Disclosure of Invention
In view of the above, the present invention provides a network node security system for intelligent finance, which includes: the intelligent financial computing equipment is in communication connection with each network node and the database respectively; the intelligent financial computing device includes: the system comprises a node analysis module, an interactive graph construction module and a node verification module, wherein communication connection is formed among the modules;
the node analysis module randomly selects a network node from the intelligent financial network as a target network node, acquires information interaction data of the target network node, and identifies a related network node based on the information interaction data;
the node analysis module acquires node inflow data and node outflow data of each network node in the intelligent financial network, and extracts data characteristics of the node inflow data and the node outflow data of each network node to obtain a node inflow characteristic vector and a node outflow characteristic vector of each network node;
the node analysis module takes network nodes except the target network node in the intelligent financial network as candidate network nodes, respectively calculates Euclidean distances between a node inflow characteristic vector of the target network node and a node inflow characteristic vector of each candidate network node and takes the Euclidean distances as first identification values of the candidate network nodes, and respectively calculates Euclidean distances between a node outflow characteristic vector of the target network node and a node outflow characteristic vector of each candidate network node and takes the Euclidean distances as second identification values of the candidate network nodes;
the node analysis module adds the first identification value and the second identification value of each candidate network node to obtain a node identification value of each candidate network node, and obtains a second preset number of candidate network nodes with the maximum node identification value as security verification nodes of the target network node;
the interactive graph construction module takes the security verification node of the target network node as a first security verification node, and then generates a first security verification interactive graph according to the target network node and all the first security verification nodes; acquiring all security verification nodes of each associated network node, taking the security verification nodes of the associated network nodes as second security verification nodes, and then generating a plurality of second security verification interaction graphs according to each associated network node and the second security verification nodes of each associated network node;
and the node verification module obtains a node security verification value of the target network node according to the first security verification interaction graph and the second security verification interaction graph, and verifies the security of the target network node according to the node security verification value of the target network node.
Further, the obtaining, by the node verification module, the node security verification value of the target network node according to the first security verification interaction graph and the second security verification interaction graph includes:
the node verification module acquires the structural similarity ratio of each associated network node to a target network node according to each second security verification interactive graph and each first security verification interactive graph, sequences all the associated network nodes from small to large according to the corresponding structural similarity ratio to obtain an associated network node sequence, and then takes the first preset number of associated network nodes in the associated network node sequence as abnormal associated network nodes;
the node verification module takes the second security verification interactive graph of the abnormal association network node as a third security verification interactive graph and respectively extracts graph structure characteristics of each third security verification interactive graph to obtain a plurality of abnormal graph structure characteristics;
the node verification module extracts the graph structure characteristics of the first safety verification interactive graph to obtain target graph structure characteristics, and obtains the overlapping area of each third safety verification interactive graph and the first safety verification interactive graph based on each abnormal graph structure characteristic and the target graph structure characteristic;
and the node verification module obtains the node security verification value of the target network node based on the overlapping area of each third security verification interaction graph and the first security verification interaction graph.
Further, the obtaining, by the node verification module, the node security verification value of the target network node based on the overlapping area of the third security verification interaction graph and the first security verification interaction graph includes:
the node verification module traverses all abnormal associated network nodes and takes the traversed abnormal associated network nodes as target abnormal associated network nodes;
the node verification module respectively extracts attribute feature vectors and interaction feature vectors of the target network node and the target abnormity associated network node, and uses Euclidean distance between the attribute feature vector of the target network node and the attribute feature vector of the target abnormity associated network node as a first sub-weight of the target abnormity associated network node; the attribute feature vector represents the attribute features of the network nodes;
the node verification module takes the Euclidean distance between the interactive characteristic vector of the target network node and the interactive characteristic vector of the target abnormity associated network node as a second sub-weight of the target abnormity associated network node; the interactive feature vector represents interactive features of the network node;
the node verification module adds the first sub-weight and the second sub-weight of the target abnormal associated network node to obtain a node weight of the target abnormal associated network node, and repeats the steps until all abnormal associated network nodes are traversed to obtain the node weight of each abnormal associated network node;
the node verification module obtains the proportion of the overlapping area of each third security verification interactive graph and the first security verification interactive graph in the first security verification interactive graph to obtain the node abnormality degree of each abnormal associated network node, and then carries out weighted summation on the node abnormality degrees of all the abnormal associated network nodes according to the node weight values of all the abnormal associated network nodes to obtain the node security verification value of the target network node.
Further, the obtaining of the structural similarity ratio of each associated network node to the target network node by the node verification module includes:
the node verification module traverses all the associated network nodes, takes the traversed associated network nodes as target associated network nodes, acquires a second security verification interactive graph of the target associated network nodes, and takes the second security verification interactive graph as a target second security verification interactive graph;
the node verification module acquires the node similarity between the target associated network node and the target network node, and acquires the structural similarity sum of the target associated network node and the target network node based on the target second security verification interaction graph and the first security verification interaction graph;
the node verification module acquires the node similarity of the target associated network node and the target network node and the ratio of the structural similarity sum of the target associated network node and the target network node, and takes the ratio as the structural similarity ratio of the target associated network node and the target network node;
and repeating the steps until all the associated network nodes are traversed so as to obtain the structural similarity ratio of each associated network node to the target network node.
Further, the node verification module obtains structural similarities of the target associated network node and the target network node according to the second security verification interaction graph and the first security verification interaction graph and includes:
the node verification module traverses all first security verification nodes in the first security verification interactive graph, takes the traversed first security verification nodes as target first security verification nodes, and then takes second security verification nodes which are the same as node identifiers of the target first security verification nodes in the second security verification interactive graph as target second security verification nodes;
the node verification module extracts an attribute feature vector and an interaction feature vector of a target first security verification node and extracts an attribute feature vector and an interaction feature vector of a target second security verification node;
the node verification module calculates cosine similarity of the attribute eigenvector of the target first security verification node and the attribute eigenvector of the target second security verification node to obtain first similarity of the target first security verification node and the target second security verification node;
the node verification module calculates cosine similarity of the interactive feature vector of the target first security verification node and the interactive feature vector of the target second security verification node to obtain second similarity of the target first security verification node and the target second security verification node;
the node verification module obtains the node similarity of the target first security verification node and the target second security verification node based on the first similarity and the second similarity of the target first security verification node and the target second security verification node;
repeating the steps until all the first security verification nodes in the first security verification interactive graph are traversed so as to obtain the node similarity of each first security verification node and the corresponding second security verification node;
and the node verification module adds the node similarity of all the first security verification nodes and the corresponding second security verification nodes to obtain the structural similarity sum of the target associated network node and the target network node.
Further, the interaction graph building module generating the first security verification interaction graph based on all the first security verification nodes comprises:
the interactive graph building module traverses all the first security verification nodes, takes the traversed first security verification nodes as first-level target verification nodes, and respectively takes the data inflow and the data outflow of the target network nodes as the horizontal and vertical coordinates of the target network nodes to obtain coordinate points of the target network nodes;
the interactive graph building module respectively takes the data inflow and the data outflow of a first-stage target verification node as the horizontal and vertical coordinates of the first-stage target verification node to obtain a coordinate point of the first-stage target verification node, calculates the Euclidean distance between the coordinate point of a target network node and the coordinate point of the first-stage target verification node to obtain the data traffic differential between the target network node and the first-stage target verification node, and connects the target network node and the first-stage target verification node when the data traffic differential is smaller than a differential threshold value to obtain a first-stage network node chain of the first-stage target verification node;
the interactive graph building module calculates the difference value between the data inflow of the target network node and the data inflow of the first-stage target verification node to obtain the data inflow differential quantity between the target network node and the first-stage target verification node, and calculates the difference value between the data outflow of the target network node and the data outflow of the first-stage target verification node to obtain the data outflow differential quantity between the target network node and the first-stage target verification node;
the interactive graph construction module determines the expansion direction of a first-stage network node chain of a first-stage target verification node based on the ratio of the data inflow differential quantity of the target network node and the first-stage target verification node to the data outflow differential quantity of the target network node and the first-stage target verification node;
and repeating the steps until all the first security verification nodes are traversed, so as to obtain the expansion direction of the first-level network node chain of each first security verification node.
Further, the interaction graph building module generating the first security verification interaction graph based on all the first security verification nodes comprises:
the interactive graph building module conducts first network node chain expansion based on the expansion direction of each first-stage network node chain so as to expand each first-stage network node chain into a second-stage network node chain;
the interactive map building module acquires the expansion direction of each second-level network node chain, and performs second-time network node chain expansion based on the expansion direction of each second-level network node chain to expand each second-level network node chain into a third-level network node chain;
the interactive map building module obtains the expansion direction of each third-level network node chain, and performs third-level network node chain expansion based on the expansion direction of each third-level network node chain so as to expand each third-level network node chain into a fourth-level network node chain;
repeating the steps to perform N-1 times of network node chain expansion on each first-level network node chain to obtain a plurality of Nth-level network node chains, and performing mapping processing on all the Nth-level network node chains by using the interactive map construction module to obtain a first security verification interactive map.
Further, the interactive map building module performs first network node chain expansion based on the expansion direction of the first network node chain to obtain a second network node chain, and the method includes:
the interactive graph building module traverses all the first-stage network node chains and takes the traversed first-stage network node chains as first-stage target network node chains; acquiring the expansion direction of a first-stage target network node chain, and taking a first security verification node closest to the expansion direction of the first-stage target network node chain along the line as a second-stage target verification node;
the interactive graph construction module respectively takes the data inflow and the data outflow of the second-level target verification node as the horizontal and vertical coordinates of the second-level target verification node to obtain a coordinate point of the second-level target verification node, and calculates the Euclidean distance between the coordinate point of the first-level target verification node corresponding to the first-level target network node chain and the coordinate point of the second-level target verification node to obtain the data flow difference between the first-level target network node and the second-level target verification node; connecting the first-level target network node with the second-level target verification node when the data traffic difference is smaller than the difference threshold value to obtain a second-level network node chain of the second-level target verification node;
the interactive graph building module calculates the difference value of the data inflow of the first-level target network node and the data inflow of the second-level target verification node to obtain the data inflow difference value of the first-level target network node and the second-level target verification node, and calculates the difference value of the data outflow of the first-level target network node and the data outflow of the second-level target verification node to obtain the data outflow difference value of the first-level target network node and the second-level target verification node;
the interactive graph construction module determines the expansion direction of a second-level network node chain of a second-level target verification node based on the ratio of the data inflow differential quantity of the first-level target network node and the second-level target verification node to the data outflow differential quantity of the first-level target network node and the second-level target verification node;
and repeating the steps until all the first-stage network node chains are traversed, expanding each first-stage network node chain into a second-stage network node chain, and acquiring the expansion direction of each second-stage network node chain.
The invention has the following beneficial effects: according to the method and the device, the node security verification value of the target network node is obtained through the data interaction behavior of the target network node and the related network node, and whether the target network node is safe or not is judged according to the node security verification value, so that the information security of a terminal user accessing the intelligent financial network is ensured, and the economic loss of the user caused by the invasion of the intelligent financial network is avoided.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
Referring to fig. 1, in one embodiment, a network node security system for intelligent finance may include: the intelligent financial computing equipment is in communication connection with each network node and the database respectively; the intelligent financial computing device includes: the system comprises a node analysis module, an interactive graph construction module and a node verification module, wherein communication connection is formed among the modules;
the node analysis module randomly selects a network node from the intelligent financial network as a target network node, acquires information interaction data of the target network node, and identifies a related network node based on the information interaction data;
the node analysis module acquires node inflow data and node outflow data of each network node in the intelligent financial network, and extracts data characteristics of the node inflow data and the node outflow data of each network node to obtain a node inflow characteristic vector and a node outflow characteristic vector of each network node;
the node analysis module takes network nodes except the target network node in the intelligent financial network as candidate network nodes, respectively calculates Euclidean distances between a node inflow characteristic vector of the target network node and a node inflow characteristic vector of each candidate network node and takes the Euclidean distances as first identification values of the candidate network nodes, and respectively calculates Euclidean distances between a node outflow characteristic vector of the target network node and a node outflow characteristic vector of each candidate network node and takes the Euclidean distances as second identification values of the candidate network nodes;
the node analysis module adds the first identification value and the second identification value of each candidate network node to obtain a node identification value of each candidate network node, and obtains a second preset number of candidate network nodes with the maximum node identification value as security verification nodes of the target network node;
the interactive graph construction module takes the security verification node of the target network node as a first security verification node, and then generates a first security verification interactive graph according to the target network node and all the first security verification nodes; acquiring all security verification nodes of each associated network node, taking the security verification nodes of the associated network nodes as second security verification nodes, and then generating a plurality of second security verification interaction graphs according to each associated network node and the second security verification nodes of each associated network node;
and the node verification module obtains a node security verification value of the target network node according to the first security verification interaction graph and the second security verification interaction graph, and verifies the security of the target network node according to the node security verification value of the target network node.
For the purposes of promoting an understanding, the principles and operation of the present invention are described in detail below.
Specifically, in one embodiment, the method executed by the network node security system for intelligent finance may include:
s1, the node analysis module randomly selects a network node from the intelligent financial network as a target network node, acquires information interaction data of the target network node, and then identifies an associated network node based on the information interaction data.
The associated network node is a network node having an information interaction behavior with the target network node, and the information interaction data records interaction information of the target network node and the associated network node.
S2, the node analysis module obtains all the security verification nodes of the target network node, the interaction graph construction module takes the security verification nodes of the target network node as first security verification nodes, and generates a first security verification interaction graph according to the target network node and all the first security verification nodes.
Specifically, the acquiring, by the node analysis module, all security verification nodes of the target network node includes:
the node analysis module acquires node inflow data and node outflow data of each network node in the intelligent financial network, and extracts data characteristics of the node inflow data and the node outflow data of each network node to obtain a node inflow characteristic vector and a node outflow characteristic vector of each network node;
the node analysis module takes network nodes except the target network node in the intelligent financial network as candidate network nodes, respectively calculates Euclidean distances between a node inflow characteristic vector of the target network node and a node inflow characteristic vector of each candidate network node and takes the Euclidean distances as first identification values of the candidate network nodes, and respectively calculates Euclidean distances between a node outflow characteristic vector of the target network node and a node outflow characteristic vector of each candidate network node and takes the Euclidean distances as second identification values of the candidate network nodes;
the node analysis module adds the first authentication value and the second authentication value of each candidate network node to obtain a node authentication value of each candidate network node, and obtains a second preset number of candidate network nodes with the maximum node authentication value as security verification nodes of the target network node.
The second preset number is the number of the safety verification nodes and is preset according to actual conditions.
In one embodiment, the interaction graph building module generating the first security verification interaction graph based on all the first security verification nodes comprises:
the interactive graph building module traverses all the first security verification nodes, takes the traversed first security verification nodes as first-level target verification nodes, and respectively takes the data inflow and the data outflow of the target network nodes as the horizontal and vertical coordinates of the target network nodes to obtain coordinate points of the target network nodes;
the interactive graph building module respectively takes the data inflow and the data outflow of the first-stage target verification node as the horizontal and vertical coordinates of the first-stage target verification node to obtain a coordinate point of the first-stage target verification node, calculates the Euclidean distance between the coordinate point of the target network node and the coordinate point of the first-stage target verification node to obtain the data traffic differential between the target network node and the first-stage target verification node, and connects the target network node and the first-stage target verification node to obtain a first-stage network node chain of the first-stage target verification node when the data traffic differential is smaller than a differential threshold value. The delta threshold is preset according to actual conditions.
The method comprises the steps that an interactive graph building module calculates the difference value between the data inflow of a target network node and the data inflow of a first-stage target verification node to obtain the data inflow differential quantity of the target network node and the first-stage target verification node, calculates the difference value between the data outflow of the target network node and the data outflow of the first-stage target verification node to obtain the data outflow differential quantity of the target network node and the first-stage target verification node, and determines the expansion direction of a first-stage network node chain of the first-stage target verification node based on the ratio of the data inflow differential quantity of the target network node and the first-stage target verification node to the data outflow differential quantity of the target network node and the first-stage target verification node;
and repeating the steps until all the first security verification nodes are traversed, so as to obtain the expansion direction of the first-level network node chain of each first security verification node.
In one embodiment, the interactive map construction module performs first network node chain expansion based on the expansion direction of each first-stage network node chain to expand each first-stage network node chain into a second-stage network node chain;
the interactive map building module acquires the expansion direction of each second-level network node chain, and performs second-time network node chain expansion based on the expansion direction of each second-level network node chain to expand each second-level network node chain into a third-level network node chain;
the interactive map building module obtains the expansion direction of each third-level network node chain, and performs third-level network node chain expansion based on the expansion direction of each third-level network node chain so as to expand each third-level network node chain into a fourth-level network node chain;
repeating the steps to perform N-1 times of network node chain expansion on each first-level network node chain to obtain a plurality of Nth-level network node chains, and mapping all the Nth-level network node chains to obtain a first security verification interaction graph. And N is iteration times which are preset according to the accuracy.
In one embodiment, the obtaining of the second-level network node chain by the interactive map construction module performing the first network node chain expansion based on the expansion direction of the first-level network node chain includes:
the interactive graph building module traverses all the first-stage network node chains and takes the traversed first-stage network node chains as first-stage target network node chains; acquiring the expansion direction of a first-stage target network node chain, and taking a first security verification node closest to the expansion direction of the first-stage target network node chain along the line as a second-stage target verification node;
the interactive graph construction module respectively takes the data inflow and the data outflow of the second-level target verification node as the horizontal and vertical coordinates of the second-level target verification node to obtain a coordinate point of the second-level target verification node, and calculates the Euclidean distance between the coordinate point of the first-level target verification node corresponding to the first-level target network node chain and the coordinate point of the second-level target verification node to obtain the data flow difference between the first-level target network node and the second-level target verification node; connecting the first-level target network node with the second-level target verification node when the data traffic difference is smaller than the difference threshold value to obtain a second-level network node chain of the second-level target verification node;
the interactive graph building module calculates the difference value of the data inflow of the first-level target network node and the data inflow of the second-level target verification node to obtain the data inflow difference value of the first-level target network node and the second-level target verification node, and calculates the difference value of the data outflow of the first-level target network node and the data outflow of the second-level target verification node to obtain the data outflow difference value of the first-level target network node and the second-level target verification node;
the interactive graph construction module determines the expansion direction of a second-level network node chain of a second-level target verification node based on the ratio of the data inflow differential quantity of the first-level target network node and the second-level target verification node to the data outflow differential quantity of the first-level target network node and the second-level target verification node;
and repeating the steps until all the first-stage network node chains are traversed, expanding each first-stage network node chain into a second-stage network node chain, and acquiring the expansion direction of each second-stage network node chain.
S3, the node analysis module obtains all the security verification nodes of each associated network node, the interaction graph construction module takes the security verification nodes of the associated network nodes as second security verification nodes, and then a plurality of second security verification interaction graphs are generated according to each associated network node and the second security verification nodes of each associated network node.
The manner of obtaining the security verification node of the associated network node is the same as the manner of obtaining the security node of the target network node.
The manner in which the second security verification interaction graph is generated from the associated network node and the second security verification node of the associated network node is the same as the manner in which the first security verification interaction graph is generated from the target network node and the first security verification node of the target network node.
S4, the node verification module obtains the structure similarity ratio of each associated network node to the target network node according to each second security verification interaction graph and the first security verification interaction graph, all the associated network nodes are sequenced from small to large according to the corresponding structure similarity ratio to obtain an associated network node sequence, and then the first preset number of associated network nodes in the associated network node sequence are used as abnormal associated network nodes.
The first preset number is the number of the abnormal associated network nodes, and is preset according to actual conditions, specifically, the abnormal associated network nodes are marked from front to back according to the arrangement sequence of the associated network nodes in the associated network node sequence, the number of the abnormal associated network nodes is counted, and the marking of the abnormal associated network nodes is stopped when the number of the abnormal associated network nodes is equal to the first preset number.
Specifically, the obtaining, by the node verification module, the structural similarity ratio of each associated network node to the target network node includes:
the node verification module traverses all the associated network nodes, takes the traversed associated network nodes as target associated network nodes, acquires a second security verification interactive graph of the target associated network nodes, and takes the second security verification interactive graph as a target second security verification interactive graph;
the node verification module acquires the node similarity between the target associated network node and the target network node, and acquires the structural similarity sum of the target associated network node and the target network node based on the target second security verification interaction graph and the first security verification interaction graph;
the node verification module acquires the node similarity of the target associated network node and the target network node and the ratio of the structural similarity sum of the target associated network node and the target network node, and takes the ratio as the structural similarity ratio of the target associated network node and the target network node;
and repeating the steps until all the associated network nodes are traversed so as to obtain the structural similarity ratio of each associated network node to the target network node.
Further, the node verification module obtains structural similarities of the target associated network node and the target network node according to the second security verification interaction graph and the first security verification interaction graph and includes:
the node verification module traverses all first security verification nodes in the first security verification interactive graph, takes the traversed first security verification nodes as target first security verification nodes, and then takes second security verification nodes which are the same as node identifiers of the target first security verification nodes in the second security verification interactive graph as target second security verification nodes;
the node verification module respectively extracts the attribute feature vector and the interaction feature vector of a target first security verification node, and respectively extracts the attribute feature vector and the interaction feature vector of a target second security verification node;
the node verification module calculates cosine similarity of the attribute eigenvector of the target first security verification node and the attribute eigenvector of the target second security verification node to obtain first similarity of the target first security verification node and the target second security verification node;
the node verification module calculates cosine similarity of the interactive feature vector of the target first security verification node and the interactive feature vector of the target second security verification node to obtain second similarity of the target first security verification node and the target second security verification node;
the node verification module obtains the node similarity of the target first security verification node and the target second security verification node based on the first similarity and the second similarity of the target first security verification node and the target second security verification node;
repeating the steps until all the first security verification nodes in the first security verification interactive graph are traversed so as to obtain the node similarity of each first security verification node and the corresponding second security verification node;
and the node verification module adds the node similarity of all the first security verification nodes and the corresponding second security verification nodes to obtain the structural similarity sum of the target associated network node and the target network node.
S5, the node verification module takes the second security verification interactive graph of the abnormal association network node as a third security verification interactive graph, extracts graph structure characteristics of each third security verification interactive graph respectively to obtain a plurality of abnormal graph structure characteristics, extracts graph structure characteristics of the first security verification interactive graph to obtain target graph structure characteristics, and obtains an overlapping area of each third security verification interactive graph and the first security verification interactive graph based on each abnormal graph structure characteristic and the target graph structure characteristics.
And S6, the node verification module obtains the node security verification value of the target network node based on the overlapping area of each third security verification interaction graph and the first security verification interaction graph, and verifies the security of the target network node based on the node security verification value of the target network node.
In one embodiment, the obtaining, by the node verification module, the node security verification value of the target network node based on the overlapping area of the third security verification interaction graph and the first security verification interaction graph includes:
the node verification module traverses all abnormal associated network nodes and takes the traversed abnormal associated network nodes as target abnormal associated network nodes;
the node verification module respectively extracts attribute feature vectors and interaction feature vectors of the target network node and the target abnormity associated network node, and uses Euclidean distance between the attribute feature vector of the target network node and the attribute feature vector of the target abnormity associated network node as a first sub-weight of the target abnormity associated network node; the attribute feature vector represents the attribute features of the network nodes;
the node verification module takes the Euclidean distance between the interactive characteristic vector of the target network node and the interactive characteristic vector of the target abnormity associated network node as a second sub-weight of the target abnormity associated network node; the interactive feature vector represents interactive features of the network node;
the node verification module adds the first sub-weight and the second sub-weight of the target abnormal associated network node to obtain a node weight of the target abnormal associated network node, and repeats the steps until all abnormal associated network nodes are traversed to obtain the node weight of each abnormal associated network node;
the node verification module obtains the proportion of the overlapping area of each third security verification interactive graph and the first security verification interactive graph in the first security verification interactive graph to obtain the node abnormality degree of each abnormal associated network node, and then carries out weighted summation on the node abnormality degrees of all the abnormal associated network nodes according to the node weight values of all the abnormal associated network nodes to obtain the node security verification value of the target network node.
According to the method and the device, the node security verification value of the target network node is obtained through the data interaction behavior of the target network node and the related network node, and whether the target network node is safe or not is judged according to the node security verification value, so that the information security of a terminal user accessing the intelligent financial network is ensured, and the economic loss of the user caused by the invasion of the intelligent financial network is avoided.
The above embodiments are merely illustrative of the technical ideas and features of the present invention, and are intended to enable those skilled in the art to understand the contents of the present invention and implement the present invention, and not to limit the scope of the present invention. All equivalent changes or modifications made according to the spirit of the present invention should be covered within the protection scope of the present invention.