CN113536311A - Network security situation sensing system and method based on AI technology - Google Patents
Network security situation sensing system and method based on AI technology Download PDFInfo
- Publication number
- CN113536311A CN113536311A CN202110820491.4A CN202110820491A CN113536311A CN 113536311 A CN113536311 A CN 113536311A CN 202110820491 A CN202110820491 A CN 202110820491A CN 113536311 A CN113536311 A CN 113536311A
- Authority
- CN
- China
- Prior art keywords
- data
- module
- network
- internet
- network security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1448—Management of the data involved in backup or backup restore
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1458—Management of the backup or restore process
- G06F11/1464—Management of the backup or restore process for networked environments
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/906—Clustering; Classification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/306—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting packet switched data communications, e.g. Web, Internet or IMS communications
Abstract
The invention discloses a network security situation perception system and a method based on AI technology, comprising an internet terminal, an encryption transmission channel, an internet protection module, a data processing module, a data storage module and a decryption module, wherein the data input module is provided with big data input, mobile terminal data input and direct input, the data input module is connected with the internet terminal through the encryption transmission channel, and the internet terminal is correspondingly connected with the decryption module; the internet terminal is respectively connected with the data processing module, the data storage module and the internet protection module, and the output end of the internet protection module is respectively connected with the network anti-eavesdropping unit, the network tracking unit and the network blocking unit. The invention has good data collection function, high-efficiency and stable AI data processing function, reliable useful data storage function, and good Internet protection function due to the arrangement of the Internet protection module.
Description
Technical Field
The invention belongs to the technical field of network security based on AI technology, and particularly relates to a network security situation perception system and method based on AI technology.
Background
The network security posture value (network security establishment value) is a computer science terminology published in 2018. Through a series of mathematical methods, massive network security information is merged and fused into one group or a plurality of groups of numerical values which can represent the network operation state within a certain value range. In computer science, Artificial Intelligence (AI), sometimes referred to as machine intelligence, is the intelligence exhibited by a machine, as opposed to the natural intelligence exhibited by humans and animals. Colloquially, the term "artificial intelligence" is used to describe machines that mimic the "cognitive" functions of humans in connection with other human thoughts, such as "learning" and "problem solving.
At present, when the network security situation perception system based on the AI technology is in actual use, a good data collection function is lacked, efficient, reliable, safe and comprehensive data collection work cannot be carried out, a high-efficient and stable AI data processing function is lacked, a reliable useful data storage function is lacked, actual useful data cannot be well stored, and a good internet protection function is lacked.
Disclosure of Invention
The invention aims to provide a network security situation awareness system and method based on an AI technology, and aims to solve the problems.
The invention is mainly realized by the following technical scheme:
a network security situation perception system based on AI technology comprises an internet terminal, an encryption transmission channel, an internet protection module, a data processing module, a data storage module and a decryption module, wherein the data input module is provided with big data input, mobile terminal data input and direct input, the data input module is connected with the internet terminal through the encryption transmission channel, and the internet terminal is correspondingly connected with the decryption module; the internet terminal is respectively connected with the data processing module, the data storage module and the internet protection module, and the output end of the internet protection module is respectively connected with the network eavesdropping prevention unit, the network tracking unit and the network blocking unit; the data processing module is used for classifying data received by the internet terminal and analyzing and evaluating network security situation; the data storage module is used for storing data processed by the internet terminal; the internet protection module is used for performing internet protection work on the internet terminal.
In order to better realize the invention, the system further comprises a data analysis processing unit connected with the data input module, wherein the data analysis processing unit is used for analyzing and processing the data input to the data input module, integrating a simulation process by utilizing data of a physical model, a sensor and an operation history, carrying out a trial operation work through a simulation construction model, and finding and filtering out bad information and virus programs.
In order to better realize the invention, the data processing module is respectively connected with the AI processing module and the AI co-processing module, the AI co-processing module is used for performing segmented group data processing, performing whole-segment group data processing through the AI processing module, separating a targeted ground data processing mode, constructing a data model, extracting outline data of different levels of the model, automatically generating situation network data, planning external situation path data, realizing efficient data retrieval and association updating, further integrating cloud big data organization and data, and cooperatively matching an internet terminal to perform good data interaction with a client terminal.
In order to better implement the present invention, the data storage module is further connected to the cloud data storage platform and the data storage hard disk respectively.
The invention is mainly realized by the following technical scheme:
a network security situation perception method based on AI technology is carried out by adopting the network security situation perception system, and comprises the following steps:
s1, inputting network data to a data input module in a large data input data, mobile terminal data input and direct input mode, filtering the network data by the data input module, and transmitting the network data to an Internet terminal through an encryption transmission channel, wherein the Internet terminal can decrypt the encrypted data through a decryption module;
s2, the Internet terminal processes the data transmitted by the data processing module, classifies the data by the AI processing module and the AI co-processing module, and analyzes and evaluates the network security situation;
s3, the internet terminal transmits the processed data to a data storage module, the data storage module can back up useful data through a cloud data storage platform, and data entity storage is carried out through a data storage hard disk;
and S4, aiming at the evaluation data obtained by analysis, the Internet terminal performs Internet protection work through an Internet protection module.
In order to better implement the present invention, in step S2, a normal index is preset as a reference value, multiple times of simulation operations are performed, the current simulation result is intelligently analyzed and compared, whether hidden danger or risk exists is evaluated, and the hidden danger or risk is automatically reported and followed up, so as to complete the network security situation awareness operation.
In order to better implement the present invention, in step S4, the network anti-eavesdropping unit, the network tracking unit, and the network blocking unit perform network anti-eavesdropping, network unauthorized access tracking, and network unauthorized access blocking and intercepting operations, and construct a network security situation awareness work table, where the table format presents data of the commissioning status, the running time, and the interruption time, and a manager can check the dynamic table at each time point in the background, and perform fast tracking processing if an abnormality or a hidden trouble occurs.
The invention has the beneficial effects that:
(1) the invention has good data collection function by setting a multi-data input mode and data filtering, can carry out high-efficiency, reliable, safe and comprehensive data collection work, is provided with the AI processing module and the AI co-processing module, and has high-efficiency and stable AI data processing function;
(2) the cloud data storage platform and the entity data storage hard disk are arranged, so that the cloud data storage hard disk has a reliable useful data storage function, actual useful data can be well stored, and meanwhile, the Internet protection module is arranged, so that a good Internet protection effect can be achieved;
(3) the intelligent data acquisition system has a good data acquisition function by setting a multi-data input mode and data filtering, can perform efficient, reliable, safe and comprehensive data acquisition work, is provided with the AI processing module and the AI co-processing module, has a high-efficiency and stable AI data processing function, has a reliable useful data storage function by setting the cloud data storage platform and the entity data storage hard disk, can well store actual useful data, and can play a good internet protection role by setting the internet protection module.
Drawings
FIG. 1 is a schematic diagram of the system of the present invention.
Detailed Description
The embodiments of the present invention will be further described with reference to the accompanying drawings.
Example 1:
a network security situation perception system based on AI technology, as shown in figure 1, comprises an internet terminal, wherein the internet terminal is connected with an encryption transmission channel, a decryption module, an internet protection module, a data processing module and a data storage module;
the data storage module is connected with a cloud data storage platform and a data storage hard disk, the data processing module is connected with an AI processing module and an AI co-processing module, the internet protection module is connected with a network anti-eavesdropping unit, a network tracking unit and a network blocking unit, the encryption transmission channel is connected with a data input module, the data input module is provided with big data input, mobile terminal data input and direct input, and the data input module is connected with a data analysis processing unit.
Furthermore, the data analysis processing unit can analyze and process the data input to the data input module, namely, the data such as a physical model, a sensor, operation history and the like are fully utilized, a multidisciplinary and multiscale simulation process is integrated, a model is constructed through simulation, then test operation work is carried out, and bad information and virus programs are found and filtered out.
Furthermore, the data processing module can perform fragment-type group data processing through the AI co-processing module, perform whole-segment type group data processing through the AI processing module, separate a targeted ground data processing mode, construct a data model, extract outline data of different levels of the model, automatically generate situation network data, plan external situation path data and the like, and finally perform efficient data retrieval and correlation updating, so that cloud-side big data organization and data fusion are realized, and the data processing module can cooperate with an internet terminal to perform good data interaction with a client terminal and improve the data processing efficiency.
The intelligent data acquisition system has a good data acquisition function by setting a multi-data input mode and data filtering, can perform efficient, reliable, safe and comprehensive data acquisition work, is provided with the AI processing module and the AI co-processing module, has a high-efficiency and stable AI data processing function, has a reliable useful data storage function by setting the cloud data storage platform and the entity data storage hard disk, can well store actual useful data, and can play a good internet protection role by setting the internet protection module.
Example 2:
a network security situation perception method based on AI technology is carried out by adopting the network security situation perception system, and comprises the following steps:
s1, network data can be input into a data input module through modes of big data input data, mobile terminal data input, direct input and the like, the network data are filtered by the data input module and then transmitted to an internet terminal through an encryption transmission channel, and the internet terminal can decrypt encrypted data through a decryption module;
s2, the Internet terminal can process data transmitted by the data processing module, classify the data by the AI processing module and the AI co-processing module, analyze the data in a targeted manner, analyze and evaluate the network security situation by means of the existing mathematical model and the network security model, namely, presetting a normal index as a reference value, carrying out a plurality of times of analog simulation work, intelligently analyzing and comparing the current analog simulation result, evaluating whether hidden danger or risk exists, automatically reporting and following, preventing the hidden danger, and further finishing the network security situation sensing work;
s3, the internet terminal transmits the processed useful data to the data storage module, the data storage module can back up the useful data through the cloud data storage platform, and data entity storage is carried out through the data storage hard disk, so that the safety of the useful data is guaranteed;
s4, aiming at the analyzed evaluation data, the internet terminal can perform internet protection work through an internet protection module, namely, the internet terminal performs the work of network eavesdropping prevention, network illegal access tracking and network illegal access blocking interception through the network eavesdropping prevention unit, the network tracking unit and the network blocking unit, and a network security situation perception work table is constructed, the data of the trial operation state, the operation time, the interruption time and the like are presented in a table format, the network situation collapse is effectively prevented, the perception level of the whole network security situation is improved, real-time visual supervision is adopted, and a manager can check the dynamic table of each time point at a background, if abnormity or hidden danger occurs, the rapid tracking processing is facilitated.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the present invention in any way, and all simple modifications and equivalent variations of the above embodiments according to the technical spirit of the present invention are included in the scope of the present invention.
Claims (7)
1. A network security situation perception system based on AI technology is characterized by comprising an internet terminal, an encryption transmission channel, an internet protection module, a data processing module, a data storage module and a decryption module, wherein the data input module is provided with big data input, mobile terminal data input and direct input, the data input module is connected with the internet terminal through the encryption transmission channel, and the internet terminal is correspondingly connected with the decryption module; the internet terminal is respectively connected with the data processing module, the data storage module and the internet protection module, and the output end of the internet protection module is respectively connected with the network eavesdropping prevention unit, the network tracking unit and the network blocking unit; the data processing module is used for classifying data received by the internet terminal and analyzing and evaluating network security situation; the data storage module is used for storing data processed by the internet terminal; the internet protection module is used for performing internet protection work on the internet terminal.
2. The AI-technology-based network security situation awareness system of claim 1, further comprising a data analysis and processing unit connected to the data input module, wherein the data analysis and processing unit is configured to analyze data input to the data input module, integrate a simulation process with data of a physical model, a sensor and an operation history, perform a test run operation via a simulation building model, and discover and filter out unwanted information and virus programs.
3. The AI-technology-based network security situation awareness system of claim 1, wherein the data processing module is connected to the AI processing module and the AI co-processing module, respectively, and the AI co-processing module is configured to perform segment-wise group data processing, perform whole-segment-wise group data processing through the AI processing module, separate a point-wise ground data processing manner, construct a data model, extract different-level outline data of the model, automatically generate situation network data, and plan external situation path data, thereby implementing efficient data retrieval and association update, further integrating cloud-side big data organization and data, and cooperatively cooperating with an Internet terminal to perform good data interaction with a client terminal.
4. The AI-technology-based network security situation awareness system of claim 1, wherein the data storage module is connected to the cloud data storage platform and the data storage hard disk respectively.
5. A network security situation awareness method based on AI technology, which is performed by the network security situation awareness system of any one of claims 1-4, and comprises the following steps:
s1, inputting network data to a data input module in a large data input data, mobile terminal data input and direct input mode, filtering the network data by the data input module, and transmitting the network data to an Internet terminal through an encryption transmission channel, wherein the Internet terminal can decrypt the encrypted data through a decryption module;
s2, the Internet terminal processes the data transmitted by the data processing module, classifies the data by the AI processing module and the AI co-processing module, and analyzes and evaluates the network security situation;
s3, the internet terminal transmits the processed data to a data storage module, the data storage module can back up useful data through a cloud data storage platform, and data entity storage is carried out through a data storage hard disk;
and S4, aiming at the evaluation data obtained by analysis, the Internet terminal performs Internet protection work through an Internet protection module.
6. The AI-technology-based network security situation awareness method of claim 5, wherein in step S2, a normal index is preset as a reference value, and multiple simulation runs are performed, and the current simulation result is intelligently analyzed and compared to evaluate whether hidden danger or risk exists, and then reported and followed automatically, thereby completing the network security situation awareness work.
7. The AI-technology-based network security situation awareness method according to claim 5, wherein in step S4, network eavesdropping prevention, network unauthorized access tracking, and network unauthorized access blocking interception are performed through the network eavesdropping prevention unit, the network tracking unit, and the network blocking unit, and a network security situation awareness working table is constructed, which presents data of the commissioning status, the running time, and the interruption time in a table format, and a manager can check the dynamic table at each time point in the background, and perform fast tracking processing if an abnormality or a hidden danger occurs.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110820491.4A CN113536311A (en) | 2021-07-20 | 2021-07-20 | Network security situation sensing system and method based on AI technology |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110820491.4A CN113536311A (en) | 2021-07-20 | 2021-07-20 | Network security situation sensing system and method based on AI technology |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113536311A true CN113536311A (en) | 2021-10-22 |
Family
ID=78100502
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110820491.4A Pending CN113536311A (en) | 2021-07-20 | 2021-07-20 | Network security situation sensing system and method based on AI technology |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113536311A (en) |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107547526A (en) * | 2017-08-17 | 2018-01-05 | 北京奇安信科技有限公司 | The data processing method and device combined a kind of cloud |
CN107623697A (en) * | 2017-10-11 | 2018-01-23 | 北京邮电大学 | A kind of network security situation evaluating method based on attacking and defending Stochastic Game Model |
CN108418841A (en) * | 2018-05-18 | 2018-08-17 | 广西电网有限责任公司 | Next-generation key message infrastructure network Security Situation Awareness Systems based on AI |
CN108494803A (en) * | 2018-05-24 | 2018-09-04 | 广西电网有限责任公司 | Polynary heterogeneous network secure data visualization system based on artificial intelligence |
CN108696529A (en) * | 2018-05-29 | 2018-10-23 | 广西电网有限责任公司 | Network security situation awareness analysis system based on multivariate information fusion |
CN110400183A (en) * | 2019-07-31 | 2019-11-01 | 电子科技大学中山学院 | Data analysis system of electronic commerce platform |
CN110493179A (en) * | 2019-07-04 | 2019-11-22 | 湖北央中巨石信息技术有限公司 | Network security situation awareness model and method based on time series |
CN112583842A (en) * | 2020-12-23 | 2021-03-30 | 黑龙江省网络空间研究中心 | Network security situation awareness system platform based on data stream processing |
US20210194924A1 (en) * | 2019-08-29 | 2021-06-24 | Darktrace Limited | Artificial intelligence adversary red team |
-
2021
- 2021-07-20 CN CN202110820491.4A patent/CN113536311A/en active Pending
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107547526A (en) * | 2017-08-17 | 2018-01-05 | 北京奇安信科技有限公司 | The data processing method and device combined a kind of cloud |
CN107623697A (en) * | 2017-10-11 | 2018-01-23 | 北京邮电大学 | A kind of network security situation evaluating method based on attacking and defending Stochastic Game Model |
CN108418841A (en) * | 2018-05-18 | 2018-08-17 | 广西电网有限责任公司 | Next-generation key message infrastructure network Security Situation Awareness Systems based on AI |
CN108494803A (en) * | 2018-05-24 | 2018-09-04 | 广西电网有限责任公司 | Polynary heterogeneous network secure data visualization system based on artificial intelligence |
CN108696529A (en) * | 2018-05-29 | 2018-10-23 | 广西电网有限责任公司 | Network security situation awareness analysis system based on multivariate information fusion |
CN110493179A (en) * | 2019-07-04 | 2019-11-22 | 湖北央中巨石信息技术有限公司 | Network security situation awareness model and method based on time series |
CN110400183A (en) * | 2019-07-31 | 2019-11-01 | 电子科技大学中山学院 | Data analysis system of electronic commerce platform |
US20210194924A1 (en) * | 2019-08-29 | 2021-06-24 | Darktrace Limited | Artificial intelligence adversary red team |
CN112583842A (en) * | 2020-12-23 | 2021-03-30 | 黑龙江省网络空间研究中心 | Network security situation awareness system platform based on data stream processing |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112804196A (en) | Log data processing method and device | |
CN105471882A (en) | Behavior characteristics-based network attack detection method and device | |
CN109165337B (en) | Method and system for establishing bid and ask field association analysis based on knowledge graph | |
CN112541022A (en) | Abnormal object detection method, abnormal object detection device, storage medium and electronic equipment | |
CN110602041A (en) | White list-based Internet of things equipment identification method and device and network architecture | |
CN116781430B (en) | Network information security system and method for gas pipe network | |
CN107360152A (en) | A kind of Web based on semantic analysis threatens sensory perceptual system | |
CN108512841A (en) | A kind of intelligent system of defense and defence method based on machine learning | |
CN102045357A (en) | Affine cluster analysis-based intrusion detection method | |
CN113824682A (en) | Modular SCADA security situation perception system architecture | |
CN114598551A (en) | Information network security early warning system for dealing with continuous threat attack | |
CN115309913A (en) | Deep learning-based financial data risk identification method and system | |
CN113516565A (en) | Intelligent alarm processing method and device for power monitoring system based on knowledge base | |
CN115330129A (en) | Enterprise safety risk early warning analysis method and system | |
CN112288317B (en) | Industrial big data analysis platform and method based on multi-source heterogeneous data governance | |
CN113536311A (en) | Network security situation sensing system and method based on AI technology | |
CN113194080A (en) | Network security system based on cloud computing and artificial intelligence | |
Chimphlee et al. | A Rough-Fuzzy Hybrid Algorithm for computer intrusion detection | |
CN115640606A (en) | Data visualization method and system based on safety | |
Zhang | Application of Artificial Intelligence Technology in Computer Network Security. | |
KR102357630B1 (en) | Apparatus and Method for Classifying Attack Tactics of Security Event in Industrial Control System | |
Xu | Research on network intrusion detection method based on machine learning | |
CN113849636A (en) | Big data analysis modeling prediction method based on artificial intelligence | |
KR20210152817A (en) | Apparatus and method for identifying focused monitoring information among security event of heterogeneous systems | |
CN111274234A (en) | Machine scoring system and method based on data analysis |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20211022 |
|
RJ01 | Rejection of invention patent application after publication |