CN113965397B - Credit network security management method, apparatus, computer device and storage medium - Google Patents

Credit network security management method, apparatus, computer device and storage medium Download PDF

Info

Publication number
CN113965397B
CN113965397B CN202111263159.9A CN202111263159A CN113965397B CN 113965397 B CN113965397 B CN 113965397B CN 202111263159 A CN202111263159 A CN 202111263159A CN 113965397 B CN113965397 B CN 113965397B
Authority
CN
China
Prior art keywords
abnormal
safety
equipment
information
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111263159.9A
Other languages
Chinese (zh)
Other versions
CN113965397A (en
Inventor
林宁
陆惠华
谢志伟
陈章
严晶涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gongcheng Management Consulting Co ltd
Guangdong Communications Services Co Ltd
Original Assignee
Gongcheng Management Consulting Co ltd
Guangdong Communications Services Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gongcheng Management Consulting Co ltd, Guangdong Communications Services Co Ltd filed Critical Gongcheng Management Consulting Co ltd
Priority to CN202111263159.9A priority Critical patent/CN113965397B/en
Publication of CN113965397A publication Critical patent/CN113965397A/en
Application granted granted Critical
Publication of CN113965397B publication Critical patent/CN113965397B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0677Localisation of faults

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to a method, a device, a computer device and a storage medium for security management of a credit network, which comprise the following steps: acquiring equipment operation state data in real time, and inputting the equipment operation state data into a preset network security abnormality early-warning model to obtain a security abnormality early-warning result; when a safety abnormality early warning message is obtained from an abnormality early warning result, obtaining abnormality equipment information and abnormality equipment operation state data from the safety abnormality early warning message; performing abnormality diagnosis analysis on the safety abnormal equipment information and the safety abnormal operation state information, and acquiring safety alarm fault attribution according to analysis results; and after attribution analysis is carried out on the security alarm fault attribution by using the operation and maintenance knowledge model, a security maintenance script is obtained from a configuration script library, and the security maintenance script triggers an equipment maintenance instruction according to abnormal equipment information. The intelligent network communication system has the effect of improving the safety of network communication through hierarchical deployment, up-and-down linkage, one-stop monitoring and full-element intelligent operation.

Description

Credit network security management method, apparatus, computer device and storage medium
Technical Field
The present invention relates to the field of device operation and maintenance technologies, and in particular, to a method and apparatus for security management of a signal creation network, a computer device, and a storage medium.
Background
At present, the construction and application of communication equipment are gradually popularized, and along with the development of the communication field, the application demands of people on the fields of remote communication, intelligent control and the like are also increasing.
In order to protect related information or data from leakage, demands on network security are also increasing in the construction and operation of communication equipment, so there is room for improvement in security aspects such as data security and network security.
Disclosure of Invention
In order to improve the security of network communication, the application provides a method, a device, computer equipment and a storage medium for managing the security of a credit network.
The first object of the present invention is achieved by the following technical solutions:
a method for security management of a credit network, the method comprising:
acquiring equipment operation state data in real time, and inputting the equipment operation state data into a preset network security abnormality early-warning model to obtain a security abnormality early-warning result;
When a safety abnormality early warning message is obtained from the abnormality early warning result, abnormal equipment information and abnormal equipment operation state data are obtained from the safety abnormality early warning message;
performing abnormality diagnosis analysis on the safety abnormal equipment information and the safety abnormal operation state information, and acquiring safety alarm fault attribution according to analysis results;
and after attribution analysis is carried out on the safety alarm fault attribution by using an operation and maintenance knowledge model, acquiring a safety maintenance script from a configuration script library, and triggering an equipment maintenance instruction by the safety maintenance script according to the abnormal equipment information.
By adopting the technical scheme, related elements such as a database, a firewall and other elements are deployed on related communication equipment, namely a background server, and the related communication equipment is relied on to realize the specific network communication task when the network communication is carried out, so that when the corresponding communication equipment operates or the construction is finished in a staged manner, safety test is required, equipment operation state data obtained by real-time detection are input into a preset network safety abnormality early warning model, and the abnormal state can be generated in the operation state, but before an accident caused by network safety does not occur, the abnormal state can be found in time, thereby being beneficial to reducing the loss caused by the network safety problem; by detecting the safety abnormality early warning message and performing diagnosis and analysis in time, the corresponding fault cause can be automatically diagnosed when abnormality is found, so that the safety alarm early warning message is convenient to repair in time, and the possibility of loss caused by network safety problems is reduced; meanwhile, the corresponding safety maintenance script is obtained from the configuration script library, and automatic repair can be performed in time when the communication equipment is abnormal, so that the overall safety and repair efficiency of network safety are improved.
The present application may be further configured in a preferred example to: before the running state data of the equipment is obtained in real time and is input into a preset network security abnormality early-warning model to obtain a security abnormality early-warning result, the created network security management method further comprises the following steps:
acquiring historical safety abnormal data, counting abnormal type information from the historical safety abnormal data, and splitting the historical safety abnormal data according to the abnormal type information to obtain a safety abnormal state data packet corresponding to each abnormal type information;
acquiring equipment information to be detected, and acquiring a corresponding safety abnormal state data packet according to the equipment information to be detected, wherein the safety abnormal state data packet is used as a state data packet to be trained;
testing equipment corresponding to the equipment information to be detected according to the state data packet to be trained to obtain a corresponding abnormal test result;
and screening the data packet in the state to be trained according to the abnormal test result to obtain the network security abnormal early warning model.
By adopting the technical scheme, the big data are split in the historical safety abnormal data to obtain the corresponding data packet in the state to be trained, and the safety of the communication equipment is continuously improved due to the rapid development of the current communication equipment, and the attack caused by network loopholes is possibly invalid to the current communication equipment in the past, so that the communication equipment can be tested according to the data in the data packet in the state to be trained in the construction stage, thereby screening out the effective abnormal test result, reducing the matched data quantity while maintaining the abnormal detection effect, improving the detection efficiency and being beneficial to improving the safety of the network.
The present application may be further configured in a preferred example to: the safety abnormality early warning result comprises equipment safety operation and equipment operation abnormality, the equipment operation state data is obtained in real time, and the equipment operation state data is input into a preset network safety abnormality early warning model to obtain the safety abnormality early warning result, and the safety abnormality early warning method specifically comprises the following steps:
carrying out matching inquiry on the equipment running state data and the state data packet to be trained in the network security anomaly early warning model to obtain a corresponding matching result;
and if the matching result is that the equipment operation state data is successfully matched in the to-be-trained state data packet, the safety abnormality early warning result is that the equipment operation is abnormal, otherwise, the equipment operation is safe.
By adopting the technical scheme, after the network security abnormality early warning model is trained, whether the equipment operates abnormally or not is judged in a matching query mode, the step of detecting network security can be simplified, and the detection efficiency can be further improved.
The present application may be further configured in a preferred example to: the method for carrying out abnormality diagnosis analysis on the safety abnormal equipment information and the safety abnormal operation state information, and obtaining safety alarm fault attribution according to an analysis result specifically comprises the following steps:
Acquiring the corresponding security abnormal state data packet from the network security abnormal early warning model according to the security abnormal equipment information, and taking the data packet as an attribution judging data packet;
inputting the safe abnormal operation state information into the attribution judging data packet to carry out matching inquiry so as to acquire the corresponding abnormal type information;
and if the abnormal type information is successfully matched, carrying out the abnormality diagnosis analysis on the abnormal type information according to the safety abnormal equipment information to obtain the safety alarm fault attribution, otherwise, triggering an abnormality processing message to obtain the safety alarm fault attribution.
By adopting the technical scheme, whether the corresponding abnormal type information exists can be inquired by screening the corresponding attribution judging data packet, when the corresponding abnormal type information exists, the equipment is proved to suffer from the same or similar attack, abnormal special analysis is conducted according to the abnormal type information, the safety alarm fault attribution can be obtained through timely analysis according to historical data, the way that whether the equipment suffers from the same or similar attack can be judged by matching inquiry, the encountered attack can be timely found, and relevant personnel are informed to process the encountered attack, so that the efficiency of obtaining the safety alarm fault attribution can be improved.
The present application may be further configured in a preferred example to: after the equipment operation state data is acquired in real time, the information creation network safety management method further comprises the following steps:
if new state information is acquired from the equipment operation state data, acquiring new state position data from the new state information;
and inquiring new equipment mounting task data according to the new state position data, acquiring a new equipment identifier from the new state information if the new equipment mounting task data can be successfully inquired, updating the network security abnormality early warning model according to the new equipment identifier, and otherwise triggering an abnormal equipment warning message.
By adopting the technical scheme, with the use of the communication equipment, the newly added communication equipment can exist under the condition of the original scale, and the possibility of attacking the network and stealing information by manually installing the equipment exists, so that by detecting whether new state information exists, when the new state information exists, the new equipment is timely inquired to additionally install task data, whether the installation of the new equipment is legal or not can be judged, if the installation is legal, a network security abnormality early warning model is timely updated, so that the operation detection of the additionally installed network communication equipment is ensured, the overall network security is ensured, if the installation is not, the safety non-compliance of the new equipment is indicated, the equipment warning message is timely triggered, and the investigation is facilitated.
The present application may be further configured in a preferred example to: after the new equipment is queried according to the new state position data and the task data is additionally installed, if the new equipment can be successfully queried, a new equipment identifier is acquired from the new state information, and the network security anomaly early warning model is updated according to the new equipment identifier, the created network security management method further comprises the following steps:
acquiring engineering management progress data corresponding to the new equipment installation task data, and acquiring corresponding engineering management data according to the engineering management progress data;
when a network communication abnormal signal is acquired, acquiring personnel user side information corresponding to the engineering management data, and caching the engineering management data according to the personnel user side information;
and when the network communication recovery signal is acquired, releasing and uploading the engineering management data.
By adopting the technical scheme, in the process of replacing or installing the network communication equipment, corresponding engineering management, namely engineering supervision, is generally arranged according to the schedule of installing the engineering, and because the network communication state of the place where the network communication equipment is required to be installed is generally poor, a corresponding new equipment adding task is required to be arranged, in the process of carrying out the corresponding engineering management task, corresponding engineering management data are required to be uploaded in stages so as to receive the content of the new engineering management, and meanwhile, if the network communication state is poor, the corresponding engineering management data cannot be uploaded, and therefore, the content of the new engineering management cannot be received, so that the installation or replacement of the network communication equipment or other elements cannot be carried out.
The second object of the present invention is achieved by the following technical solutions:
a credit network security management apparatus, the credit network security management apparatus comprising:
the abnormality detection module is used for acquiring equipment operation state data in real time, inputting the equipment operation state data into a preset network security abnormality early-warning model and obtaining a security abnormality early-warning result;
the state extraction module is used for acquiring abnormal equipment information and abnormal equipment operation state data from the safety abnormal early warning message when the safety abnormal early warning message is acquired from the abnormal early warning result;
the attribution analysis module is used for carrying out abnormality diagnosis analysis on the safety abnormal equipment information and the safety abnormal operation state information, and acquiring safety alarm fault attribution according to analysis results;
and the vulnerability restoration module is used for acquiring a security maintenance script from a configuration script library after attributing and analyzing the security alarm fault attribution by using an operation and maintenance knowledge model, and triggering an equipment maintenance instruction by the security maintenance script according to the abnormal equipment information.
By adopting the technical scheme, when the corresponding communication equipment runs or the construction is finished in a staged way and the safety test is required, the equipment running state data obtained by real-time detection is input into the preset network safety abnormality early warning model, so that the abnormal running state can be found in time before an accident caused by network safety occurs, and the loss caused by the network safety problem is reduced; by detecting the safety abnormality early warning message and performing diagnosis and analysis in time, the corresponding fault cause can be automatically diagnosed when abnormality is found, so that the safety alarm early warning message is convenient to repair in time, and the possibility of loss caused by network safety problems is reduced; meanwhile, the corresponding safety maintenance script is obtained from the configuration script library, and automatic repair can be performed in time when the communication equipment is abnormal, so that the overall safety and repair efficiency of network safety are improved.
The third object of the present application is achieved by the following technical solutions:
a computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the method for security management of a credit network described above when the computer program is executed.
The fourth object of the present application is achieved by the following technical solutions:
a computer readable storage medium storing a computer program which when executed by a processor implements the steps of the aforementioned method for security management of a credit network.
In summary, the present application includes at least one of the following beneficial technical effects:
1. when the corresponding communication equipment operates or the construction is finished in a staged manner and the safety test is required, the equipment operation state data obtained by real-time detection is input into a preset network safety abnormality early warning model, so that the abnormal operation state can be found in time before an accident caused by network safety occurs, and the loss caused by the network safety problem is reduced; by detecting the safety abnormality early warning message and performing diagnosis and analysis in time, the corresponding fault cause can be automatically diagnosed when abnormality is found, so that the safety alarm early warning message is convenient to repair in time, and the possibility of loss caused by network safety problems is reduced; meanwhile, the corresponding safety maintenance script is obtained from the configuration script library, and automatic repair can be performed in time when the communication equipment is abnormal, so that the safety and the repair efficiency of the network safety whole are improved;
2. The method comprises the steps that big data are split in historical security abnormal data to obtain corresponding data packets in a state to be trained, and the security of the communication equipment is continuously improved due to the rapid development of the current communication equipment, and the attack of network loopholes can possibly be invalid to the current communication equipment in the past, so that the communication equipment can be tested according to the data in the data packets in the state to be trained in a construction stage, effective abnormal test results are screened out, the abnormal detection effect can be maintained, the matched data quantity can be reduced, the detection efficiency can be improved, and the network security can be improved;
3. the method has the advantages that whether corresponding abnormal type information exists can be inquired through screening the corresponding attribution judging data packet, when the corresponding abnormal type information exists, the equipment is proved to suffer from the same or similar attack, abnormal special analysis is conducted according to the abnormal type information, safety alarm fault attribution can be obtained through analysis according to historical data in time, the encountered attack can be found in time through a mode of judging whether the same or similar attack exists through matching inquiry, and relevant personnel are informed to process the encountered attack, so that efficiency of obtaining the safety alarm fault attribution is improved;
4. By detecting whether new state information exists, when the new state information exists, task data added to the new equipment is timely inquired, whether the installation of the new equipment is legal or not can be judged, if the installation of the new equipment is legal, a network security abnormality early warning model is timely updated, so that operation detection of the added network communication equipment is guaranteed, overall network security is guaranteed, if the new state information does not exist, the fact that the security of the new equipment is not compliant is indicated, equipment warning information is timely triggered, and the investigation is facilitated.
Drawings
FIG. 1 is a flow chart of a method of security management of a credit network in an embodiment of the application;
FIG. 2 is a flow chart of another implementation of the method for security management of a credit network in an embodiment of the application;
FIG. 3 is a flowchart showing an implementation of step S10 in a method for security management of a credit network according to an embodiment of the present application;
FIG. 4 is a flowchart showing an implementation of step S30 in a method for security management of a credit network according to an embodiment of the present application;
FIG. 5 is a flowchart of another implementation of the method for security management of a credit network according to one embodiment of the application;
FIG. 6 is a flowchart of another implementation of the method for security management of a credit network according to one embodiment of the application;
FIG. 7 is a schematic block diagram of a security management apparatus for a credit network in an embodiment of the application;
Fig. 8 is a schematic view of an apparatus in an embodiment of the present application.
Detailed Description
The present application is described in further detail below with reference to the accompanying drawings.
In an embodiment, as shown in fig. 1, the application discloses a method for security management of a credit-invasive network, which specifically includes the following steps:
s10: and acquiring the running state data of the equipment in real time, and inputting the running state data of the equipment into a preset network safety abnormality early-warning model to obtain a safety abnormality early-warning result.
In this embodiment, the device operation state data refers to a state of an already-established network communication device in operation within a certain area. The network security anomaly early warning model is a model for judging whether potential safety hazards exist in the operation of network communication equipment. The safety abnormality early warning result is a message showing whether the operation of the network communication equipment has potential safety hazard.
In the embodiment, through integrating virtual machine monitoring, application process monitoring, network state monitoring, asset monitoring, port monitoring, middleware monitoring, service system monitoring, database monitoring and the like in the process of network communication, multi-IDC/VPC one-stop monitoring is further realized, so that related personnel can monitor all elements during network communication operation and maintenance; the problems of safety abnormality in each element in network communication can be timely found and detected through one-stop monitoring, so that the problems can be timely analyzed, corresponding scripts are issued to repair or related personnel are informed to maintain, and the network safety in the information technology application innovation industry is improved; further, by setting up distributed deployment, the running states of the corresponding network devices or elements are obtained in real time according to province-city-county, the corresponding real-time states, alarm information, corresponding statistics data and the replacement and new addition of the devices can be checked layer by layer, and meanwhile, safety maintenance scripts for upgrading, patching, configuration and operation and maintenance can be issued uniformly in the process of inspecting the network communication devices, so that the overall efficiency in the operation and maintenance management and control process is improved.
Specifically, when a corresponding communication device is built in a predetermined area and put into use, the operation state data of the communication device is acquired and detected in real time when the communication device is operated by installing the corresponding detection device or setting the corresponding detection method. And acquiring the running states of the virtual machine, the application process, the network state, the middleware and the like in the related communication equipment through each interface of one-stop monitoring, and taking the running states as corresponding running state data.
Further, after the equipment operation state data is obtained, the equipment operation state data is packaged in real time or periodically and input into a pre-trained network security abnormality early warning model, and the security abnormality early warning result of the equipment operation state data is identified according to the network security abnormality early warning model, so that whether the equipment has security holes during operation or not can be timely found, and hidden dangers such as data leakage or loss are caused.
Optionally, when the communication device is put into use, the safety detection of the device simulation operation can be performed in a certain time by the method of the application when the safety of the communication device which is built and installed is detected after the task of building and installing is completed in stages.
S20: when the safety abnormality early warning message is obtained from the abnormality early warning result, the abnormality equipment information and the abnormality equipment operation state data are obtained from the safety abnormality early warning message.
In this embodiment, the security anomaly early warning message refers to an early warning message that the installed communication device has a network security hidden trouble. The abnormal device information is information indicating a specific device in which a network security hazard occurs. The abnormal equipment operation state data refers to the current operation state of the specific equipment with the network full hidden trouble.
Specifically, when the abnormality of the equipment with network communication is judged through the equipment operation state data and the network security abnormality early warning model, identifying information of the communication equipment with the abnormality from the equipment operation state data, wherein the information comprises information such as a unique identifier and an installation position of the communication equipment, and the like, as the abnormal equipment information, and taking the equipment operation state data corresponding to the abnormal equipment as the abnormal equipment operation state data.
S30: and carrying out abnormality diagnosis analysis on the safety abnormal equipment information and the safety abnormal operation state information, and acquiring the safety alarm fault attribution according to the analysis result.
In this embodiment, the security alarm fault attribution refers to a cause of the security hole of the network communication device.
Specifically, according to the security abnormal equipment information, information such as the type of the communication equipment and the type of the equipment is obtained, the function and the operation logic of the network communication equipment in the whole area are obtained based on the information, the operation mode and the corresponding function of the communication equipment are obtained, and the operation mode and the corresponding function type of the communication equipment are input into a preset diagnosis model, so that the security alarm fault attribution is obtained.
The training mode of the diagnosis model can be to count the function type which can be realized by each communication device, count the information of the historical safety faults of the communication device according to the function type, and train to obtain the diagnosis model.
S40: and after attribution analysis is carried out on the security alarm fault attribution by using the operation and maintenance knowledge model, a security maintenance script is obtained from a configuration script library, and the security maintenance script triggers an equipment maintenance instruction according to abnormal equipment information.
In this embodiment, the configuration script library refers to a script in which a network security hole of the communication device is modified. The security maintenance script refers to a script for specifically repairing a device corresponding to the abnormal device operation state data.
Specifically, according to the information of the historical safety faults counted during the training of the diagnosis model, a method for repairing each fault is obtained from the information of the historical safety faults, so that a corresponding script is manufactured, but when similar safety faults are identified, the script can be issued and run in time, so that the safety loopholes are repaired in time, and the safety of network communication is guaranteed.
Further, after setting the corresponding script, binding and associating the configured script with the type, model and fault type of the corresponding communication equipment to form the configuration script library. Optionally, if, when the security hole is found in practice, there is no script capable of repairing the security hole in the configuration script library, after repairing the device by the relevant staff, updating the configuration script library in real time.
Further, the operation and maintenance knowledge model is preset, an operation and maintenance knowledge base can be formed from the information of the historical security faults by adopting data such as an expert base, expert experience, related security hole strategies and the like, a learning sample is provided through the knowledge base, and is used for learning by adopting a neural network learning mode according to the fault attribution judging security hole repairing mode in the knowledge base, so that the operation and maintenance knowledge model is obtained.
Further, after the security alarm fault attribution is input into the operation and maintenance knowledge model, the security alarm fault attribution is judged according to the identification of the operation and maintenance knowledge model, so that a security maintenance script is obtained from the configuration script library, and the security maintenance script triggers a device maintenance instruction according to abnormal device information so as to repair the communication device corresponding to the abnormal device operation state data.
Through the arrangement of hierarchical deployment, the monitoring end of each level can check the corresponding security holes, and timely issue the corresponding security maintenance scripts according to the security alarm fault attribute corresponding to the security holes, so that the network security holes can be timely repaired, and the risk of data leakage is reduced; meanwhile, the corresponding security holes can be reported by different levels, so that the information of the security holes can be counted by the previous level, and the model for detecting the security holes can be updated timely according to the current situation, so that the efficiency of detecting the security holes can be improved while the security holes can be repaired timely in an up-and-down linkage mode.
In this embodiment, when the corresponding communication device is running or the construction is completed in a staged manner and the security test is required, the running state data of the device obtained by real-time detection is input into a preset network security abnormality early warning model, so that the abnormal running state can be found in time before an accident caused by network security occurs, thereby being beneficial to reducing the loss caused by the network security problem; by detecting the safety abnormality early warning message and performing diagnosis and analysis in time, the corresponding fault cause can be automatically diagnosed when abnormality is found, so that the safety alarm early warning message is convenient to repair in time, and the possibility of loss caused by network safety problems is reduced; meanwhile, the corresponding safety maintenance script is obtained from the configuration script library, and automatic repair can be performed in time when the communication equipment is abnormal, so that the overall safety and repair efficiency of network safety are improved.
In one embodiment, as shown in fig. 2, before step S10, the method for securely managing a credit network further includes:
s01: acquiring historical safety abnormal data, counting abnormal type information from the historical safety abnormal data, and splitting the historical safety abnormal data according to the abnormal type information to obtain a safety abnormal state data packet corresponding to each abnormal type information.
In this embodiment, the historical security anomaly data refers to data of network security vulnerabilities detected during network security detection of operation of various communication devices by history. The abnormality type information refers to information for distinguishing the type of failure in the historical security abnormality data. The security anomaly state data packet refers to historical security anomaly data stored with the same anomaly type information.
Specifically, when network security detection is performed on the communication device each time and a security hole is found, data such as the security hole which specifically appears, the communication device with the security hole, and main functions of the communication device when the communication device operates are recorded as historical security abnormal data.
Further, according to the priority of the historical security anomaly data from high to low according to the security hole, the communication equipment with the security hole and the main function when the communication equipment operates, the historical security anomaly data is classified as the classification standard, namely the anomaly type information, so that a security anomaly state data table corresponding to each anomaly type information is obtained.
S02: and acquiring the information of the equipment to be detected, and acquiring a corresponding safety abnormal state data packet according to the information of the equipment to be detected, wherein the safety abnormal state data packet is used as a data packet of the state to be trained.
In this embodiment, the device information to be detected refers to a list of communication devices that need to be installed this time.
Specifically, the information of the equipment to be detected is used for carrying out matching inquiry with the communication equipment with security holes in the security abnormal state data packet, and the matching result is used as the data packet of the state to be trained.
S03: and testing equipment corresponding to the equipment information to be detected according to the data packet of the state to be trained, and obtaining a corresponding abnormal test result.
In particular, as the existing communication devices are continuously improved and upgraded, such as research and development and replacement of chips, storage devices and other resources, faults which can cause network security in the past for the same kind of communication devices do not necessarily affect the existing devices, in order to improve the accuracy and efficiency of detection, debugging training needs to be performed on the data packet to be trained, so that an early warning model matched with the current communication device can be obtained.
Therefore, in the construction stage of the communication equipment, after the communication equipment is installed and debugged, and before the communication equipment is ready to be formally put into operation, the vulnerability pair attacks the corresponding type of communication equipment, which causes network security abnormality, and the influence of the vulnerability suffered in the past on the current communication equipment is checked, and the running state of the communication equipment after the attack is used as an abnormality test result.
S04: and screening the data packet to be trained according to the abnormal test result to obtain a network security abnormal early warning model.
Specifically, if the abnormal test result is that no abnormality exists, the corresponding loopholes are removed from the data packet of the state to be trained, and therefore the network security abnormality early warning model is obtained.
In an embodiment, the security anomaly early-warning result includes a device security operation and a device operation anomaly, as shown in fig. 3, in step S10, device operation state data is obtained in real time, and the device operation state data is input into a preset network security anomaly early-warning model to obtain the security anomaly early-warning result, which specifically includes:
s11: and carrying out matching inquiry on the equipment running state data and the state data packet to be trained in the network security anomaly early warning model to obtain a corresponding matching result.
In this embodiment, the currently detected device operation state data is matched and queried with the network complete abnormality early warning model, so as to verify whether the device operation state data accords with the state of the type of communication device when the security hole appears in the network security abnormality early warning model.
S12: if the matching result is that the equipment running state data is successfully matched in the to-be-trained state data packet, the safety abnormality early warning result is that the equipment runs abnormally, otherwise, the equipment runs safely.
Specifically, if the matching is successful, the running state data of the equipment is consistent with the state of the communication equipment with the type when the security hole appears in the network security abnormality early warning model, the security abnormality early warning result is that the equipment runs abnormally, and otherwise, the equipment runs safely.
In one embodiment, as shown in fig. 4, in step S30, anomaly diagnosis analysis is performed on the safety anomaly device information and the safety anomaly operation state information, and the safety warning fault attribution is obtained according to the analysis result, which specifically includes:
s31: and acquiring a corresponding security abnormal state data packet from the network security abnormal early warning model according to the security abnormal equipment information, and taking the corresponding security abnormal state data packet as an attribution judging data packet.
Specifically, the security anomaly equipment information and the equipment information in the network security anomaly early warning model are subjected to matching query, and a corresponding security anomaly state data packet in the network security anomaly early warning model is obtained and used as the attribution judging data packet.
S32: and inputting the safe abnormal operation state information into the attribution judging data packet to carry out matching inquiry so as to acquire corresponding abnormal type information.
Specifically, the running state information according to the security anomaly is input into the attribution judging data packet for matching inquiry, that is, after the security anomaly state of the type of equipment is called according to the equipment with the network security hole in step S31, further screening is performed according to the security anomaly state to obtain related data, that is, the anomaly type information, when the equipment has the same or similar anomaly state, it is understood that the anomaly type information is not only a standard for classifying the historical security anomaly data, but also the type of equipment is recorded, and when the type of attack is reached to an anomaly state, the type of attack is received.
S33: if the abnormal type information is successfully matched, carrying out abnormality diagnosis analysis on the abnormal type information according to the safety abnormal equipment information to obtain safety alarm fault attribution, otherwise triggering an abnormality processing message to obtain the safety alarm fault attribution.
Specifically, if the abnormal type information can be successfully matched, the communication equipment is proved to be attacked by the same or similar type, the abnormal diagnosis analysis is carried out according to the abnormal type information, and the reasons and the loopholes of the attack are analyzed from the data of the historical abnormality and are used as the attribution of the safety alarm fault.
If the abnormal type information is not matched, the equipment is judged to be under new network security attack, and then a processing message of the abnormal condition is triggered to inform relevant technicians to analyze and process so as to obtain the security alarm fault attribution.
In one embodiment, as shown in fig. 5, after the device operation status data is acquired in real time in step S10, the method for securely managing a trusted network further includes:
s101: and if the new state information is acquired from the equipment operation state data, acquiring new state position data from the new state information.
In this embodiment, the new state information refers to information that detects a state generated by the operation of the new device. The new state position data refers to information of the installation position of the communication device corresponding to the detected new state information.
Specifically, with the use of the communication device, there may be a new communication device added under the condition of the original scale, and there may be a possibility of attacking the network and stealing information by manually installing the device, so that in the device operation state data acquired in real time, the device state data different from the abnormal state of the device is acquired, and is used as the new state information, and the corresponding new state position data is acquired.
S102: and inquiring new equipment additionally-installed task data according to the new state position data, acquiring a new equipment identifier from the new state information if the new equipment is successfully inquired, updating a network security abnormality early warning model according to the new equipment identifier, and otherwise triggering an abnormal equipment warning message.
In this embodiment, the new device adding task data refers to adding or replacing the task information of the communication device based on the scale of the original communication device.
Specifically, according to the new state position data, inquiring new equipment installation task data, namely inquiring whether an installation task for installing the new equipment at the position exists or not, if yes, acquiring new equipment identification of the additionally installed or replaced equipment, and updating the network security abnormality early warning model according to the mode of training and debugging the network security abnormality early warning model according to historical security abnormality data and equipment information to be detected so as to detect the additionally installed or replaced new equipment in real time in network security.
If the data is not available, the fact that new equipment is illegally installed is indicated to be possible, namely the possibility of manually stealing the data is possible, and the abnormal equipment alarm message is triggered so that related personnel can check the abnormal equipment.
In one embodiment, after step S40, that is, after the new device is queried for the task data according to the new state location data, if the query is successful, the new device identifier is obtained from the new state information, and the network security anomaly early-warning model is updated according to the new device identifier, the method for managing the trusted network security further includes:
s50: and acquiring engineering management progress data corresponding to the new equipment installation task data, and acquiring corresponding engineering management data according to the engineering management progress data.
In this embodiment, the project management progress data refers to data of a corresponding project progress in a process of project management. Engineering management data refers to data generated in the process of managing engineering accordingly.
Specifically, in the process of building the communication equipment, corresponding engineering management progress data is made according to the current engineering progress, namely according to the content in the task data of the new equipment, so that engineering management personnel, namely engineering supervision personnel, can perform corresponding management, such as recording, detection, photographing and the like, according to the engineering management progress data, and corresponding engineering management data is formed.
S60: when the network communication abnormal signal is obtained, personnel user side information corresponding to the triggering engineering management data is obtained, and the engineering management data is cached according to the personnel user side information.
Specifically, because the condition of network communication is poor, the condition of adding task data to corresponding new equipment needs to be triggered, and therefore, the corresponding engineering management data can be affected when being uploaded in the engineering management process, therefore, when the network communication is abnormal, personnel user side information triggering the engineering management data is obtained, the engineering management data is cached in the personnel user side, meanwhile, the content of further engineering management can be triggered, and the smooth progress of engineering construction is ensured.
S70: and when the network communication recovery signal is acquired, releasing and uploading engineering management data.
Specifically, when the network is restored, the engineering management data is acquired from the cached position and uploaded so as to be recorded in time.
It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic of each process, and should not limit the implementation process of the embodiment of the present application in any way.
In an embodiment, a credit network security management device is provided, where the credit network security management device corresponds to the credit network security management method in the above embodiment one by one. As shown in fig. 7, the information-based network security management device includes an anomaly detection module, a state extraction module, an attribution analysis module, and a vulnerability restoration module. The functional modules are described in detail as follows:
the abnormality detection module is used for acquiring the equipment operation state data in real time, inputting the equipment operation state data into a preset network security abnormality early-warning model and obtaining a security abnormality early-warning result;
the state extraction module is used for acquiring abnormal equipment information and abnormal equipment operation state data from the safety abnormal early warning message when the safety abnormal early warning message is acquired from the abnormal early warning result;
the attribution analysis module is used for carrying out abnormality diagnosis analysis on the safety abnormal equipment information and the safety abnormal operation state information, and acquiring safety alarm fault attribution according to an analysis result;
and the vulnerability restoration module is used for acquiring a security maintenance script from the configuration script library after attributing and analyzing the security alarm fault attribution by using the operation and maintenance knowledge model, and triggering the equipment maintenance instruction by the security maintenance script according to the abnormal equipment information.
Optionally, the security management device of the credit network further includes:
the historical data processing module is used for acquiring historical safety abnormal data, counting abnormal type information from the historical safety abnormal data, splitting the historical safety abnormal data according to the abnormal type information, and obtaining a safety abnormal state data packet corresponding to each abnormal type information;
the historical data screening module is used for acquiring the equipment information to be detected, and acquiring a corresponding safety abnormal state data packet according to the equipment information to be detected, and taking the safety abnormal state data packet as a data packet of a state to be trained;
the fuzzy test module is used for testing equipment corresponding to the equipment information to be detected according to the data packet of the state to be trained to obtain a corresponding abnormal test result;
the model building module is used for screening the data packet to be trained according to the abnormal test result to obtain a network security abnormal early warning model.
Optionally, the safety abnormality early warning result includes equipment safety operation and equipment operation abnormality, and the abnormality detection module includes:
the state matching sub-module is used for carrying out matching inquiry on the equipment operation state data and a to-be-trained state data packet in the network security anomaly early warning model to obtain a corresponding matching result;
The abnormality detection sub-module is used for detecting that the safety abnormality early warning result is abnormal operation of the equipment if the matching result is that the equipment operation state data is successfully matched in the to-be-trained state data packet, and otherwise, the safety abnormality early warning result is safe operation of the equipment.
Optionally, the attribution analysis module includes:
the data packet screening sub-module is used for acquiring a corresponding safety abnormal state data packet from the network safety abnormal early warning model according to the safety abnormal equipment information, and taking the corresponding safety abnormal state data packet as an attribution judging data packet;
the category query sub-module is used for inputting the safety abnormal operation state information into the attribution judging data packet to carry out matching query so as to acquire corresponding abnormal category information;
and the attribution analysis sub-module is used for carrying out abnormality diagnosis analysis on the abnormal type information according to the safety abnormal equipment information if the abnormal type information is successfully matched with the safety abnormal equipment information to obtain safety alarm fault attribution, and triggering an abnormal processing message to obtain the safety alarm fault attribution if the abnormal type information is not successfully matched with the safety alarm fault attribution.
Optionally, the security management device of the credit network further includes:
the new equipment detection module is used for acquiring new state position data from the new state information if the new state information is acquired from the equipment operation state data;
and the new equipment processing module is used for inquiring new equipment adding task data according to the new state position data, acquiring a new equipment identifier from the new state information if the new equipment adding task data can be successfully inquired, updating a network security abnormality early warning model according to the new equipment identifier, and triggering an abnormal equipment warning message if the new equipment adding task data can not be successfully inquired.
The specific limitation of the security management device of the trafficking network can be referred to the limitation of the security management method of the trafficking network hereinabove, and will not be repeated herein. The modules in the security management device of the information creation network can be all or partially realized by software, hardware and a combination thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a server, and the internal structure of which may be as shown in fig. 8. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is used for storing the abnormality detection result and the processing result. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a method of security management for a credit-based network.
In one embodiment, a computer device is provided comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the steps of when executing the computer program:
acquiring equipment operation state data in real time, and inputting the equipment operation state data into a preset network security abnormality early-warning model to obtain a security abnormality early-warning result;
when a safety abnormality early warning message is obtained from an abnormality early warning result, obtaining abnormality equipment information and abnormality equipment operation state data from the safety abnormality early warning message;
performing abnormality diagnosis analysis on the safety abnormal equipment information and the safety abnormal operation state information, and acquiring safety alarm fault attribution according to analysis results;
and after attribution analysis is carried out on the security alarm fault attribution by using the operation and maintenance knowledge model, a security maintenance script is obtained from a configuration script library, and the security maintenance script triggers an equipment maintenance instruction according to abnormal equipment information.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of:
acquiring equipment operation state data in real time, and inputting the equipment operation state data into a preset network security abnormality early-warning model to obtain a security abnormality early-warning result;
When a safety abnormality early warning message is obtained from an abnormality early warning result, obtaining abnormality equipment information and abnormality equipment operation state data from the safety abnormality early warning message;
performing abnormality diagnosis analysis on the safety abnormal equipment information and the safety abnormal operation state information, and acquiring safety alarm fault attribution according to analysis results;
and after attribution analysis is carried out on the security alarm fault attribution by using the operation and maintenance knowledge model, a security maintenance script is obtained from a configuration script library, and the security maintenance script triggers an equipment maintenance instruction according to abnormal equipment information.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the various embodiments provided herein may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), memory bus direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), among others.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-described functions.
The above embodiments are only for illustrating the technical solution of the present application, and are not limiting; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application.

Claims (7)

1. The method for managing the security of the credit network is characterized by comprising the following steps of:
acquiring historical safety abnormal data, counting abnormal type information from the historical safety abnormal data, and splitting the historical safety abnormal data according to the abnormal type information to obtain a safety abnormal state data packet corresponding to each abnormal type information;
Acquiring equipment information to be detected, and acquiring a corresponding safety abnormal state data packet according to the equipment information to be detected, wherein the safety abnormal state data packet is used as a state data packet to be trained;
testing equipment corresponding to the equipment information to be detected according to the state data packet to be trained to obtain a corresponding abnormal test result;
screening the data packet in the state to be trained according to the abnormal test result to obtain the network security abnormal early warning model;
acquiring equipment operation state data in real time, and inputting the equipment operation state data into a preset network security abnormality early-warning model to obtain a security abnormality early-warning result;
when a safety abnormality early warning message is obtained from the abnormality early warning result, abnormal equipment information and abnormal equipment operation state data are obtained from the safety abnormality early warning message;
performing abnormality diagnosis analysis on the safety abnormal equipment information and the safety abnormal operation state information, and acquiring safety alarm fault attribution according to an analysis result, wherein the method specifically comprises the following steps of:
acquiring the corresponding security abnormal state data packet from the network security abnormal early warning model according to the security abnormal equipment information, and taking the data packet as an attribution judging data packet;
Inputting the safe abnormal operation state information into the attribution judging data packet to carry out matching inquiry so as to acquire the corresponding abnormal type information;
if the abnormal type information is successfully matched, carrying out the abnormality diagnosis analysis on the abnormal type information according to the safety abnormal equipment information to obtain the safety alarm fault attribution, otherwise triggering an abnormality processing message to obtain the safety alarm fault attribution;
and after attribution analysis is carried out on the safety alarm fault attribution by using an operation and maintenance knowledge model, acquiring a safety maintenance script from a configuration script library, and triggering an equipment maintenance instruction by the safety maintenance script according to the abnormal equipment information.
2. The method for securely managing a credit-invasive network according to claim 1, wherein the security anomaly early-warning result includes a device security operation and a device operation anomaly, the real-time obtaining device operation state data, and inputting the device operation state data into a preset network security anomaly early-warning model to obtain the security anomaly early-warning result, specifically comprising:
carrying out matching inquiry on the equipment running state data and the state data packet to be trained in the network security anomaly early warning model to obtain a corresponding matching result;
And if the matching result is that the equipment operation state data is successfully matched in the to-be-trained state data packet, the safety abnormality early warning result is that the equipment operation is abnormal, otherwise, the equipment operation is safe.
3. The method according to any one of claims 1-2, wherein after the acquiring of the device operation state data in real time, the method further comprises:
if new state information is acquired from the equipment operation state data, acquiring new state position data from the new state information;
and inquiring new equipment mounting task data according to the new state position data, acquiring a new equipment identifier from the new state information if the new equipment mounting task data can be successfully inquired, updating the network security abnormality early warning model according to the new equipment identifier, and otherwise triggering an abnormal equipment warning message.
4. The method for securely managing a credit network according to claim 3, wherein after said inquiring new device attachment task data according to said new state location data, if the inquiring is successful, a new device identifier is obtained from the new state information, and said network security anomaly early-warning model is updated according to said new device identifier, said method for securely managing a credit network further comprises:
Acquiring engineering management progress data corresponding to the new equipment installation task data, and acquiring corresponding engineering management data according to the engineering management progress data;
when a network communication abnormal signal is acquired, acquiring personnel user side information corresponding to the engineering management data, and caching the engineering management data according to the personnel user side information;
and when the network communication recovery signal is acquired, releasing and uploading the engineering management data.
5. A credit network security management apparatus, characterized in that the credit network security management apparatus comprises:
the historical data processing module is used for acquiring historical safety abnormal data, counting abnormal type information from the historical safety abnormal data, and splitting the historical safety abnormal data according to the abnormal type information to obtain a safety abnormal state data packet corresponding to each abnormal type information;
the historical data screening module is used for acquiring equipment information to be detected, and acquiring a corresponding safety abnormal state data packet as a data packet of a state to be trained according to the equipment information to be detected;
the fuzzy test module is used for testing the equipment corresponding to the equipment information to be detected according to the state data packet to be trained to obtain a corresponding abnormal test result;
The model building module is used for screening the data packet in the state to be trained according to the abnormal test result to obtain the network security abnormal early warning model;
the abnormality detection module is used for acquiring equipment operation state data in real time, inputting the equipment operation state data into a preset network security abnormality early-warning model and obtaining a security abnormality early-warning result;
the state extraction module is used for acquiring abnormal equipment information and abnormal equipment operation state data from the safety abnormal early warning message when the safety abnormal early warning message is acquired from the abnormal early warning result;
the attribution analysis module is used for carrying out abnormality diagnosis analysis on the safety abnormal equipment information and the safety abnormal operation state information, and acquiring safety alarm fault attribution according to analysis results, and comprises the following components:
the data packet screening sub-module is used for acquiring a corresponding safety abnormal state data packet from the network safety abnormal early warning model according to the safety abnormal equipment information, and taking the corresponding safety abnormal state data packet as an attribution judging data packet;
the category query sub-module is used for inputting the safety abnormal operation state information into the attribution judging data packet to carry out matching query so as to acquire corresponding abnormal category information;
The attribution analysis sub-module is used for carrying out abnormality diagnosis and analysis on the abnormal type information according to the safety abnormal equipment information if the abnormal type information is successfully matched with the safety abnormal equipment information to obtain safety alarm fault attribution, and triggering an abnormal processing message to obtain the safety alarm fault attribution if the abnormal type information is not successfully matched with the safety alarm fault attribution;
and the vulnerability restoration module is used for acquiring a security maintenance script from a configuration script library after attributing and analyzing the security alarm fault attribution by using an operation and maintenance knowledge model, and triggering an equipment maintenance instruction by the security maintenance script according to the abnormal equipment information.
6. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the method for trafficking network security according to any one of claims 1 to 4 when the computer program is executed.
7. A computer readable storage medium storing a computer program, characterized in that the computer program when executed by a processor implements the steps of the method for trafficking network security according to any one of claims 1 to 4.
CN202111263159.9A 2021-10-28 2021-10-28 Credit network security management method, apparatus, computer device and storage medium Active CN113965397B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111263159.9A CN113965397B (en) 2021-10-28 2021-10-28 Credit network security management method, apparatus, computer device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111263159.9A CN113965397B (en) 2021-10-28 2021-10-28 Credit network security management method, apparatus, computer device and storage medium

Publications (2)

Publication Number Publication Date
CN113965397A CN113965397A (en) 2022-01-21
CN113965397B true CN113965397B (en) 2024-02-02

Family

ID=79467792

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111263159.9A Active CN113965397B (en) 2021-10-28 2021-10-28 Credit network security management method, apparatus, computer device and storage medium

Country Status (1)

Country Link
CN (1) CN113965397B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114584356A (en) * 2022-02-24 2022-06-03 烽台科技(北京)有限公司 Network security monitoring method and network security monitoring system
CN115695150B (en) * 2022-11-01 2023-08-08 广州城轨科技有限公司 Method and device for detecting networking equipment based on distributed heterogeneous fusion
CN115604018B (en) * 2022-11-02 2023-05-05 广东网安科技有限公司 Network security monitoring method, system, equipment and storage medium
CN116471196B (en) * 2023-06-19 2023-10-20 宏景科技股份有限公司 Operation and maintenance monitoring network maintenance method, system and equipment
CN117499216B (en) * 2023-12-29 2024-04-12 珠海格力电器股份有限公司 State early warning method, device, equipment and medium of Internet of things equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107682351A (en) * 2017-10-20 2018-02-09 携程旅游网络技术(上海)有限公司 Method, system, equipment and the storage medium of network security monitoring
CN110290023A (en) * 2019-06-26 2019-09-27 四川金星清洁能源装备股份有限公司 A kind of over-the-counter apparatus remote maintenance monitor supervision platform system and monitoring method
CN111193623A (en) * 2019-12-30 2020-05-22 安徽长泰信息安全服务有限公司 Network safety monitoring device for monitoring Internet of things equipment
CN111431754A (en) * 2020-04-13 2020-07-17 广东电网有限责任公司东莞供电局 Fault analysis method and system for power distribution and utilization communication network
CN112199253A (en) * 2020-10-10 2021-01-08 深圳市欧瑞博科技股份有限公司 Monitoring maintenance method and device for intelligent equipment, server and storage medium
CN113438113A (en) * 2021-06-25 2021-09-24 树根互联股份有限公司 Monitoring and maintaining method and system for equipment operation abnormity based on Internet of things

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10354332B2 (en) * 2015-09-30 2019-07-16 Sensormatic Electronics, LLC Sensor based system and method for drift analysis to predict equipment failure
US10505756B2 (en) * 2017-02-10 2019-12-10 Johnson Controls Technology Company Building management system with space graphs

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107682351A (en) * 2017-10-20 2018-02-09 携程旅游网络技术(上海)有限公司 Method, system, equipment and the storage medium of network security monitoring
CN110290023A (en) * 2019-06-26 2019-09-27 四川金星清洁能源装备股份有限公司 A kind of over-the-counter apparatus remote maintenance monitor supervision platform system and monitoring method
CN111193623A (en) * 2019-12-30 2020-05-22 安徽长泰信息安全服务有限公司 Network safety monitoring device for monitoring Internet of things equipment
CN111431754A (en) * 2020-04-13 2020-07-17 广东电网有限责任公司东莞供电局 Fault analysis method and system for power distribution and utilization communication network
CN112199253A (en) * 2020-10-10 2021-01-08 深圳市欧瑞博科技股份有限公司 Monitoring maintenance method and device for intelligent equipment, server and storage medium
CN113438113A (en) * 2021-06-25 2021-09-24 树根互联股份有限公司 Monitoring and maintaining method and system for equipment operation abnormity based on Internet of things

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Hamid Bagheri ; Jianghao Wang Department of Computer Science and Engineering, University of Nebraska-Lincoln *
Jarod Aerts ; Sam Malek.《Efficient, Evolutionary Security Analysis of Interacting Android Apps》.《 2018 IEEE International Conference on Software Maintenance and Evolution (ICSME)》.2018,全文. *
张晓岚.《基于列车数据分析的故障预警技术研究》.《 工程科技Ⅱ辑》.2021,(第2021年第06期),全文. *

Also Published As

Publication number Publication date
CN113965397A (en) 2022-01-21

Similar Documents

Publication Publication Date Title
CN113965397B (en) Credit network security management method, apparatus, computer device and storage medium
EP3693874B1 (en) Continuous vulnerability management for modern applications
CN110046073B (en) Log collection method and device, equipment and storage medium
CN112395616B (en) Vulnerability processing method and device and computer equipment
US20120331455A1 (en) Determining best practices for applying computer software patches
CN109063486B (en) Safety penetration testing method and system based on PLC equipment fingerprint identification
CN111258591A (en) Program deployment task execution method and device, computer equipment and storage medium
CN109543417B (en) Vulnerability mining method and device based on Qemu platform
KR20090038683A (en) Web firewall with automatic checking function of web server vulnerability and vulnerability checking method for using the same
CN112115005B (en) Test data acquisition method and device, computer equipment and storage medium
CN111783104B (en) Vulnerability checking method, vulnerability checking method and device for continuous integrated codes
CN115759357B (en) PSCADA data-based power supply equipment safety prediction method, system, equipment and medium
CN110990289B (en) Method and device for automatically submitting bug, electronic equipment and storage medium
CN112363920A (en) Test case repairing method and device, computer equipment and storage medium
CN108595323B (en) System testing method and related device
CN112054925B (en) Method and device for deploying background service
CN111897556B (en) Video monitoring service system based on cloud computing
CN106899977B (en) Abnormal flow detection method and device
CN112395125A (en) Method and device for notifying page error report, computer equipment and storage medium
CN116345690B (en) Power monitoring false alarm identification method and system based on power supply system equipment list
CN112817827A (en) Operation and maintenance method, device, server, equipment, system and medium
CN111813592A (en) Method and device for optimizing system fault recovery plan and computer storage medium
CN112131090B (en) Service system performance monitoring method, device, equipment and medium
CN114154169A (en) Jenkins and JMeter-based automatic test method and device
CN114189349A (en) Safety monitoring and early warning platform, safety monitoring and early warning method and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant