CN113572754A - Sensitive data intelligent probing and access behavior monitoring alarm system - Google Patents
Sensitive data intelligent probing and access behavior monitoring alarm system Download PDFInfo
- Publication number
- CN113572754A CN113572754A CN202110822125.2A CN202110822125A CN113572754A CN 113572754 A CN113572754 A CN 113572754A CN 202110822125 A CN202110822125 A CN 202110822125A CN 113572754 A CN113572754 A CN 113572754A
- Authority
- CN
- China
- Prior art keywords
- data
- module
- access
- alarm
- monitoring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012544 monitoring process Methods 0.000 title claims abstract description 37
- 230000002159 abnormal effect Effects 0.000 claims abstract description 31
- 238000012545 processing Methods 0.000 claims abstract description 18
- 239000000523 sample Substances 0.000 claims description 15
- 238000013500 data storage Methods 0.000 claims description 10
- 238000002372 labelling Methods 0.000 claims description 4
- 238000013475 authorization Methods 0.000 claims description 2
- 238000001514 detection method Methods 0.000 claims 3
- 230000006399 behavior Effects 0.000 abstract description 12
- 238000012423 maintenance Methods 0.000 abstract description 7
- 238000000586 desensitisation Methods 0.000 description 27
- 238000004519 manufacturing process Methods 0.000 description 9
- 238000011161 development Methods 0.000 description 4
- 238000012946 outsourcing Methods 0.000 description 3
- 230000003068 static effect Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000000172 allergic effect Effects 0.000 description 1
- 208000010668 atopic eczema Diseases 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000009472 formulation Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000000034 method Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/12—Network monitoring probes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Alarm Systems (AREA)
Abstract
The invention belongs to the technical field of sensitive data exploration of energy big data centers, in particular to an intelligent sensitive data exploration and access behavior monitoring alarm system which comprises a user terminal, a server and a monitoring module, wherein the user terminal is respectively connected with the server and the monitoring module through the Internet; the user terminal includes: a data acquisition module; a data determination module; the data processing module is used for giving an alarm prompt when the user has abnormal access to the sensitive data; a display module; the system for intelligently probing the sensitive data and monitoring the access behaviors has the characteristics of simple structure, timely monitoring and convenient and fast maintenance, and by utilizing the data acquisition module, the data determination module, the judgment module, the data processing module and the display module, the system has simpler structure and is more convenient to monitor, and the user access behaviors are accurately and timely monitored and an alarm is given; the system is convenient to operate, low in workload of system maintenance, more convenient to maintain and lower in maintenance cost.
Description
Technical Field
The invention belongs to the technical field of sensitive data exploration of energy big data centers, and particularly relates to an intelligent sensitive data exploration and access behavior monitoring alarm system.
Background
In order to meet the requirements of the national energy strategy, a provincial energy big data center is explored and constructed by combining local governments and energy enterprises. The data accessed by the energy big data center comes from each link of energy production, transmission, consumption and the like, the data source has the characteristics of numerous participants, various data types and the like, and the accessed multi-source heterogeneous data relates to important sensitive data of each link of energy enterprise production, management, operation and the like. The data protection of the energy big data center mainly aims at sensitive data in client data, and the sensitive data is prevented from being leaked or unreasonably used through operations such as identification, positioning, desensitization, encryption and the like.
At present, a traditional network sensitive data monitoring system is complex in structure, cannot accurately and timely monitor user access behaviors and give an alarm, and is troublesome to maintain.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides an intelligent sensitive data probing and access behavior monitoring and alarming system which has the characteristics of simple structure, timely monitoring and convenient and fast maintenance.
In order to achieve the purpose, the invention provides the following technical scheme: an intelligent sensitive data probing and access behavior monitoring and warning system comprises a user terminal, a server and a monitoring module, wherein the user terminal is respectively connected with the server and the monitoring module through the Internet;
the user terminal includes:
the data acquisition module is used for acquiring the access data of the user, labeling the accessed data and making a session identifier;
the data determining module is used for determining an abnormal boundary accessed by the user according to the acquired session identifier;
the judging module is used for judging whether the abnormal access of the sensitive data exists or not according to the abnormal boundary of the user access;
the data processing module is used for giving an alarm prompt when the user has abnormal access to the sensitive data;
and the display module is used for displaying the alarm prompt.
As a preferred technical solution of the present invention, the server includes a monitoring server, a local DNS server, a source station authorization DNS server, and a Web server.
As a preferred technical solution of the present invention, the user terminal sends a DNS probe data request to the local DNS server through the DNS data interface to acquire DNS access data of the user, and stores the acquired DNS access data of the user.
As a preferred technical solution of the present invention, the user terminal sends an HTTP probe request to the Web server according to the HTTP data interface, and obtains HTTP probe data fed back by the Web server, where the HTTP probe data is access data of the user.
As a preferred technical solution of the present invention, the present invention further includes a comparison sub-module, the comparison sub-module is connected to the user terminal, and the comparison sub-module is configured to compare the access data of the user with the abnormal limit, and obtain a comparison result.
As a preferred technical scheme of the present invention, the present invention further comprises an alarm information generation sub-module, the alarm information generation sub-module is connected with the comparison sub-module, and the alarm information generation sub-module gives an alarm prompt when the access information of the sensitive data appears according to the comparison result of the comparison sub-module.
As a preferred technical solution of the present invention, the alarm prompts given by the data processing module are divided into general alarms, moderate alarms and emergency alarms, and the determining module determines the abnormal level of the sensitive data when determining the abnormal access information of the sensitive data, and then sends the determination information to the data processing module.
As a preferred technical solution of the present invention, the display device further comprises an alarm information output sub-module, and the alarm information output sub-module is connected to the display module and configured to output alarm information to the display module.
The data storage submodule is used for storing historical access information and historical alarm information of a user, and the data storage submodule records information sources, time and content of the historical access information and the historical alarm information.
As a preferred technical solution of the present invention, the system further includes an information sending recording sub-module, the information sending recording sub-module is used for recording the sending condition of the alarm information, and the information sending recording sub-module records the sending time, the sending address and the alarm content of the alarm information.
Compared with the prior art, the invention has the beneficial effects that: the system for intelligently probing the sensitive data and monitoring the access behaviors has the characteristics of simple structure, timely monitoring and convenient and fast maintenance, and by utilizing the data acquisition module, the data determination module, the judgment module, the data processing module and the display module, the system has simpler structure and is more convenient to monitor, and the user access behaviors are accurately and timely monitored and an alarm is given; the system is convenient to operate, low in workload of system maintenance, more convenient to maintain and lower in maintenance cost.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a schematic structural view of the present invention;
FIG. 2 is a schematic structural diagram of a user terminal according to the present invention;
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
Referring to fig. 1-2, the present invention provides the following technical solutions: an intelligent sensitive data probing and access behavior monitoring and warning system comprises a user terminal, a server and a monitoring module, wherein the user terminal is respectively connected with the server and the monitoring module through the Internet;
the user terminal includes:
the data acquisition module is used for acquiring the access data of the user, labeling the accessed data and making a session identifier;
the data determining module is used for determining an abnormal boundary accessed by the user according to the acquired session identifier;
the judging module is used for judging whether the abnormal access of the sensitive data exists or not according to the abnormal boundary of the user access;
the data processing module is used for giving an alarm prompt when the user has abnormal access to the sensitive data;
and the display module is used for displaying the alarm prompt.
Specifically, according to fig. 1 and fig. 2, in the present embodiment, the servers include a monitoring server, a local DNS server, a source authority DNS server, and a Web server.
Specifically, according to fig. 1 and fig. 2, in this embodiment, a user terminal sends a DNS probe data request to a local DNS server through a DNS data interface to obtain DNS access data of a user, and stores the obtained DNS access data of the user, and the user terminal is provided with a DNS data interface for sending the DNS probe data request to the local DNS server and obtaining DNS access data of the user.
Specifically, according to fig. 1 and fig. 2, in this embodiment, the user terminal sends an HTTP probe request to the Web server according to the HTTP data interface, and obtains HTTP probe data fed back by the Web server, where the HTTP probe data is access data of the user.
Specifically, as shown in fig. 1 and fig. 2, in this embodiment, the present embodiment further includes a comparison sub-module, where the comparison sub-module is connected to the user terminal, and the comparison sub-module is configured to compare the access data of the user with the abnormal limit, and obtain a comparison result.
Specifically, as shown in fig. 1 and fig. 2, in this embodiment, the apparatus further includes an alarm information generation sub-module, where the alarm information generation sub-module is connected to the comparison sub-module, and the alarm information generation sub-module gives an alarm prompt when access information of the sensitive data appears according to a comparison result of the comparison sub-module.
Specifically, as shown in fig. 1 and fig. 2, in this embodiment, the alarm prompts given by the data processing module are divided into a general alarm, a moderate alarm and an emergency alarm, and the determining module determines the abnormal level of the sensitive data when determining the abnormal access information of the sensitive data, and then sends the determination information to the data processing module.
Specifically, as shown in fig. 1 and fig. 2, in this embodiment, an alarm information output sub-module is further included, and the alarm information output sub-module is connected to the display module and is configured to output alarm information to the display module.
Specifically, as shown in fig. 1 and fig. 2, in this embodiment, the data storage sub-module is further included, and the data storage sub-module is configured to store historical access information and historical alarm information of a user, and the data storage sub-module records information sources, time, and content of the historical access information and the historical alarm information.
Specifically, as shown in fig. 1 and fig. 2, in this embodiment, the present invention further includes an information sending recording sub-module, where the information sending recording sub-module is configured to record a sending condition of the alarm information, and the information sending recording sub-module records a sending time, a sending address, and an alarm content of the alarm information.
Example 2
Referring to fig. 1-2, the present invention provides the following technical solutions: an intelligent sensitive data probing and access behavior monitoring and warning system comprises a user terminal, a server and a monitoring module, wherein the user terminal is respectively connected with the server and the monitoring module through the Internet;
the user terminal includes:
the data acquisition module is used for acquiring the access data of the user, labeling the accessed data and making a session identifier;
the data determining module is used for determining an abnormal boundary accessed by the user according to the acquired session identifier;
the judging module is used for judging whether the abnormal access of the sensitive data exists or not according to the abnormal boundary of the user access;
the data processing module is used for giving an alarm prompt when the user has abnormal access to the sensitive data;
and the display module is used for displaying the alarm prompt.
Specifically, according to fig. 1 and fig. 2, in the present embodiment, the servers include a monitoring server, a local DNS server, a source authority DNS server, and a Web server.
Specifically, according to fig. 1 and fig. 2, in this embodiment, a user terminal sends a DNS probe data request to a local DNS server through a DNS data interface to obtain DNS access data of a user, and stores the obtained DNS access data of the user, and the user terminal is provided with a DNS data interface for sending the DNS probe data request to the local DNS server and obtaining DNS access data of the user.
Specifically, according to fig. 1 and fig. 2, in this embodiment, the user terminal sends an HTTP probe request to the Web server according to the HTTP data interface, and obtains HTTP probe data fed back by the Web server, where the HTTP probe data is access data of the user.
Specifically, as shown in fig. 1 and fig. 2, in this embodiment, the present embodiment further includes a comparison sub-module, where the comparison sub-module is connected to the user terminal, and the comparison sub-module is configured to compare the access data of the user with the abnormal limit, and obtain a comparison result.
Specifically, as shown in fig. 1 and fig. 2, in this embodiment, the apparatus further includes an alarm information generation sub-module, where the alarm information generation sub-module is connected to the comparison sub-module, and the alarm information generation sub-module gives an alarm prompt when access information of the sensitive data appears according to a comparison result of the comparison sub-module.
Specifically, as shown in fig. 1 and fig. 2, in this embodiment, the alarm prompts given by the data processing module are divided into a general alarm, a moderate alarm and an emergency alarm, and the determining module determines the abnormal level of the sensitive data when determining the abnormal access information of the sensitive data, and then sends the determination information to the data processing module.
Specifically, as shown in fig. 1 and fig. 2, in this embodiment, an alarm information output sub-module is further included, and the alarm information output sub-module is connected to the display module and is configured to output alarm information to the display module.
Specifically, as shown in fig. 1 and fig. 2, in this embodiment, the data storage sub-module is further included, and the data storage sub-module is configured to store historical access information and historical alarm information of a user, and the data storage sub-module records information sources, time, and content of the historical access information and the historical alarm information.
Specifically, as shown in fig. 1 and fig. 2, in this embodiment, the present invention further includes an information sending recording sub-module, where the information sending recording sub-module is configured to record a sending condition of the alarm information, and the information sending recording sub-module records a sending time, a sending address, and an alarm content of the alarm information.
Specifically, in this embodiment, the mobile terminal further includes an LED highlight warning module, where the highlight warning module includes a light emitting diode connected to the display module, and when the display module displays that the user has an abnormal access to the sensitive data, the highlight warning module emits light to remind the user that the user has the abnormal access to the sensitive data.
Data desensitization: according to different data processing modes, data desensitization can be divided into two categories of static data desensitization and dynamic data desensitization, wherein the static data desensitization refers to desensitization and privacy removal of data files and guarantees the incidence relation among data, and the static data desensitization is very suitable for data owners to use in data fusion and data sharing with a plurality of external development teams, so that data cannot be leaked in development and test links; the dynamic data desensitization refers to that when a user calls sensitive data in a background database at a front-end application part, the data desensitization is carried out, and then the sensitive data are fed back to a foreground for presentation, so that the dynamic data desensitization function can help an energy industry company to quickly, low-risk and stably provide real-time privacy protection for a production database.
Through the dynamic desensitization function, the energy industry company can be helped to provide real-time privacy protection of a production database quickly, at low risk and stably, and typical application scenes are shown as follows:
1. protecting production environment
In the context of large complex systems in the energy industry, to provide high levels of service to customers, sometimes means that developers, database administrators, designers, professional consultants, and other systems need unrestricted access to production data to quickly solve significant problems and respond quickly, thereby creating an illegal access path to private information such as customer information, telephone, address, etc., and dynamic data desensitization can effectively address this risk without losing the ability to respond quickly.
2. Reducing outsourcing risk
For a large complex system, a large number of outsourcing IT personnel and development units are often relied on to develop and maintain business, and the outsourcing personnel can access production data through application programs, reports, development and operation tools, which means that private data are completely exposed in an uncontrollable environment; dynamic data desensitization can perform real-time private data shielding on access of different users and applications, and help the energy industry to effectively protect access of important data assets.
3. Protecting general account risk
Database maintainers often use weak universal passwords, which is convenient for developers and DBAs to access and monitor production databases, and also opens a door for obtaining key privacy data while facilitating, and by providing an allergic data mask, on one hand, logging in from non-production environments can be prevented, and desensitized data can be provided to different logged-in users and systems according to rules.
The data acquisition technology comprises streaming data and batch data, wherein the streaming data refers to data which is continuously generated, calculated in real time, dynamically increased and required to respond in time, has the characteristics of mass and real-time performance and the like, generally belongs to the real-time or quasi-real-time data processing technology, and comprises the following steps: ApacheStorm, SparkStreaming, wherein,
storm is a distributed, reliable, fault tolerant data stream processing system, where the input streams to a Storm cluster are managed by a component called a spout, which passes data to bolts, which either store the data in some memory or pass the data to other bolts, and a Storm cluster converts the data passed over by a spout between a series of bolts.
SparkStreaming is applicable to graphics manipulation, machine learning, or access to SQL, the stack of apache spark, allows some library to be combined with the data stream (SparkSQL, Mllib, GraphX).
Bulk data desensitization comprises flume and Sqoop, wherein bulk data desensitization can be performed in the data importing process, or a desensitization program module can be called to perform desensitization after data enter a big data platform, desensitization of bulk data can be combined with the incidence relation of the data, a complex desensitization algorithm is applied to achieve a better desensitization effect, based on a flume data acquisition mode, the desensitization program can be called in an interceptor by writing the interceptor, and the desensitized data is output.
The data desensitization comprises four steps of sensitive data discovery, sensitive data combing, desensitization scheme formulation and desensitization task execution, and the optimal data desensitization effect is achieved by combining a data desensitization algorithm, a data desensitization rule and a desensitization environment.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. An intelligent sensitive data probing and access behavior monitoring and alarming system is characterized by comprising a user terminal, a server and a monitoring module, wherein the user terminal is respectively connected with the server and the monitoring module through the Internet;
the user terminal includes:
the data acquisition module is used for acquiring the access data of the user, labeling the accessed data and making a session identifier;
the data determining module is used for determining an abnormal boundary accessed by the user according to the acquired session identifier;
the judging module is used for judging whether the abnormal access of the sensitive data exists or not according to the abnormal boundary of the user access;
the data processing module is used for giving an alarm prompt when the user has abnormal access to the sensitive data;
and the display module is used for displaying the alarm prompt.
2. The system for intelligently probing and monitoring the access behavior of sensitive data according to claim 1, wherein: the server comprises a monitoring server, a local DNS server, a source station authorization DNS server and a Web server.
3. The intelligent sensitive data probing and access behavior monitoring and alarming system as recited in claim 2, wherein: the user terminal sends a DNS probe data request to a local DNS server through a DNS data interface so as to acquire DNS access data of a user and store the acquired DNS access data of the user.
4. The system according to claim 2, wherein the system comprises: the user terminal sends an HTTP detection data request to the Web server according to the HTTP data interface and obtains HTTP detection data fed back by the Web server, wherein the HTTP detection data are access data of the user.
5. The system for intelligently probing and monitoring the access behavior of sensitive data according to claim 1, wherein: the system also comprises a comparison submodule, wherein the comparison submodule is connected with the user terminal and is used for comparing the access data of the user with the abnormal limit to obtain a comparison result.
6. The system for intelligently probing and monitoring the access behavior of sensitive data according to claim 5, wherein: the system also comprises an alarm information generation submodule, wherein the alarm information generation submodule is connected with the comparison submodule, and the alarm information generation submodule gives an alarm prompt when access information of the sensitive data appears according to the comparison result of the comparison submodule.
7. The system for intelligently probing and monitoring the access behavior of sensitive data according to claim 1, wherein: the alarm prompt given by the data processing module is divided into a general alarm, a moderate alarm and an emergency alarm, and the judging module judges the abnormal grade of the sensitive data when judging the abnormal access information of the sensitive data and then sends the judging information to the data processing module.
8. The system for intelligently probing and monitoring the access behavior of sensitive data according to claim 1, wherein: the alarm module is connected with the display module and used for outputting alarm information to the display module.
9. The system for intelligently probing and monitoring the access behavior of sensitive data according to claim 1, wherein: the data storage submodule is used for storing historical access information and historical alarm information of a user, and the data storage submodule records information sources, time and content of the historical access information and the historical alarm information.
10. The system for intelligently probing and monitoring the access behavior of sensitive data according to claim 1, wherein: the alarm system also comprises an information sending and recording submodule, wherein the information sending and recording submodule is used for recording the sending condition of the alarm information, and the information sending and recording submodule records the sending time, the sending address and the alarm content of the alarm information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110822125.2A CN113572754A (en) | 2021-07-21 | 2021-07-21 | Sensitive data intelligent probing and access behavior monitoring alarm system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110822125.2A CN113572754A (en) | 2021-07-21 | 2021-07-21 | Sensitive data intelligent probing and access behavior monitoring alarm system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113572754A true CN113572754A (en) | 2021-10-29 |
Family
ID=78165872
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110822125.2A Pending CN113572754A (en) | 2021-07-21 | 2021-07-21 | Sensitive data intelligent probing and access behavior monitoring alarm system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113572754A (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN201919010U (en) * | 2010-12-22 | 2011-08-03 | 中国工商银行股份有限公司 | Website accessing performance monitoring system |
CN108259482A (en) * | 2018-01-04 | 2018-07-06 | 平安科技(深圳)有限公司 | Network Abnormal data detection method, device, computer equipment and storage medium |
CN112597532A (en) * | 2020-12-04 | 2021-04-02 | 光大科技有限公司 | Monitoring method and device for sensitive data access |
-
2021
- 2021-07-21 CN CN202110822125.2A patent/CN113572754A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN201919010U (en) * | 2010-12-22 | 2011-08-03 | 中国工商银行股份有限公司 | Website accessing performance monitoring system |
CN108259482A (en) * | 2018-01-04 | 2018-07-06 | 平安科技(深圳)有限公司 | Network Abnormal data detection method, device, computer equipment and storage medium |
CN112597532A (en) * | 2020-12-04 | 2021-04-02 | 光大科技有限公司 | Monitoring method and device for sensitive data access |
Non-Patent Citations (1)
Title |
---|
章功干: "开放环境下敏感信息在线监测系统的研究与设计", 《淮南师范学院学报》 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112787992B (en) | Method, device, equipment and medium for detecting and protecting sensitive data | |
US7502972B1 (en) | Reducing log entries using hash keys | |
US11362912B2 (en) | Support ticket platform for improving network infrastructures | |
US10685043B2 (en) | Event analysis in network management event streams | |
CN108259241A (en) | A kind of abnormal localization method and device of cloud platform monitoring system | |
Syer et al. | Continuous validation of load test suites | |
CN116030943B (en) | Big data intelligent operation and maintenance control system and method | |
CN112787890A (en) | Block chain monitoring system | |
CN114116429A (en) | Abnormal log collection method, device, equipment, medium and product | |
US20110010590A1 (en) | Enterprise black box system and method for data centers | |
CN111600890B (en) | Network security perception system based on big data | |
Laue et al. | A SIEM architecture for multidimensional anomaly detection | |
CN113572754A (en) | Sensitive data intelligent probing and access behavior monitoring alarm system | |
US8893289B1 (en) | Internal privacy invasion detection and prevention system | |
CN115238292A (en) | Data security management and control method and device, electronic equipment and storage medium | |
US11763014B2 (en) | Production protection correlation engine | |
CN113760579A (en) | Troubleshooting method and device | |
CN113904828A (en) | Interface sensitive information detection method, device, equipment, medium and program product | |
CN110933064B (en) | Method and system for determining user behavior track | |
CN112685768A (en) | Data leakage prevention method and device based on software asset audit | |
US11853173B1 (en) | Log file manipulation detection | |
CN113709140B (en) | Cloud big data intelligent safety management and control system based on comprehensive audit | |
CN117609994B (en) | Non-invasive data monitoring method and system based on data security | |
CN117435577A (en) | Big data supervision method | |
US20220124104A1 (en) | Systems, methods, and devices for implementing security operations in a security platform |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20211029 |