S43.
S42: judging whether the source port information and the destination port information are random, if so, continuously judging whether the source port information and the destination port information belong to a preset range value, and if so, turning to S43; if not, ignoring the current source port information and the current destination port information; otherwise, go to S43.
The source IP address, the destination IP address, the source port information and the destination port information are optionally collected through big data at the early stage of firewall policy collection or manually recorded, and then the source IP address, the destination IP address, the source port information and the destination port information are judged to be random or fixed; further, stability judgment is performed on information belonging to random, and for better explanation, examples of the method that can be selected here are as follows: when the steady state is judged, it is preset that the difference between the number of ports appearing each time does not exceed a preset value, preferably 100, for example, the difference between the number of ports appearing first and the number of ports appearing second is 31030 and 31040, which is not more than 100, so that the current steady range is judged. The smallest number of ports is taken as the beginning of the range and the largest number of ports is taken as the end of the range. For example, there are port numbers: 31030. 31040, 31050, 31060, that range is 31030-31060.
The same is true. The source IP address and the destination IP address are also correspondingly judged in the stable range, and the judgment can be selected as follows: firstly, judging whether subnet masks are the same, secondly, judging that network numbers of the IP addresses are consistent, and finally, judging that a host number difference of the IP addresses does not exceed a preset value, for example, 50, the following steps are specifically taken: 192.168.1.1 and 192.168.1.10, whose subnet masks are all 255.255.225.0, network numbers are all 192.168.1, host numbers are 1 and 10, respectively, no more than 50, so we consider stable. The stable range is the minimum IP address host number as the lower limit of the range and the maximum IP address host number as the upper limit of the range.
If the source IP address, the destination IP address, the source port information and the destination port information are judged to be neither fixed nor in the stable range, the address or the information is ignored.
S43: using the syntax of netfilter/iptables, the source port information, the destination port information, the source IP address and the destination IP address obtained from S41 and S42 are combined, and then the communication protocol parameter and the communication network port parameter are added to generate a netfilter/iptables policy.
The netfilter/iptables policy generated by the netfilter/iptables grammar is preferably: iptables/ip6 tables-A chain name-ieth 0-p protocol-s source ip address-sport-d destination ip address-dport destination port.
Further, the S4 at least further includes:
setting a threshold value of the communication flow by using netfilter/iptables grammar according to the size of the communication flow, wherein the threshold value of the communication flow is as follows: the number of times of occurrence of the same log information + the number of times of occurrence of the same log information
That is, the size of the communication traffic is set as a threshold value for indicating the number of times of occurrence of the same log information in 1 minute.
Among them, the policy containing the threshold is preferably: iptables/ip6 tables-A chain name-ieth 0-p protocol-m limit-limit threshold/m-s source ip address-sport-d destination ip address-dport destination port.
Further, the S4 at least further includes:
and collecting the netfilter/iptables strategy generated in the step S43 according to the source IP address, generating a corresponding firewall chain, and collecting the firewall chain according to the communication network port to generate another corresponding firewall chain.
Further, the S5 at least further includes:
s51, acquiring any two firewall chains, judging whether the chain names of the firewall chains are consistent, and if so, classifying the firewall chains into the same firewall chain set; otherwise, acquiring again until all firewall chains are traversed.
S52, randomly acquiring two firewall chains from the firewall chain set, and setting the passing firewall policy in front of the blocking firewall policy if the firewall chains respectively belong to the passing firewall policy and the blocking firewall policy; and if the firewall chains are all the passing firewall policies or the blocking firewall policies, turning to S53.
And S53, arranging the firewall chain read first in front of the firewall chain read later.
S54: and repeating S52 and S53 until all the firewall chain sets are traversed.
For better illustration, the following examples are selectable here: the policy adjustment module in step S5 performs structural adjustment on the firewall policy in step S4, and the following codes are adopted to implement:
for (taking two chains from the strategy library)
{ if (chain name a = = chain name b);
{ is classified into one (names are taken as class A, class B and class C.) }
If there are more chains, continue the for loop, else jump out of the loop }
for (Z for A)
{ for (taking two strategy judgments from Z)
{ if (one is a traffic class policy and one is a blocking class policy)
{ place the policy of the pass class before the policy of the block class. }
elseif (all traffic or all blocking)
{ the policy read first is placed before the policy read later } };
change Z to the next class (if preceded by class a, here class B, and so on, if preceded by class B, here class C, a for loop is executed until all classes a, B, and C are read).
As another preferred embodiment, the present invention further provides a system using the above vehicle-mounted firewall policy intelligent generation method, including:
the firewall of the network communication port is used for setting a firewall policy for a network data packet which needs to be released before the network function of the system is started, and then setting the firewall policy for printing a network data packet log.
And the log file system is used for acquiring and storing the log file of the network data packet.
The firewall policy control center is used for generating a firewall policy according to the data information acquired by the log file system, and comprises:
and the information acquisition module is used for reading the log files every other preset time period when the network function of the system is started, and acquiring the log information related to the packet filtering firewall.
And the information cleaning module is used for cleaning the log information to obtain effective communication information.
And the strategy learning module learns the communication information through the strategy learning module, generates a corresponding firewall strategy and collects the firewall strategy into the firewall chain.
And the strategy adjusting module is used for carrying out structural adjustment on the firewall strategy generated in the strategy learning module to generate a complete packet filtering firewall strategy file.
As another preferred, the operation flow of the system at least includes (as shown in fig. 2):
the method comprises the following steps: starting a system and judging whether a network function is started or not; if the starting is finished, entering the step two; otherwise, waiting for the network function to be started.
Step two: entering a strategy learning program time sequence, judging whether the strategy learning program time belongs to learning time, if so, sequentially performing information acquisition, information cleaning and strategy learning, and generating a corresponding firewall strategy; otherwise, the learning time reaches the program end time, and the step three is entered.
Step three: and carrying out policy adjustment and generating a complete packet filtering firewall policy file.
Step four: the routine is ended.
The learning time is the time for automatically learning the obtained effective general information by a preset program and generating a corresponding firewall strategy, and is at least longer than one strategy generation cycle time. After the current firewall strategy is generated, if the preset time is not reached, the system automatically enters the sleep time until the program is finished, and then enters the third step; wherein, the sleep time is the program end time-strategy generation cycle time.
Preferably, the system of the invention is used for matching embedded and vehicle-mounted communication systems, and the packet filtering firewall policy file automatically updates, deletes and adds data within a preset period.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present invention. It should be noted that various changes and modifications can be made by those skilled in the art without departing from the spirit of the invention, and these changes and modifications are all within the scope of the invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (9)
1. A vehicle-mounted firewall strategy intelligent generation method is characterized by comprising the following steps:
s1: before the network function of the system is started, a firewall policy is set for a network data packet which needs to be released, and then a firewall policy for printing a network data packet log is set;
s2: when the network function of the system is started, starting an information acquisition module, reading a log file by the information acquisition module every other preset time period, and acquiring log information related to a packet filtering firewall;
s3: cleaning the log information by using an information cleaning module to obtain effective communication information;
s4: the communication information is learned through the strategy learning module, a corresponding firewall strategy is generated and is collected into the firewall chain to which the corresponding firewall strategy belongs, and the method specifically comprises the following steps:
s41: judging whether the source IP address and the destination IP address are random, if so, continuing to judge whether the source IP address and the destination IP address belong to a preset range value, and if so, turning to S43; if not, ignoring the current source IP address and the current destination IP address; if the source IP address and the destination IP address are not random, S43 is switched;
s42: judging whether the source port information and the destination port information are random, if so, continuing to judge whether the source port information and the destination port information belong to a preset range value, and if so, turning to S43; if not, ignoring the current source port information and the destination port information; if the source port information and the destination port information are not random, S43 is switched;
s43: combining the source port information, the destination port information, the source IP address and the destination IP address obtained from S41 and S42 by using a netfilter-iptables grammar, and adding a communication protocol parameter and a communication network port parameter to generate a netfilter-iptables strategy;
s5: and the strategy adjusting module performs structural adjustment on the firewall strategy in the S4 to generate a complete packet filtering firewall strategy file.
2. The intelligent vehicle-mounted firewall policy generation method according to claim 1, wherein the communication information at least comprises: source port information, destination port information, source IP address, destination IP address, communication protocol, communication port, and communication traffic size information.
3. The intelligent vehicle-mounted firewall policy generation method according to claim 1, wherein the S4 further comprises at least:
and setting a threshold value of the communication flow by using netfilter-iptables grammar according to the size of the communication flow.
4. The vehicle firewall of claim 3The intelligent strategy generation method is characterized in that the threshold value of the communication flow is as follows: the number of times of occurrence of the same log information + the number of times of occurrence of the same log information
。
5. The intelligent vehicle-mounted firewall policy generation method according to claim 3, wherein the S4 further comprises at least:
and collecting the netfilter-iptables strategy generated in the step S43 according to the source IP address to generate a corresponding firewall chain, and then collecting the firewall chain according to the communication network port to generate another corresponding firewall chain.
6. The intelligent generation method of the vehicle-mounted firewall policy according to claim 1, wherein the S5 further comprises at least:
s51, acquiring any two firewall chains, judging whether the chain names of the firewall chains are consistent, and if so, classifying the firewall chains into the same firewall chain set; otherwise, acquiring again until all firewall chains are traversed;
s52, randomly acquiring two firewall chains from the firewall chain set, and setting the passing firewall policy in front of the blocking firewall policy if the firewall chains respectively belong to the passing firewall policy and the blocking firewall policy; if the firewall chains are all the passing firewall policies or the blocking firewall policies, turning to S53;
s53, the firewall chain which is read first is arranged in front of the firewall chain which is read later;
s54: and repeating S52 and S53 until all the firewall chain sets are traversed.
7. A system adopting the intelligent vehicle-mounted firewall policy generation method of any one of claims 1-6, characterized by comprising:
the network communication port firewall is used for setting a firewall policy for a network data packet which needs to be released before the network function of the system is started, and then setting a firewall policy for printing a network data packet log;
the log file system is used for acquiring and storing the log file of the network data packet;
the firewall policy control center is used for generating firewall policies according to the data information acquired by the log file system, and comprises:
the information acquisition module is used for reading log files every other preset time period when the network function of the system is started, and acquiring the log information related to the packet filtering firewall;
the information cleaning module is used for cleaning the log information to obtain effective communication information;
the strategy learning module is used for learning the communication information through the strategy learning module, generating a corresponding firewall strategy and collecting the firewall strategy into the firewall chain to which the corresponding firewall strategy belongs;
and the strategy adjusting module is used for carrying out structural adjustment on the firewall strategy generated in the strategy learning module to generate a complete packet filtering firewall strategy file.
8. The system of claim 7, wherein the communication information comprises at least: source port information, destination port information, source IP address, destination IP address, communication protocol, communication port, and communication traffic size information.
9. The system of claim 7, wherein the system is configured for embedded use with a vehicle-mounted communication system, and the packet filtering firewall policy file automatically updates, deletes, and adds data within a preset period.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011206897.5A CN112583788B (en) | 2020-11-03 | 2020-11-03 | Intelligent generation method and system for vehicle-mounted firewall strategy |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011206897.5A CN112583788B (en) | 2020-11-03 | 2020-11-03 | Intelligent generation method and system for vehicle-mounted firewall strategy |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112583788A CN112583788A (en) | 2021-03-30 |
| CN112583788B true CN112583788B (en) | 2022-10-25 |
Family
ID=75120025
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011206897.5A Active CN112583788B (en) | 2020-11-03 | 2020-11-03 | Intelligent generation method and system for vehicle-mounted firewall strategy |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112583788B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113507454B (en) * | 2021-06-23 | 2022-05-13 | 北京惠而特科技有限公司 | Industrial firewall strategy automatic generation and deployment method based on flow analysis |
| CN113992407B (en) * | 2021-10-27 | 2023-10-13 | 北京天融信网络安全技术有限公司 | Security policy configuration method and device |
| CN114465771B (en) * | 2021-12-30 | 2024-04-05 | 奇安信科技集团股份有限公司 | Method and device for automatically recommending security policy based on firewall flow and firewall |
| CN114124575B (en) * | 2022-01-24 | 2022-05-10 | 深圳市永达电子信息股份有限公司 | Firewall ACL automatic generation method based on situation awareness and storage medium |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10015140B2 (en) * | 2005-02-03 | 2018-07-03 | International Business Machines Corporation | Identifying additional firewall rules that may be needed |
| US8365272B2 (en) * | 2007-05-30 | 2013-01-29 | Yoggie Security Systems Ltd. | System and method for providing network and computer firewall protection with dynamic address isolation to a device |
| CN111131222A (en) * | 2019-12-20 | 2020-05-08 | 西安交大捷普网络科技有限公司 | Security protection scanning method and firewall system |
| CN111371766A (en) * | 2020-02-27 | 2020-07-03 | 中电福富信息科技有限公司 | Log-based firewall policy management method and system |
-
2020
- 2020-11-03 CN CN202011206897.5A patent/CN112583788B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN112583788A (en) | 2021-03-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112583788B (en) | Intelligent generation method and system for vehicle-mounted firewall strategy | |
| US7359930B2 (en) | System and method for managing computer networks | |
| US9742637B2 (en) | System and method of high volume rule engine | |
| EP1832037B1 (en) | Template access control lists | |
| JP5613239B2 (en) | Automatic address range detection for IP networks | |
| US6757742B1 (en) | Computer-based system for validating hash-based table lookup schemes in a network switch | |
| EP1632063B1 (en) | Method and appartus for packet claasification and rewriting | |
| US9043461B2 (en) | Firewall event reduction for rule use counting | |
| CN105122745B (en) | Efficient longest prefix match technology for the network equipment | |
| US9203743B2 (en) | Packet forwarding system, control device, forwarding device and method and program for preparing processing rules | |
| CN1833404A (en) | Determination of groupmembers prior of monitoring groups of network nodes | |
| CN109388222A (en) | Power-saving processing method, device and mobile terminal and computer readable storage medium | |
| CN115378647A (en) | Policy analysis optimization method and system based on flow rule characteristics | |
| Zhang et al. | On constructing efficient shared decision trees for multiple packet filters | |
| CN114257537B (en) | Multi-dimensional priority-based network topology discovery method | |
| CN112887316B (en) | Access control list conflict detection system and method based on classification | |
| Cisco | I1 | |
| Cisco | i Commands | |
| Raghavendra et al. | Antler: A multi-tiered approach to automated wireless network management | |
| CN113992495B (en) | Alarm information processing method and device, computer equipment and storage medium | |
| CN113381986B (en) | Reduction method and device for network security scanning rule set | |
| CN109413020B (en) | Firewall policy configuration method and device | |
| US20230031654A1 (en) | Methods, systems, and computer readable media for utilizing machine learning to automatically configure filters at a network packet broker | |
| CN110519273B (en) | Intrusion prevention method and device | |
| CN115412351A (en) | Industrial control firewall policy analysis method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |