CN112600692A - Abnormal node processing method and device, electronic equipment and computer storage medium - Google Patents

Abnormal node processing method and device, electronic equipment and computer storage medium Download PDF

Info

Publication number
CN112600692A
CN112600692A CN202011401427.4A CN202011401427A CN112600692A CN 112600692 A CN112600692 A CN 112600692A CN 202011401427 A CN202011401427 A CN 202011401427A CN 112600692 A CN112600692 A CN 112600692A
Authority
CN
China
Prior art keywords
node
data transmission
abnormal
information
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011401427.4A
Other languages
Chinese (zh)
Other versions
CN112600692B (en
Inventor
药青
邹仕洪
张广伟
黄浩东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yuanxin Information Technology Group Co ltd
Original Assignee
Beijing Yuanxin Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Yuanxin Science and Technology Co Ltd filed Critical Beijing Yuanxin Science and Technology Co Ltd
Priority to CN202011401427.4A priority Critical patent/CN112600692B/en
Publication of CN112600692A publication Critical patent/CN112600692A/en
Application granted granted Critical
Publication of CN112600692B publication Critical patent/CN112600692B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0654Management of faults, events, alarms or notifications using network fault recovery
    • H04L41/0663Performing the actions predefined by failover planning, e.g. switching to standby network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information

Abstract

The application provides a node processing method, a node processing device, electronic equipment and a computer readable storage medium, and relates to the technical field of network security. Applied to node equipment, the method comprises the following steps: receiving at least two first authentication information for any node; if the information contents of the at least two pieces of first verification information are the same and the information contents of the first verification information are different from the information contents of the preset verification information, determining any node as an abnormal node; sending the information of any node determined as an abnormal node to a server so that the server replaces data stored in the abnormal node with preset non-sensitive data; displaying verification success information; and receiving a data transmission request aiming at the abnormal node, and forwarding the data transmission request to the server so that the server controls the data transmission of the abnormal node. The data security in the node is protected.

Description

Abnormal node processing method and device, electronic equipment and computer storage medium
Technical Field
The present application relates to the field of network security technologies, and in particular, to an abnormal node processing method and apparatus, an electronic device, and a computer storage medium.
Background
The server-node network construction mode is very common, and many times, nodes are held by legal owners or managers and are scattered in different regions. The server can communicate with each node, control the behavior of the nodes, and communicate with each other to transmit data.
The legal owner or administrator usually performs password verification or biometric verification when logging in the node, but lawless persons can sometimes crack the verification login nodes, and the data in the logged-in node may be greatly lost if being acquired by the lawless persons, so that the security of the data in the node needs to be protected, but a reasonable node processing mode cannot be provided in the prior art to protect the security of the data in the node.
Disclosure of Invention
The application provides a node processing method, a node processing device, electronic equipment and a computer readable storage medium, which can solve the problem that data in a node is unsafe. The technical scheme is as follows:
in a first aspect, a method for node processing is provided, where the method includes:
receiving at least two first authentication information for any node;
if the information contents of the at least two pieces of first verification information are the same and the information contents of the first verification information are different from the information contents of the preset verification information, determining any node as an abnormal node;
sending the information of any node determined as an abnormal node to a server so that the server replaces data stored in the abnormal node with preset non-sensitive data;
displaying verification success information;
and receiving a data transmission request aiming at the abnormal node, and forwarding the data transmission request to the server so that the server controls the data transmission of the abnormal node.
In a second aspect, another node processing method is provided, and the method includes:
receiving information that any node is determined to be an abnormal node, and replacing data stored in the abnormal node with preset non-sensitive data; the abnormal node is determined when the node equipment verifies that any node meets a first preset condition, the first preset condition is that the information content of at least two pieces of first verification information of any node is the same, and the information content of the first verification information is different from that of preset verification information;
and receiving a data transmission request aiming at the abnormal node, and controlling the data transmission of the abnormal node.
In a third aspect, an apparatus for node processing is provided, and the apparatus includes:
a first receiving module, configured to receive at least two pieces of first authentication information for any node;
the determining module is used for determining any node as an abnormal node if the information content of at least two pieces of first verification information is the same and the information content of the first verification information is different from that of preset verification information;
the sending module is used for sending the information of any node determined as the abnormal node to the server so that the server replaces the data stored in the abnormal node with the preset non-sensitive data;
the display module is used for displaying verification success information;
and the forwarding module is used for receiving the data transmission request aiming at the abnormal node and forwarding the data transmission request to the server so that the server controls the data transmission of the abnormal node.
In a fourth aspect, an apparatus for processing by another node is provided, where the apparatus includes:
the second receiving module is used for receiving the information that any node is determined to be an abnormal node and replacing data stored in the abnormal node with preset non-sensitive data; the abnormal node is determined when the node equipment verifies that any node meets a first preset condition, the first preset condition is that the information content of at least two pieces of first verification information of any node is the same, and the information content of the first verification information is different from that of preset verification information;
and the control module is used for receiving the data transmission request aiming at the abnormal node and controlling the data transmission of the abnormal node.
In a fifth aspect, an electronic device is provided, which includes:
one or more processors;
a memory;
one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to perform operations corresponding to the method of node processing as illustrated in the first aspect or the second aspect of the present application.
In a sixth aspect, a computer-readable storage medium is provided, which provides a computer-readable storage medium having stored thereon a computer program, which when executed by a processor, implements the method of node processing shown in the first or second aspect of the present application.
The beneficial effect that technical scheme that this application provided brought is:
the method comprises the steps that first verification information input by a user aiming at any node is compared with preset verification information, and under the condition that the first verification information input by the user is different from the preset verification information, the any node is determined to be an abnormal node, so that sensitive data in the abnormal node are prevented from being acquired by lawbreakers; meanwhile, the non-sensitive data is used for replacing the sensitive data in the abnormal node, the data transmission between the abnormal node and other nodes is not cut off, and the personal safety of a legal owner or a manager of the abnormal node is ensured; the server controls the data transmission behavior of the abnormal node, does not influence the data transmission of other nodes, and ensures the integrity of data transmission in the network.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings used in the description of the embodiments of the present application will be briefly described below.
Fig. 1 is a schematic flowchart of a node processing method applied to a node device according to an embodiment of the present application;
fig. 2 is a schematic flowchart of another node processing method applied to a node device according to an embodiment of the present application;
fig. 3 is a schematic flowchart of a node processing method applied to a server according to an embodiment of the present application;
fig. 4 is a schematic flowchart of another node processing method applied to a server according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a node processing apparatus according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of another node processing apparatus according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of an electronic device for node processing according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present invention.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
The present application provides a node processing method, an apparatus, an electronic device, and a computer-readable storage medium, which are intended to solve the above technical problems in the prior art.
The following describes the technical solutions of the present application and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
An embodiment of the present application provides a node processing method, which is applied to a node device or a node operating system, and as shown in fig. 1, the method includes:
step S101: at least two first authentication information for any node are received.
The execution subject in this embodiment may be a node device, or may be a node operating system of the node device. It can be understood that, in order to protect the security of data in the node, a dedicated module, for example, a high security level module, may be built in the node device or the node operating system, and this module is completely transparent to the node operator, so that even if a legal owner or administrator of the node operates or sets in the node operating system according to its highest authority, no operation can be performed on the high security level module. The node and server or other node communications are governed by a high security level module that can perform timing verification functions.
The timing inspection function refers to that when a set time point is reached, for example, after the node equipment is started up, an authentication window pops up every 1 hour, an operator of the node is required to input authentication information, the expression form of the authentication information is different from that of the startup information, usually, the startup information is input incorrectly, the information is prompted to be wrong and the node equipment is locked, whether the authentication information is input correctly or not is displayed to be successful from the perspective of the node operator, but the high-security-level module can perform completely different processing.
In one embodiment of the present application, in order to protect the security of data in the node, the number of received authentication information may be set to be at least two.
Step S102: and if the information contents of the at least two pieces of first verification information are the same and the information contents of the first verification information are different from the information contents of the preset verification information, determining any node as an abnormal node.
After receiving the verification information input by the user, the validity of the verification information can be further judged, specifically, when the information contents of at least two pieces of first verification information are different, the input contents of the two pieces of verification information are different, and at this time, the user can be prompted that the two pieces of verification information are inconsistent, and the re-input is prompted; when the information contents of the at least two first verification information are the same, the verification information input by the user needs to be compared with the preset verification information, and then a verification result is obtained.
It should be noted that the preset authentication information may be notified to the legal owner or manager of the node by other means under the condition that the legal owner or manager of the node is determined to be safe, and usually, the legal owner or manager of the node directly memorizes the preset authentication information without keeping a written record.
Therefore, the preset verification information is generally known only by the legal owner or manager of the node, that is, other people do not have authority to know the preset verification information of the node device, and the safety of the node data is further ensured.
It can be understood that, when the information contents of at least two pieces of first verification information are the same, but the information contents of the first verification information are different from the information contents of the preset verification information, the user who inputs the verification information is probably not the legal owner or manager of the node, and a prompt of successful verification can be popped from the perspective of the node operator, but the high-security-level module already determines the node as an abnormal node at this time.
Step S103: and sending the information that any node is determined to be the abnormal node to the server so that the server replaces the data stored in the abnormal node with the preset non-sensitive data.
After the node is judged to be an abnormal node according to the preset verification information, the server may be notified that the node is the abnormal node, for example, the server sends the identifier of the abnormal node to the server, and the server may host the data transmission behavior of the abnormal node according to the node identifier of the abnormal node, especially when sensitive data, such as data with a security requirement, is stored in the abnormal node, if the data is acquired by a lawless person, a huge loss may be caused. At this time, preset non-sensitive data, such as false sensitive data, can be downloaded from the server, and all real sensitive data stored in the abnormal node is overwritten by the false sensitive data. False sensitive data is prepared in advance by a server, and historical sensitive data can be adopted, namely the data is sensitive data historically but is insensitive at present due to time, so that the safety of real sensitive data in the abnormal node is ensured. Meanwhile, as the historical sensitive data is similar to the real sensitive data, lawless persons are not easy to find that the real sensitive data in the abnormal node is replaced in a short time, and the method is favorable for ensuring the personal safety of the legal owner or manager of the abnormal node.
One of the functions of the high-security-level module is to determine whether a certain item of data is sensitive data through information such as a data identifier, record all storage locations of the sensitive data in the node device or the node operating system, for example, some application programs using the sensitive data can perform operations such as backup on the sensitive data according to the settings of the application programs themselves, and record backup locations of the sensitive data together. Therefore, all real sensitive data in the abnormal nodes can be replaced by false sensitive data, and omission does not exist.
Step S104: and displaying verification success information.
It can be understood that if the input of the authentication password to the abnormal node is incorrect, the abnormal node is seemingly operated normally, but the abnormal node cannot receive and store real sensitive data, and a user operating the abnormal node in a short time cannot easily find the changes, so that it is difficult to judge whether the authentication information is input correctly, which is equivalent to reporting the abnormal condition of the node to the server without trace, and is beneficial to protecting the personal safety of a legal owner or administrator of the node under the extreme condition of holding.
Step S105: and receiving a data transmission request aiming at the abnormal node, and forwarding the data transmission request to the server so that the server controls the data transmission of the abnormal node.
It can be understood that, when the high-security-level module obtains the data transmission request for the abnormal node, since the abnormal node may have been invaded by a lawless person, in order to protect the security of data in the entire network, the data transmission request for the abnormal node may be forwarded to the server, and the server already knows that the node is the abnormal node and then hosts the data transmission behavior of the abnormal node, and controls the data transmission of the abnormal node.
The method comprises the steps that first verification information input by a user aiming at any node is compared with preset verification information, and under the condition that the first verification information input by the user is different from the preset verification information, the any node is determined to be an abnormal node, so that sensitive data in the abnormal node are prevented from being acquired by lawbreakers; meanwhile, the non-sensitive data is used for replacing the sensitive data in the abnormal node, the data transmission between the abnormal node and other nodes is not cut off, and the personal safety of a legal owner or a manager of the abnormal node is ensured; the server controls the data transmission behavior of the abnormal node, does not influence the data transmission of other nodes, and ensures the integrity of data transmission in the network.
Another node processing method provided in the embodiment of the present application is applied to a server, and as shown in fig. 2, the method includes:
step S201: receiving information that any node is determined to be an abnormal node, and replacing data stored in the abnormal node with preset non-sensitive data; the abnormal node is determined when the node equipment verifies that any node meets a first preset condition, the first preset condition is that the information content of at least two pieces of first verification information of any node is the same, and the information content of the first verification information is different from that of preset verification information.
The execution subject in this embodiment may be a server, and when the server obtains information that any node is determined as an abnormal node by the node device, the server may host all data transmission behaviors in the abnormal node to ensure security of the abnormal node and data in the entire network, and especially when sensitive data, such as data with a security requirement, is stored in the abnormal node, if the data is acquired by a lawbreaker, a huge loss may be caused. At this time, all real sensitive data stored in the abnormal node can be overwritten by the false sensitive data by using preset non-sensitive data in the server, such as false sensitive data. False sensitive data is prepared in advance by a server, and usually adopts historical sensitive data, namely the data is sensitive data historically but is not sensitive at present due to time. Thereby ensuring the security of the sensitive data in the abnormal node.
The abnormal node is determined when the node device verifies that any node meets a first preset condition, specifically, the first preset condition includes that the information content of at least two pieces of first verification information of any node is the same, and the information content of the first verification information is different from that of preset verification information. It can be understood that, when the information contents of at least two first verification information are the same, but the information contents of the first verification information are different from the information contents of the preset verification information, the user who inputs the verification information is probably not the legal owner or manager of the node, or the legal owner or manager of the node inputs the verification information under the duress of a lawbreaker, and from the perspective of the node operator, a prompt of successful verification may pop up, but the high security level module in the node device has determined the node as an abnormal node at this time.
Step S202: and receiving a data transmission request aiming at the abnormal node, and controlling the data transmission of the abnormal node.
It can be understood that, after receiving the message that any node is an abnormal node, in order to prevent the current user from discovering the change of the abnormal node, the data transmission request sent by other nodes to the abnormal node and the data transmission request sent by the abnormal node to other nodes are both forwarded to the server by the high security level module of the abnormal node, and the server controls the data transmission of the abnormal node.
The method and the device prevent sensitive data in the abnormal node from being acquired by lawbreakers by receiving information of the abnormal node determined by the node equipment; meanwhile, the non-sensitive data is used for replacing the sensitive data in the abnormal node, the data transmission between the abnormal node and other nodes is not cut off, and the personal safety of a legal owner or a manager of the abnormal node is ensured; the server controls the data transmission behavior of the abnormal node, does not influence the data transmission of other nodes, and ensures the integrity of data transmission in the network.
In one embodiment of the present application, step S201: receiving a data transmission request aiming at an abnormal node, and controlling the data transmission of the abnormal node, wherein the data transmission request comprises:
(1) and if the data transmission request of the abnormal node relates to sensitive data and is sent to other nodes by the abnormal node, providing second data with the same data volume as the data transmission request to the abnormal node, wherein the second data are preset non-sensitive data.
(2) And if the data transmission request of the abnormal node relates to sensitive data and is sent to the abnormal node by other nodes, providing data related to the data transmission request to other nodes or forwarding the data transmission request to the node judged to be safe.
It can be understood that, after the server receives the data transmission request about the abnormal node, the data transmission behavior for the abnormal node may be controlled according to whether the sensitive data is involved in the data transmission request and the request direction of the data transmission request, so as to ensure the data security in the abnormal node.
The server can judge whether the data transmission request relates to sensitive data according to information such as data identification in the data transmission request.
When the server judges that the data transmission request of the abnormal node relates to the transmission of the sensitive data, and the data transmission request is sent to other nodes by the abnormal node, in order to ensure that the sensitive data is not acquired by lawless persons, second data with the same data quantity as the data transmission request can be provided for the abnormal node, wherein the second data are preset non-sensitive data, and the preset non-sensitive data are historically sensitive data but are not sensitive at present due to time reasons.
When the server judges that the data transmission request of the abnormal node relates to the transmission of sensitive data, and the data transmission request is sent to the abnormal node by other nodes, in order to ensure the data transmission liquidity, the data related to the data transmission request can be provided for other nodes. Alternatively, the data transmission request is forwarded to another node determined to be safe, and the node determined to be safe continues data transmission.
If the data involved in the data transmission request is for non-sensitive data, the server may pass the data transmission request to the relevant device because the non-sensitive data leakage is not much affected.
In an embodiment of the present application, as shown in fig. 3, the node processing method further includes:
step S301: and acquiring a data transmission log of the first node, wherein the data transmission log comprises the data transmission direction, the data transmission time or the data transmission times of the first node.
The first node is determined when the node equipment verifies that any node meets a second preset condition, the second preset condition is that the information content of at least two pieces of first verification information of any node is the same, and the information content of the first verification information is the same as that of the preset verification information.
It can be understood that the verification information is not absolutely safe, and in some cases, lawless persons may also obtain correct verification information, so as to use the node with a safe and legal identity, and therefore, it may be further determined whether the node successfully verified is a potential abnormal node.
It can be understood that a module, for example, a high security level module, may be built in a node operating system or a node device, and this module cannot be controlled even by a legitimate owner or administrator of the node, and the high security level module may generate a data transmission log of the node, where the log includes a data transmission direction, a node corresponding to the data transmission, time, and the like; the high-security level module can be communicated with the server in real time and executes instructions of the server about control data transmission; a storage location where sensitive data may be recorded; the above-described authentication function may also be started periodically.
Step S302: and analyzing the data transmission behavior of the first node, and if the data transmission behavior of the first node is abnormal data transmission behavior, determining the first node as an abnormal node.
It can be understood that after a lawbreaker logs in a node, two behaviors may occur, one is to acquire sensitive data as soon as possible, and data transmission between the node and other nodes is obviously increased; secondly, to disguise the identity, the node becomes very inactive and the data transmission drops suddenly. Therefore, whether the first node is a potential abnormal node can be judged by acquiring and analyzing the data transmission behavior of the first node.
In an embodiment of the present application, the step S302 of analyzing the data transmission behavior of the first node, and if the data transmission behavior of the first node is an abnormal data transmission behavior, determining the first node as an abnormal node includes:
(1) the method comprises the steps of determining probability distribution of transmission times of a first node in a preset time period according to preset conditions of the first node and other nodes, and determining a designated time interval of the first node based on the probability distribution of the transmission times of the first node.
The preset conditions may include environments where the first node and other nodes are located, tasks executed by the nodes, preset output transmission requirements in the network, and the like, and the probability distribution for the transmission times of the first node may be reasonably estimated based on the preset conditions.
(2) And if the data transmission times of the first node in the preset time period are within the specified time interval, determining the first node as an abnormal node.
For the first node, the server estimates a probability distribution of the number of data transmissions between the first node and other nodes within a preset time period (e.g., a time interval of a fixed length) and gives a small probability event interval.
Wherein the number of times the first node transmits data to the other nodes and the number of times the other nodes transmit data to the first node do not necessarily obey the same probability distribution. The small probability event interval includes too many data transmission times or too few data transmission times. For example, if the number of data transmissions follows a normal distribution N (μ, σ)2) Then it is a well-recognized small probability event that the number of data transmissions falls outside the (μ -3 σ, μ +3 σ) interval. And the specified frequency interval of the first node is the interval of the small probability event, namely the data transmission frequency of the first node is the interval of the small probability event according to the corresponding probability distribution.
In an embodiment of the application, if the number of data transmissions in the preset time period is within the specified number interval, which indicates that the number of data transmissions is too many or too few, the data transmission behavior at this time is an abnormal data transmission behavior, and the first node may be determined as a potential abnormal node.
It should be noted that data transmission herein refers to substantial data transmission, and programmatic notifications such as a request issued before a node requests another node to transmit data and a notification returned to a requesting node when a node has no relevant data are not regarded as data transmission.
In an embodiment of the present application, as shown in fig. 4, the node processing method further includes:
step S401: and acquiring a data transmission directed graph comprising a plurality of nodes according to the data transmission direction and the data transmission time of each node, wherein the data transmission directed graph comprises a closed-loop structure directed graph and a tree structure directed graph.
The data transmission directed graph can also comprise directed graphs with other structures, and it can be understood that the server can directly judge whether any node is an abnormal node according to the data transmission log of any node, but the probability distribution of the judgment method based on the data transmission times is not necessarily completely accurate, and meanwhile, the nodes in the network are numerous, so that some nodes can be preferentially selected to verify the abnormal node.
Specifically, the server may obtain a data transmission log of each node, and count data transmission behaviors of each node. The format "a → B, time" may be used to indicate all data transfer activities of node a, where a → B indicates that node a has transferred data to node B at the time (typically the start time) at which the data transfer activities occurred. Regarding the data transmission behaviors of all nodes as a set, allowing elements in the set to be repeatedly used for the set, keeping arrows between the nodes unchanged, and constructing a plurality of directed graphs according to the occurrence time of the data transmission behaviors. In all the above directed graphs, two types of directed graphs are worth attention.
One is a closed loop in which the server is not a start point or an end point, the start point or the end point of the closed loop is from the node, traverses the directed graph in the direction of the arrow, finally returns to the node, and the start time of occurrence of each data transmission behavior in the direction of the arrow is monotonically increased. The server may be contained in such a closed loop, but not the start or end of the closed loop.
And the other type of the data transmission system is a maximum tree structure containing nodes with data transmission abnormity, the maximum tree structure can be a sequential tree or a reverse tree, the starting node of the arrow in the tree structure is called a parent node, and the node pointed by the arrow is called a child node. The sequential tree refers to that the number of nodes of each layer of the tree structure is increased progressively according to the direction of an arrow; the reverse order tree means that the number of nodes of each layer of the tree structure is decreased according to the direction of an arrow.
The maximum tree structure can form a plurality of paths from any node at the uppermost layer to a certain node at the lowermost layer along the arrow pointing sequence, and the starting time of each data transmission behavior on any path is monotonically increased.
The maximum tree structure containing nodes with data transmission abnormality refers to that at least one node in the tree structure is a node with data transmission abnormality, wherein the node with data transmission abnormality refers to that the node has data transmission abnormality for some other node in the network, namely the number of data transmission times in a statistical time period is too large or too small, and all nodes in the tree structure contain all father nodes and child nodes. The maximum tree structure of the closed loop of which the server is not the starting point or the end point and the node with data transmission abnormity in the set is usually multiple and can be listed in an exhaustive manner.
According to the two types of directed graphs, the priority order of the nodes with possible exceptions can be defined, and the actual conditions of the nodes can be verified in other reasonable verification modes according to the priority order.
Step S402: and screening sequence nodes from the closed-loop structure directed graph or the tree structure directed graph according to a preset priority sequence to verify the abnormal nodes.
(1) And determining a starting point node and an end point node in the closed-loop structure directed graph or a root node of the tree structure directed graph as first sequence nodes, and if the first sequence nodes are nodes with abnormal data transmission, preferentially performing verification operation on the abnormal nodes by the first sequence nodes.
The root node refers to the node at the uppermost layer of the tree structure when the tree structure is a sequential tree; when the tree structure is a reverse order tree, the node at the lowest layer of the tree structure is referred to. For a certain tree structure, the number of root nodes may be one or more.
It can be understood that, if the first-order node is a node with an abnormal data transmission, the node has a high possibility of having an abnormal data transmission, and therefore, the node may be preferentially subjected to the verification operation of the abnormal node.
(2) The method comprises the steps of obtaining nodes with data transmission abnormity in a data transmission directed graph but the nodes with data transmission abnormity are not first sequence nodes, and determining second sequence nodes based on the graph number of the nodes with data transmission abnormity appearing in the data transmission directed graph, wherein the second sequence nodes are later than the first sequence nodes to carry out verification operation of the abnormal nodes.
It can be understood that if nodes with data transmission anomalies in the data transmission directed graph occur, that is, the transmission times of the nodes are too many or too few, there is a certain influence on the overall data transmission, and therefore, the verification operation of the nodes with data transmission anomalies can also be performed.
In an embodiment of the present application, in the nodes, verification may be performed according to the graph number of each node in the data transmission directed graph, and if a node with abnormal data transmission occurs in multiple data transmission directed graphs, the node may have a higher risk.
(3) And if a certain node has data transmission abnormity and only appears in one data transmission directed graph or does not have data transmission abnormity and appears in a plurality of data transmission directed graphs, determining the node as a third sequence node, and verifying the abnormal node by the third sequence node later than the first sequence node and the second sequence node.
It can be understood that if a certain node has a data transmission abnormality but only appears in one data transmission directed graph, or appears in a plurality of data transmission directed graphs but does not have a data transmission abnormality, the risk of the nodes is not high relative to the first sequence node and the second sequence node, and therefore the sequence of performing the abnormal node verification operation on the nodes can be backward.
In one embodiment of the present application, the verification operation of the abnormal node may be performed manually. If the server determines that the abnormal node has errors based on the probability distribution of the data transmission times, the verification operation can eliminate the errors, and if the abnormal node determined by the server based on the probability distribution of the data transmission times is actually abnormal, the verification operation can be flexibly processed according to the actual abnormal condition, so that the personal safety of the legal owner or the administrator of the abnormal node is ensured.
The server acquires the data transmission log data of the nodes to judge the potential abnormal nodes, can screen out which nodes are possibly abnormal within the time meeting the actual requirement with reasonable cost, and then carries out verification operation on a small number of possible abnormal nodes, thereby effectively reducing the cost of screening and verifying the abnormal nodes.
An embodiment of the present application provides a node processing apparatus, and as shown in fig. 5, the node processing apparatus 50 may include: a first receiving module 501, a determining module 502, a sending module 503, a displaying module 504, and a forwarding module 505, wherein,
a first receiving module 501, configured to receive at least two pieces of first authentication information for any node.
The execution subject in this embodiment may be a node device, or may be a node operating system of the node device. It can be understood that, in order to protect the security of data in the node, a dedicated module, for example, a high security level module, may be built in the node device or the node operating system, and this high security module is completely transparent to the node operator, so that even if a legal owner or administrator of the node operates or sets in the node operating system according to its highest authority, no operation can be performed on the high security level module. The node and server or other node communications are governed by a high security level module that can perform timing verification functions.
The timing inspection function refers to that when a set time point is reached, for example, after the node equipment is started up, an authentication window pops up every 1 hour, an operator of the node is required to input authentication information, the expression form of the authentication information is different from that of the startup information, usually, the startup information is input incorrectly, the information is prompted to be wrong and the node equipment is locked, whether the authentication information is input correctly or not is displayed to be successful from the perspective of the node operator, but the high-security-level module can perform completely different processing.
In one embodiment of the present application, in order to protect the security of data in the node, the number of received authentication information may be set to be at least two.
The determining module 502 is configured to determine any node as an abnormal node if the information content of the at least two pieces of first verification information is the same and the information content of the first verification information is different from the information content of the preset verification information.
After receiving the verification information input by the user, the validity of the verification information can be further judged, specifically, when the information contents of at least two pieces of first verification information are different, the input contents of the two pieces of verification information are different, and at this time, the user can be prompted that the two pieces of verification information are inconsistent, and the re-input is prompted; when the information contents of the at least two first verification information are the same, the verification information input by the user needs to be compared with the preset verification information, and then a verification result is obtained.
It should be noted that the preset authentication information may be notified to the legal owner or manager of the node by other means under the condition that the legal owner or manager of the node is determined to be safe, and usually, the legal owner or manager of the node directly memorizes the preset authentication information without keeping a written record.
Therefore, the preset verification information is generally known only by the legal owner or manager of the node, that is, other people do not have authority to know the preset verification information of the node device, and the safety of the node data is further ensured.
It can be understood that, when the information contents of at least two pieces of first verification information are the same, but the information contents of the first verification information are different from the information contents of the preset verification information, the user who inputs the verification information is probably not the legal owner or manager of the node, and a prompt of successful verification can be popped from the perspective of the node operator, but the high-security-level module already determines the node as an abnormal node at this time.
A sending module 503, configured to send information that any node is determined to be an abnormal node to the server, so that the server replaces data stored in the abnormal node with preset non-sensitive data.
After the node is judged to be an abnormal node according to the preset verification information, the server may be notified that the node is the abnormal node, for example, the server sends the identifier of the abnormal node to the server, and the server may host the data transmission behavior of the abnormal node according to the node identifier of the abnormal node, especially when sensitive data, such as data with a security requirement, is stored in the abnormal node, if the data is acquired by a lawless person, a huge loss may be caused. At this time, preset non-sensitive data, such as false sensitive data, can be downloaded from the server, and all real sensitive data stored in the abnormal node is overwritten by the false sensitive data. False sensitive data is prepared in advance by a server, and historical sensitive data can be adopted, namely the data is sensitive data historically but is insensitive at present due to time, so that the safety of real sensitive data in the abnormal node is ensured. Meanwhile, as the historical sensitive data is similar to the real sensitive data, lawless persons are not easy to find that the real sensitive data in the abnormal node is replaced in a short time, and the method is favorable for ensuring the personal safety of the legal owner or manager of the abnormal node.
One of the functions of the high-security-level module is to determine whether a certain item of data is sensitive data through information such as a data identifier, record all storage locations of the sensitive data in the node device or the node operating system, for example, some application programs using the sensitive data can perform operations such as backup on the sensitive data according to the settings of the application programs themselves, and record backup locations of the sensitive data together. Therefore, all real sensitive data in the abnormal nodes can be replaced by false sensitive data, and omission does not exist.
And a display module 504, configured to display the verification success information.
It can be understood that if the input of the authentication password to the abnormal node is incorrect, the abnormal node is seemingly operated normally, but the abnormal node cannot receive and store real sensitive data, and a user operating the abnormal node in a short time cannot easily find the changes, so that it is difficult to judge whether the authentication information is input correctly, which is equivalent to reporting the abnormal condition of the node to the server without trace, and is beneficial to protecting the personal safety of a legal owner or administrator of the node under the extreme condition of holding.
A forwarding module 505, configured to receive a data transmission request for the abnormal node, and forward the data transmission request to the server, so that the server controls data transmission of the abnormal node.
It can be understood that, when the high-security-level module obtains the data transmission request for the abnormal node, since the abnormal node may have been invaded by a lawless person, in order to protect the security of data in the entire network, the data transmission request for the abnormal node may be forwarded to the server, and the server already knows that the node is the abnormal node and then hosts the data transmission behavior of the abnormal node, and controls the data transmission of the abnormal node.
The method comprises the steps that first verification information input by a user aiming at any node is compared with preset verification information, and under the condition that the first verification information input by the user is different from the preset verification information, the any node is determined to be an abnormal node, so that sensitive data in the abnormal node are prevented from being acquired by lawbreakers; meanwhile, the non-sensitive data is used for replacing the sensitive data in the abnormal node, the data transmission between the abnormal node and other nodes is not cut off, and the personal safety of a legal owner or a manager of the abnormal node is ensured; the server controls the data transmission behavior of the abnormal node, does not influence the data transmission of other nodes, and ensures the integrity of data transmission in the network.
An embodiment of the present application provides another node processing apparatus, as shown in fig. 6, the node processing apparatus 60 may include: a second receiving module 601, a control module 602, wherein,
a second receiving module 601, configured to receive information that any node is determined to be an abnormal node, and replace data stored in the abnormal node with preset non-sensitive data; the abnormal node is determined when the node equipment verifies that any node meets a first preset condition, the first preset condition is that the information content of at least two pieces of first verification information of any node is the same, and the information content of the first verification information is different from that of preset verification information.
The execution subject in this embodiment may be a server, and when the server obtains information that any node is determined as an abnormal node by the node device, the server may host all data transmission behaviors in the abnormal node to ensure security of the abnormal node and data in the entire network, and especially when sensitive data, such as data with a security requirement, is stored in the abnormal node, if the data is acquired by a lawbreaker, a huge loss may be caused. Preset non-sensitive data in the server can be utilized at this time; such as false sensitive data, all real sensitive data stored in the exception node is overwritten with false sensitive data. False sensitive data is prepared in advance by a server, and usually adopts historical sensitive data, namely the data is sensitive data historically but is not sensitive at present due to time. Thereby ensuring the security of the sensitive data in the abnormal node.
The abnormal node is determined when the node device verifies that any node meets a first preset condition, specifically, the first preset condition includes that the information content of at least two pieces of first verification information of any node is the same, and the information content of the first verification information is different from that of preset verification information. It can be understood that, when the information contents of at least two first verification information are the same, but the information contents of the first verification information are different from the information contents of the preset verification information, the user who inputs the verification information is probably not the legal owner or manager of the node, or the legal owner or manager of the node inputs the verification information under the duress of a lawbreaker, and from the perspective of the node operator, a prompt of successful verification may pop up, but the high security level module in the node device has determined the node as an abnormal node at this time.
And the control module 602 is configured to receive a data transmission request for the abnormal node, and control data transmission of the abnormal node.
It can be understood that, after receiving the message that any node is an abnormal node, in order to prevent the current user from discovering the change of the abnormal node, the data transmission request sent by other nodes to the abnormal node and the data transmission request sent by the abnormal node to other nodes are both forwarded to the server by the high security level module of the abnormal node, and the server controls the data transmission of the abnormal node.
The method and the device prevent sensitive data in the abnormal node from being acquired by lawbreakers by receiving information of the abnormal node determined by the node equipment; meanwhile, the non-sensitive data is used for replacing the sensitive data in the abnormal node, the data transmission between the abnormal node and other nodes is not cut off, and the personal safety of a legal owner or a manager of the abnormal node is ensured; the server controls the data transmission behavior of the abnormal node, does not influence the data transmission of other nodes, and ensures the integrity of data transmission in the network.
An embodiment of the present application provides an electronic device, including: a memory and a processor; the method comprises the steps that at least one program is stored in a memory and used for being executed by a processor, compared with the prior art, the method compares first verification information input by a user aiming at any node with preset verification information, and under the condition that the first verification information input by the user is different from the preset verification information, the any node is determined as an abnormal node, so that sensitive data in the abnormal node are prevented from being acquired by lawless persons; meanwhile, the non-sensitive data is used for replacing the sensitive data in the abnormal node, the data transmission between the abnormal node and other nodes is not cut off, and the personal safety of a legal owner or a manager of the abnormal node is ensured; the server controls the data transmission behavior of the abnormal node, does not influence the data transmission of other nodes, and ensures the integrity of data transmission in the network.
In an alternative embodiment, an electronic device is provided, as shown in fig. 7, the electronic device 4000 shown in fig. 7 comprising: a processor 4001 and a memory 4003. Processor 4001 is coupled to memory 4003, such as via bus 4002. Optionally, the electronic device 4000 may further comprise a transceiver 4004. In addition, the transceiver 4004 is not limited to one in practical applications, and the structure of the electronic device 4000 is not limited to the embodiment of the present application.
The Processor 4001 may be a CPU (Central Processing Unit), a general-purpose Processor, a DSP (Digital Signal Processor), an ASIC (Application Specific Integrated Circuit), an FPGA (Field Programmable Gate Array) or other Programmable logic device, a transistor logic device, a hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor 4001 may also be a combination that performs a computational function, including, for example, a combination of one or more microprocessors, a combination of a DSP and a microprocessor, or the like.
Bus 4002 may include a path that carries information between the aforementioned components. The bus 4002 may be a PCI (Peripheral Component Interconnect) bus, an EISA (Extended Industry Standard Architecture) bus, or the like. The bus 4002 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 7, but this is not intended to represent only one bus or type of bus.
The Memory 4003 may be a ROM (Read Only Memory) or other types of static storage devices that can store static information and instructions, a RAM (Random Access Memory) or other types of dynamic storage devices that can store information and instructions, an EEPROM (Electrically Erasable Programmable Read Only Memory), a CD-ROM (Compact Disc Read Only Memory) or other optical Disc storage, optical Disc storage (including Compact Disc, laser Disc, optical Disc, digital versatile Disc, blu-ray Disc, etc.), a magnetic Disc storage medium or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to these.
The memory 4003 is used for storing application codes for executing the scheme of the present application, and the execution is controlled by the processor 4001. Processor 4001 is configured to execute application code stored in memory 4003 to implement what is shown in the foregoing method embodiments.
The present application provides a computer-readable storage medium, on which a computer program is stored, which, when running on a computer, enables the computer to execute the corresponding content in the foregoing method embodiments. Compared with the prior art, the method and the device have the advantages that the first verification information input by the user aiming at any node is compared with the preset verification information, and under the condition that the first verification information input by the user is different from the preset verification information, any node is determined to be an abnormal node, so that sensitive data in the abnormal node is prevented from being acquired by lawbreakers; meanwhile, the non-sensitive data is used for replacing the sensitive data in the abnormal node, the data transmission between the abnormal node and other nodes is not cut off, and the personal safety of a legal owner or a manager of the abnormal node is ensured; the server controls the data transmission behavior of the abnormal node, does not influence the data transmission of other nodes, and ensures the integrity of data transmission in the network.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
The foregoing is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims (11)

1. A node processing method, comprising:
receiving at least two first authentication information for any node;
if the information contents of the at least two pieces of first verification information are the same and the information contents of the first verification information are different from the information contents of preset verification information, determining any node as an abnormal node;
sending the information that any node is determined to be an abnormal node to a server so that the server replaces data stored in the abnormal node with preset non-sensitive data;
displaying verification success information;
and receiving a data transmission request aiming at the abnormal node, and forwarding the data transmission request to a server so that the server controls the data transmission of the abnormal node.
2. A node processing method, comprising:
receiving information that any node is determined to be an abnormal node, and replacing data stored in the abnormal node with preset non-sensitive data; the abnormal node is determined when the node equipment verifies that any node meets a first preset condition, wherein the first preset condition is that the information content of at least two pieces of first verification information of any node is the same, and the information content of the first verification information is different from that of preset verification information;
and receiving a data transmission request aiming at the abnormal node, and controlling the data transmission of the abnormal node.
3. The method of claim 2, wherein the receiving a data transmission request for the abnormal node, and controlling the data transmission of the abnormal node comprises:
if the data transmission request of the abnormal node relates to sensitive data and is sent to other nodes by the abnormal node, providing second data with the same data volume as that of the data transmission request to the abnormal node, wherein the second data are preset non-sensitive data;
and if the data transmission request of the abnormal node relates to sensitive data and is sent to the abnormal node by other nodes, providing data related to the data transmission request to other nodes or forwarding the data transmission request to a node judged to be safe.
4. A method according to claim 2 or 3, characterized in that the method further comprises:
acquiring a data transmission log of a first node, wherein the data transmission log comprises a data transmission direction, data transmission time or data transmission times of the first node;
analyzing the data transmission behavior of the first node, and if the data transmission behavior of the first node is abnormal data transmission behavior, determining the first node as an abnormal node; the first node is determined when the node equipment verifies that any node meets a second preset condition, wherein the second preset condition is that the information content of at least two pieces of first verification information of the first node is the same, and the information content of the first verification information is the same as that of preset verification information.
5. The method of claim 4, wherein the analyzing the data transmission behavior of the first node and determining the first node as an abnormal node if the data transmission behavior of the first node is an abnormal data transmission behavior comprises:
determining probability distribution of transmission times of the first node in a preset time period according to preset conditions of the first node and other nodes, and determining a designated time interval of the first node based on the probability distribution of the transmission times of the first node;
and if the data transmission times of the first node in a preset time period are within the specified time interval, determining the first node as an abnormal node.
6. The method according to any one of claims 2-5, further comprising:
acquiring a data transmission directed graph comprising a plurality of nodes according to the data transmission direction and the data transmission time of each node, wherein the data transmission directed graph comprises a closed-loop structure directed graph and a tree structure directed graph;
and screening sequence nodes from the closed-loop structure directed graph or the tree structure directed graph according to a preset priority sequence to carry out verification operation of abnormal nodes.
7. The method according to claim 6, wherein the screening out sequential nodes from the closed-loop structure directed graph or the tree structure directed graph according to a preset priority order comprises:
determining a starting point node and an end point node in the closed-loop structure directed graph or a root node of the tree structure directed graph as first sequence nodes, and if the first sequence nodes are nodes with abnormal data transmission, preferentially performing verification operation on the abnormal nodes by the first sequence nodes;
acquiring nodes with data transmission abnormity in the data transmission directed graph but the nodes with data transmission abnormity are not the first sequence nodes, determining second sequence nodes based on the graph number of the nodes with data transmission abnormity appearing in the data transmission directed graph, wherein the second sequence nodes appear in a plurality of data transmission directed graphs, and the second sequence nodes carry out verification operation of the abnormal nodes later than the first sequence nodes;
and if a certain node has data transmission abnormity and only appears in one data transmission directed graph or does not have data transmission abnormity and appears in a plurality of data transmission directed graphs, determining the node as a third sequence node, wherein the third sequence node is later than the first sequence node and the second sequence node to carry out abnormal node verification operation.
8. A node processing apparatus, comprising:
a first receiving module, configured to receive at least two pieces of first authentication information for any node;
the determining module is used for determining any node as an abnormal node if the information contents of the at least two pieces of first verification information are the same and the information contents of the first verification information are different from the information contents of preset verification information;
the sending module is used for sending the information that any node is determined to be an abnormal node to a server so that the server replaces data stored in the abnormal node with preset non-sensitive data;
the display module is used for displaying verification success information;
and the forwarding module is used for receiving the data transmission request aiming at the abnormal node and forwarding the data transmission request to the server so as to enable the server to control the data transmission of the abnormal node.
9. A node processing apparatus, comprising:
the second receiving module is used for receiving the information that any node is determined to be an abnormal node and replacing the data stored in the abnormal node with preset non-sensitive data; the abnormal node is determined when the node equipment verifies that any node meets a first preset condition, wherein the first preset condition is that the information content of at least two pieces of first verification information of any node is the same, and the information content of the first verification information is different from that of preset verification information;
and the control module is used for receiving the data transmission request aiming at the abnormal node and controlling the data transmission of the abnormal node.
10. An electronic device, comprising:
one or more processors;
a memory;
one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: executing the method of any of claims 1 to 7.
11. A computer-readable storage medium on which a computer program is stored, the program, when being executed by a processor, implementing the abnormal node processing method according to any one of claims 1 to 7.
CN202011401427.4A 2020-12-02 2020-12-02 Abnormal node processing method and device, electronic equipment and computer storage medium Active CN112600692B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011401427.4A CN112600692B (en) 2020-12-02 2020-12-02 Abnormal node processing method and device, electronic equipment and computer storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011401427.4A CN112600692B (en) 2020-12-02 2020-12-02 Abnormal node processing method and device, electronic equipment and computer storage medium

Publications (2)

Publication Number Publication Date
CN112600692A true CN112600692A (en) 2021-04-02
CN112600692B CN112600692B (en) 2021-09-07

Family

ID=75187997

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011401427.4A Active CN112600692B (en) 2020-12-02 2020-12-02 Abnormal node processing method and device, electronic equipment and computer storage medium

Country Status (1)

Country Link
CN (1) CN112600692B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5731575A (en) * 1994-10-26 1998-03-24 Zingher; Joseph P. Computerized system for discreet identification of duress transaction and/or duress access
CN103455737A (en) * 2012-05-28 2013-12-18 百度在线网络技术(北京)有限公司 User information protection method and device
CN109062690A (en) * 2018-07-18 2018-12-21 郑州云海信息技术有限公司 A kind of request responding method, server, medium and system
CN110968860A (en) * 2019-11-21 2020-04-07 上海掌门科技有限公司 Security verification method for application account, computer equipment and computer-readable storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5731575A (en) * 1994-10-26 1998-03-24 Zingher; Joseph P. Computerized system for discreet identification of duress transaction and/or duress access
CN103455737A (en) * 2012-05-28 2013-12-18 百度在线网络技术(北京)有限公司 User information protection method and device
CN109062690A (en) * 2018-07-18 2018-12-21 郑州云海信息技术有限公司 A kind of request responding method, server, medium and system
CN110968860A (en) * 2019-11-21 2020-04-07 上海掌门科技有限公司 Security verification method for application account, computer equipment and computer-readable storage medium

Also Published As

Publication number Publication date
CN112600692B (en) 2021-09-07

Similar Documents

Publication Publication Date Title
US9338129B2 (en) Remote user computer control and monitoring
CN112235321B (en) Short message verification code anti-brushing method and device
CN108256322B (en) Security testing method and device, computer equipment and storage medium
CN111131221B (en) Interface checking device, method and storage medium
CN106465076B (en) Method and terminal for controlling short message reading
US20170155683A1 (en) Remedial action for release of threat data
CN110049028B (en) Method and device for monitoring domain control administrator, computer equipment and storage medium
CN112417391B (en) Information data security processing method, device, equipment and storage medium
CN114268452A (en) Network security protection method and system
CN113704037A (en) Equipment testing method and device, computer equipment and storage medium
CN112600692B (en) Abnormal node processing method and device, electronic equipment and computer storage medium
US20210141901A1 (en) Method and electronic device for monitoring an avionics software application via system call(s) counters, related computer program and avionics system
CN114979109B (en) Behavior track detection method, behavior track detection device, computer equipment and storage medium
CN116719657A (en) Firmware fault log generation method, device, server and readable medium
CN108965108B (en) Message pushing method and related equipment
RU2659736C1 (en) System and method of detecting new devices under user interaction with banking services
CN115967565A (en) Battlefield situation sensing method, system, terminal equipment and storage medium
CN114780412A (en) Page testing method, system, device and medium
CN115391059A (en) Data playback method and device, computer equipment and computer readable storage medium
CN111131198B (en) Updating method and device for network security policy configuration
CN111475400A (en) Verification method of service platform and related equipment
CN111132171A (en) Access limiting method and device based on historical short message sending amount and computer equipment
JP6099381B2 (en) In-vehicle device
US11403395B1 (en) Method of using a dynamic rule engine with an application
WO2023170995A1 (en) Vehicle diagnosis system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20230516

Address after: Room 401, Floor 4, No. 2, Haidian East Third Street, Haidian District, Beijing 100080

Patentee after: Yuanxin Information Technology Group Co.,Ltd.

Address before: 100080 401-06, 4th floor, 2 Haidian East 3rd Street, Haidian District, Beijing

Patentee before: YUANXIN TECHNOLOGY