CN113961434A - Method and system for monitoring abnormal behaviors of distributed block chain system users - Google Patents
Method and system for monitoring abnormal behaviors of distributed block chain system users Download PDFInfo
- Publication number
- CN113961434A CN113961434A CN202111153349.5A CN202111153349A CN113961434A CN 113961434 A CN113961434 A CN 113961434A CN 202111153349 A CN202111153349 A CN 202111153349A CN 113961434 A CN113961434 A CN 113961434A
- Authority
- CN
- China
- Prior art keywords
- data
- abnormal
- behavior
- isolated
- depth
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3438—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment monitoring of user actions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Quality & Reliability (AREA)
- Databases & Information Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a method and a system for monitoring abnormal behaviors of a user in a distributed block chain system, which are characterized in that after the behavior data of the user is preprocessed and desensitized, data features are extracted from the behavior data after preprocessing and desensitizing, then the extracted data features are shared among all nodes of the block chain to form a complete data chain, all nodes synchronize the block to obtain processed feature data, then all the data are dispersed to a plurality of branches in an isolated tree according to the data features of a certain dimension by constructing the isolated tree, abnormal values of detected data can be obtained by calculating the path depth and the average path depth of the data in the isolated forest constructed by the isolated trees, the problems of difficult abnormal monitoring and low accuracy of high-dimensional big data of the block chain are solved, and the calculation efficiency is improved by adopting a distributed algorithm, and reliable guarantee is provided for the safety of the block chain system transaction.
Description
Technical Field
The invention belongs to the technical field of wind control related to blockchain transactions, and particularly relates to a method and a system for monitoring abnormal behaviors of a user in a distributed blockchain system.
Background
A block chain is a chain data structure that combines data blocks in a sequential manner in a chronological order. As a new distributed data storage technology, due to the characteristics of decentralization, distributed storage and the like, the distributed data storage technology attracts high attention of various industries and is becoming an important force for driving technical innovation and industrial revolution of various industries.
With the increasing maturity of blockchain technologies and the gradual expansion of blockchain applications, privacy and security of blockchain transactions are receiving wide attention. The traditional block chain system verifies the authenticity of a user through an asymmetric encryption method. However, when an attacker intercepts the user's key through a network attack form outside the blockchain, the attacker can directly control the user to do fraudulent trading behavior in the blockchain trading system. Therefore, how to accurately determine and screen abnormal behaviors in blockchain transactions becomes a key point of research.
The abnormal behavior can be identified as an abnormal point detection problem, that is, a group of data points is searched for points which are sparsely distributed and are far away from a group with high distance density. The traditional abnormal point detection technology, such as an EM algorithm based on statistics, a k-means algorithm based on clustering, a DBSCAN algorithm based on density and the like, has the problems of large time complexity, difficulty in parameter or model selection, poor high-dimensional data detection effect, incapability of distributed calculation and the like, and is not suitable for a large-data, distributed and high-dimensional block chain system. Therefore, it is necessary and urgent to study the abnormal behavior detection of the blockchain system.
Disclosure of Invention
The invention aims to provide a method and a system for monitoring abnormal user behaviors in a distributed block chain system, so as to overcome the defects of the prior art.
In order to achieve the purpose, the invention adopts the following technical scheme:
a method for monitoring abnormal behaviors of users in a distributed block chain system comprises the following steps:
s1, acquiring behavior data of each user in the block chain transaction system;
s2, preprocessing and desensitizing the collected behavior data;
s3, extracting data characteristics from the behavior data after the preprocessing and desensitization processing;
s4, the extracted feature data are combined into a verification information block and uploaded to a block chain, and each node synchronizes the block to obtain the processed feature data;
and S5, simultaneously constructing an isolated tree by each node according to the acquired feature data, calculating the data depth and the average depth of the isolated tree, then summarizing the data depth and the average depth calculated by each node, scoring the calculated user behavior, judging the user behavior to be abnormal if the score of the user behavior exceeds a set threshold, forming an abnormal information block by the related information of the abnormal behavior, uploading the abnormal information block to a block chain, and performing self-checking on the corresponding behavior by each node according to the information of the abnormal information block.
Further, the behavior data of the user is a vector consisting of a user account, user login time, login IP, transaction amount, transaction time and transaction type.
Further, the preprocessing refers to removing incomplete and repeated data and filling missing data.
Further, the desensitization processing is to perform hash encryption on the user account and the login IP, and convert the login time and the transaction time of the user into a timestamp.
Further, the data characteristics include login time difference, login IP hash value, transaction amount standard deviation, transaction amount discrete coefficient, transaction time difference and transaction type number.
Further, each node simultaneously constructs an isolated tree according to the acquired feature data, and calculates the data depth and the average depth of the isolated tree, specifically comprising the following steps:
1) randomly selecting n samples from all data, and generating an isolated tree;
2) randomly selecting the same data characteristic of n samples, randomly selecting a value between the maximum value and the minimum value of the characteristic, performing binary division on the samples, dividing the data which is smaller than the value in the samples to the left branch of the layer tree, and dividing the data which is larger than or equal to the value to the right branch of the layer tree;
3) repeating step 2) in the left and right branches, respectively, until the data is irrevocable or the binary tree reaches a defined maximum depth log2(n)。
Further, the average path depth of all data in the isolated tree isWhere H (n-1) ═ ln (n-1) +0.5772156649, the path depth of any data in a certain isolated tree is H (x) ═ e + C (t.size), where e represents the number of edges through which the data crosses from the start of the isolated tree to the branch where the data crosses, t.size represents the number of samples at the same minimum branch as the data, and C (t.size) is actually a path depth correction for data that can be continuously divided up to the maximum depth.
Further, scoring the calculated user behavior after summarizing the data depth and the average depth calculated according to each node, and judging whether the user behavior is abnormal: the node score calculation method comprisesWherein E (h (x)) represents the path depth mean of the data x in all the isolated trees; when 0 is present<When score (x) < 0.5, proving that the data x can be isolated from other data through more binary divisions, and therefore considering that the user behavior corresponding to the data is normal; when 0.5 < score (x) < 1, the data x is proved to be isolated from other data through binary division for less times, so that the user behavior corresponding to the data is considered to have abnormality.
A distributed block chain system user abnormal behavior monitoring system comprises a data acquisition module, a preprocessing module and an abnormal monitoring module;
the data acquisition module is used for acquiring behavior data of each user in the block chain transaction system and transmitting the acquired data to the preprocessing module; the preprocessing module is used for preprocessing and desensitizing the acquired behavior data, extracting data characteristics from the behavior data after preprocessing and desensitizing, then forming verification information blocks by the extracted characteristic data and uploading the verification information blocks to a block chain, and synchronizing the blocks by each node to acquire the processed characteristic data; the anomaly monitoring module is connected with each node, an isolated tree is simultaneously constructed at each node according to the acquired feature data, the data depth and the average depth of the isolated tree are calculated, then the data depth and the average depth calculated by each node are summarized and the calculated user behavior is scored, if the user behavior score exceeds a set threshold value, the user behavior is judged to be abnormal, the related information of the abnormal behavior is formed into an abnormal information block and uploaded to a block chain, and each node performs self-checking of the corresponding behavior according to the information of the abnormal information block.
Further, the abnormity monitoring module calculates according to the node score asWherein E (h (x)) represents the path depth mean of the data x in all the isolated trees; when 0 is present<When score (x) < 0.5, proving that the data x can be isolated from other data through more binary divisions, and therefore considering that the user behavior corresponding to the data is normal; when 0.5 < score (x) < 1, the data x is proved to be isolated from other data through binary division for less times, and the user behavior corresponding to the data is considered to have abnormality.
Compared with the prior art, the invention has the following beneficial technical effects:
the invention relates to a method for monitoring abnormal behaviors of a user in a distributed block chain system, which extracts data characteristics from behavior data after preprocessing and desensitization processing by preprocessing and desensitization processing the behavior data of the user, then the extracted data characteristics are shared among all nodes of the block chain to form a complete data chain, all nodes synchronize the block to obtain processed characteristic data, then, by constructing an isolated tree, all data is dispersed to a plurality of branches in the isolated tree according to the data characteristics of a certain dimension, by calculating the path depth and mean path depth of the data in an solitary forest constructed from a plurality of solitary trees, can obtain abnormal values of the detected data, is beneficial to overcoming the problems of difficult monitoring and low accuracy of abnormal data of high dimension of the block chain, and the calculation efficiency is improved by adopting a distributed algorithm, and reliable guarantee is provided for the safety of block chain system transaction.
Furthermore, the behavior data of the user is a vector consisting of the user account, the user login time, the login IP, the transaction amount, the transaction time and the transaction type, so that the user information can be accurately reflected, and the calculation accuracy is improved.
Furthermore, the isolated trees are independently generated by utilizing each node, and the tree depth of each data is uploaded to the system, so that the distributed algorithm is not only matched with a distributed decentralized architecture of the block chain system, but also is higher in calculation efficiency and higher in speed of distinguishing abnormal behaviors compared with a traditional method for forming the isolated forest by repeatedly generating the isolated trees on a single device, the isolated forest algorithm is more suitable for practical engineering application, and quick and effective safety guarantee is provided for the block chain system.
The invention discloses a distributed block chain system user abnormal behavior monitoring system which comprises a data acquisition module, a preprocessing module and an abnormal monitoring module;
the data acquisition module is used for acquiring behavior data of each user in the block chain transaction system, the anomaly monitoring module is used for efficiently judging the anomalous behavior of the block chain transaction system based on the isolated tree, the isolated tree is used for carrying out calculation only through the data, indexes such as density and distance of the data are not required to be calculated, and the calculation time is greatly reduced.
Drawings
Fig. 1 is a flowchart illustrating interaction between a node and a system in an anomaly identification process according to an embodiment of the present invention.
FIG. 2 is a flow chart of an implementation of an isolated forest algorithm in an embodiment of the present invention.
Detailed Description
The invention is described in further detail below with reference to the accompanying drawings:
as shown in fig. 1, a method for monitoring abnormal behavior of a user in a distributed blockchain system includes the following steps:
s1, acquiring behavior data of each user in the block chain transaction system;
specifically, the system acquires behavior data of each user in the blockchain transaction system, the system acquires the blockchain transaction system in a private chain by using a blockchain management system, and the system randomly selects one or more nodes with computing power in a public chain and a alliance chain according to a consensus mechanism. User behavior refers to a user logging into or conducting a transaction in a blockchain transaction system. The user's behavior data is a vector consisting of the user account, the user login time, the login IP, the transaction amount, the transaction time, and the transaction type.
S2, preprocessing and desensitizing the collected behavior data;
preprocessing refers to removing incomplete and repeated data and filling missing data; the method comprises the steps that repeated partial content cleaning is carried out on information of the same user appearing for many times in behavior data, one part is reserved, multiple information data of the same user are complementarily reserved, and all information of the same user are fused to remove repeated data;
the desensitization treatment is to perform hash encryption on the user account and the login IP, namely yIP=SHA256(xIP) Wherein x isIPAnd yIPFor the IP addresses before and after encryption, SHA256 is an anti-collision irreversible encryption algorithm, and converts any character string into a 64-bit 16-system encryption result; converting the user's login time and transaction time to a timestamp, i.e. ytime=timestamp(xtime) Wherein x istimeAnd ytimeFor time information before and after conversion, timestamp is a timestamp conversion algorithm, and can convert time into a 10-bit 10-system digital result.
S3, extracting data characteristics from the behavior data after the preprocessing and desensitization processing;
the data characteristics comprise login time difference (namely the difference value of two login time stamps) and login IP hash value, and the data characteristics and the transaction amount standard difference of which the first 4 bits are IP addresses of the hash encryption result can be intercepted due to overlong hash encryption length and the anti-collision property of the hash encryption algorithm, namely the data characteristics and the transaction amount standard difference are acquiredWhereinIs the average value of the transaction amount, the discrete coefficient of the transaction amount, i.e.The transaction time difference is the difference between the timestamps of two consecutive transactions and the transaction type number.
S4, the extracted feature data are combined into a verification information block and uploaded to a block chain, and each node synchronizes the block to obtain the processed feature data;
and S5, simultaneously constructing an isolated tree by each node according to the acquired feature data, calculating the data depth and the average depth of the isolated tree, then summarizing the data depth and the average depth calculated by each node, scoring the calculated user behavior, judging the user behavior to be abnormal if the score of the user behavior exceeds a set threshold, forming an abnormal information block by the related information of the abnormal behavior, uploading the abnormal information block to a block chain, and performing self-checking on the corresponding behavior by each node according to the information of the abnormal information block.
As shown in fig. 2, each node simultaneously constructs an isolated tree according to the acquired feature data, and calculates the data depth and the average depth of the isolated tree, specifically including the following steps:
1) randomly selecting n samples from all data, and generating an isolated tree;
2) the same data feature of n samples is randomly selected, a value is randomly selected between the maximum value and the minimum value of the feature, and the samples are divided into two branches. And dividing the data which is less than the value in the sample into the left branch of the layer tree, and dividing the data which is more than or equal to the value into the right branch of the layer tree.
3) Repeating step 2) in the left and right branches, respectively, until the data is irrevocable or the binary tree reaches a defined maximum depth log2(n);
4) The average path depth of all data in the isolated tree isWherein H (n-1) ═ ln (n-1) + 0.5772156649. For any data, its path depth at a certain orphan tree is h (x) e + C (t. Where e represents the number of edges the data passes from the start of the isolated tree to the bifurcation of the data, t.size represents the number of samples at the same minimum bifurcation as the data, and C (t.size) is a path depth correction for data that has reached maximum depth but can in fact continue to be divided.
And scoring the calculated user behavior after summarizing the data depth and the average depth calculated by each node, and judging whether the user behavior is abnormal. The node score calculation method comprisesWherein E (h (x)) represents the path depth mean of the data x in all the isolated trees; when 0 is present<When score (x) < 0.5, proving that the data x can be isolated from other data through more binary divisions, and therefore considering that the user behavior corresponding to the data is normal; when 0.5 < score (x) < 1, the data x is proved to be isolated from other data through binary division for less times, so that the user behavior corresponding to the data is considered to have abnormality. And the related information of the abnormal behaviors is combined into an abnormal information block and uploaded to a block chain, and each node performs self-checking of the corresponding behaviors according to the information of the abnormal information block.
According to the method for monitoring the abnormal behaviors of the distributed blockchain system user, the isolated forest algorithm is adopted to realize the efficient judgment of the abnormal behaviors of the blockchain trading system, and the isolated forest algorithm only needs to carry out calculation through data and does not need to calculate indexes such as density and distance of the data, so that the calculation time is greatly reduced. In addition, the isolated forest model does not need to learn and train the existing data, so that new abnormal data can be recognized, and the limitation that only the existing or part of preset abnormal behaviors can be recognized in the traditional engineering application is reduced.
By independently generating the isolated trees by using each node and uploading the tree depth of each data to the system, the distributed algorithm is not only matched with a distributed decentralized architecture of the block chain system, but also is compared with the traditional method of repeatedly generating the isolated trees on a single device to form the isolated forest, so that the calculation efficiency is further improved, the speed of distinguishing abnormal behaviors is accelerated, the isolated forest algorithm is more suitable for the practical application of engineering, and the quick and effective safety guarantee is provided for the block chain system.
By constructing the orphan tree, all data is scattered to multiple branches in the orphan tree according to the data characteristics of a certain dimension. For anomalous data, it is usually scattered closer to the tree root due to some more obvious data characteristics. The abnormal value of the detected data can be obtained by calculating the path depth and the average path depth of the data in the isolated forest constructed by a plurality of isolated trees, the larger the value is, the more probable the abnormal data is, the method is favorable for overcoming the problems of difficult abnormal monitoring and low accuracy of the high-dimensional data of the block chain, and the method improves the calculation efficiency by adopting a distributed algorithm and provides reliable guarantee for the safety of the block chain system transaction.
Claims (10)
1. A method for monitoring abnormal behaviors of users in a distributed block chain system is characterized by comprising the following steps:
s1, acquiring behavior data of each user in the block chain transaction system;
s2, preprocessing and desensitizing the collected behavior data;
s3, extracting data characteristics from the behavior data after the preprocessing and desensitization processing;
s4, the extracted feature data are combined into a verification information block and uploaded to a block chain, and each node synchronizes the block to obtain the processed feature data;
and S5, simultaneously constructing an isolated tree by each node according to the acquired feature data, calculating the data depth and the average depth of the isolated tree, then summarizing the data depth and the average depth calculated by each node, scoring the calculated user behavior, judging the user behavior to be abnormal if the score of the user behavior exceeds a set threshold, forming an abnormal information block by the related information of the abnormal behavior, uploading the abnormal information block to a block chain, and performing self-checking on the corresponding behavior by each node according to the information of the abnormal information block.
2. The method for monitoring the abnormal user behavior in the distributed blockchain system according to claim 1, wherein the user behavior data is a vector consisting of a user account, user login time, login IP, transaction amount, transaction time and transaction type.
3. The method of claim 1, wherein preprocessing comprises removing missing and repeated data and filling in missing data.
4. The method for monitoring the abnormal user behavior of the distributed blockchain system according to claim 1, wherein the desensitization process is to perform hash encryption on a user account and a login IP, and convert a login time and a transaction time of a user into a timestamp.
5. The method for monitoring the abnormal user behavior of the distributed blockchain system according to claim 1, wherein the data characteristics comprise login time difference, login IP hash value, transaction amount standard deviation, transaction amount discrete coefficient, transaction time difference and transaction type number.
6. The method for monitoring the abnormal user behavior in the distributed blockchain system according to claim 1, wherein each node simultaneously constructs an isolated tree according to the acquired feature data, and calculates the data depth and the average depth of the isolated tree, specifically comprising the following steps:
1) randomly selecting n samples from all data, and generating an isolated tree;
2) randomly selecting the same data characteristic of n samples, randomly selecting a value between the maximum value and the minimum value of the characteristic, performing binary division on the samples, dividing the data which is smaller than the value in the samples to the left branch of the layer tree, and dividing the data which is larger than or equal to the value to the right branch of the layer tree;
3) repeating step 2) in the left and right branches, respectively, until the data is irrevocable or the binary tree reaches a defined maximum depth log2(n)。
7. The method as claimed in claim 6, wherein the average path depth of all data in the orphan tree isWhere H (n-1) ═ ln (n-1) +0.5772156649, the path depth of any data in a certain isolated tree is H (x) ═ e + C (t.size), where e represents the number of edges through which the data crosses from the start of the isolated tree to the branch where the data crosses, t.size represents the number of samples at the same minimum branch as the data, and C (t.size) is actually a path depth correction for data that can be continuously divided up to the maximum depth.
8. The method as claimed in claim 6, wherein the user behavior is scored after the data depth and the average depth calculated by each node are summarized, and whether the user behavior is abnormal or not is determined: the node score calculation method comprisesWherein E (h (x)) represents the path depth mean of the data x in all the isolated trees; when 0 is present<When score (x) < 0.5, proving that the data x can be isolated from other data through more binary divisions, and therefore considering that the user behavior corresponding to the data is normal; when 0.5 < score (x) < 1, the data x is proved to be isolated from other data through binary division for less times, so that the user behavior corresponding to the data is considered to have abnormality.
9. A distributed block chain system user abnormal behavior monitoring system is characterized by comprising a data acquisition module, a preprocessing module and an abnormal monitoring module;
the data acquisition module is used for acquiring behavior data of each user in the block chain transaction system and transmitting the acquired data to the preprocessing module; the preprocessing module is used for preprocessing and desensitizing the acquired behavior data, extracting data characteristics from the behavior data after preprocessing and desensitizing, then forming verification information blocks by the extracted characteristic data and uploading the verification information blocks to a block chain, and synchronizing the blocks by each node to acquire the processed characteristic data; the anomaly monitoring module is connected with each node, an isolated tree is simultaneously constructed at each node according to the acquired feature data, the data depth and the average depth of the isolated tree are calculated, then the data depth and the average depth calculated by each node are summarized and the calculated user behavior is scored, if the user behavior score exceeds a set threshold value, the user behavior is judged to be abnormal, the related information of the abnormal behavior is formed into an abnormal information block and uploaded to a block chain, and each node performs self-checking of the corresponding behavior according to the information of the abnormal information block.
10. The system according to claim 9, wherein the anomaly monitoring module calculates a node score according to a method of computing node scoresWherein E (h (x)) represents the path depth mean of the data x in all the isolated trees; when 0 is present<When score (x) < 0.5, proving that the data x can be isolated from other data through more binary divisions, and therefore considering that the user behavior corresponding to the data is normal; when 0.5 < score (x) < 1, the data x is proved to be isolated from other data through binary division for less times, and the user behavior corresponding to the data is considered to have abnormality.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111153349.5A CN113961434A (en) | 2021-09-29 | 2021-09-29 | Method and system for monitoring abnormal behaviors of distributed block chain system users |
PCT/CN2021/142711 WO2023050620A1 (en) | 2021-09-29 | 2021-12-29 | Method and system for monitoring abnormal user behavior in distributed blockchain system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111153349.5A CN113961434A (en) | 2021-09-29 | 2021-09-29 | Method and system for monitoring abnormal behaviors of distributed block chain system users |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113961434A true CN113961434A (en) | 2022-01-21 |
Family
ID=79463306
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111153349.5A Pending CN113961434A (en) | 2021-09-29 | 2021-09-29 | Method and system for monitoring abnormal behaviors of distributed block chain system users |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN113961434A (en) |
WO (1) | WO2023050620A1 (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114116733A (en) * | 2022-01-26 | 2022-03-01 | 国网区块链科技(北京)有限公司 | Data abnormal operation detection and tracing system and method for distribution automation system |
CN115660689A (en) * | 2022-11-03 | 2023-01-31 | 淮阴工学院 | User behavior monitoring method and device based on block chain financial fraud |
CN116663871A (en) * | 2023-08-02 | 2023-08-29 | 苏州安极能新能源发展有限公司 | Method and system for predicting electricity demand |
CN117201203A (en) * | 2023-11-07 | 2023-12-08 | 西安芝麻数据科技发展有限公司 | Block chain-based supply chain data secure sharing system and method |
CN117408734A (en) * | 2023-12-15 | 2024-01-16 | 广东云百科技有限公司 | Customer information intelligent management system based on Internet of things equipment |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116823816B (en) * | 2023-08-28 | 2023-11-21 | 济南正邦电子科技有限公司 | Detection equipment and detection method based on security monitoring static memory |
CN116827971B (en) * | 2023-08-29 | 2023-11-24 | 北京国网信通埃森哲信息技术有限公司 | Block chain-based carbon emission data storage and transmission method, device and equipment |
CN116911806B (en) * | 2023-09-11 | 2023-11-28 | 湖北华中电力科技开发有限责任公司 | Internet + based power enterprise energy information management system |
CN117150244B (en) * | 2023-10-30 | 2024-01-26 | 山东凯莱电气设备有限公司 | Intelligent power distribution cabinet state monitoring method and system based on electrical parameter analysis |
CN117648704B (en) * | 2023-11-10 | 2024-07-23 | 国网宁夏电力有限公司电力科学研究院 | Block chain-based data security interaction method, medium and system |
CN117632937B (en) * | 2023-12-06 | 2024-04-30 | 北京开元泰达净化设备有限公司 | Industrial Internet big data platform and data processing method |
CN117370898B (en) * | 2023-12-08 | 2024-03-12 | 钛合联(深圳)科技有限公司 | Electronic data safety control system |
CN117454283A (en) * | 2023-12-22 | 2024-01-26 | 深圳前海慧联科技发展有限公司 | State evaluation method for wind turbine generator operation detection data |
CN117454096B (en) * | 2023-12-25 | 2024-03-01 | 西安高商智能科技有限责任公司 | Motor production quality detection method and system |
CN118227836B (en) * | 2024-02-04 | 2024-09-17 | 江苏省海洋资源开发研究院(连云港) | Block chain-based data processing method, device and storage medium |
CN118041812B (en) * | 2024-03-27 | 2024-09-13 | 国网山东省电力公司 | Block chain-based method and system for evaluating data transmission under chain upper chain |
CN118200950B (en) * | 2024-05-17 | 2024-08-02 | 武汉众诚华鑫科技有限公司 | Method and system for inspecting telecommunication base station |
CN118245734B (en) * | 2024-05-24 | 2024-08-09 | 深圳鼎智通讯股份有限公司 | POS machine data intelligent processing method based on 5G technology |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109859029A (en) * | 2019-01-04 | 2019-06-07 | 深圳壹账通智能科技有限公司 | Abnormal application detection method, device, computer equipment and storage medium |
CN111798312B (en) * | 2019-08-02 | 2024-03-01 | 深圳索信达数据技术有限公司 | Financial transaction system anomaly identification method based on isolated forest algorithm |
US11582249B2 (en) * | 2019-11-27 | 2023-02-14 | Telefonaktiebolaget Lm Ericsson (Publ) | Computer-implemented method and arrangement for classifying anomalies |
CN111833172A (en) * | 2020-05-25 | 2020-10-27 | 百维金科(上海)信息科技有限公司 | Consumption credit fraud detection method and system based on isolated forest |
CN113283901B (en) * | 2021-04-19 | 2022-11-01 | 河南大学 | Byte code-based fraud contract detection method for block chain platform |
CN113034145B (en) * | 2021-05-24 | 2021-09-03 | 智安链云科技(北京)有限公司 | Method and device for judging transaction category of user abnormal encrypted digital asset |
-
2021
- 2021-09-29 CN CN202111153349.5A patent/CN113961434A/en active Pending
- 2021-12-29 WO PCT/CN2021/142711 patent/WO2023050620A1/en active Application Filing
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114116733A (en) * | 2022-01-26 | 2022-03-01 | 国网区块链科技(北京)有限公司 | Data abnormal operation detection and tracing system and method for distribution automation system |
CN115660689A (en) * | 2022-11-03 | 2023-01-31 | 淮阴工学院 | User behavior monitoring method and device based on block chain financial fraud |
CN116663871A (en) * | 2023-08-02 | 2023-08-29 | 苏州安极能新能源发展有限公司 | Method and system for predicting electricity demand |
CN116663871B (en) * | 2023-08-02 | 2023-10-13 | 苏州安极能新能源发展有限公司 | Method and system for predicting electricity demand |
CN117201203A (en) * | 2023-11-07 | 2023-12-08 | 西安芝麻数据科技发展有限公司 | Block chain-based supply chain data secure sharing system and method |
CN117201203B (en) * | 2023-11-07 | 2024-02-23 | 西安芝麻数据科技发展有限公司 | Block chain-based supply chain data secure sharing system and method |
CN117408734A (en) * | 2023-12-15 | 2024-01-16 | 广东云百科技有限公司 | Customer information intelligent management system based on Internet of things equipment |
CN117408734B (en) * | 2023-12-15 | 2024-03-19 | 广东云百科技有限公司 | Customer information intelligent management system based on Internet of things equipment |
Also Published As
Publication number | Publication date |
---|---|
WO2023050620A1 (en) | 2023-04-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113961434A (en) | Method and system for monitoring abnormal behaviors of distributed block chain system users | |
CN111277578B (en) | Encrypted flow analysis feature extraction method, system, storage medium and security device | |
CN110247930B (en) | Encrypted network flow identification method based on deep neural network | |
CN108768986B (en) | Encrypted traffic classification method, server and computer readable storage medium | |
CN109450845B (en) | Detection method for generating malicious domain name based on deep neural network algorithm | |
CN107360145B (en) | Multi-node honeypot system and data analysis method thereof | |
CN111107072B (en) | Authentication graph embedding-based abnormal login behavior detection method and system | |
Jongsuebsuk et al. | Real-time intrusion detection with fuzzy genetic algorithm | |
CN112468347B (en) | Security management method and device for cloud platform, electronic equipment and storage medium | |
CN108282460B (en) | Evidence chain generation method and device for network security event | |
CN110011990B (en) | Intelligent analysis method for intranet security threats | |
CN111191720B (en) | Service scene identification method and device and electronic equipment | |
Lingyu et al. | A hierarchical classification approach for tor anonymous traffic | |
CN116070206B (en) | Abnormal behavior detection method, system, electronic equipment and storage medium | |
CN113656807A (en) | Vulnerability management method, device, equipment and storage medium | |
CN113706100B (en) | Real-time detection and identification method and system for Internet of things terminal equipment of power distribution network | |
Liang et al. | FECC: DNS tunnel detection model based on CNN and clustering | |
US20240187446A1 (en) | Method and system for detecting complex multi-step attack in electric power system | |
CN113259367B (en) | Industrial control network flow multistage anomaly detection method and device | |
CN112039907A (en) | Automatic testing method and system based on Internet of things terminal evaluation platform | |
CN116506230A (en) | Data acquisition method and system based on RSA asymmetric encryption | |
Othman et al. | Improving signature detection classification model using features selection based on customized features | |
CN114124834B (en) | Integrated learning device and method for ICMP hidden tunnel detection in industrial control network | |
CN111371727A (en) | Detection method for NTP protocol covert communication | |
CN112561538B (en) | Risk model creation method, apparatus, computer device and readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |