Disclosure of Invention
Therefore, the invention provides a network security protection method, which is used for overcoming the problem of insufficient security caused by the fact that the network security protection level is difficult to adjust in real time according to the current network state and the actual operation behavior of a user in the network security protection method in the prior art.
In order to achieve the above object, the present invention provides a network security protection method, including,
step S1, the network security determining unit judges the user login information parameter according to the acquired security level of the current network and the login information of the current user, and preliminarily determines the network security protection level;
step S2, the network security execution unit determines different levels of network security protection according to the login information parameters of the user, and the network security management unit adjusts the login information parameters of the user according to the actual behavior of the user within the preset time;
step S3, the network security adjusting unit adjusts the network security protection level according to the adjusted login information parameter of the user;
in step S1, the network security determining unit determines the login information parameters of the user according to the login times of the user, the abnormal operation times of the user, and the remote login times of the user, and determines the coefficients in the login information parameters of the user in combination with the security level of the current network, the network security determining unit calculates the login information parameters of the user according to the coefficients in the determined login information parameters of the user, and the network security determining unit preliminarily determines the network security protection level according to the calculated login information parameters of the user;
in step S2, the network security executing unit receives and executes the network security level instruction transmitted by the network security determining unit, and when the network security executing unit operates according to the determined network security level, the network security managing unit calculates the behavior parameters of the user according to the login duration and the abnormal operation times of the user within the preset time, and determines the adjustment parameters of the login information parameters of the user according to the calculated behavior parameters;
in step S3, the network security adjusting unit adjusts the login information parameters of the user in real time according to the determined adjustment parameters, and adjusts the network security level in real time according to the adjusted login information parameters of the user.
Further, in step S1, the login information of the user includes the login times of the user, the abnormal operation times of the user, and the remote login times of the user, and the login information parameter of the user is set as c, then,
c=α×Fd/Fd0+β×Fy/Fy0+γ×Fx/Fd
wherein Fd denotes the number of user logins, Fd0 denotes the number of preset logins, Fy denotes the number of abnormal user operations, Fy0 denotes the number of preset abnormal user operations, Fx denotes the number of user foreign logins, α denotes a coefficient of the number of logins, β denotes a coefficient of the number of abnormal user operations, and γ denotes a coefficient of the number of foreign logins.
Further, security levels D1, D2, D3, …, and Dn of the network are preset in the network security determining unit, wherein D1 represents a first preset network security level, D2 represents a second preset network security level, D3 represents a third preset network security level, Dn represents an nth preset network security level, and n is a positive number;
the network security determining unit is internally preset with coefficients X1, X2, X3, … and Xn, wherein X1 represents a first preset coefficient, X2 represents a second preset coefficient, X3 represents a third preset coefficient, and Xn represents an nth preset coefficient;
for the ith preset coefficient Xi (α i, β i, γ i), i =1, 2, 3, …, n is set as a positive number, α i represents a coefficient of the ith preset number of times of login, β i represents a coefficient of the ith preset number of times of abnormal operation, and γ i represents a coefficient of the ith preset number of times of remote login.
Further, the network security determining unit determines a coefficient in the login information parameter of the user according to the security level of the current network, and sets the security level of the current network as Ds, then,
if Ds is less than or equal to D1, the network security determining unit determines that the coefficient in the login information parameters of the user is X1, determines alpha 1 as the coefficient of login times, determines beta 1 as the coefficient of abnormal operation times, and determines gamma 1 as the coefficient of remote login times;
if Ds is larger than D1 and is less than or equal to D2, the network security determining unit determines that the coefficient in the login information parameters of the user is X2, determines alpha 2 as the coefficient of login times, determines beta 2 as the coefficient of abnormal operation times and determines gamma 2 as the coefficient of different-place login times;
if Ds is larger than D2 and is less than or equal to D3, the network security determining unit determines that the coefficient in the login information parameters of the user is X3, determines alpha 3 as the coefficient of login times, determines beta 3 as the coefficient of abnormal operation times and determines gamma 3 as the coefficient of different-place login times;
if D (n-1) < Ds is less than or equal to Dn, the network security determining unit determines that a coefficient in login information parameters of a user is Xn, determines that alpha n is a coefficient of login times, determines that beta n is a coefficient of abnormal operation times, and determines that gamma n is a coefficient of different-place login times;
and the network security determining unit calculates the login information parameters of the user according to the coefficients in the determined login information parameters of the user.
Furthermore, login information parameters C1, C2, C3, …, and Cn of the user are preset in the network security determining unit, wherein C1 represents a first preset user login information parameter, C2 represents a second preset user login information parameter, C3 represents a third preset user login information parameter, and Cn represents an nth preset user login information parameter;
network security protection grades B1, B2, B3, … and Bn are preset in the network security determination unit, wherein B1 represents a first preset network security protection grade, B2 represents a second preset network security protection grade, B3 represents a third preset network security protection grade, and Bn represents an nth preset network security protection grade;
the network security determining unit determines the network security protection level according to the calculated login information parameter of the user, sets the real-time login information parameter of the user as cs, then,
if cs is less than or equal to C1, the network security determining unit determines that the network security protection level is B1;
if cs is greater than C1 and less than or equal to C2, the network security determination unit determines that the network security protection level is B2;
if cs is greater than C2 and less than or equal to C3, the network security determination unit determines that the network security protection level is B3;
if C (n-1) < cs is less than or equal to Cn, the network security determining unit determines that the network security protection level is Bn.
Further, when the network security execution unit operates according to the determined network security protection level, the network security management unit adjusts the login information parameters of the user according to the actual behavior of the user within the preset time, sets the behavior parameter z of the user,
z=L0/L+Y/Y0
wherein L represents a login time length, L0 represents a preset login time length, Y represents the number of abnormal operations, and Y0 represents the preset number of abnormal operations.
Further, behavior parameters z1, z2, z3, … and zn are preset in the network security management unit, wherein z1 represents a first preset behavior parameter, z2 represents a second preset behavior parameter, z3 represents a third preset behavior parameter, and zn represents an nth preset behavior parameter;
adjustment parameters x1, x2, x3, … and xn are preset in the network security management unit, wherein x1 represents a first preset adjustment parameter, x2 represents a second preset adjustment parameter, x3 represents a third preset adjustment parameter, and xn represents an nth preset adjustment parameter.
Furthermore, the network security management unit determines the login information parameter of the user according to the behavior parameter z of the user, sets the behavior parameter of the user determined in real time as zs, sets s =1, 2, 3, …, n, and n is a positive number,
if zs is less than or equal to z1, the network security management unit determines that the adjustment parameter is x1, and the adjusted user login information parameter is ct = x1 × cs;
if z1 is larger than zs and is not larger than z2, the network security management unit determines that the adjustment parameter is x2, and the adjusted user login information parameter is ct = x2 × cs;
if z2 is larger than zs and is not larger than z3, the network security management unit determines that the adjustment parameter is x3, and the adjusted user login information parameter is ct = x3 × cs;
if z (n-1) < zs ≤ zn, the network security management unit determines that the adjustment parameter is xn, and the adjusted user login information parameter is ct = xnxcs × cs.
Further, the network security adjusting unit adjusts the network security protection level according to the adjusted user login information parameter ct,
if ct is less than or equal to C1, the network security determination unit determines that the network security protection level is B1;
if the C1 is more than ct and less than or equal to C2, the network security determining unit determines that the network security protection level is B2;
if the C2 is more than ct and less than or equal to C3, the network security determining unit determines that the network security protection level is B3;
and if the C (n-1) < ct is less than or equal to Cn, the network security determining unit determines that the network security protection level is Bn.
Further, the present invention provides a network security protection system, comprising,
the network security determining unit is used for determining the user login information parameters according to the security level of the network and the login information of the user and determining the network security protection level according to the determined user login information parameters;
the network security execution unit is connected with the network security determination unit and is used for executing the network security protection level determined by the network security determination unit;
the network security management unit is used for adjusting the login information parameters of the user according to the actual behavior of the user within the preset time;
and the network security adjusting unit is used for adjusting the network security protection level according to the adjusted login information parameters of the user.
Compared with the prior art, the network security protection method has the advantages that the network security determination unit determines the login information parameters of the user according to the login times of the user, the abnormal operation times of the user and the remote login times of the user, determines the coefficients in the login information parameters of the user by combining the current network security level, calculates the login information parameters of the user, preliminarily determines the network security protection level according to the calculated login information parameters of the user, receives and executes the network security protection level instruction transmitted by the network security determination unit, when the network security execution unit operates according to the determined network security protection level, the network security management unit calculates the behavior parameters of the user according to the login duration and the abnormal operation times of the user within the preset time, and determining the adjustment parameters of the login information parameters of the user according to the calculated behavior parameters. The network security adjusting unit adjusts the login information parameters of the user in real time according to the determined adjusting parameters, and adjusts the network security protection level in real time according to the adjusted login information parameters of the user, so that the security of the network information is guaranteed, and the security of the account information is guaranteed.
Furthermore, the invention determines the coefficients in the login information parameters of the user through the security level of the network, thereby determining the coefficients in the login information parameters of the user which are adjusted in a differentiated mode in the security levels of different networks, reducing errors in the system, improving the accuracy of preliminary determination of the network security protection level, reducing the adjustment frequency, improving the security of the network and ensuring the stability of normal operation of the user.
Particularly, the invention introduces the setting of determining the adjustment parameters according to the behavior parameters of the user, evaluates the safe use of the user through the login duration and the abnormal operation times of the user in the preset time, calculates the behavior parameters of the user, and determines the adjustment parameters according to the calculated behavior parameters of the user. And then, the user login information parameters are adjusted according to the adjustment parameters, and closed-loop operation for adjusting the network security protection level is performed by taking the adjusted user login information parameters as the standard, so that the security of the network information is improved, and the stability of normal operation of the user is ensured.
Detailed Description
In order that the objects and advantages of the invention will be more clearly understood, the invention is further described below with reference to examples; it should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Preferred embodiments of the present invention are described below with reference to the accompanying drawings. It should be understood by those skilled in the art that these embodiments are only for explaining the technical principle of the present invention, and do not limit the scope of the present invention.
It should be noted that in the description of the present invention, the terms of direction or positional relationship indicated by the terms "upper", "lower", "left", "right", "inner", "outer", etc. are based on the directions or positional relationships shown in the drawings, which are only for convenience of description, and do not indicate or imply that the device or element must have a specific orientation, be constructed in a specific orientation, and be operated, and thus, should not be construed as limiting the present invention.
Furthermore, it should be noted that, in the description of the present invention, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, and may be, for example, fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.
Referring to fig. 1, the present invention provides a network security protection method, including,
step S1, the network security determining unit judges the user login information parameter according to the acquired security level of the current network and the login information of the current user, and preliminarily determines the network security protection level;
step S2, the network security execution unit determines different levels of network security protection according to the login information parameters of the user, and the network security management unit adjusts the login information parameters of the user according to the actual behavior of the user within the preset time;
and step S3, the network security adjusting unit adjusts the network security protection level according to the adjusted login information parameters of the user.
Specifically, in the embodiment of the present invention, in the step S1, the network security determining unit determines the login information parameters of the user according to the login times of the user, the abnormal operation times of the user, and the remote login times of the user, and determines the coefficients in the login information parameters of the user in combination with the security level of the current network, the network security determining unit calculates the login information parameters of the user according to the coefficients in the determined login information parameters of the user, and the network security determining unit preliminarily determines the network security protection level according to the calculated login information parameters of the user.
Specifically, in the embodiment of the present invention, in the step S2, the network security executing unit receives and executes the network security level instruction transmitted by the network security determining unit, and when the network security executing unit operates according to the determined network security level, the network security managing unit calculates the behavior parameters of the user according to the login duration and the number of abnormal operations of the user within the preset time, and determines the adjustment parameters of the login information parameters of the user according to the calculated behavior parameters.
Specifically, in the embodiment of the present invention, in the step S3, the network security adjusting unit adjusts the login information parameter of the user in real time according to the determined adjustment parameter, and adjusts the network security level in real time according to the adjusted login information parameter of the user.
Specifically, in the embodiment of the present invention, the login information of the user includes the login times of the user, the abnormal operation times of the user, and the remote login times of the user, and the login information parameter of the user is set to c, then,
c=α×Fd/Fd0+β×Fy/Fy0+γ×Fx/Fd
wherein Fd denotes the number of user logins, Fd0 denotes the number of preset logins, Fy denotes the number of abnormal user operations, Fy0 denotes the number of preset abnormal user operations, Fx denotes the number of user foreign logins, α denotes a coefficient of the number of logins, β denotes a coefficient of the number of abnormal user operations, and γ denotes a coefficient of the number of foreign logins.
Specifically, in the embodiment of the present invention, the more the user logs in is, the higher the trust level of the user is, the less the abnormal operation number of the user is, the higher the trust level of the user is, the different-place login number of the user indicates the stability level of the user at one location, and the different-place login number is compared with the login number, where the different-place login number may be understood as the different-place login that is less than twenty percent of the total login number, or may be a standard for customizing the different-place login, and the standard for the different-place login is smaller than the login number. If the user logs in without abnormal operation or abnormal land, the login information parameter of the user takes the login times of the user as reference. According to the method, the error of data statistics is reduced by setting the coefficient, if the misoperation of a user exists, the number of abnormal operation times is increased once occasionally, the error of data statistics is weakened, the coefficient is determined according to the security level of the current network, the value of Fd0 is 10 times, and the value of Fy0 is 3 times.
Specifically, in the embodiment of the present invention, security levels D1, D2, D3, …, and Dn of a network are preset in the network security determining unit, where D1 represents a first preset network security level, D2 represents a second preset network security level, D3 represents a third preset network security level, Dn represents an nth preset network security level, and n is a positive number.
Specifically, in the embodiment of the present invention, the security level of the network may be determined according to the network security level and classified into classification level levels of a level a, a level B3, a level B2, a level B1, a level C2, a level C1, and a level D1 from high to low, or the existing classification of other network security levels may be used as a standard, and the present invention does not limit a specific method for limiting the security level of the network, and is implemented as a standard.
Specifically, in the embodiment of the present invention, the network security determining unit is preset with coefficients X1, X2, X3, …, and Xn, where X1 represents a first preset coefficient, X2 represents a second preset coefficient, X3 represents a third preset coefficient, and Xn represents an nth preset coefficient. For the ith preset coefficient Xi (α i, β i, γ i), i =1, 2, 3, …, n is set as a positive number, α i represents a coefficient of the ith preset number of times of login, β i represents a coefficient of the ith preset number of times of abnormal operation, and γ i represents a coefficient of the ith preset number of times of remote login. In this embodiment, α i > β i > γ i is set, and if the current network security level is higher, it indicates that the current network condition is safer, the corresponding coefficients of the number of abnormal operations of the user and the number of remote login of the user may be set to be smaller correspondingly, so as to reduce the occupancy ratio, and the security of the network condition may disable many illegal operations of the user, so that the number of abnormal operations of the user under the network condition may be reduced correspondingly, or the user may be less induced under the network, and the probability of illegal operations may be much lower, at this time, the coefficient of the login number of the user is increased, the calculated login information parameter of the user is increased to match with the actual operation of the user, and the security of network security protection is increased.
Specifically, in the embodiment of the present invention, the network security determining unit determines the coefficient in the login information parameter of the user according to the security level of the current network, and sets the security level of the current network to be Ds, then,
if Ds is less than or equal to D1, the network security determining unit determines that the coefficient in the login information parameters of the user is X1, determines alpha 1 as the coefficient of login times, determines beta 1 as the coefficient of abnormal operation times, and determines gamma 1 as the coefficient of remote login times;
if Ds is larger than D1 and is less than or equal to D2, the network security determining unit determines that the coefficient in the login information parameters of the user is X2, determines alpha 2 as the coefficient of login times, determines beta 2 as the coefficient of abnormal operation times and determines gamma 2 as the coefficient of different-place login times;
if Ds is larger than D2 and is less than or equal to D3, the network security determining unit determines that the coefficient in the login information parameters of the user is X3, determines alpha 3 as the coefficient of login times, determines beta 3 as the coefficient of abnormal operation times and determines gamma 3 as the coefficient of different-place login times;
if D (n-1) < Ds is less than or equal to Dn, the network security determining unit determines that a coefficient in login information parameters of the user is Xn, determines that alpha n is a coefficient of login times, determines that beta n is a coefficient of abnormal operation times, and determines that gamma n is a coefficient of different-place login times.
Specifically, in the embodiment of the present invention, the network security determining unit calculates the login information parameter of the user according to a coefficient in the determined login information parameter of the user. And determining the coefficients of the login information parameters of the user through different network security levels, and calculating the login information parameters of the user.
Specifically, in the embodiment of the present invention, login information parameters C1, C2, C3, …, and Cn of a user are preset in the network security determining unit, where C1 represents a first preset user login information parameter, C2 represents a second preset user login information parameter, C3 represents a third preset user login information parameter, and Cn represents an nth preset user login information parameter.
Specifically, in the embodiment of the present invention, network security levels B1, B2, B3, …, and Bn are preset in the network security determining unit, where B1 represents a first preset network security level, B2 represents a second preset network security level, B3 represents a third preset network security level, and Bn represents an nth preset network security level.
Specifically, in the embodiment of the present invention, the network security determining unit determines the network security protection level according to the calculated login information parameter of the user, and sets the real-time login information parameter of the user to be cs, then,
if cs is less than or equal to C1, the network security determining unit determines that the network security protection level is B1;
if cs is greater than C1 and less than or equal to C2, the network security determination unit determines that the network security protection level is B2;
if cs is greater than C2 and less than or equal to C3, the network security determination unit determines that the network security protection level is B3;
if C (n-1) < cs is less than or equal to Cn, the network security determining unit determines that the network security protection level is Bn.
Specifically, in the embodiment of the present invention, when the login information parameter of the user is larger, the corresponding network security protection level is lower, which indicates that the user is safer for the system, and a lower network security protection level is enabled, and the network security protection level may also be understood as the right opened to the user, and the higher the trustworthiness of the user is, the higher the right that the user can obtain is, the fewer the rights are.
Specifically, in the embodiment of the present invention, when the network security execution unit operates according to the determined network security protection level, the network security management unit adjusts the login information parameter of the user according to the actual behavior of the user within the preset time, sets the behavior parameter z of the user,
z=L0/L+Y/Y0
wherein L represents a login time length, L0 represents a preset login time length, Y represents the number of abnormal operations, and Y0 represents the preset number of abnormal operations.
Specifically, the preset time in the embodiment of the present invention may be a set fixed time, or may be adjusted when the user touches a certain behavior, which is set to 10 minutes in this embodiment, the preset login time length L0 is set to 30 minutes in this embodiment, and the preset number of abnormal operations Y0 is set to 1 time in this embodiment, where the abnormal operation may be, for example, entering a certain restricted website, such as sending an illegal file, and may be specifically set according to an actual situation. In this embodiment, by presetting the login duration and the login duration, the longer the login duration is, the smaller the corresponding user behavior parameter is, the fewer the abnormal operation times is, or when the login duration is zero, the smaller the corresponding user behavior parameter is.
Specifically, in the embodiment of the present invention, behavior parameters z1, z2, z3, …, and zn are preset in the network security management unit, where z1 represents a first preset behavior parameter, z2 represents a second preset behavior parameter, z3 represents a third preset behavior parameter, and zn represents an nth preset behavior parameter.
Specifically, in the embodiment of the present invention, adjustment parameters x1, x2, x3, …, and xn are preset in the network security management unit, where x1 represents a first preset adjustment parameter, x2 represents a second preset adjustment parameter, x3 represents a third preset adjustment parameter, and xn represents an nth preset adjustment parameter.
Specifically, in the embodiment of the present invention, the network security management unit determines the login information parameter of the user according to the behavior parameter z of the user, sets the behavior parameter of the user determined in real time as zs, sets s =1, 2, 3, …, n, and n is a positive number,
if zs is less than or equal to z1, the network security management unit determines that the adjustment parameter is x1, and the adjusted user login information parameter is ct = x1 × cs;
if z1 is larger than zs and is not larger than z2, the network security management unit determines that the adjustment parameter is x2, and the adjusted user login information parameter is ct = x2 × cs;
if z2 is larger than zs and is not larger than z3, the network security management unit determines that the adjustment parameter is x3, and the adjusted user login information parameter is ct = x3 × cs;
if z (n-1) < zs ≤ zn, the network security management unit determines that the adjustment parameter is xn, and the adjusted user login information parameter is ct = xnxcs × cs.
Specifically, in the embodiment of the present invention, when the behavior parameter of the user is smaller, it indicates that the user is safe to use within the preset time, the larger the coefficient to be adjusted is, the larger the corresponding adjustment parameter is, the adjustment parameter is set to facilitate readjustment of the login information parameter of the user, so as to adjust the network security protection level within the next preset time. When the adjusted login information parameter of the user is larger, the abnormal operation used by the user in the last preset time is less, the adjustment of the network security protection level can be basically enhanced step by step or reduced step by step, the phenomenon of skip level adjustment is reduced, and the possibility of loopholes is reduced.
Specifically, in the embodiment of the present invention, the network security adjusting unit adjusts the network security protection level according to the adjusted user login information parameter ct,
if ct is less than or equal to C1, the network security determination unit determines that the network security protection level is B1;
if the C1 is more than ct and less than or equal to C2, the network security determining unit determines that the network security protection level is B2;
if the C2 is more than ct and less than or equal to C3, the network security determining unit determines that the network security protection level is B3;
and if the C (n-1) < ct is less than or equal to Cn, the network security determining unit determines that the network security protection level is Bn.
Specifically, in the embodiment of the present invention, after the network security determining unit preliminarily determines the network security protection level, the network security management unit adjusts the login information parameter of the user in real time according to the real-time behavior statistics of the user, and the network security adjusting unit adjusts and updates the network security protection level in real time, so as to complete the protection work of network security. The invention can meet the network in the current state by continuously adjusting the network security protection level, improve the security of the network information and simultaneously ensure the stability of the normal use of the user.
Specifically, in the embodiment of the present invention, a valve-off measure may be further set, when the number of times of abnormal operation of the user exceeds a preset value, the strongest network security protection level is directly started, and the user is suspended to ensure the security of the user, where the preset value may be based on an actual value, for example, may be set to 3 times, or may be set to 5 times.
The invention also provides a network security protection system, comprising,
the network security determining unit is used for determining the user login information parameters according to the security level of the network and the login information of the user and determining the network security protection level according to the determined user login information parameters;
the network security execution unit is connected with the network security determination unit and is used for executing the network security protection level determined by the network security determination unit;
the network security management unit is used for adjusting the login information parameters of the user according to the actual behavior of the user within the preset time;
and the network security adjusting unit is used for adjusting the network security protection level according to the adjusted login information parameters of the user.
So far, the technical solutions of the present invention have been described in connection with the preferred embodiments shown in the drawings, but it is easily understood by those skilled in the art that the scope of the present invention is obviously not limited to these specific embodiments. Equivalent changes or substitutions of related technical features can be made by those skilled in the art without departing from the principle of the invention, and the technical scheme after the changes or substitutions can fall into the protection scope of the invention.