CN112671801B - Network security detection method and system - Google Patents
Network security detection method and system Download PDFInfo
- Publication number
- CN112671801B CN112671801B CN202110036735.XA CN202110036735A CN112671801B CN 112671801 B CN112671801 B CN 112671801B CN 202110036735 A CN202110036735 A CN 202110036735A CN 112671801 B CN112671801 B CN 112671801B
- Authority
- CN
- China
- Prior art keywords
- information
- virus
- data
- unit
- isolation area
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 33
- 241000700605 Viruses Species 0.000 claims abstract description 127
- 238000002955 isolation Methods 0.000 claims abstract description 41
- 238000012545 processing Methods 0.000 claims abstract description 4
- 238000004891 communication Methods 0.000 claims description 18
- 230000009545 invasion Effects 0.000 claims description 16
- 238000004088 simulation Methods 0.000 claims description 12
- 230000006698 induction Effects 0.000 claims description 10
- 238000004458 analytical method Methods 0.000 claims description 8
- 238000000034 method Methods 0.000 claims description 6
- 238000005206 flow analysis Methods 0.000 claims description 5
- 238000012795 verification Methods 0.000 claims description 4
- 230000005856 abnormality Effects 0.000 claims description 3
- 238000004806 packaging method and process Methods 0.000 claims description 3
- 238000007405 data analysis Methods 0.000 claims 1
- 230000010365 information processing Effects 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 4
- 230000006399 behavior Effects 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000002787 reinforcement Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000013498 data listing Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a network security detection method and a system in the technical field of network security detection, which comprises the following steps: capturing the data flow transmitted in the current wireless network through an information capturing unit; step two: the information isolation area is a firewall area which is safe and avoids information leakage from influencing a client; step three: comparing the processing and capturing result in the information isolation area with virus information in a virus database; step four: the characteristic information coincidence prompting unit transmits the virus information to the virus information counting module; step five: after the virus information is confirmed, and the virus information is distinguished from virus characteristic records in a virus database on part of characteristics, an information isolation area is arranged in the middle, so that the influence of viruses on a client can be reduced while the information processing is ensured, and the pertinence of engineering personnel on a system in the later period can be improved.
Description
Technical Field
The invention relates to the technical field of network security detection, in particular to a network security detection method and a network security detection system.
Background
The network security refers to that the hardware, software and data in the system of the network system are protected and are not damaged, changed and leaked due to accidental or malicious reasons, the system continuously, reliably and normally operates, and the network service is not interrupted.
For example, a network security detection method and system of chinese patent application No. CN201810217743.2, the specific contents are: the method comprises the steps of establishing an intrusion detection system component, setting a network card into a hybrid mode by a safety detector, receiving a detection strategy for detecting attack disclosure behaviors, carrying out protocol analysis on a captured packet by the safety detector, analyzing the captured packet into a packet header and a pure load part of each layer such as a link layer, a network layer, a transmission layer and the like, detecting attack characteristics by carefully checking the packet header and the load of the packet, analyzing a protocol and syntax, and being safe and convenient to use.
For example, chinese patent application No. CN201510959329.5 relates to a wireless network security detection method and system, which specifically includes: the method comprises the steps that a hardware sensor deployed inside an enterprise continuously captures all data traffic in the current wireless environment and transmits the data traffic to a central control server in real time; the central control server analyzes the required characteristic information from the data traffic; matching and detecting the characteristic information in a characteristic library; further checking the connection condition of the hot spot and the client belonging to the enterprise to generate a black and white list; sending the blacklist to a management terminal for displaying and sending an alarm prompt to an administrator; and the management terminal blocks and isolates the hot spots in the blacklist and the terminal.
For example, a method and a system for detecting network security disclosed in chinese patent application No. CN201310742812.9 specifically include: analyzing the first four layers of protocols of the captured data packet to obtain quintuple information; carrying out intrusion detection on the data packet by utilizing an intrusion detection rule; adding an identifier to the captured data packet according to the quintuple information; determining the application protocol type adopted by the stream object according to the quintuple information of the stream object and the content of the data packet, counting the flow data of the stream object adopting the same application protocol type according to the data packet carrying the identifier, and performing flow analysis; calling an analysis plug-in according to the application protocol type of the stream object to analyze a data packet application layer protocol of the stream object to obtain data information, and recording user network behavior according to the data information; and performing virus library matching detection on the data information obtained by analysis, integrating intrusion detection, network behavior detection, abnormal flow analysis detection and virus detection into a system, and realizing multiple detections on network access by only needing one interface.
The existing network security detection method and system can not set a security zone between data transmitted in a wireless network and a client in the using process, if the wireless network carries viruses, the viruses can attack the client directly, a better security protection effect is not provided, the intrusion viruses have no better manageability, workers can not know the viruses which attack the system frequently, and the later pertinence reinforcement of the workers on the system can not be better satisfied.
Disclosure of Invention
The invention aims to provide a network security detection method and a network security detection system, which aim to solve the problems that a security region cannot be arranged between data transmitted in a wireless network and a client in the using process, if the wireless network carries viruses, the viruses can directly attack the client, a better security protection effect is not provided, the viruses invade the network has no better manageability, workers cannot know the viruses which attack the system frequently, and the later-stage pertinence reinforcement of the workers on the system cannot be better satisfied.
In order to achieve the purpose, the invention provides the following technical scheme: a network security detection method comprises the following steps: capturing a data flow transmitted in the current wireless network through an information capturing unit, and then transmitting the captured data to an information isolation area;
step two: the information isolation area is a safe firewall area which avoids information leakage from influencing a client, and the information isolation area comprises a data flow information analysis unit, a characteristic information matching unit and a characteristic information superposition simulation unit;
step three: comparing the processing and capturing result in the information isolation area with virus information in a virus database, and inputting the information in the wireless network into a client receiving unit through an information output unit in a normal state for a client to use;
after the abnormality is found through the comparison of the virus database, the corresponding signal part in the wireless network is intercepted through the information interception module, and then the virus invasion reminding is carried out on the client through the characteristic information superposition prompting unit;
step four: the characteristic information superposition prompting unit transmits the virus information to the virus information counting module, then counts the data, and displays the specific virus information condition to a client for viewing through the data list module;
step five: after the virus information is confirmed, and when the virus information is different from virus characteristic records in a virus database on part of characteristics, the characteristic information coincidence prompting module updates the virus characteristic information into the virus database in time through the storage unit for storage.
Preferably, the data list is a table corresponding list induction, and the key color marks are respectively carried out on the frequently-invaded virus and the time of the frequently-invaded virus.
Preferably, the data counted by the virus information statistics comprises invasion time period induction statistics data and virus type data.
Preferably, the summary statistics of the invasion period comprises four time stages, namely 8-12 points, 12-16 points, 16-20 points and 20-24 points.
A network security detection system, the data flow direction information analysis unit, characteristic information matching unit and characteristic information coincidence analog unit in information capture unit and information isolation area are the communication connection, between information isolation area and virus database is the communication connection;
the information interception module and the information output unit are both in communication connection with the information isolation area, the information output unit is in communication connection with the client receiving unit, the information interception module is in communication connection with the characteristic information superposition prompting unit, the characteristic information superposition prompting module is in communication connection with the storage unit, and the characteristic information superposition prompting module is electrically connected with the virus information statistics module;
the data list module is used for integrating and summarizing the information condition of the viruses, marking the frequently-appearing viruses and the time periods of concentrated virus invasion by red color and warning workers;
preferably, the data flow analyzing unit is configured to analyze data flow transmitted in the wireless network, and then package and transmit the analyzed data to the feature information matching unit and the feature information superposition simulation unit, where the feature information matching unit is configured to perform database information comparison on the packaged data and the virus library, the feature information superposition simulation unit is configured to perform similarity comparison on the packaged data information, and is configured to perform mark prompt on data with a data similarity proportion of 80%.
Preferably, the similar data prompted by the mark is transmitted to the client receiving unit through the information output unit for further verification, interception cannot be generated after the similar data are qualified, the data are reversely pushed to the information isolation area under the unqualified condition, then the information isolation area issues an instruction to enable the information interception module to intercept corresponding data information, and the novel virus is stored through the storage unit and updates virus type data in the virus library.
Preferably, the information output unit includes an information marking module, and the information marking module is configured to mark the suspected data information, remind the staff of paying attention, and then analyze the suspected data information by the staff to determine whether to allow the data information to pass.
Preferably, the database and the client receiving unit are isolated from the data flow transmitted in the current wireless network by the information isolation area, and only the information processed by the information isolation area can be received by the client receiving unit.
Preferably, the statistics of the virus type data can be set by staff, the set rule is ranking of the times of invading the virus type, and the invasion time period induction statistics can be tabulated by taking the quarterly or annual statistics as a statistical unit.
Compared with the prior art, the invention has the beneficial effects that: the data flow analysis unit is used for analyzing data flow transmitted in the wireless network, packaging the analyzed data and transmitting the packaged data to the feature information matching unit and the feature information superposition simulation unit, the feature information matching unit can compare database information of the packaged data with a virus library, the feature information superposition simulation unit is used for comparing similarity of the packaged data information, marking and prompting the data with the data similarity proportion accounting for 80%, transmitting the similar data with the marking and prompting to the client receiving unit through the information output unit for further verification, and cannot generate interception after the data is qualified;
storing the novel virus through a storage unit and updating virus type data in a virus library; the information output unit comprises an information marking module which is used for marking suspected data information to remind workers of paying attention, and then the personnel analyze the suspected data information to determine whether the data information passes through or not; the statistics of the virus type data can be set by workers according to the statistical degree, the set rule is the ranking of the times of invading the virus type, and the invasion time period induction statistics can be tabulated by taking seasons or years as statistical units;
the virus that carries in the data flow that can avoid carrying in the wireless network directly causes the influence to the customer end, the centre has set up an information isolation region, can be when guaranteeing to information processing, also can reduce the influence of virus to the customer end, set up to the customer end has better protectiveness, and can carry out the list to the virus and look over, can assist the staff to know the virus type that often carries in the wireless network, can make the engineering personnel later stage carry out the pertinence improvement to the system, better guard action has, can effectually guarantee the security of network, it is better to detect the isolation effect.
Of course, it is not necessary for any product to practice the invention to achieve all of the above-described advantages at the same time.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a diagram of the overall system connection of the present invention;
FIG. 2 is a block diagram of an infringement period summary statistics system of the present invention;
FIG. 3 is a block diagram of a data Listing System of the present invention;
FIG. 4 is a block diagram of a virus statistics module system according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1 to 4, the present invention provides a network security detection method and system, which comprises the following steps: a network security detection method includes the following steps: capturing the data flow transmitted in the current wireless network through an information capturing unit, and then transmitting the captured data to an information isolation area;
step two: the information isolation area is a safe firewall area which avoids information leakage from influencing a client, and the information isolation area comprises a data flow information analysis unit, a characteristic information matching unit and a characteristic information superposition simulation unit;
step three: comparing the processing and capturing result in the information isolation area with virus information in a virus database, and inputting the information in the wireless network into a client receiving unit through an information output unit in a normal state for a client to use;
after the abnormality is found through the comparison of the virus database, the corresponding signal part in the wireless network is intercepted through the information interception module, and then the virus invasion reminding is carried out on the client through the characteristic information superposition prompting unit;
step four: the characteristic information superposition prompting unit transmits the virus information to the virus information counting module, then counts the data, and displays the specific virus information condition to a client for viewing through the data list module;
step five: after the virus information is confirmed, and when the virus information is different from virus characteristic records in a virus database on part of characteristics, the characteristic information coincidence prompting module updates the virus characteristic information into the virus database in time through the storage unit for storage.
The data list is a table corresponding list induction, and key color marking is carried out on the frequently-invaded viruses and the time of the frequent virus invasion respectively, the data counted by the virus information statistics comprise invasion time period induction statistical data and virus type data, and the invasion time period induction statistics comprise four time stages which are respectively 8-12 points, 12-16 points, 16-20 points and 20-24 points.
A network security detection system, the data flow direction information analysis unit, characteristic information matching unit and characteristic information coincidence analog unit in information capture unit and information isolation area are the communication connection, between information isolation area and virus database is the communication connection;
the information interception module and the information output unit are both in communication connection with the information isolation area, the information output unit is in communication connection with the client receiving unit, the information interception module is in communication connection with the characteristic information superposition prompting unit, the characteristic information superposition prompting module is in communication connection with the storage unit, and the characteristic information superposition prompting module is electrically connected with the virus information statistics module;
the data list module is used for integrating and summarizing the information condition of the viruses, marking the frequently-appearing viruses and the time periods of the concentrated virus infringement through red color and warning workers;
the data flow analysis unit is used for analyzing data in a data flow direction transmitted in a wireless network, the analyzed data are packaged and transmitted to the characteristic information matching unit and the characteristic information superposition simulation unit, the characteristic information matching unit can compare database information of the packaged data with a virus library, the characteristic information superposition simulation unit is used for comparing similarity of the packaged data information, data with the data similarity proportion accounting for 80% can be marked and prompted, the similar data marked and prompted are transmitted to the client receiving unit through the information output unit to be verified further, interception cannot be generated after the data are qualified, the data are pushed back to the information isolation area under the unqualified condition, then the information isolation area issues an instruction to enable the information interception module to intercept corresponding data information, and the novel virus is stored through the storage unit and updates virus type data in the virus library.
The information output unit comprises an information marking module which is used for marking suspected data information to remind workers of paying attention, and then the personnel analyze the suspected data information to determine whether the data information passes through or not; the statistics of the virus type data can be set by a worker according to the statistical degree, the set rule is the ranking of the times of invading the virus type, and the invasion time period induction statistics can be listed by taking seasons or years as statistical units.
The data flow analyzing unit is used for analyzing data of a data flow direction transmitted in a wireless network, then packaging and transmitting the analyzed data to the characteristic information matching unit and the characteristic information superposition simulating unit, the characteristic information matching unit can compare database information of the packaged data with a virus library, the characteristic information superposition simulating unit is used for comparing similarity of the packaged data information, marking and prompting the data with the data similarity proportion accounting for 80%, transmitting the similar data subjected to marking and prompting to the client receiving unit through the information output unit for further verification, intercepting is not generated after the data are qualified, the data are pushed back to the information isolation area under the condition of unqualified data, then the information isolation area gives an instruction to enable the information interception module to intercept the corresponding data information, and the novel virus is stored through the storage unit and updates virus type data in the virus library; the information output unit comprises an information marking module which is used for marking suspected data information to remind workers of paying attention, and then the personnel analyze the suspected data information to determine whether the data information passes through or not; virus type data statistics can be set for its degree of statistics by the staff, the rule of setting for the rank of offending virus type number of times, the period of offending sums up statistics can carry out the list for statistics unit quarterly or year, can avoid the virus that carries in the data flow of carrying in the wireless network directly to cause the influence to the client, the centre has set up an information isolation region, can be when guaranteeing to information processing, also can reduce the influence of virus to the client, set up the better protectiveness to the client, and can carry out the list to the virus and look over, can assist the staff to know the virus type that often carries in the wireless network, can make the engineering personnel later stage carry out the pertinence improvement to the system, better guard action has, can the effectual security of guaranteeing the network, it is better to detect the isolation effect.
In the description herein, references to the description of "one embodiment," "an example," "a specific example" or the like are intended to mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The preferred embodiments of the invention disclosed above are intended to be illustrative only. The preferred embodiments are not intended to be exhaustive or to limit the invention to the precise embodiments disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best understand the invention for and utilize the invention. The invention is limited only by the claims and their full scope and equivalents.
Claims (3)
1. A network security detection system, characterized by: the network security detection system comprises an information capturing unit, an information isolation area, an information analyzing unit, a characteristic information matching unit, a characteristic information superposition simulation unit, a virus database, an information interception module, an information output unit, a client receiving unit, a characteristic information superposition prompting unit, a storage unit, a virus information counting module, a data list module, a data flow analyzing unit and a virus database;
the information capturing unit is in communication connection with the data flow direction information analyzing unit, the characteristic information matching unit and the characteristic information superposition simulating unit in the information isolation area, and the information isolation area is in communication connection with the virus database;
the information interception module and the information output unit are both in communication connection with the information isolation area, the information output unit is in communication connection with the client receiving unit, the information interception module is in communication connection with the characteristic information superposition prompting unit, the characteristic information superposition prompting unit is in communication connection with the storage unit, and the characteristic information superposition prompting unit is electrically connected with the virus information statistics module;
the data list module is used for integrating and summarizing the information condition of the viruses, marking the frequently-appearing viruses and the time periods of concentrated virus invasion by red color and warning workers;
the data flow analysis unit is used for carrying out data analysis on the data flow direction transmitted in the wireless network, packaging the analyzed data and transmitting the packaged data to the feature information matching unit and the feature information superposition simulation unit, the feature information matching unit can carry out database information comparison on the packaged data and the virus library, the feature information superposition simulation unit is used for carrying out similarity comparison on the packaged data information, and marking and prompting the data with the data similarity proportion accounting for 80%;
the similar data marked and prompted are transmitted to a client receiving unit through an information output unit for further verification, interception cannot be generated after the similar data are qualified, the data are pushed back to an information isolation area under the condition of unqualified data, then an instruction is issued by the information isolation area to enable an information interception module to intercept the corresponding data information, the novel virus is stored through a storage unit, and virus type data in a virus library are updated;
the information output unit comprises an information marking module which is used for marking suspected data information, reminding workers of paying attention, and then analyzing the suspected data information by the workers to determine whether the data information passes;
the database and the client receiving unit are respectively isolated from the data flow transmitted in the current wireless network through the information isolation area, and only the information processed by the information isolation area can be received by the client receiving unit;
the network security detection method based on the network security detection system comprises the following steps:
the method comprises the following steps: capturing a data flow transmitted in the current wireless network through an information capturing unit, and then transmitting the captured data to an information isolation area;
step two: the information isolation area is a safe firewall area which avoids information leakage from influencing a client, and the information isolation area comprises a data flow information analysis unit, a characteristic information matching unit and a characteristic information superposition simulation unit;
step three: comparing the processing and capturing result in the information isolation area with virus information in a virus database, and inputting the information in the wireless network into a client receiving unit through an information output unit under a normal state for a client to use;
after the abnormality is found through the comparison of the virus database, the corresponding signal part in the wireless network is intercepted through the information interception module, and then the virus invasion reminding is carried out on the client through the characteristic information superposition prompting unit;
step four: the characteristic information coincidence prompting unit transmits the virus information to the virus information counting module, counts the data, and displays the specific virus information state to a client for viewing through the data list module; the data counted by the virus information statistics comprise invasion time period induction statistical data and virus type data; the data list is a table corresponding list and is summarized, and key color marks are respectively carried out on the frequently invaded viruses and the time of the frequently invaded viruses;
step five: after the virus information is confirmed, and when the virus information is distinguished from the virus characteristic record in the virus database on the partial characteristics, the characteristic information superposition prompting unit updates the virus characteristic information into the virus database in time through the storage unit for storage.
2. The network security detection system of claim 1, wherein: the summary statistics of the invasion time periods comprises four time stages, namely 8-12 points, 12-16 points, 16-20 points and 20-24 points.
3. The network security detection system of claim 1, wherein: the statistic degree of the virus type data is set by a worker, the set rule is the ranking of the times of invading the virus types, and the invasion time period induction statistics is tabulated by taking the quarter or the year as a statistic unit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110036735.XA CN112671801B (en) | 2021-01-12 | 2021-01-12 | Network security detection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110036735.XA CN112671801B (en) | 2021-01-12 | 2021-01-12 | Network security detection method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112671801A CN112671801A (en) | 2021-04-16 |
| CN112671801B true CN112671801B (en) | 2022-10-28 |
Family
ID=75414509
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110036735.XA Active CN112671801B (en) | 2021-01-12 | 2021-01-12 | Network security detection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112671801B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113343233A (en) * | 2021-05-08 | 2021-09-03 | 山西三友和智慧信息技术股份有限公司 | Interval security monitoring system and monitoring method based on big data |
| CN113783880A (en) * | 2021-09-14 | 2021-12-10 | 南方电网数字电网研究院有限公司 | Network security detection system and network security detection method thereof |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107493300A (en) * | 2017-09-20 | 2017-12-19 | 河北师范大学 | Network security protection system |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100628325B1 (en) * | 2004-12-20 | 2006-09-27 | 한국전자통신연구원 | Intrusion detection sensor detecting attacks against wireless network and system and method for detecting wireless network intrusion |
| CN101414914B (en) * | 2008-11-26 | 2012-01-25 | 北京星网锐捷网络技术有限公司 | Method and apparatus for filtrating data content, finite state automata and conformation apparatus |
| CN102572814B (en) * | 2010-12-27 | 2015-08-19 | 中国移动通信集团上海有限公司 | A kind of mobile terminal virus monitor method, system and device |
| CN104243486B (en) * | 2014-09-28 | 2018-03-23 | 中国联合网络通信集团有限公司 | A kind of method for detecting virus and system |
| CN107231360A (en) * | 2017-06-08 | 2017-10-03 | 上海斐讯数据通信技术有限公司 | Network virus protection method, safe wireless router and system based on cloud network |
| CN109829304B (en) * | 2018-12-29 | 2021-04-13 | 奇安信科技集团股份有限公司 | Virus detection method and device |
-
2021
- 2021-01-12 CN CN202110036735.XA patent/CN112671801B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107493300A (en) * | 2017-09-20 | 2017-12-19 | 河北师范大学 | Network security protection system |
Non-Patent Citations (3)
| Title |
|---|
| Anomaly-based intrusion detection system for ad hoc networks;Abdelaziz Amara Korba;《2016 7th International Conference on the Network of the Future (NOF)》;20170109;全文 * |
| 基于蜜罐的网络病毒特征研究模型;田俊峰等;《计算机工程与应用》;20070901(第33期);全文 * |
| 网络病毒安全防护策略;李俊娇;《通讯世界》;20160225(第04期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112671801A (en) | 2021-04-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104937886B (en) | Log analysis device, information processing method | |
| US8418247B2 (en) | Intrusion detection method and system | |
| US6353385B1 (en) | Method and system for interfacing an intrusion detection system to a central alarm system | |
| CN112671801B (en) | Network security detection method and system | |
| CN109167754A (en) | A kind of network application layer security protection system | |
| KR101375813B1 (en) | Active security sensing device and method for intrusion detection and audit of digital substation | |
| CN104796261A (en) | Secure access control system and method for network terminal nodes | |
| CN105812200B (en) | Anomaly detection method and device | |
| CN107770174A (en) | A kind of intrusion prevention system and method towards SDN | |
| US20030083847A1 (en) | User interface for presenting data for an intrusion protection system | |
| CN107347047A (en) | Attack guarding method and device | |
| CN112153047A (en) | Block chain-based network security operation and maintenance and defense method and system | |
| CN116827675A (en) | Network information security analysis system | |
| US20030084340A1 (en) | System and method of graphically displaying data for an intrusion protection system | |
| CN112953971A (en) | Network security traffic intrusion detection method and system | |
| CN108390857B (en) | Method and device for exporting file from high-sensitivity network to low-sensitivity network | |
| CN114024734B (en) | Intelligent network security detection and analysis system based on UEBA | |
| CN116094817A (en) | Network security detection system and method | |
| CN111526109B (en) | Method and device for automatically detecting running state of web threat recognition defense system | |
| KR101767591B1 (en) | System and method for improvement invasion detection | |
| KR101551537B1 (en) | Information spill prevention apparatus | |
| LaPadula | State of the art in anomaly detection and reaction | |
| CN114189361A (en) | Situation awareness method, device and system for defending threats | |
| CN114124453A (en) | Network security information processing method and device, electronic equipment and storage medium | |
| CN112968869A (en) | Information safety monitoring system of electric power production control large area |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230224 Address after: No. 2301, 23/F, Block A, enclosed area of Xining South Road, Nanxing Street and Hexie Avenue, Nangang District, Harbin, Heilongjiang Province, 150086 Patentee after: Sun Chuanyou Address before: Floor 23, block a, enclosed area of Xining South Road, Nanxing street and Hexie Avenue, Nanguan District, Changchun City, Jilin Province Patentee before: Harbin Fortune Technology Development Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20231127 Address after: No. 2301, 23/F, Block A, enclosed area of Xining South Road, Nanxing Street and Hexie Avenue, Nangang District, Harbin, Heilongjiang Province, 150086 Patentee after: Harbin Fortune Technology Development Co.,Ltd. Address before: No. 2301, 23/F, Block A, enclosed area of Xining South Road, Nanxing Street and Hexie Avenue, Nangang District, Harbin, Heilongjiang Province, 150086 Patentee before: Sun Chuanyou |
|
| TR01 | Transfer of patent right |