CN112929379B - Intelligent recorder remote operation and maintenance instruction defense method and system - Google Patents

Intelligent recorder remote operation and maintenance instruction defense method and system Download PDF

Info

Publication number
CN112929379B
CN112929379B CN202110195850.1A CN202110195850A CN112929379B CN 112929379 B CN112929379 B CN 112929379B CN 202110195850 A CN202110195850 A CN 202110195850A CN 112929379 B CN112929379 B CN 112929379B
Authority
CN
China
Prior art keywords
information
maintenance
remote
instruction information
obtaining unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110195850.1A
Other languages
Chinese (zh)
Other versions
CN112929379A (en
Inventor
晋龙兴
刘子俊
黄福全
肖硕霜
卢正飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Power Supply Bureau Co Ltd
Original Assignee
Shenzhen Power Supply Bureau Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Power Supply Bureau Co Ltd filed Critical Shenzhen Power Supply Bureau Co Ltd
Priority to CN202110195850.1A priority Critical patent/CN112929379B/en
Publication of CN112929379A publication Critical patent/CN112929379A/en
Application granted granted Critical
Publication of CN112929379B publication Critical patent/CN112929379B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明公开一种智能录波器远程运维指令防御方法及系统,方法包括:获得第一远程录波器的第一运维状态信息;根据第一运维状态信息,生成第一验证码信息;获得第二远程录波器的第二运维状态信息;根据第二运维状态信息和第一验证码生成第二验证码,以此类推,获得第N远程录波器的第N运维状态信息;根据第N运维状态信息和第N‑1验证码生成第N验证码;将所有运维状态信息和验证码分别复制保存在M台设备上;根据相应验证码,获得与验证码对应的远程运维权限;根据远程运维权限,获得远程运维指令信息。本发明解决了智能录波器工作过程中的运维指令信息面临着被篡改的风险,工作效率不高的技术问题,可防御网络攻击导致了大面积停电事件。

Figure 202110195850

The invention discloses a method and system for defending against remote operation and maintenance instructions of an intelligent wave recorder. The method includes: obtaining first operation and maintenance state information of a first remote wave recorder; and generating first verification code information according to the first operation and maintenance state information ;Obtain the second operation and maintenance state information of the second remote wave recorder; generate the second verification code according to the second operation and maintenance state information and the first verification code, and so on, obtain the Nth operation and maintenance of the Nth remote wave recorder Status information; generate the Nth verification code according to the Nth operation and maintenance status information and the N‑1th verification code; copy and save all the operation and maintenance status information and verification codes on M devices; obtain the verification code according to the corresponding verification code The corresponding remote operation and maintenance authority; according to the remote operation and maintenance authority, remote operation and maintenance instruction information is obtained. The invention solves the technical problem that the operation and maintenance instruction information in the working process of the intelligent wave recorder faces the risk of being tampered with and the work efficiency is not high, and can defend against network attacks that cause large-scale power outages.

Figure 202110195850

Description

一种智能录波器远程运维指令防御方法及系统A remote operation and maintenance command defense method and system for an intelligent wave recorder

技术领域technical field

本发明涉及录波器智能运维技术领域,尤其涉及一种智能录波器远程运维指令防御方法及系统。The invention relates to the technical field of intelligent operation and maintenance of wave recorders, in particular to a method and system for defending remote operation and maintenance instructions of intelligent wave recorders.

背景技术Background technique

智能录波器一种集成了故障录波、网络记录分析、二次系统可视化、智能运维功能的设备,可同时应用于智能变电站和常规变电站。智能录波器为变电站继电保护系统的日常运维、异常处理、事故分析以及检修等工况提供多维度的可视化信息支撑、决策及安全操作依据,是继电保护数字化转型最重要的载体。Intelligent wave recorder is a device that integrates fault recording, network record analysis, secondary system visualization, and intelligent operation and maintenance functions. It can be applied to both smart substations and conventional substations. The intelligent wave recorder provides multi-dimensional visual information support, decision-making and safe operation basis for the daily operation and maintenance, abnormal handling, accident analysis and maintenance of the substation relay protection system, and is the most important carrier for the digital transformation of relay protection.

但本申请发明人在实现本申请实施例中发明技术方案的过程中,发现上述技术至少存在如下技术问题:However, in the process of realizing the technical solution of the invention in the embodiment of the present application, the inventor of the present application found that the above-mentioned technology has at least the following technical problems:

智能录波器在工作过程中,接收到的运维指令信息面临着被篡改的风险,导致系统防御能力低,工作效率低下,可能发生因网络攻击导致大面积停电。During the working process of the intelligent wave recorder, the operation and maintenance instruction information received is facing the risk of being tampered with, resulting in low system defense capabilities, low work efficiency, and large-scale power outages may occur due to network attacks.

发明内容Contents of the invention

本发明所要解决的技术问题在于,提供一种智能录波器远程运维指令防御方法及系统,以提高运维指令信息的保密性,增强系统防御能力,提高智能录波器工作效率。The technical problem to be solved by the present invention is to provide a remote operation and maintenance command defense method and system for an intelligent wave recorder, so as to improve the confidentiality of the operation and maintenance command information, enhance the system defense capability, and improve the working efficiency of the intelligent wave recorder.

为了解决上述技术问题,本发明实施例提供一种智能录波器远程运维指令防御方法,包括:In order to solve the above technical problems, an embodiment of the present invention provides a method for defending remote operation and maintenance commands of an intelligent wave recorder, including:

步骤S1,智能录波主站获得第N远程录波器的第N运维状态信息,并根据所述第N运维状态信息生成第N验证码,所述第N验证码与所述第N运维状态信息一一对应,N为大于1的自然数;Step S1, the intelligent wave recording master station obtains the Nth operation and maintenance status information of the Nth remote wave recorder, and generates the Nth verification code according to the Nth operation and maintenance status information, and the Nth verification code is the same as the Nth One-to-one correspondence of operation and maintenance status information, N is a natural number greater than 1;

步骤S2,将所有运维状态信息和验证码分别复制保存在M台设备上,M为大于1的自然数;Step S2, copying and storing all operation and maintenance status information and verification codes on M devices, where M is a natural number greater than 1;

步骤S3,根据相应验证码,获得与所述验证码对应的远程运维权限;Step S3, according to the corresponding verification code, obtain the remote operation and maintenance authority corresponding to the verification code;

步骤S4,根据所述远程运维权限,获得对应的远程运维指令信息。Step S4, according to the remote operation and maintenance authority, obtain the corresponding remote operation and maintenance instruction information.

优选地,所述智能录波器远程运维指令防御方法还包括:Preferably, the remote operation and maintenance instruction defense method of the intelligent wave recorder also includes:

步骤S51,远程录波器根据所述远程运维指令信息,获得发送所述远程运维指令信息的智能录波主站的IP地址信息;Step S51, the remote wave recorder obtains the IP address information of the intelligent wave recording master station that sends the remote operation and maintenance instruction information according to the remote operation and maintenance instruction information;

步骤S52,判断所述IP地址信息是否在所述远程录波器的预存IP地址库中;Step S52, judging whether the IP address information is in the pre-stored IP address library of the remote wave recorder;

步骤S53,如果所述IP地址信息不在所述预存IP地址库中,获得第一防御指令信息;Step S53, if the IP address information is not in the pre-stored IP address library, obtain the first defense instruction information;

步骤S54,根据所述第一防御指令信息,所述远程录波器拒绝执行所述智能录波主站发送的远程运维指令信息。Step S54, according to the first defense instruction information, the remote wave recorder refuses to execute the remote operation and maintenance instruction information sent by the intelligent wave recording master station.

优选地,所述步骤S52还包括:Preferably, the step S52 also includes:

步骤S521,如果所述IP地址信息在所述预存IP地址库中,所述远程录波器获得所述远程运维指令信息的发送次数信息;Step S521, if the IP address information is in the pre-stored IP address library, the remote wave recorder obtains information on the number of sending times of the remote operation and maintenance instruction information;

步骤S522,所述远程录波器获得预定发送次数阈值;Step S522, the remote oscilloscope obtains a predetermined threshold of sending times;

步骤S523,所述远程录波器判断所述远程运维指令信息的发送次数信息是否在所述预定发送次数阈值之内;Step S523, the remote wave recorder judges whether the sending frequency information of the remote operation and maintenance instruction information is within the preset sending frequency threshold;

步骤S524,如果所述远程运维指令信息的发送次数信息在所述预定发送次数阈值之内,获得第一执行指令信息;Step S524, if the sending frequency information of the remote operation and maintenance instruction information is within the preset sending frequency threshold, obtain the first execution instruction information;

步骤S525,根据所述第一执行指令信息,执行所述远程运维指令信息。Step S525, execute the remote operation and maintenance instruction information according to the first execution instruction information.

优选地,所述步骤S53获得第一防御指令信息之后,包括:Preferably, after the step S53 obtains the first defense instruction information, it includes:

步骤S531,获得第一屏蔽指令信息;Step S531, obtaining first masking instruction information;

步骤S532,根据所述第一屏蔽指令信息,屏蔽所述IP地址信息;Step S532, shielding the IP address information according to the first shielding instruction information;

步骤S533,获得第一标记信息;Step S533, obtaining first tag information;

步骤S534,根据所述第一标记信息,对所述IP地址信息进行标记。Step S534, mark the IP address information according to the first mark information.

优选地,所述智能录波器远程运维指令防御方法还包括:Preferably, the remote operation and maintenance instruction defense method of the intelligent wave recorder also includes:

步骤S61,获得第一监控信息;Step S61, obtaining first monitoring information;

步骤S62,获得第一编码指令信息;Step S62, obtaining first encoding instruction information;

步骤S63,根据所述第一编码指令信息,对所述第一监控信息进行编码,获得第一加密监控信息;Step S63, encoding the first monitoring information according to the first encoding instruction information to obtain first encrypted monitoring information;

步骤S64,获得第一解码指令信息;Step S64, obtaining the first decoding instruction information;

步骤S65,根据所述第一解码指令信息对所述第一加密监控信息进行解码读取。Step S65, decoding and reading the first encrypted monitoring information according to the first decoding instruction information.

优选地,在对所述远程录波器的发送运维指令之前,还包括:Preferably, before sending the operation and maintenance instruction to the remote recorder, it also includes:

步骤S71,获得第一查询指令信息;Step S71, obtaining first query instruction information;

步骤S72,根据所述第一查询指令信息,在所述第一监控信息中查找所述第一运维状态信息是否存在;Step S72, according to the first query instruction information, search whether the first operation and maintenance status information exists in the first monitoring information;

步骤S73,如果所述第一监控信息中查找到所述第一运维状态信息,获得第一远程录波器的第一运维状态信息。Step S73, if the first operation and maintenance status information is found in the first monitoring information, obtain the first operation and maintenance status information of the first remote recorder.

优选地,在对所述第一远程录波器的发送运维指令之前,还包括:Preferably, before sending the operation and maintenance instruction to the first remote recorder, it also includes:

步骤S74,如果所述第一监控信息中未查找到所述第一运维状态信息,获得第一拦截指令信息;Step S74, if the first operation and maintenance status information is not found in the first monitoring information, obtain first interception instruction information;

步骤S75,根据所述第一拦截指令信息,对所述第一运维状态信息进行拦截。Step S75, intercepting the first operation and maintenance status information according to the first interception instruction information.

本发明还提供一种智能录波器远程运维指令防御系统,包括:The present invention also provides an intelligent wave recorder remote operation and maintenance command defense system, including:

第一获得单元,所述第一获得单元用于获得第一远程录波器的第一运维状态信息;A first obtaining unit, the first obtaining unit is used to obtain the first operation and maintenance status information of the first remote recorder;

第一生成单元,所述第一生成单元用于根据所述第一运维状态信息,生成第一验证码信息,所述第一验证码与所述第一运维状态信息一一对应;A first generation unit, the first generation unit is configured to generate first verification code information according to the first operation and maintenance state information, and the first verification code corresponds to the first operation and maintenance state information one by one;

第二获得单元,所述第二获得单元用于获得第二远程录波器的第二运维状态信息;A second obtaining unit, the second obtaining unit is used to obtain the second operation and maintenance status information of the second remote recorder;

第二生成单元,所述第二生成单元用于根据所述第二运维状态信息和第一验证码生成第二验证码,以此类推,获得第N远程录波器的第N运维状态信息;A second generating unit, the second generating unit is used to generate a second verification code according to the second operation and maintenance status information and the first verification code, and so on, to obtain the Nth operation and maintenance status of the Nth remote wave recorder information;

第三生成单元,所述第三生成单元用于根据所述第N运维状态信息和第N-1验证码生成第N验证码,其中,N为大于1的自然数;A third generating unit, the third generating unit is configured to generate an Nth verification code according to the Nth operation and maintenance status information and the N-1th verification code, where N is a natural number greater than 1;

第一保存单元,所述第一保存单元用于将所有运维状态信息和验证码分别复制保存在M台设备上,其中,M为大于1的自然数;A first storage unit, the first storage unit is used to copy and store all operation and maintenance status information and verification codes on M devices, wherein M is a natural number greater than 1;

第三获得单元,所述第三获得单元用于根据相应验证码,获得与所述验证码对应的远程运维权限;A third obtaining unit, the third obtaining unit is used to obtain the remote operation and maintenance authority corresponding to the verification code according to the corresponding verification code;

第四获得单元,所述第四获得单元用于根据所述远程运维权限,获得远程运维指令信息。A fourth obtaining unit, the fourth obtaining unit is configured to obtain remote operation and maintenance instruction information according to the remote operation and maintenance authority.

优选地,所述智能录波器远程运维指令防御系统还包括:Preferably, the remote operation and maintenance instruction defense system of the intelligent wave recorder also includes:

第五获得单元,所述第五获得单元用于根据所述远程运维指令信息,获得智能录波主站的IP地址信息;A fifth obtaining unit, the fifth obtaining unit is used to obtain the IP address information of the intelligent wave recording master station according to the remote operation and maintenance instruction information;

第六获得单元,所述第六获得单元用于获得远程录波器的预存IP地址库;A sixth obtaining unit, the sixth obtaining unit is used to obtain the pre-stored IP address library of the remote recorder;

第一判断单元,所述第一判断单元用于判断所述IP地址信息是否在所述预存IP地址库中;a first judging unit, the first judging unit is used to judge whether the IP address information is in the pre-stored IP address library;

第七获得单元,所述第七获得单元用于如果所述IP地址信息不在所述预存IP地址库中,获得第一防御指令信息;A seventh obtaining unit, the seventh obtaining unit is configured to obtain the first defense instruction information if the IP address information is not in the pre-stored IP address library;

第一禁止单元,所述第一禁止单元用于根据所述第一防御指令信息,所述远程录波器拒绝执行所述远程运维指令信息。A first prohibition unit, the first prohibition unit is configured to refuse to execute the remote operation and maintenance instruction information by the remote recorder according to the first defense instruction information.

本发明还提供一种智能录波器远程运维指令防御系统,包括:存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现所述的智能录波器远程运维指令防御方法。The present invention also provides a remote operation and maintenance instruction defense system for an intelligent wave recorder, including: a memory, a processor, and a computer program stored on the memory and operable on the processor, and the processor implements the program when executing the program. The above-mentioned intelligent wave recorder remote operation and maintenance command defense method.

本发明实施例的有益效果在于:通过将智能录波主站检测到的运维状态信息进行加密存储到分布式的共享账本和数据库,确保运维状态信息的存储安全,保证了运维状态信息的安全性,并将其生成的验证码,当验证通过后才可对远程录波器发送运维指令,进而提高了运维过程的保密性和系统防御能力,达到了提高智能录波器工作效率技术效果;The beneficial effect of the embodiment of the present invention is that: by encrypting and storing the operation and maintenance state information detected by the intelligent wave recording master station in a distributed shared ledger and database, the storage security of the operation and maintenance state information is ensured, and the operation and maintenance state information is ensured security, and the verification code generated by it can only send operation and maintenance instructions to the remote wave recorder after the verification is passed, thereby improving the confidentiality and system defense capabilities of the operation and maintenance process, and achieving the goal of improving the work of the smart wave recorder Efficiency technical effects;

通过确认智能录波主站的IP地址是否在预存IP地址库中、对不存在的IP地址信息进行标记并屏蔽,防止黑客冒用智能录波主站与远程录波器进行连接,避免后续发生信息安全隐患,同时通过限制远程运维指令发送信息的次数、以及对运维状态信息进行监控等,达到了提高智能录波器工作过程中的防御能力,避免远程运维系统被攻击,提高智能录波器远程运维工作效率的技术效果。By confirming whether the IP address of the intelligent wave recording master station is in the pre-stored IP address database, marking and shielding the non-existent IP address information, preventing hackers from falsely using the intelligent wave recording master station to connect to the remote wave recorder, and avoiding subsequent occurrences Hidden dangers of information security. At the same time, by limiting the number of remote operation and maintenance instructions to send information and monitoring the operation and maintenance status information, etc., it can improve the defense ability of the intelligent wave recorder in the working process, avoid the remote operation and maintenance system from being attacked, and improve the intelligence. The technical effect of the remote operation and maintenance work efficiency of the wave recorder.

附图说明Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only These are some embodiments of the present invention. Those skilled in the art can also obtain other drawings based on these drawings without creative work.

图1为本发明实施例一一种智能录波器远程运维指令防御方法的流程示意图。FIG. 1 is a schematic flowchart of a method for defending remote operation and maintenance instructions of an intelligent wave recorder according to an embodiment of the present invention.

图2为本发明实施例二一种智能录波器远程运维指令防御系统的结构示意图。Fig. 2 is a schematic structural diagram of an intelligent wave recorder remote operation and maintenance command defense system according to Embodiment 2 of the present invention.

图3为本发明实施例中示例性电子设备的结构示意图。Fig. 3 is a schematic structural diagram of an exemplary electronic device in an embodiment of the present invention.

具体实施方式Detailed ways

以下各实施例的说明是参考附图,用以示例本发明可以用以实施的特定实施例。The following descriptions of various embodiments refer to the accompanying drawings to illustrate specific embodiments in which the present invention can be implemented.

请参照图1所示,本发明实施例一提供一种智能录波器远程运维指令防御方法,包括:Please refer to Figure 1. Embodiment 1 of the present invention provides a method for defending against remote operation and maintenance instructions of an intelligent wave recorder, including:

步骤S1,智能录波主站获得第N远程录波器的第N运维状态信息,并根据所述第N运维状态信息生成第N验证码,所述第N验证码与所述第N运维状态信息一一对应,N为大于1的自然数;Step S1, the intelligent wave recording master station obtains the Nth operation and maintenance status information of the Nth remote wave recorder, and generates the Nth verification code according to the Nth operation and maintenance status information, and the Nth verification code is the same as the Nth One-to-one correspondence of operation and maintenance status information, N is a natural number greater than 1;

步骤S2,将所有运维状态信息和验证码分别复制保存在M台设备上,M为大于1的自然数;Step S2, copying and storing all operation and maintenance status information and verification codes on M devices, where M is a natural number greater than 1;

步骤S3,根据相应验证码,获得与所述验证码对应的远程运维权限;Step S3, according to the corresponding verification code, obtain the remote operation and maintenance authority corresponding to the verification code;

步骤S4,根据所述远程运维权限,获得对应的远程运维指令信息。Step S4, according to the remote operation and maintenance authority, obtain the corresponding remote operation and maintenance instruction information.

具体地,步骤S1中,智能录波主站获得第一远程录波器的第一运维状态信息,根据所述第一运维状态信息,生成第一验证码信息,其中,所述第一验证码是与所述第一运维状态信息一一对应的;智能录波主站获得第二远程录波器的第二运维状态信息;根据所述第二运维状态信息和第一验证码生成第二验证码,以此类推,智能录波主站获得第N远程录波器的第N运维状态信息;根据所述第N运维状态信息和第N-1验证码生成第N验证码,其中,N为大于1的自然数。第一运维状态信息为所述智能录波主站检测到的第一远程录波器的运维状态信息,该运维状态信息可以是第一远程录波器运行过程中的数据、也可以是其采集到的故障信息。第一验证码与第一运维状态信息一一对应,进一步来说,将所述第一运维状态信息进行哈希函数加密计算,获得与所述第一运维状态信息唯一对应的不可更改的第一验证码,所述第一验证码可以认为是所述第一运维状态信息的唯一对应的身份信息。Specifically, in step S1, the intelligent wave recording master station obtains the first operation and maintenance state information of the first remote wave recorder, and generates first verification code information according to the first operation and maintenance state information, wherein the first The verification code is in one-to-one correspondence with the first operation and maintenance state information; the intelligent wave recording master station obtains the second operation and maintenance state information of the second remote wave recorder; according to the second operation and maintenance state information and the first verification code to generate the second verification code, and so on, the intelligent wave recording master station obtains the Nth operation and maintenance status information of the Nth remote wave recorder; according to the Nth operation and maintenance status information and the N-1th verification code, the Nth Verification code, wherein, N is a natural number greater than 1. The first operation and maintenance state information is the operation and maintenance state information of the first remote wave recorder detected by the intelligent wave recording master station, and the operation and maintenance state information can be the data during the operation of the first remote wave recorder, or is the fault information collected by it. The first verification code has a one-to-one correspondence with the first operation and maintenance state information. Further, the first operation and maintenance state information is encrypted and calculated with a hash function to obtain an unchangeable unique corresponding to the first operation and maintenance state information. The first verification code, the first verification code may be considered as the unique identity information corresponding to the first operation and maintenance state information.

同样地,将所述第二运维状态信息和第一验证码进行关联,将所述第二运维状态信息和所述第一验证码作为整体进行哈希函数加密处理,获得第二验证码,所述第二验证码与所述第二运维状态信息一一对应,以此类推,根据所述第N运维状态信息和第N-1验证码生成第N验证码,通过对所述运维状态信息进行加密处理的方式,保证所述运维状态信息安全性,进而达到提高运维状态信息的安全性的技术效果。Similarly, associating the second operation and maintenance status information with the first verification code, performing hash function encryption on the second operation and maintenance status information and the first verification code as a whole, to obtain a second verification code , the second verification code is in one-to-one correspondence with the second operation and maintenance status information, and so on, according to the Nth operation and maintenance status information and the N-1th verification code to generate the Nth verification code, by The operation and maintenance status information is encrypted to ensure the security of the operation and maintenance status information, thereby achieving the technical effect of improving the security of the operation and maintenance status information.

步骤S2中,将所述运维状态信息及验证码信息复制保存在M台电子设备上,其中所述电子设备为具备存储能力并能快速准确记录所述信息的设备,将所述数据存储在M台电子设备上。In step S2, the operation and maintenance status information and verification code information are copied and stored on M electronic devices, wherein the electronic devices are devices that have storage capabilities and can quickly and accurately record the information, and store the data in On M electronic devices.

步骤S3中,对所有的运维状态信息加密之后,可获得对应的验证码,根据相应验证码,获得与所述验证码对应的远程运维权限。In step S3, after encrypting all the operation and maintenance status information, the corresponding verification code can be obtained, and according to the corresponding verification code, the remote operation and maintenance authority corresponding to the verification code is obtained.

步骤S4中,将分布式加密存储生成的验证码作为验证权限存储到后,可通过对对应的远程录波器发送对应的运维指令,所述远程运维指令信息为主站操作人员根据所述远程运维权限发送的指令信息,对运维状态信息进行处理。In step S4, after storing the verification code generated by the distributed encrypted storage as the verification authority, the corresponding operation and maintenance instruction can be sent to the corresponding remote wave recorder, and the remote operation and maintenance instruction information is based on the information provided by the operator of the master station. The command information sent by the remote operation and maintenance authority is used to process the operation and maintenance status information.

为了确保发送运维指令的智能录波主站IP地址的安全性,本实施例还包括:In order to ensure the security of the IP address of the intelligent wave recording master station sending the operation and maintenance instructions, this embodiment also includes:

步骤S51,远程录波器根据所述远程运维指令信息,获得发送所述远程运维指令信息的智能录波主站的IP地址信息;Step S51, the remote wave recorder obtains the IP address information of the intelligent wave recording master station that sends the remote operation and maintenance instruction information according to the remote operation and maintenance instruction information;

步骤S52,判断所述IP地址信息是否在所述远程录波器的预存IP地址库中;Step S52, judging whether the IP address information is in the pre-stored IP address library of the remote wave recorder;

步骤S53,如果所述IP地址信息不在所述预存IP地址库中,获得第一防御指令信息;Step S53, if the IP address information is not in the pre-stored IP address library, obtain the first defense instruction information;

步骤S54,根据所述第一防御指令信息,所述远程录波器拒绝执行所述智能录波主站发送的远程运维指令信息。Step S54, according to the first defense instruction information, the remote wave recorder refuses to execute the remote operation and maintenance instruction information sent by the intelligent wave recording master station.

具体而言,为了确保发送运维指令的IP地址的安全性,可根据所述远程运维指令信息,获得智能录波主站的IP地址信息。IP地址是IP协议提供的一种统一的地址格式,它为互联网上的每一个网络和每一台主机分配一个逻辑地址,以此来屏蔽物理地址的差异,根据远程录波器预存的预存IP地址库,所述预存IP地址库为已存在、正确的存储有智能录波主站IP地址的运维IP地址库,通过判断所述IP地址信息是否在所述预存IP地址库中,如果所述IP地址信息不在所述预存IP地址库中,可能会存在不安全的风险和隐患,即智能录波信息可能为黑客冒充智能录波主站发送的恶意代码,远程录波器获得第一防御指令信息,远程录波器根据所述第一防御指令信息拒绝执行所述智能录波主站发送的所述远程运维指令信息。Specifically, in order to ensure the security of the IP address sending the operation and maintenance instruction, the IP address information of the intelligent wave recording master station can be obtained according to the remote operation and maintenance instruction information. The IP address is a unified address format provided by the IP protocol. It assigns a logical address to each network and each host on the Internet to shield the difference in physical addresses. According to the pre-stored IP address stored in the remote recorder Address library, the pre-stored IP address library is an existing and correct operation and maintenance IP address library that stores the IP address of the intelligent wave recording master station, by judging whether the IP address information is in the pre-stored IP address library, if the The above IP address information is not in the pre-stored IP address database, there may be unsafe risks and hidden dangers, that is, the intelligent wave recording information may be malicious code sent by hackers pretending to be the intelligent wave recording master station, and the remote wave recorder obtains the first defense Instruction information, the remote wave recorder refuses to execute the remote operation and maintenance instruction information sent by the intelligent wave recording master station according to the first defense instruction information.

为了提高智能录波器的远程运维的效率及安全性,步骤S52还包括:In order to improve the efficiency and security of the remote operation and maintenance of the intelligent wave recorder, step S52 also includes:

步骤S521,如果所述IP地址信息在所述预存IP地址库中,所述远程录波器获得所述远程运维指令信息的发送次数信息;Step S521, if the IP address information is in the pre-stored IP address library, the remote wave recorder obtains information on the number of sending times of the remote operation and maintenance instruction information;

步骤S522,所述远程录波器获得预定发送次数阈值;Step S522, the remote oscilloscope obtains a predetermined threshold of sending times;

步骤S523,所述远程录波器判断所述远程运维指令信息的发送次数信息是否在所述预定发送次数阈值之内;Step S523, the remote wave recorder judges whether the sending frequency information of the remote operation and maintenance instruction information is within the preset sending frequency threshold;

步骤S524,如果所述远程运维指令信息的发送次数信息在所述预定发送次数阈值之内,获得第一执行指令信息;Step S524, if the sending frequency information of the remote operation and maintenance instruction information is within the preset sending frequency threshold, obtain the first execution instruction information;

步骤S525,根据所述第一执行指令信息,执行所述远程运维指令信息。Step S525, execute the remote operation and maintenance instruction information according to the first execution instruction information.

具体而言,为了提高智能录波器的远程运维的效率及安全性,避免智能录波主站重复的远程运维指令,可对远程运维指令信息的发送进行次数限制,避免重复发送,则如果所述IP地址信息在所述预存IP地址库中,获得所述获得远程运维指令信息的发送次数信息,所述远程运维指令信息的发送次数为实际的智能录波主站发送次数信息,进而获得预定发送次数阈值,所述预定发送次数阈值为预定的发送次数的极限值,可理解为所述预定发送次数阈值为三次不等,进而判断所述远程运维指令信息的发送次数信息是否在所述预定发送次数阈值之内,即所述远程运维指令信息的发送次数信息是否在三次之内,如果所述远程运维指令信息的发送次数信息在所述预定发送次数阈值之内,获得第一执行指令信息,所述第一执行指令为对所述远程运维指令信息进行反馈并执行,达到了避免重复发送重复远程运维指令信息,提高智能录波器的远程运维的效率的技术效果。Specifically, in order to improve the efficiency and security of the remote operation and maintenance of the intelligent wave recorder, and avoid repeated remote operation and maintenance instructions from the intelligent wave recorder master station, the number of times the remote operation and maintenance instruction information can be sent can be limited to avoid repeated sending. Then if the IP address information is in the pre-stored IP address library, obtain the sending times information of the remote operation and maintenance instruction information, and the sending times of the remote operation and maintenance instruction information is the actual sending times of the intelligent wave recording master station Information, and then obtain the threshold value of the scheduled number of times of sending, the threshold of the number of times of scheduled sending is the limit value of the number of times of scheduled sending, it can be understood that the threshold of the number of times of scheduled sending is not equal to three times, and then determine the number of times of sending the remote operation and maintenance instruction information Whether the information is within the predetermined sending times threshold, that is, whether the sending times information of the remote operation and maintenance instruction information is within three times, if the sending times information of the remote operation and maintenance instruction information is within the predetermined sending times threshold In order to obtain the first execution instruction information, the first execution instruction is to feed back and execute the remote operation and maintenance instruction information, so as to avoid repeated sending of repeated remote operation and maintenance instruction information and improve the remote operation and maintenance of the intelligent wave recorder The technical effect of efficiency.

步骤S53获得第一防御指令信息之后,包括:After step S53 obtains the first defense instruction information, it includes:

步骤S531,获得第一屏蔽指令信息;Step S531, obtaining first masking instruction information;

步骤S532,根据所述第一屏蔽指令信息,屏蔽所述IP地址信息;Step S532, shielding the IP address information according to the first shielding instruction information;

步骤S533,获得第一标记信息;Step S533, obtaining first tag information;

步骤S534,根据所述第一标记信息,对所述IP地址信息进行标记。Step S534, mark the IP address information according to the first mark information.

通过确认智能录波主站的IP地址是否在预存IP地址库中、对不存在的IP地址信息进行标记并屏蔽,防止黑客冒用智能录波主站与远程录波器进行连接,避免后续发生信息安全隐患。By confirming whether the IP address of the intelligent wave recording master station is in the pre-stored IP address database, marking and shielding the non-existent IP address information, preventing hackers from falsely using the intelligent wave recording master station to connect to the remote wave recorder, and avoiding subsequent occurrences Information security risks.

为了确保对运维状态信息的监控安全可靠,本实施例还包括:In order to ensure safe and reliable monitoring of operation and maintenance status information, this embodiment also includes:

步骤S61,获得第一监控信息;Step S61, obtaining first monitoring information;

步骤S62,获得第一编码指令信息;Step S62, obtaining first encoding instruction information;

步骤S63,根据所述第一编码指令信息,对所述第一监控信息进行编码,获得第一加密监控信息;Step S63, encoding the first monitoring information according to the first encoding instruction information to obtain first encrypted monitoring information;

步骤S64,获得第一解码指令信息;Step S64, obtaining the first decoding instruction information;

步骤S65,根据所述第一解码指令信息对所述第一加密监控信息进行解码读取。Step S65, decoding and reading the first encrypted monitoring information according to the first decoding instruction information.

具体而言,可对运维状态信息进行安全监控,以确保运维状态信息查询核实准确后是否被篡改,可获得第一监控信息,所述第一监控信息为对运维状态信息进行安全监控;获得第一编码指令信息,所述第一编码指令信息为对所述第一监控信息进行编码,确保监控信息的安全性,根据所述第一编码指令信息,对所述第一监控信息进行编码,获得第一加密监控信息,所述第一加密监控信息为对所述第一监控信息进行编码加密之后的监控信息;进而获得第一解码指令信息,所述第一解码指令信息为对所述第一加密监控信息进行解码,解码和编码是对应的两个过程,并根据所述第一解码指令信息对所述第一加密监控信息进行解码读取,最终确保运维状态信息是经过核实有效的,达到了确保对运维状态信息的监控安全可靠的技术效果。Specifically, the operation and maintenance status information can be safely monitored to ensure whether the operation and maintenance status information has been tampered with after being checked and verified, and the first monitoring information can be obtained. The first monitoring information is the security monitoring of the operation and maintenance status information ; Obtain first encoding instruction information, the first encoding instruction information is to encode the first monitoring information to ensure the security of the monitoring information, and perform the first encoding instruction information on the first monitoring information according to the first encoding instruction information Encoding, to obtain the first encrypted monitoring information, the first encrypted monitoring information is the monitoring information after encoding and encrypting the first monitoring information; and then obtain the first decoding instruction information, the first decoding instruction information is the The first encrypted monitoring information is decoded. Decoding and encoding are two corresponding processes, and the first encrypted monitoring information is decoded and read according to the first decoding instruction information, and finally the operation and maintenance status information is verified. Effectively, the technical effect of ensuring safe and reliable monitoring of operation and maintenance status information is achieved.

在对所述远程录波器的发送运维指令之前,本实施例还包括:Before sending the operation and maintenance instruction to the remote wave recorder, this embodiment also includes:

步骤S71,获得第一查询指令信息;Step S71, obtaining first query instruction information;

步骤S72,根据所述第一查询指令信息,在所述第一监控信息中查找所述第一运维状态信息是否存在;Step S72, according to the first query instruction information, search whether the first operation and maintenance status information exists in the first monitoring information;

步骤S73,如果所述第一监控信息中查找到所述第一运维状态信息,获得第一远程录波器的第一运维状态信息。Step S73, if the first operation and maintenance status information is found in the first monitoring information, obtain the first operation and maintenance status information of the first remote recorder.

具体而言,所述第一查询指令信息为在获得第一远程录波器的第一运维状态信息后向所述第一远程录波器发送运维指令前,对运维状态信息进行查询,并根据所述第一查询指令信息,在所述第一监控信息中查找所述第一运维状态信息是否存在,即确认运维状态信息是否真实存在,如果所述第一监控信息中查找到所述第一运维状态信息,说明所述第一运维状态信息真实发生,则获得第一远程录波器的第一运维状态信息,进一步对所述第一运维状态信息进行记录并发送,达到了确保所述第一运维状态信息真实存在,避免远程录波发送的信息错误的问题。Specifically, the first query instruction information is to query the operation and maintenance status information of the first remote recorder before sending the operation and maintenance command to the first remote recorder after obtaining the first operation and maintenance status information of the first remote recorder , and according to the first query instruction information, check whether the first operation and maintenance status information exists in the first monitoring information, that is, confirm whether the operation and maintenance status information actually exists, if the first monitoring information finds When the first operation and maintenance status information is obtained, it means that the first operation and maintenance status information actually occurs, then the first operation and maintenance status information of the first remote wave recorder is obtained, and the first operation and maintenance status information is further recorded and sending, to ensure that the first operation and maintenance status information actually exists, and to avoid the problem of incorrect information sent by remote wave recording.

在对所述第一远程录波器的发送运维指令之前,本实施例还包括:Before sending the operation and maintenance instruction to the first remote wave recorder, this embodiment also includes:

步骤S74,如果所述第一监控信息中未查找到所述第一运维状态信息,获得第一拦截指令信息;Step S74, if the first operation and maintenance status information is not found in the first monitoring information, obtain first interception instruction information;

步骤S75,根据所述第一拦截指令信息,对所述第一运维状态信息进行拦截。Step S75, intercepting the first operation and maintenance status information according to the first interception instruction information.

具体而言,在所述第一监控信息中查找所述第一运维状态信息是否存在时,若所述第一监控信息中未查找到所述第一运维状态信息,则说明所述第一运维状态信息不存在,获得第一拦截指令信息,根据所述第一拦截指令信息,对所述第一运维状态信息进行拦截,所述第一拦截指令信息为对所述第一运维状态信息进行拦截,通过拦截不存在的运维状态信息,达到了避免记录无效运维状态信息的技术效果。Specifically, when searching whether the first operation and maintenance status information exists in the first monitoring information, if the first operation and maintenance status information is not found in the first monitoring information, then the first If the operation and maintenance status information does not exist, the first interception instruction information is obtained, and the first operation and maintenance status information is intercepted according to the first interception instruction information. By intercepting non-existing operation and maintenance status information, the technical effect of avoiding recording invalid operation and maintenance status information is achieved.

基于与前述本发明实施例一一种智能录波器远程运维指令防御方法同样发明构思,本发明实施例二提供一种智能录波器远程运维指令防御系统,如图2所示,所述系统包括:Based on the same inventive concept as the above-mentioned embodiment of the present invention - a remote operation and maintenance command defense method for an intelligent wave recorder, Embodiment 2 of the present invention provides a remote operation and maintenance command defense system for an intelligent wave recorder, as shown in FIG. 2 . The systems described include:

第一获得单元11,所述第一获得单元11用于获得第一远程录波器的第一运维状态信息;A first obtaining unit 11, the first obtaining unit 11 is used to obtain the first operation and maintenance status information of the first remote recorder;

第一生成单元12,所述第一生成单元12用于根据所述第一运维状态信息,生成第一验证码信息,所述第一验证码与所述第一运维状态信息一一对应;A first generation unit 12, the first generation unit 12 is configured to generate first verification code information according to the first operation and maintenance state information, and the first verification code corresponds to the first operation and maintenance state information one by one ;

第二获得单元13,所述第二获得单元13用于获得第二远程录波器的第二运维状态信息;A second obtaining unit 13, the second obtaining unit 13 is used to obtain the second operation and maintenance state information of the second remote recorder;

第二生成单元14,所述第二生成单元14用于根据所述第二运维状态信息和第一验证码生成第二验证码,以此类推,获得第N远程录波器的第N运维状态信息;The second generation unit 14, the second generation unit 14 is used to generate a second verification code according to the second operation and maintenance status information and the first verification code, and so on, to obtain the Nth operation of the Nth remote wave recorder dimension status information;

第三生成单元15,所述第三生成单元15用于根据所述第N运维状态信息和第N-1验证码生成第N验证码,其中,N为大于1的自然数;A third generation unit 15, the third generation unit 15 is configured to generate the Nth verification code according to the Nth operation and maintenance status information and the N-1th verification code, where N is a natural number greater than 1;

第一保存单元16,所述第一保存单元16用于将所有运维状态信息和验证码分别复制保存在M台设备上,其中,M为大于1的自然数;The first storage unit 16, the first storage unit 16 is used to copy and store all the operation and maintenance status information and verification codes on M devices, wherein M is a natural number greater than 1;

第三获得单元17,所述第三获得单元17用于根据相应验证码,获得与所述验证码对应的远程运维权限;A third obtaining unit 17, the third obtaining unit 17 is used to obtain the remote operation and maintenance authority corresponding to the verification code according to the corresponding verification code;

第四获得单元18,所述第四获得单元18用于根据所述远程运维权限,获得远程运维指令信息。A fourth obtaining unit 18, the fourth obtaining unit 18 is configured to obtain remote operation and maintenance instruction information according to the remote operation and maintenance authority.

进一步地,所述系统还包括:Further, the system also includes:

第五获得单元,所述第五获得单元用于根据所述远程运维指令信息,获得智能录波主站的IP地址信息;A fifth obtaining unit, the fifth obtaining unit is used to obtain the IP address information of the intelligent wave recording master station according to the remote operation and maintenance instruction information;

第六获得单元,所述第六获得单元用于获得远程录波器的预存IP地址库;A sixth obtaining unit, the sixth obtaining unit is used to obtain the pre-stored IP address library of the remote recorder;

第一判断单元,所述第一判断单元用于判断所述IP地址信息是否在所述预存IP地址库中;a first judging unit, the first judging unit is used to judge whether the IP address information is in the pre-stored IP address library;

第七获得单元,所述第七获得单元用于如果所述IP地址信息不在所述预存IP地址库中,获得第一防御指令信息;A seventh obtaining unit, the seventh obtaining unit is configured to obtain the first defense instruction information if the IP address information is not in the pre-stored IP address library;

第一禁止单元,所述第一禁止单元用于根据所述第一防御指令信息,所述远程录波器拒绝执行所述远程运维指令信息。A first prohibition unit, the first prohibition unit is configured to refuse to execute the remote operation and maintenance instruction information by the remote recorder according to the first defense instruction information.

进一步地,所述系统还包括:Further, the system also includes:

第八获得单元,所述第八获得单元用于获得第一屏蔽指令信息;An eighth obtaining unit, the eighth obtaining unit is used to obtain the first masking instruction information;

第一屏蔽单元,所述第一屏蔽单元用于根据所述第一屏蔽指令信息,屏蔽所述IP地址信息;a first shielding unit, configured to shield the IP address information according to the first shielding instruction information;

第九获得单元,所述第九获得单元用于获得第一标记信息;A ninth obtaining unit, the ninth obtaining unit is used to obtain the first tag information;

第一标记单元,所述第一标记单元用于根据所述第一标记信息,对所述IP地址信息进行标记。A first marking unit, configured to mark the IP address information according to the first marking information.

进一步地,所述系统还包括:Further, the system also includes:

第十获得单元,所述第十获得单元用于如果所述IP地址信息在所述主站预存IP地址库中,获得所述获得远程运维指令信息的发送次数信息;A tenth obtaining unit, the tenth obtaining unit is used to obtain the sending frequency information of the obtained remote operation and maintenance instruction information if the IP address information is stored in the master station's pre-stored IP address library;

第十一获得单元,所述第十一获得单元用于获得预定发送次数阈值;an eleventh obtaining unit, the eleventh obtaining unit is used to obtain a predetermined number of sending times threshold;

第二判断单元,所述第二判断单元用于判断所述远程运维指令信息的发送次数信息是否在所述预定发送次数阈值之内;A second judging unit, the second judging unit is used to judge whether the number of sending times information of the remote operation and maintenance instruction information is within the predetermined sending times threshold;

第十二获得单元,所述第十二获得单元用于如果所述远程运维指令信息的发送次数信息在所述预定发送次数阈值之内,获得第一执行指令信息;A twelfth obtaining unit, the twelfth obtaining unit is configured to obtain the first execution instruction information if the sending times information of the remote operation and maintenance instruction information is within the predetermined sending times threshold;

第一执行单元,所述第一执行单元用于根据所述第一执行指令信息,执行所述远程运维指令信息。A first execution unit, configured to execute the remote operation and maintenance instruction information according to the first execution instruction information.

进一步地,所述系统还包括:Further, the system also includes:

第十三获得单元,所述第十三获得单元用于获得第一监控信息;A thirteenth obtaining unit, the thirteenth obtaining unit is used to obtain the first monitoring information;

第十四获得单元,所述第十四获得单元用于获得第一编码指令信息;A fourteenth obtaining unit, the fourteenth obtaining unit is used to obtain the first encoded instruction information;

第十五获得单元,所述第十五获得单元用于根据所述第一编码指令信息,对所述第一监控信息进行编码,获得第一加密监控信息;A fifteenth obtaining unit, the fifteenth obtaining unit is configured to encode the first monitoring information according to the first encoding instruction information to obtain first encrypted monitoring information;

第十六获得单元,所述第十六获得单元用于获得第一解码指令信息;A sixteenth obtaining unit, the sixteenth obtaining unit is used to obtain the first decoding instruction information;

第一解码单元,所述第一解码单元用于根据所述第一解码指令信息对所述第一加密监控信息进行解码读取。A first decoding unit, configured to decode and read the first encrypted monitoring information according to the first decoding instruction information.

进一步地,所述系统还包括:Further, the system also includes:

第十七获得单元,所述第十七获得单元用于获得第一查询指令信息;A seventeenth obtaining unit, the seventeenth obtaining unit is used to obtain the first query instruction information;

第一查找单元,所述第一查找单元用于根据所述第一查询指令信息,在所述第一监控信息中查找所述第一运维状态信息是否存在;A first search unit, the first search unit is configured to search whether the first operation and maintenance status information exists in the first monitoring information according to the first query instruction information;

第十八获得单元,所述第十八获得单元用于如果所述第一监控信息中查找到所述第一运维状态信息,获得第一远程录波器的第一运维状态信息。An eighteenth obtaining unit, the eighteenth obtaining unit is configured to obtain the first operation and maintenance status information of the first remote recorder if the first operation and maintenance status information is found in the first monitoring information.

进一步地,所述系统还包括:Further, the system also includes:

第十九获得单元,所述第十九获得单元用于如果所述第一监控信息中未查找到所述第一运维状态信息,获得第一拦截指令信息;A nineteenth obtaining unit, the nineteenth obtaining unit is configured to obtain first interception instruction information if the first operation and maintenance status information is not found in the first monitoring information;

第一拦截单元,所述第一拦截单元用于根据所述第一拦截指令信息,对所述第一运维状态信息进行拦截。A first interception unit, configured to intercept the first operation and maintenance status information according to the first interception instruction information.

前述本发明实施例一一种智能录波器远程运维指令防御方法的各种变化方式和具体实例同样适用于本实施例一种智能录波器远程运维指令防御系统,通过前述对一种智能录波器远程运维指令防御方法的详细描述,本领域技术人员可以清楚的知道本实施例一种智能录波器远程运维指令防御系统的实施方式,所以为了说明书的简洁,再次不再详述。The various variations and specific examples of the above-mentioned embodiment of the present invention-a remote operation and maintenance command defense method for an intelligent wave recorder are also applicable to an intelligent wave recorder remote operation and maintenance command defense system in this embodiment. For the detailed description of the remote operation and maintenance command defense method of the intelligent wave recorder, those skilled in the art can clearly know the implementation mode of the remote operation and maintenance command defense system of the intelligent wave recorder in this embodiment, so for the sake of brevity of the description, it will not be repeated again detail.

下面参考图3来描述本申请实施例的电子设备。图3示出了根据本发明实施例的电子设备的结构。The electronic device according to the embodiment of the present application is described below with reference to FIG. 3 . FIG. 3 shows the structure of an electronic device according to an embodiment of the present invention.

基于与前述本发明实施例一一种智能录波器远程运维指令防御方法的发明构思,本发明实施例三还提供一种智能录波器远程运维指令防御系统,其上存储有计算机程序,该程序被处理器执行时实现如本发明实施例一所述的一种智能录波器远程运维指令防御方法。Based on the inventive concept of the aforementioned embodiment of the present invention—a method for defending remote operation and maintenance instructions of an intelligent wave recorder, Embodiment 3 of the present invention also provides a defense system for remote operation and maintenance instructions of an intelligent wave recorder, on which a computer program is stored. When the program is executed by the processor, the method for defending against remote operation and maintenance instructions of an intelligent wave recorder as described in Embodiment 1 of the present invention is implemented.

其中,在图3中,总线架构(用总线300来代表),总线300可以包括任意数量的互联的总线和桥,总线300将包括由处理器302代表的一个或多个处理器和存储器304代表的存储器的各种电路链接在一起。总线300还可以将诸如外围设备、稳压器和功率管理电路等之类的各种其他电路链接在一起,这些都是本领域所公知的,因此,本实施例不再对其进行进一步描述。总线接口306在总线300和接收器301和发送器303之间提供接口。接收器301和发送器303可以是同一个元件,即收发机,提供用于在传输介质上与各种其他装置通信的单元。Wherein, in FIG. 3, the bus architecture (represented by bus 300), bus 300 may include any number of interconnected buses and bridges, and bus 300 will include one or more processors represented by processor 302 and memory 304. The various circuits of the memory are linked together. The bus 300 can also link various other circuits together, such as peripheral devices, voltage regulators and power management circuits, etc., which are well known in the art, and thus will not be further described in this embodiment. The bus interface 306 provides an interface between the bus 300 and the receiver 301 and the transmitter 303 . Receiver 301 and transmitter 303 may be the same element, a transceiver, providing means for communicating with various other devices over a transmission medium.

处理器302负责管理总线300和通常的处理,而存储器304可以被用于存储处理器302在执行操作时所使用的数据。Processor 302 is responsible for managing bus 300 and general processing, while memory 304 may be used to store data used by processor 302 in performing operations.

前述本发明实施例一一种智能录波器网络安全管理方法的各种变化方式和具体实例同样适用于本实施例一种智能录波器网络安全管理系统,通过前述对实施例一一种智能录波器网络安全管理方法的详细描述,本领域技术人员可以清楚的知道本实施例一种智能录波器网络安全管理系统的实施方式,所以为了说明书的简洁,在此不再详述。The various variations and specific examples of the aforementioned embodiment of the present invention-a smart wave recorder network security management method are also applicable to a smart wave recorder network security management system in this embodiment. For the detailed description of the network security management method of the oscilloscope, those skilled in the art can clearly know the implementation mode of an intelligent oscilloscope network security management system in this embodiment, so for the sake of brevity of the description, no detailed description is given here.

由上可知,相比于现有技术,本发明实施例带来的有益效果在于:通过将智能录波主站检测到的运维状态信息进行加密存储到分布式的共享账本和数据库,确保运维状态信息的存储安全,保证了运维状态信息的安全性,并将其生成的验证码,当验证通过后才可对远程录波器发送运维指令,进而提高了运维过程的保密性和系统防御能力,达到了提高智能录波器工作效率技术效果;It can be seen from the above that, compared with the prior art, the beneficial effect brought by the embodiment of the present invention lies in: by encrypting and storing the operation and maintenance status information detected by the intelligent wave recording master station in a distributed shared ledger and database, ensuring the The storage security of the maintenance status information ensures the security of the operation and maintenance status information, and the verification code generated by it can only send operation and maintenance instructions to the remote recorder after the verification is passed, thereby improving the confidentiality of the operation and maintenance process and system defense capabilities, achieving the technical effect of improving the working efficiency of the intelligent wave recorder;

通过确认智能录波主站的IP地址是否在预存IP地址库中、对不存在的IP地址信息进行标记并屏蔽,防止黑客冒用智能录波主站与远程录波器进行连接,避免后续发生信息安全隐患,同时通过限制远程运维指令发送信息的次数、以及对运维状态信息进行监控等,达到了提高智能录波器工作过程中的防御能力,避免远程运维系统被攻击,提高智能录波器远程运维工作效率的技术效果。By confirming whether the IP address of the intelligent wave recording master station is in the pre-stored IP address database, marking and shielding the non-existent IP address information, preventing hackers from falsely using the intelligent wave recording master station to connect to the remote wave recorder, and avoiding subsequent occurrences Hidden dangers of information security. At the same time, by limiting the number of remote operation and maintenance instructions to send information and monitoring the operation and maintenance status information, etc., it can improve the defense ability of the intelligent wave recorder in the working process, avoid the remote operation and maintenance system from being attacked, and improve the intelligence. The technical effect of the remote operation and maintenance work efficiency of the wave recorder.

以上所揭露的仅为本发明较佳实施例而已,当然不能以此来限定本发明之权利范围,因此依本发明权利要求所作的等同变化,仍属本发明所涵盖的范围。The above disclosures are only preferred embodiments of the present invention, and certainly cannot limit the scope of rights of the present invention. Therefore, equivalent changes made according to the claims of the present invention still fall within the scope of the present invention.

Claims (4)

1.一种智能录波器远程运维指令防御方法,其特征在于,包括:1. A method for defending against remote operation and maintenance instructions of an intelligent wave recorder, characterized in that it comprises: 步骤S1,智能录波主站获得第N远程录波器的第N运维状态信息,并根据所述第N运维状态信息生成第N验证码,所述第N验证码与所述第N运维状态信息一一对应,N为大于1的自然数;Step S1, the intelligent wave recording master station obtains the Nth operation and maintenance status information of the Nth remote wave recorder, and generates the Nth verification code according to the Nth operation and maintenance status information, and the Nth verification code is the same as the Nth One-to-one correspondence of operation and maintenance status information, N is a natural number greater than 1; 步骤S2,将所有运维状态信息和验证码分别复制保存在M台设备上,M为大于1的自然数;Step S2, copying and storing all operation and maintenance status information and verification codes on M devices, where M is a natural number greater than 1; 步骤S3,根据相应验证码,获得与所述验证码对应的远程运维权限;Step S3, according to the corresponding verification code, obtain the remote operation and maintenance authority corresponding to the verification code; 步骤S4,根据所述远程运维权限,获得对应的远程运维指令信息;Step S4, according to the remote operation and maintenance authority, obtain the corresponding remote operation and maintenance instruction information; 步骤S51,远程录波器根据所述远程运维指令信息,获得发送所述远程运维指令信息的智能录波主站的IP地址信息;Step S51, the remote wave recorder obtains the IP address information of the intelligent wave recording master station that sends the remote operation and maintenance instruction information according to the remote operation and maintenance instruction information; 步骤S52,判断所述IP地址信息是否在所述远程录波器的预存IP地址库中;Step S52, judging whether the IP address information is in the pre-stored IP address library of the remote wave recorder; 步骤S53,如果所述IP地址信息不在所述预存IP地址库中,获得第一防御指令信息;Step S53, if the IP address information is not in the pre-stored IP address library, obtain the first defense instruction information; 步骤S54,根据所述第一防御指令信息,所述远程录波器拒绝执行所述智能录波主站发送的远程运维指令信息;Step S54, according to the first defense instruction information, the remote wave recorder refuses to execute the remote operation and maintenance instruction information sent by the intelligent wave recording master station; 所述步骤S52还包括:The step S52 also includes: 步骤S521,如果所述IP地址信息在所述预存IP地址库中,所述远程录波器获得所述远程运维指令信息的发送次数信息;Step S521, if the IP address information is in the pre-stored IP address library, the remote wave recorder obtains information on the number of sending times of the remote operation and maintenance instruction information; 步骤S522,所述远程录波器获得预定发送次数阈值;Step S522, the remote oscilloscope obtains a predetermined threshold of sending times; 步骤S523,所述远程录波器判断所述远程运维指令信息的发送次数信息是否在所述预定发送次数阈值之内;Step S523, the remote wave recorder judges whether the sending frequency information of the remote operation and maintenance instruction information is within the preset sending frequency threshold; 步骤S524,如果所述远程运维指令信息的发送次数信息在所述预定发送次数阈值之内,获得第一执行指令信息;Step S524, if the sending frequency information of the remote operation and maintenance instruction information is within the preset sending frequency threshold, obtain the first execution instruction information; 步骤S525,根据所述第一执行指令信息,执行所述远程运维指令信息;Step S525, executing the remote operation and maintenance instruction information according to the first execution instruction information; 步骤S61,获得第一监控信息;Step S61, obtaining first monitoring information; 步骤S62,获得第一编码指令信息;Step S62, obtaining first encoding instruction information; 步骤S63,根据所述第一编码指令信息,对所述第一监控信息进行编码,获得第一加密监控信息;Step S63, encoding the first monitoring information according to the first encoding instruction information to obtain first encrypted monitoring information; 步骤S64,获得第一解码指令信息;Step S64, obtaining the first decoding instruction information; 步骤S65,根据所述第一解码指令信息对所述第一加密监控信息进行解码读取;Step S65, decoding and reading the first encrypted monitoring information according to the first decoding instruction information; 在对所述远程录波器的发送运维指令之前,还包括:Before sending the operation and maintenance instruction to the remote recorder, it also includes: 步骤S71,获得第一查询指令信息;Step S71, obtaining first query instruction information; 步骤S72,根据所述第一查询指令信息,在所述第一监控信息中查找第一运维状态信息是否存在;Step S72, according to the first query instruction information, search whether the first operation and maintenance status information exists in the first monitoring information; 步骤S73,如果所述第一监控信息中查找到所述第一运维状态信息,获得第一远程录波器的第一运维状态信息;Step S73, if the first operation and maintenance status information is found in the first monitoring information, obtain the first operation and maintenance status information of the first remote recorder; 在对所述第一远程录波器的发送运维指令之前,还包括:Before sending the operation and maintenance instruction to the first remote recorder, it also includes: 步骤S74,如果所述第一监控信息中未查找到所述第一运维状态信息,获得第一拦截指令信息;Step S74, if the first operation and maintenance status information is not found in the first monitoring information, obtain first interception instruction information; 步骤S75,根据所述第一拦截指令信息,对所述第一运维状态信息进行拦截。Step S75, intercepting the first operation and maintenance status information according to the first interception instruction information. 2.根据权利要求1所述的智能录波器远程运维指令防御方法,其特征在于,所述步骤S53获得第一防御指令信息之后,包括:2. The intelligent wave recorder remote operation and maintenance command defense method according to claim 1, characterized in that, after the step S53 obtains the first defense command information, it includes: 步骤S531,获得第一屏蔽指令信息;Step S531, obtaining first masking instruction information; 步骤S532,根据所述第一屏蔽指令信息,屏蔽所述IP地址信息;Step S532, shielding the IP address information according to the first shielding instruction information; 步骤S533,获得第一标记信息;Step S533, obtaining first tag information; 步骤S534,根据所述第一标记信息,对所述IP地址信息进行标记。Step S534, mark the IP address information according to the first mark information. 3.一种智能录波器远程运维指令防御系统,其特征在于,包括:3. A remote operation and maintenance command defense system for an intelligent wave recorder, characterized in that it comprises: 第一获得单元,所述第一获得单元用于获得第一远程录波器的第一运维状态信息;A first obtaining unit, the first obtaining unit is used to obtain the first operation and maintenance status information of the first remote recorder; 第一生成单元,所述第一生成单元用于根据所述第一运维状态信息,生成第一验证码信息,所述第一验证码与所述第一运维状态信息一一对应;A first generation unit, the first generation unit is configured to generate first verification code information according to the first operation and maintenance state information, and the first verification code corresponds to the first operation and maintenance state information one by one; 第二获得单元,所述第二获得单元用于获得第二远程录波器的第二运维状态信息;A second obtaining unit, the second obtaining unit is used to obtain the second operation and maintenance status information of the second remote recorder; 第二生成单元,所述第二生成单元用于根据所述第二运维状态信息和第一验证码生成第二验证码,以此类推,获得第N远程录波器的第N运维状态信息;A second generating unit, the second generating unit is used to generate a second verification code according to the second operation and maintenance status information and the first verification code, and so on, to obtain the Nth operation and maintenance status of the Nth remote wave recorder information; 第三生成单元,所述第三生成单元用于根据所述第N运维状态信息和第N-1验证码生成第N验证码,其中,N为大于1的自然数;A third generating unit, the third generating unit is configured to generate an Nth verification code according to the Nth operation and maintenance status information and the N-1th verification code, where N is a natural number greater than 1; 第一保存单元,所述第一保存单元用于将所有运维状态信息和验证码分别复制保存在M台设备上,其中,M为大于1的自然数;A first storage unit, the first storage unit is used to copy and store all operation and maintenance status information and verification codes on M devices, wherein M is a natural number greater than 1; 第三获得单元,所述第三获得单元用于根据相应验证码,获得与所述验证码对应的远程运维权限;A third obtaining unit, the third obtaining unit is used to obtain the remote operation and maintenance authority corresponding to the verification code according to the corresponding verification code; 第四获得单元,所述第四获得单元用于根据所述远程运维权限,获得远程运维指令信息;A fourth obtaining unit, the fourth obtaining unit is used to obtain remote operation and maintenance instruction information according to the remote operation and maintenance authority; 第五获得单元,所述第五获得单元用于根据所述远程运维指令信息,获得智能录波主站的IP地址信息;A fifth obtaining unit, the fifth obtaining unit is used to obtain the IP address information of the intelligent wave recording master station according to the remote operation and maintenance instruction information; 第六获得单元,所述第六获得单元用于获得远程录波器的预存IP地址库;A sixth obtaining unit, the sixth obtaining unit is used to obtain the pre-stored IP address library of the remote recorder; 第一判断单元,所述第一判断单元用于判断所述IP地址信息是否在所述预存IP地址库中;a first judging unit, the first judging unit is used to judge whether the IP address information is in the pre-stored IP address library; 第七获得单元,所述第七获得单元用于如果所述IP地址信息不在所述预存IP地址库中,获得第一防御指令信息;A seventh obtaining unit, the seventh obtaining unit is configured to obtain the first defense instruction information if the IP address information is not in the pre-stored IP address library; 第一禁止单元,所述第一禁止单元用于根据所述第一防御指令信息,所述远程录波器拒绝执行所述远程运维指令信息;A first prohibition unit, the first prohibition unit is used for the remote recorder to refuse to execute the remote operation and maintenance instruction information according to the first defense instruction information; 第十获得单元,所述第十获得单元用于如果所述IP地址信息在所述主站预存IP地址库中,获得所述获得远程运维指令信息的发送次数信息;A tenth obtaining unit, the tenth obtaining unit is used to obtain the sending frequency information of the obtained remote operation and maintenance instruction information if the IP address information is stored in the master station's pre-stored IP address library; 第十一获得单元,所述第十一获得单元用于获得预定发送次数阈值;an eleventh obtaining unit, the eleventh obtaining unit is used to obtain a predetermined number of sending times threshold; 第二判断单元,所述第二判断单元用于判断所述远程运维指令信息的发送次数信息是否在所述预定发送次数阈值之内;A second judging unit, the second judging unit is used to judge whether the number of sending times information of the remote operation and maintenance instruction information is within the predetermined sending times threshold; 第十二获得单元,所述第十二获得单元用于如果所述远程运维指令信息的发送次数信息在所述预定发送次数阈值之内,获得第一执行指令信息;A twelfth obtaining unit, the twelfth obtaining unit is configured to obtain the first execution instruction information if the sending times information of the remote operation and maintenance instruction information is within the predetermined sending times threshold; 第一执行单元,所述第一执行单元用于根据所述第一执行指令信息,执行所述远程运维指令信息;a first execution unit, configured to execute the remote operation and maintenance instruction information according to the first execution instruction information; 第十三获得单元,所述第十三获得单元用于获得第一监控信息;A thirteenth obtaining unit, the thirteenth obtaining unit is used to obtain the first monitoring information; 第十四获得单元,所述第十四获得单元用于获得第一编码指令信息;A fourteenth obtaining unit, the fourteenth obtaining unit is used to obtain the first encoded instruction information; 第十五获得单元,所述第十五获得单元用于根据所述第一编码指令信息,对所述第一监控信息进行编码,获得第一加密监控信息;A fifteenth obtaining unit, the fifteenth obtaining unit is configured to encode the first monitoring information according to the first encoding instruction information to obtain first encrypted monitoring information; 第十六获得单元,所述第十六获得单元用于获得第一解码指令信息;A sixteenth obtaining unit, the sixteenth obtaining unit is used to obtain the first decoding instruction information; 第一解码单元,所述第一解码单元用于根据所述第一解码指令信息对所述第一加密监控信息进行解码读取;A first decoding unit, configured to decode and read the first encrypted monitoring information according to the first decoding instruction information; 进一步地,所述系统还包括:Further, the system also includes: 第十七获得单元,所述第十七获得单元用于获得第一查询指令信息;A seventeenth obtaining unit, the seventeenth obtaining unit is used to obtain the first query instruction information; 第一查找单元,所述第一查找单元用于根据所述第一查询指令信息,在所述第一监控信息中查找所述第一运维状态信息是否存在;A first search unit, the first search unit is configured to search whether the first operation and maintenance status information exists in the first monitoring information according to the first query instruction information; 第十八获得单元,所述第十八获得单元用于如果所述第一监控信息中查找到所述第一运维状态信息,获得第一远程录波器的第一运维状态信息;An eighteenth obtaining unit, the eighteenth obtaining unit is configured to obtain the first operation and maintenance status information of the first remote recorder if the first operation and maintenance status information is found in the first monitoring information; 进一步地,所述系统还包括:Further, the system also includes: 第十九获得单元,所述第十九获得单元用于如果所述第一监控信息中未查找到所述第一运维状态信息,获得第一拦截指令信息;A nineteenth obtaining unit, the nineteenth obtaining unit is configured to obtain first interception instruction information if the first operation and maintenance status information is not found in the first monitoring information; 第一拦截单元,所述第一拦截单元用于根据所述第一拦截指令信息,对所述第一运维状态信息进行拦截。A first interception unit, configured to intercept the first operation and maintenance status information according to the first interception instruction information. 4.一种智能录波器远程运维指令防御系统,其特征在于,包括:存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现如权利要求1-2任一项所述的智能录波器远程运维指令防御方法。4. An intelligent wave recorder remote operation and maintenance instruction defense system is characterized in that it includes: a memory, a processor and a computer program stored on the memory and operable on the processor, when the processor executes the program Realize the intelligent wave recorder remote operation and maintenance command defense method as described in any one of claims 1-2.
CN202110195850.1A 2021-02-22 2021-02-22 Intelligent recorder remote operation and maintenance instruction defense method and system Active CN112929379B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110195850.1A CN112929379B (en) 2021-02-22 2021-02-22 Intelligent recorder remote operation and maintenance instruction defense method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110195850.1A CN112929379B (en) 2021-02-22 2021-02-22 Intelligent recorder remote operation and maintenance instruction defense method and system

Publications (2)

Publication Number Publication Date
CN112929379A CN112929379A (en) 2021-06-08
CN112929379B true CN112929379B (en) 2023-03-24

Family

ID=76170067

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110195850.1A Active CN112929379B (en) 2021-02-22 2021-02-22 Intelligent recorder remote operation and maintenance instruction defense method and system

Country Status (1)

Country Link
CN (1) CN112929379B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105791033A (en) * 2016-05-09 2016-07-20 浪潮电子信息产业股份有限公司 Method, device and system for regulating operating state of server

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9699110B2 (en) * 2014-08-11 2017-07-04 Mellanox Technologies, Ltd. Accelerating and offloading lock access over a network
CN107241300B (en) * 2016-03-29 2020-11-03 北京京东尚科信息技术有限公司 User request intercepting method and device
CN108881127B (en) * 2017-05-15 2022-07-15 中兴通讯股份有限公司 Method and system for controlling remote access authority
CN109302300B (en) * 2017-07-25 2022-03-15 阿里巴巴集团控股有限公司 Data distribution and processing method, system and computer readable recording medium
CN108833450B (en) * 2018-08-22 2020-07-10 网宿科技股份有限公司 Method and device for preventing server from being attacked
CN110012036A (en) * 2019-05-21 2019-07-12 唯伊云(武汉)科技有限公司 A kind of security protection system for industrial internet of things data acquisition layer terminal device
CN110543348B (en) * 2019-09-06 2023-03-24 北京奇艺世纪科技有限公司 Instruction processing method, system, electronic equipment and storage medium
CN111124495B (en) * 2019-12-16 2021-02-12 海光信息技术股份有限公司 Data processing method, decoding circuit and processor
CN112380525A (en) * 2020-12-10 2021-02-19 深圳供电局有限公司 Method and device for managing remote access of wave recorder

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105791033A (en) * 2016-05-09 2016-07-20 浪潮电子信息产业股份有限公司 Method, device and system for regulating operating state of server

Also Published As

Publication number Publication date
CN112929379A (en) 2021-06-08

Similar Documents

Publication Publication Date Title
US11122061B2 (en) Method and server for determining malicious files in network traffic
CN109976239B (en) Industrial control system terminal safety protection system
CN109739203B (en) Industrial network boundary protection system
CN109995796B (en) Industrial control system terminal safety protection method
Eden et al. A forensic taxonomy of SCADA systems and approach to incident response
CN110213226A (en) Associated cyber attack scenarios method for reconstructing and system are recognized based on risk total factor
CN111524007A (en) Embedded intrusion detection method and device for intelligent contract
CN113872965B (en) SQL injection detection method based on Snort engine
CN108319822B (en) Method, storage medium, electronic device and system for protecting webpage code
CN112929379B (en) Intelligent recorder remote operation and maintenance instruction defense method and system
TW202114393A (en) Data scanning system including an electronic apparatus including a data scanning module
CN117390637B (en) Method and system for protecting safety of safety access area system
KR100310860B1 (en) Method for detecting real-time intrusion using agent structure on real-time intrustion detecting system
CN113158203B (en) SOC chip, circuit and external data read-write method of SOC chip
CN113468607B (en) Method for generating and using encrypted tamper-proof file
Sun et al. A survey on security issues in IoT operating systems
Lee et al. Detection and analysis technique for manipulation attacks on plc control logic
Fujinoki et al. Proactive damage prevention from zero-day ransomwares
CN114386076B (en) A method and terminal for encrypting and transmitting electric power data
CN112905994A (en) Remote vulnerability patch program protection method and system
CN118761106B (en) A data security active defense method and system based on industrial field equipment
CN213244052U (en) Credible autonomous authentication system for intelligent substation terminal
KR20150053277A (en) Method And Apparatus for Controlling Software execution
CN216053036U (en) Mobile storage device with virus self-checking and killing function
KR20120069130A (en) A realtime monitoring method based on log data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant