CN113742725A - Method for enhancing data security of computer system - Google Patents
Method for enhancing data security of computer system Download PDFInfo
- Publication number
- CN113742725A CN113742725A CN202110912967.7A CN202110912967A CN113742725A CN 113742725 A CN113742725 A CN 113742725A CN 202110912967 A CN202110912967 A CN 202110912967A CN 113742725 A CN113742725 A CN 113742725A
- Authority
- CN
- China
- Prior art keywords
- data
- computer
- webpage
- external equipment
- domain name
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 230000002708 enhancing effect Effects 0.000 title claims abstract description 9
- 241000700605 Viruses Species 0.000 claims abstract description 27
- 238000001514 detection method Methods 0.000 claims abstract description 25
- 230000002159 abnormal effect Effects 0.000 claims abstract description 12
- 238000012795 verification Methods 0.000 claims description 27
- 238000004088 simulation Methods 0.000 claims description 15
- 230000008569 process Effects 0.000 claims description 10
- 230000006870 function Effects 0.000 claims description 6
- 102100035606 Beta-casein Human genes 0.000 claims description 3
- 101000947120 Homo sapiens Beta-casein Proteins 0.000 claims description 3
- 235000014510 cooky Nutrition 0.000 claims description 3
- 230000002950 deficient Effects 0.000 claims description 3
- 238000002955 isolation Methods 0.000 claims description 3
- 238000007477 logistic regression Methods 0.000 claims description 3
- 238000012549 training Methods 0.000 claims description 3
- 238000011002 quantification Methods 0.000 claims 1
- 206010033799 Paralysis Diseases 0.000 abstract description 3
- 230000009545 invasion Effects 0.000 abstract description 2
- 230000009471 action Effects 0.000 description 3
- 238000013139 quantization Methods 0.000 description 2
- 230000005856 abnormality Effects 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 230000006386 memory function Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2133—Verifying human interaction, e.g., Captcha
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Virology (AREA)
- Databases & Information Systems (AREA)
- Bioethics (AREA)
- Biomedical Technology (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of computer system security, and discloses a method for enhancing the data security of a computer system; the method for enhancing the data security of the computer system comprises the following steps: s1: user management authentication; s2: newly adding data detection; s3: isolating external equipment; s4: the invention can analyze the web page safely when the web page downloads data, to avoid the virus invasion of data in the computer system caused by virus in the web page, improve the safety of computer system, isolate the original data from the external device, and cut off the data loading path when the data is abnormal, to avoid the data paralysis of computer system caused by virus carried in the external device, and improve the stability of computer system.
Description
Technical Field
The invention belongs to the technical field of computer system security, and particularly relates to a method for enhancing data security of a computer system.
Background
The computer is a computer, which is a modern electronic computing machine for high-speed computation, can perform numerical computation and logic computation, has a memory function, can run according to a program, automatically processes mass data at high speed, and an application program refers to a computer program which is developed and run on an operating system in order to complete a certain task or certain specific tasks. Applications are conceptually different from application software, but are often confused by the similarity in concept. Software refers to a collection of programs and their associated documents or other dependencies. Generally we consider a program as an integral part of software.
When the existing computer system downloads data or connects external equipment, the data of the webpage and the external equipment cannot be detected, so that the possibility that potential viruses invade the computer system along with the downloaded data is caused, the computer data is leaked, and the safety of the computer system is low; therefore, improvements are now needed in view of the current situation.
Disclosure of Invention
In view of the above situation, to overcome the defects of the prior art, the present invention provides a method for enhancing data security of a computer system, which effectively solves the problems that when the existing computer system downloads data or connects an external device, the data of a webpage and the external device cannot be detected, so that potential viruses invade the computer system along with the downloaded data, so that the computer data is leaked, and the security of the computer system is low.
In order to achieve the purpose, the invention provides the following technical scheme: a method of enhancing data security of a computer system, comprising the steps of:
s1: and (3) user management authentication: when a user browses, adds or deletes data by using a computer, the identity of the user is detected by an authentication management system, the authentication management system comprises a computer fixed personnel login verification module and a non-computer fixed personnel login verification module, the computer fixed personnel login verification module comprises account password login, face identification login, voice password login and magnetic stripe card identification login, the non-computer fixed personnel login verification module generates randomly combined numbers, pictures and verification codes with regular arrangement through a database when verification is performed, after the computer fixed personnel login verification, the operation of storing new data of a webpage end and external equipment can be performed, and after the non-computer fixed personnel login verification, the operation of storing the new data of the webpage end can be performed;
s2: newly adding data detection: when a user stores new data of a webpage end in the process of using a computer, a webpage detection system detects the webpage, extracting word cutting characteristics, a flow table and a domain name table of the webpage through a plurality of data flows, obtaining a plurality of type labels after performing characteristic analysis on the flow table and the domain name table, wherein the type labels are used for identifying the attribute information of the webpage, mean value coding is carried out on the extracted word cutting characteristics so as to obtain mean value coding characteristics, then the obtained mean value coding characteristics are sent to a simulation learning system for simulation learning prediction, after the simulation learning prediction is finished, a prediction value is obtained, the predicted value is intelligently identified and judged, if the predicted value is larger than the equilibrium value, the webpage is judged to have virus, if the predicted value is smaller than the equilibrium value, the webpage is judged to have no risk, and webpage data can be directly downloaded and stored;
s3: isolation of external equipment: when a user adds data by using external equipment, encrypting original data of a computer by using a data encryption system, detecting the data in the external equipment by using a data detection system, wherein the data detection mainly detects data content, invalid protocols and potential viruses in the external equipment, after the detection is finished, if the data is abnormal, the encryption of the original data of the computer is removed, and if the data is abnormal, the data of the external equipment is immediately blocked and isolated, namely, a channel for loading the data of the external equipment into the computer is cut off, so that the data is kept in a read-only mode;
s4: updating the self-checking system: in the using process of the computer, the self-checking system in the computer is updated and detected according to a specified time period, and the detection content mainly comprises the steps of detecting a fault model, a reliability model and a virus source model in the self-checking system and updating according to database data.
Preferably, in step S1, the computer fixed staff login verification module identifies, for the user account and the password based on the session technology, the HTTP protocol state correspondingly, identifies, for the user account and the password based on the Token technology, the JSON-Web-Tokens protocol state correspondingly, or identifies, for the user account and the password based on the Token technology, the JSON HTTP protocol state correspondingly.
Preferably, in step S2, the flow table includes a plurality of flow table entries, each of the plurality of flow table entries includes a matching field, a priority, a counter, an instruction, a timeout time, a cookie, and a flow start time, the domain name table includes a plurality of domain name table entries, and each of the plurality of domain name table entries includes a source internet protocol IP address, a destination domain name, a destination IP address, and a domain name type.
Preferably, in step S2, the mean value encoding method is a method of integrating the category-encoders library, Weight-of-event autovariability management function, and Nonlinear-PCA classification quantization.
Preferably, in step S2, the method for obtaining the equalization value includes: extracting sample value marks and sample word cutting characteristics of webpages from defective or virus webpages and normal webpages, carrying out mean value coding on the sample word cutting characteristics to obtain mean value coding characteristics, and carrying out logistic regression model simulation training on the extracted sample value marks and the sample mean value coding characteristics to obtain an equilibrium value function.
Preferably, in step S3, the data encryption system is an integrated data encryption technology based on an asymmetric encryption technology, a DLP terminal encryption technology, a CASB proxy gateway technology, a database encryption gateway technology, and a database plug-in encryption technology.
Preferably, in step S3, the external device is one or a combination of external hard disk and external usb disk.
Compared with the prior art, the invention has the beneficial effects that: 1. according to the method, the predicted value is intelligently identified and judged, if the predicted value is greater than the equilibrium value, the situation that viruses exist in the webpage is judged, if the predicted value is less than the equilibrium value, the situation that the webpage has no risk is judged, webpage data can be directly downloaded and stored, and when the webpage downloads the data, the webpage is safely analyzed, so that the risk that the viruses invade the data in the whole computer system due to the viruses existing in the webpage in the data downloading process of a computer is effectively avoided, and the safety of the computer system during data downloading is improved;
2. the data detection system detects the data in the external equipment, the data detection mainly detects the data content, invalid protocol and potential virus in the external equipment, after the detection is finished, if the data is abnormal, the encryption of the original data of the computer is removed, if the data is abnormal, the data of the external equipment is immediately blocked and isolated, namely, a channel for loading the data of the external equipment into the computer is cut off, so that the external equipment is kept in a read-only mode, when the data of the external equipment is operated, the data of the external equipment is detected, the original data of the computer is isolated from the external equipment, and when the abnormality is verified, the data loading channel can be immediately cut off, so that the condition that the data of the computer system is paralyzed due to the fact that the external equipment carries the virus is avoided, and the stability of the whole computer system is improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention.
In the drawings:
FIG. 1 is a flow chart of the present invention;
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments; all other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, the present invention provides a technical solution: a method of enhancing data security of a computer system, comprising the steps of:
s1: and (3) user management authentication: when a user uses a computer to browse, add or delete data, the identity of the user is detected through an authentication management system, the authentication management system comprises a computer fixed staff login verification module and a non-computer fixed staff login verification module, the computer fixed staff login verification module comprises account password login, face identification login, voice password login and magnetic stripe card identification login, the non-computer fixed staff login verification module generates randomly combined numbers, pictures and verification codes of arrangement rules through a database when verification is performed, after the computer fixed staff login verification, the operation of storing new data of a webpage end and external equipment can be performed, and after the non-computer fixed staff login verification, the operation of storing the new data of the webpage end can be performed;
s2: newly adding data detection: when a user uses a computer, when new data at a webpage end is stored, a webpage is detected by a webpage detection system, word cutting features, a flow table and a domain name table of the webpage are extracted through a plurality of data streams, after feature analysis is carried out on the flow table and the domain name table, a plurality of type labels are obtained, the type labels are used for identifying attribute information of the webpage, mean value coding is carried out on the extracted word cutting features, so that mean value coding features are obtained, the obtained mean value coding features are sent to a simulation learning system for simulation learning prediction, after the simulation learning prediction is finished, a predicted value is obtained, the predicted value is intelligently identified and judged, if the predicted value is larger than an equilibrium value, the existence of viruses in the webpage is judged, if the predicted value is smaller than the equilibrium value, the webpage is judged to have no risk, and webpage data can be directly downloaded and stored;
s3: isolation of external equipment: when a user adds data by using external equipment, encrypting original data of a computer by using a data encryption system, detecting the data in the external equipment by using a data detection system, wherein the data detection mainly detects data content, invalid protocols and potential viruses in the external equipment, after the detection is finished, if the data is abnormal, the encryption of the original data of the computer is removed, and if the data is abnormal, the data of the external equipment is immediately blocked and isolated, namely, a channel for loading the data of the external equipment into the computer is cut off, so that the data is kept in a read-only mode;
s4: updating the self-checking system: in the using process of the computer, the self-checking system in the computer is updated and detected according to a specified time period, and the detection content mainly comprises the steps of detecting a fault model, a reliability model and a virus source model in the self-checking system and updating according to database data.
Wherein, in step S1, the computer fixed person login verification module identifies HTTP protocol state corresponding to user account and password based on session technology, identifies JSON-Web-Tokens protocol state corresponding to user account and password based on Token technology, or identifies JSON HTTP protocol state corresponding to user account and password based on Token technology, in step S2, the flow table includes a plurality of flow table entries, each flow table entry in the plurality of flow tables includes matching field, priority, counter, instruction, timeout time, cookie, and flow start time, the domain table includes a plurality of domain name table entries, each domain name table entry in the plurality of domain name table entries includes source internet protocol IP address, destination domain name, destination IP address, and domain name type, in step S2, the mean value encoding adopts comprehensive category-encoders library, Weight-of-evaluation autovariant management function and Nonliner-PCA classification quantization method, in step S2, the equalization value is obtained by: the method comprises the steps of extracting sample value marks and sample word cutting characteristics of webpages from defective or virus webpages and normal webpages, carrying out mean value coding on the sample word cutting characteristics to obtain mean value coding characteristics, carrying out logistic regression model simulation training on the extracted sample value marks and the sample mean value coding characteristics to obtain a balance value function, in step S3, a data encryption system is an integrated data encryption technology based on an asymmetric encryption technology, a DLP terminal encryption technology, a CASB proxy gateway technology, a database encryption gateway technology and a database plug-in encryption technology, and in step S3, an external device is specifically one or a combination of external hard disks or external USB disks.
Extracting word cutting characteristics, a flow table and a domain name table of the webpage through a plurality of data flows, obtaining a plurality of type labels after performing characteristic analysis on the flow table and the domain name table, wherein the type labels are used for identifying attribute information of the webpage, performing mean value coding on the extracted word cutting characteristics to obtain mean value coding characteristics, then sending the obtained mean value coding characteristics to a simulation learning system for simulation learning prediction, obtaining a predicted value after the simulation learning prediction is finished, performing intelligent identification and judgment on the predicted value, judging that the webpage has viruses if the predicted value is greater than an equilibrium value, judging that the webpage has no risk if the predicted value is less than the equilibrium value, directly downloading and storing webpage data, and performing safety analysis on the webpage when the webpage downloads data, thereby effectively avoiding the risk of virus invasion of the data in the whole computer system caused by the viruses existing in the webpage in the data downloading process of the computer, the security of the computer system during data downloading is improved; the data detection system is used for detecting data in the external equipment, the data detection is mainly used for detecting data content, invalid protocols and potential viruses in the external equipment, after the detection is finished, if the data are not abnormal, the encryption of original data of the computer is removed, if the data are abnormal, the data of the external equipment are immediately blocked and isolated, namely, a path for loading the data of the external equipment into the computer is cut off, so that the external equipment is kept in a read-only mode, when the data of the external equipment are operated, the data of the external equipment are detected, the original data of the computer are isolated from the external equipment, and when the data are verified to be abnormal, the data loading path can be immediately cut off, so that the condition that the data of the computer system are paralyzed due to the fact that the viruses are carried in the external equipment is avoided, and the stability of the whole computer system is improved.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (7)
1. A method of enhancing data security of a computer system, comprising: the method comprises the following steps:
s1: and (3) user management authentication: when a user browses, adds or deletes data by using a computer, the identity of the user is detected by an authentication management system, the authentication management system comprises a computer fixed personnel login verification module and a non-computer fixed personnel login verification module, the computer fixed personnel login verification module comprises account password login, face identification login, voice password login and magnetic stripe card identification login, the non-computer fixed personnel login verification module generates randomly combined numbers, pictures and verification codes with regular arrangement through a database when verification is performed, after the computer fixed personnel login verification, the operation of storing new data of a webpage end and external equipment can be performed, and after the non-computer fixed personnel login verification, the operation of storing the new data of the webpage end can be performed;
s2: newly adding data detection: when a user stores new data of a webpage end in the process of using a computer, a webpage detection system detects the webpage, extracting word cutting characteristics, a flow table and a domain name table of the webpage through a plurality of data flows, obtaining a plurality of type labels after performing characteristic analysis on the flow table and the domain name table, wherein the type labels are used for identifying the attribute information of the webpage, mean value coding is carried out on the extracted word cutting characteristics so as to obtain mean value coding characteristics, then the obtained mean value coding characteristics are sent to a simulation learning system for simulation learning prediction, after the simulation learning prediction is finished, a prediction value is obtained, the predicted value is intelligently identified and judged, if the predicted value is larger than the equilibrium value, the webpage is judged to have virus, if the predicted value is smaller than the equilibrium value, the webpage is judged to have no risk, and webpage data can be directly downloaded and stored;
s3: isolation of external equipment: when a user adds data by using external equipment, encrypting original data of a computer by using a data encryption system, detecting the data in the external equipment by using a data detection system, wherein the data detection mainly detects data content, invalid protocols and potential viruses in the external equipment, after the detection is finished, if the data is abnormal, the encryption of the original data of the computer is removed, and if the data is abnormal, the data of the external equipment is immediately blocked and isolated, namely, a channel for loading the data of the external equipment into the computer is cut off, so that the data is kept in a read-only mode;
s4: updating the self-checking system: in the using process of the computer, the self-checking system in the computer is updated and detected according to a specified time period, and the detection content mainly comprises the steps of detecting a fault model, a reliability model and a virus source model in the self-checking system and updating according to database data.
2. The method of claim 1, wherein the method further comprises: in step S1, the computer fixed staff login verification module identifies, for the user account and the password based on the session technology, the HTTP protocol state, the JSON-Web-Tokens protocol state, or the JSON HTTP protocol state.
3. The method of claim 1, wherein the method further comprises: in step S2, the flow table includes a plurality of flow table entries, each of the plurality of flow table entries includes a matching field, a priority, a counter, an instruction, a timeout time, a cookie, and a flow start time, the domain name table includes a plurality of domain name table entries, and each of the plurality of domain name table entries includes a source internet protocol IP address, a destination domain name, a destination IP address, and a domain name type.
4. The method of claim 1, wherein the method further comprises: in the step S2, the mean value coding adopts a method of integrating category-encoders library, Weight-of-event autovariability management function and Nonlinear-PCA classification quantification.
5. The method of claim 1, wherein the method further comprises: in step S2, the method for obtaining the equalization value is as follows: extracting sample value marks and sample word cutting characteristics of webpages from defective or virus webpages and normal webpages, carrying out mean value coding on the sample word cutting characteristics to obtain mean value coding characteristics, and carrying out logistic regression model simulation training on the extracted sample value marks and the sample mean value coding characteristics to obtain an equilibrium value function.
6. The method of claim 1, wherein the method further comprises: in step S3, the data encryption system is an integrated data encryption technology based on an asymmetric encryption technology, a DLP terminal encryption technology, a CASB proxy gateway technology, a database encryption gateway technology, and a database plug-in encryption technology.
7. The method of claim 1, wherein the method further comprises: in step S3, the external device is one or a combination of external hard disk and external usb disk.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110912967.7A CN113742725A (en) | 2021-08-10 | 2021-08-10 | Method for enhancing data security of computer system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110912967.7A CN113742725A (en) | 2021-08-10 | 2021-08-10 | Method for enhancing data security of computer system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113742725A true CN113742725A (en) | 2021-12-03 |
Family
ID=78730686
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110912967.7A Pending CN113742725A (en) | 2021-08-10 | 2021-08-10 | Method for enhancing data security of computer system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113742725A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060036873A1 (en) * | 2004-08-10 | 2006-02-16 | Joshua Ho | Data security system |
| CN101647006A (en) * | 2005-10-12 | 2010-02-10 | 数据城堡公司 | Be used for method of data backup and system |
| CN112434270A (en) * | 2020-11-27 | 2021-03-02 | 河南质量工程职业学院 | Method and system for enhancing data security of computer system |
| CN112487383A (en) * | 2020-11-17 | 2021-03-12 | 重庆第二师范学院 | Computer system for ensuring information safety and control method thereof |
-
2021
- 2021-08-10 CN CN202110912967.7A patent/CN113742725A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060036873A1 (en) * | 2004-08-10 | 2006-02-16 | Joshua Ho | Data security system |
| CN101647006A (en) * | 2005-10-12 | 2010-02-10 | 数据城堡公司 | Be used for method of data backup and system |
| CN112487383A (en) * | 2020-11-17 | 2021-03-12 | 重庆第二师范学院 | Computer system for ensuring information safety and control method thereof |
| CN112434270A (en) * | 2020-11-27 | 2021-03-02 | 河南质量工程职业学院 | Method and system for enhancing data security of computer system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11991199B2 (en) | Malicious traffic detection with anomaly detection modeling | |
| US11750606B2 (en) | System and method of filtering internet traffic via a client fingerprint | |
| CN103888490B (en) | A kind of man-machine knowledge method for distinguishing of full automatic WEB client side | |
| IL275042A (en) | Self-adaptive application programming interface level security monitoring | |
| Maggi et al. | Protecting a moving target: Addressing web application concept drift | |
| JP2019517088A (en) | Security vulnerabilities and intrusion detection and remediation in obfuscated website content | |
| EP3272097B1 (en) | Forensic analysis | |
| US20180004939A1 (en) | Anti-malware device, anti-malware system, anti-malware method, and recording medium in which anti-malware program is stored | |
| CN102984161A (en) | Identification method and device for reliable website | |
| CN110602030A (en) | Network intrusion blocking method, server and computer readable medium | |
| CN110572402B (en) | Internet hosting website detection method and system based on network access behavior analysis and readable storage medium | |
| JP2016192185A (en) | Spoofing detection system and spoofing detection method | |
| CN109800569A (en) | Program identification method and device | |
| CN111783073A (en) | Black product identification method and device and readable storage medium | |
| US11163875B1 (en) | Discovery of computer system incidents to be remediated based on correlation between support interaction data and computer system telemetry data | |
| CN116346397A (en) | Network request abnormality detection method and device, equipment, medium and product thereof | |
| Zhang et al. | Inferring test models from kate’s bug reports using multi-objective search | |
| CN115495424A (en) | Data processing method, electronic device and computer program product | |
| CN108287831B (en) | URL classification method and system and data processing method and system | |
| CN102984162A (en) | Identifying method and collecting system for credible websites | |
| JP6623128B2 (en) | Log analysis system, log analysis method, and log analysis device | |
| CN111125704B (en) | Webpage Trojan horse recognition method and system | |
| CN116738369A (en) | Traffic data classification method, device, equipment and storage medium | |
| CN113742725A (en) | Method for enhancing data security of computer system | |
| CN113688240B (en) | Threat element extraction method, threat element extraction device, threat element extraction equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |