CN114201956A - Safety protection method and system for industrial internet - Google Patents

Safety protection method and system for industrial internet Download PDF

Info

Publication number
CN114201956A
CN114201956A CN202111461682.2A CN202111461682A CN114201956A CN 114201956 A CN114201956 A CN 114201956A CN 202111461682 A CN202111461682 A CN 202111461682A CN 114201956 A CN114201956 A CN 114201956A
Authority
CN
China
Prior art keywords
data stream
cluster
cloud computing
word
industrial internet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111461682.2A
Other languages
Chinese (zh)
Other versions
CN114201956B (en
Inventor
苏长君
曾祥禄
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Zhimei Internet Technology Co ltd
Original Assignee
Beijing Zhimei Internet Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Zhimei Internet Technology Co ltd filed Critical Beijing Zhimei Internet Technology Co ltd
Priority to CN202111461682.2A priority Critical patent/CN114201956B/en
Publication of CN114201956A publication Critical patent/CN114201956A/en
Application granted granted Critical
Publication of CN114201956B publication Critical patent/CN114201956B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F40/00Handling natural language data
    • G06F40/20Natural language analysis
    • G06F40/205Parsing
    • G06F40/211Syntactic parsing, e.g. based on context-free grammar [CFG] or unification grammars
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F40/00Handling natural language data
    • G06F40/30Semantic analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Audiology, Speech & Language Pathology (AREA)
  • Computational Linguistics (AREA)
  • General Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Machine Translation (AREA)

Abstract

The invention provides a safety protection method and a safety protection system for an industrial internet, which are characterized in that a cloud computing platform is built to obtain an industrial internet data stream, similar objects are clustered according to similarity of object identification characters, a cluster-shaped structure with directions is obtained by combining timestamps, and a characteristic vector is further analyzed in a syntactic analysis and semantic analysis manner to obtain the large class of information and topics, so that whether the data stream is in conformity or not is judged more easily, cloud computing tracing is called for the data stream which is not in conformity, and when the corresponding terminal equipment is judged to be in nonconformity, the terminal equipment is informed of dormancy by utilizing two different entity servers at the edge and the center.

Description

Safety protection method and system for industrial internet
Technical Field
The application relates to the field of network multimedia, in particular to a safety protection method and system for industrial internet.
Background
The current network technology is rapidly developed in an industrial scene, and with the continuous expansion of the industrial internet boundary, the brought security problem also draws more and more attention in the industry. Due to the particularity of the industrial internet scene, a large amount of scattered data such as various sensor data exists, and the scattered data is very easy to be confused with hidden attack information, so that great difficulty is brought to safety protection.
Therefore, a method and a system for targeted security protection of the industrial internet are urgently needed.
Disclosure of Invention
The invention aims to provide a safety protection method and a safety protection system for an industrial internet, which are characterized in that an industrial internet data stream is obtained by building a cloud computing platform, similar objects are clustered according to similarity clustering of object identification characters, a cluster-shaped structure with a direction is obtained by combining a timestamp, and a characteristic vector is further analyzed by syntax and semantic to obtain a large class of information and topics, so that whether the terminal equipment is in compliance or not is judged more easily, cloud computing tracing is called for the data stream which is in the non-compliance, and the terminal equipment is informed of dormancy when the corresponding terminal equipment is judged to be in the non-compliance by utilizing two different entity servers at the edge and the center.
In a first aspect, the present application provides a method for securing an industrial internet, the method including:
the method comprises the steps that a cloud computing platform is built on a cluster server, a syntactic model and a semantic analysis model are built, the syntactic model and the semantic analysis model are respectively located on different core entities of the cloud computing platform, and the core entities are entity servers which are located in a central position in the cloud computing platform;
according to an obtaining strategy, obtaining a data stream transmitted in the industrial Internet, inquiring an identifier of a source device from a cluster server, extracting a characteristic vector and an object identifier of the data stream, converting the object identifier into a character string, carrying out hash operation on the characteristic vector and the identifier of the source device to obtain a first vector, inputting the first vector into a syntactic model to carry out sentence breaking to obtain a word component;
decomposing the character strings of the object identifications according to characters, clustering according to the similarity of the characters, forming a cluster by a plurality of object identifications with the similarity higher than a threshold value, forming a track by the similarity and the timestamp, and forming a cluster-shaped structure with a direction by the cluster and the track;
inputting the word components into a semantic analysis model, outputting word meanings, wherein the word meanings are sentences which are removed of language words, concise, unique in meaning and use large words, recombining the word meanings into new sentences, and vectorizing to obtain second feature vectors;
calculating the similarity among a plurality of second feature vectors, and forming the second feature vectors with the similarity higher than a second threshold into a class;
judging whether the word meaning comprises a specified keyword or not, if so, continuously judging whether a statement of the word meaning forms a specified meaning or not, if so, determining that the corresponding second feature vector belongs to the condition needing alarming, and sending an alarm message together aiming at the class to which the second feature vector belongs; if the statement does not form the specified meaning, then the corresponding second feature vector compliance is asserted;
the cloud computing platform calls an entity server with a marginal position, traces to the word component corresponding to the source and the cluster structure, sends the suspected track and the suspected source point to an entity server with a central position, the entity server with the central position calls the computing capacity of the cloud computing platform, determines the source point corresponding to the data stream, inquires an equipment terminal corresponding to the source point from the cluster server, and informs the equipment terminal of dormancy.
With reference to the first aspect, in a first possible implementation manner of the first aspect, the tracing further includes risk assessment, attack association analysis, and situation awareness.
With reference to the first aspect, in a second possible implementation manner of the first aspect, the obtaining the data stream transmitted inside the industrial internet includes encoding and decoding the data stream.
With reference to the first aspect, in a third possible implementation manner of the first aspect, the kernels of the semantic analysis model and the syntax model both use a neural network model.
In a second aspect, the present application provides a security protection system for industrial internet, the system comprising a processor and a memory:
the memory is used for storing program codes and transmitting the program codes to the processor;
the processor is configured to perform the method of any one of the four possibilities of the first aspect according to instructions in the program code.
In a third aspect, the present application provides a computer readable storage medium for storing program code for performing the method of any one of the four possibilities of the first aspect.
The invention provides a safety protection method and a safety protection system for an industrial internet, which are characterized in that a cloud computing platform is built to obtain an industrial internet data stream, similar objects are clustered according to similarity of object identification characters, a cluster-shaped structure with directions is obtained by combining timestamps, and a characteristic vector is further analyzed in a syntactic analysis and semantic analysis manner to obtain the large class of information and topics, so that whether the data stream is in conformity or not is judged more easily, cloud computing tracing is called for the data stream which is not in conformity, and when the corresponding terminal equipment is judged to be in nonconformity, the terminal equipment is informed of dormancy by utilizing two different entity servers at the edge and the center.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a flow chart of the method of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings so that the advantages and features of the present invention can be more easily understood by those skilled in the art, and the scope of the present invention will be more clearly and clearly defined.
Fig. 1 is a flowchart of a security protection method for an industrial internet, which includes:
the method comprises the steps that a cloud computing platform is built on a cluster server, a syntactic model and a semantic analysis model are built, the syntactic model and the semantic analysis model are respectively located on different core entities of the cloud computing platform, and the core entities are entity servers which are located in a central position in the cloud computing platform;
according to an obtaining strategy, obtaining a data stream transmitted in the industrial Internet, inquiring an identifier of a source device from a cluster server, extracting a characteristic vector and an object identifier of the data stream, converting the object identifier into a character string, carrying out hash operation on the characteristic vector and the identifier of the source device to obtain a first vector, inputting the first vector into a syntactic model to carry out sentence breaking to obtain a word component;
decomposing the character strings of the object identifications according to characters, clustering according to the similarity of the characters, forming a cluster by a plurality of object identifications with the similarity higher than a threshold value, forming a track by the similarity and the timestamp, and forming a cluster-shaped structure with a direction by the cluster and the track;
inputting the word components into a semantic analysis model, outputting word meanings, wherein the word meanings are sentences which are removed of language words, concise, unique in meaning and use large words, recombining the word meanings into new sentences, and vectorizing to obtain second feature vectors;
calculating the similarity among a plurality of second feature vectors, and forming the second feature vectors with the similarity higher than a second threshold into a class;
judging whether the word meaning comprises a specified keyword or not, if so, continuously judging whether a statement of the word meaning forms a specified meaning or not, if so, determining that the corresponding second feature vector belongs to the condition needing alarming, and sending an alarm message together aiming at the class to which the second feature vector belongs; if the statement does not form the specified meaning, then the corresponding second feature vector compliance is asserted;
the cloud computing platform calls an entity server with a marginal position, traces to the word component corresponding to the source and the cluster structure, sends the suspected track and the suspected source point to an entity server with a central position, the entity server with the central position calls the computing capacity of the cloud computing platform, determines the source point corresponding to the data stream, inquires an equipment terminal corresponding to the source point from the cluster server, and informs the equipment terminal of dormancy.
In some preferred embodiments, the tracing further includes risk assessment, attack correlation analysis, and situational awareness.
In some preferred embodiments, the obtaining of the data stream transmitted inside the industrial internet includes encoding and decoding the data stream.
In some preferred embodiments, the kernels of the semantic analysis model and the syntactic model both use a neural network model.
The application provides an industry internet's safety protection system, the system includes: the system includes a processor and a memory:
the memory is used for storing program codes and transmitting the program codes to the processor;
the processor is configured to perform the method according to any of the embodiments of the first aspect according to instructions in the program code.
The present application provides a computer readable storage medium for storing program code for performing the method of any of the embodiments of the first aspect.
In specific implementation, the present invention further provides a computer storage medium, where the computer storage medium may store a program, and the program may include some or all of the steps in the embodiments of the present invention when executed. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM) or a Random Access Memory (RAM).
Those skilled in the art will readily appreciate that the techniques of the embodiments of the present invention may be implemented as software plus a required general purpose hardware platform. Based on such understanding, the technical solutions in the embodiments of the present invention may be embodied in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments.
The same and similar parts in the various embodiments of the present specification may be referred to each other. In particular, for the embodiments, since they are substantially similar to the method embodiments, the description is simple, and the relevant points can be referred to the description in the method embodiments.
The above-described embodiments of the present invention should not be construed as limiting the scope of the present invention.

Claims (6)

1. A safety protection method and a system for industrial Internet are characterized in that the method comprises the following steps:
the method comprises the steps that a cloud computing platform is built on a cluster server, a syntactic model and a semantic analysis model are built, the syntactic model and the semantic analysis model are respectively located on different core entities of the cloud computing platform, and the core entities are entity servers which are located in a central position in the cloud computing platform;
according to an obtaining strategy, obtaining a data stream transmitted in the industrial Internet, inquiring an identifier of a source device from a cluster server, extracting a characteristic vector and an object identifier of the data stream, converting the object identifier into a character string, carrying out hash operation on the characteristic vector and the identifier of the source device to obtain a first vector, inputting the first vector into a syntactic model to carry out sentence breaking to obtain a word component;
decomposing the character strings of the object identifications according to characters, clustering according to the similarity of the characters, forming a cluster by a plurality of object identifications with the similarity higher than a threshold value, forming a track by the similarity and the timestamp, and forming a cluster-shaped structure with a direction by the cluster and the track;
inputting the word components into a semantic analysis model, outputting word meanings, wherein the word meanings are sentences which are removed of language words, concise, unique in meaning and use large words, recombining the word meanings into new sentences, and vectorizing to obtain second feature vectors;
calculating the similarity among a plurality of second feature vectors, and forming the second feature vectors with the similarity higher than a second threshold into a class;
judging whether the word meaning comprises a specified keyword or not, if so, continuously judging whether a statement of the word meaning forms a specified meaning or not, if so, determining that the corresponding second feature vector belongs to the condition needing alarming, and sending an alarm message together aiming at the class to which the second feature vector belongs; if the statement does not form the specified meaning, then the corresponding second feature vector compliance is asserted;
the cloud computing platform calls an entity server with a marginal position, traces to the word component corresponding to the source and the cluster structure, sends the suspected track and the suspected source point to an entity server with a central position, the entity server with the central position calls the computing capacity of the cloud computing platform, determines the source point corresponding to the data stream, inquires an equipment terminal corresponding to the source point from the cluster server, and informs the equipment terminal of dormancy.
2. The method of claim 1, wherein: the tracing further comprises risk assessment, attack correlation analysis and situation awareness.
3. The method according to any one of claims 1-2, wherein: the acquiring of the data stream transmitted inside the industrial internet comprises encoding and decoding of the data stream.
4. A method according to any one of claims 1-3, characterized in that: the kernels of the semantic analysis model and the syntactic model both use a neural network model.
5. An industrial internet security protection system, comprising a processor and a memory:
the memory is used for storing program codes and transmitting the program codes to the processor;
the processor is configured to perform the method according to instructions in the program code to implement any of claims 1-4.
6. A computer-readable storage medium, characterized in that the computer-readable storage medium is configured to store a program code for performing implementing the method of any of claims 1-4.
CN202111461682.2A 2021-12-02 2021-12-02 Security protection method and system for industrial Internet Active CN114201956B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111461682.2A CN114201956B (en) 2021-12-02 2021-12-02 Security protection method and system for industrial Internet

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111461682.2A CN114201956B (en) 2021-12-02 2021-12-02 Security protection method and system for industrial Internet

Publications (2)

Publication Number Publication Date
CN114201956A true CN114201956A (en) 2022-03-18
CN114201956B CN114201956B (en) 2024-07-05

Family

ID=80650234

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111461682.2A Active CN114201956B (en) 2021-12-02 2021-12-02 Security protection method and system for industrial Internet

Country Status (1)

Country Link
CN (1) CN114201956B (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080091405A1 (en) * 2006-10-10 2008-04-17 Konstantin Anisimovich Method and system for analyzing various languages and constructing language-independent semantic structures
US20140114649A1 (en) * 2006-10-10 2014-04-24 Abbyy Infopoisk Llc Method and system for semantic searching
US20170154052A1 (en) * 2015-11-30 2017-06-01 International Business Machines Corporation Method and apparatus for identifying semantically related records
CN107679144A (en) * 2017-09-25 2018-02-09 平安科技(深圳)有限公司 News sentence clustering method, device and storage medium based on semantic similarity
KR20190133931A (en) * 2018-05-24 2019-12-04 한국과학기술원 Method to response based on sentence paraphrase recognition for a dialog system
US20200065389A1 (en) * 2017-10-10 2020-02-27 Tencent Technology (Shenzhen) Company Limited Semantic analysis method and apparatus, and storage medium
CN110909165A (en) * 2019-11-25 2020-03-24 杭州网易再顾科技有限公司 Data processing method, device, medium and electronic equipment
KR20200080822A (en) * 2018-12-27 2020-07-07 포항공과대학교 산학협력단 A method for mapping a natural language sentence to an SQL query
CN111917792A (en) * 2020-08-10 2020-11-10 武汉思普崚技术有限公司 Method and system for analyzing and mining flow safety
CN113505293A (en) * 2021-06-15 2021-10-15 深圳追一科技有限公司 Information pushing method and device, electronic equipment and storage medium

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080091405A1 (en) * 2006-10-10 2008-04-17 Konstantin Anisimovich Method and system for analyzing various languages and constructing language-independent semantic structures
US20140114649A1 (en) * 2006-10-10 2014-04-24 Abbyy Infopoisk Llc Method and system for semantic searching
US20170154052A1 (en) * 2015-11-30 2017-06-01 International Business Machines Corporation Method and apparatus for identifying semantically related records
CN107679144A (en) * 2017-09-25 2018-02-09 平安科技(深圳)有限公司 News sentence clustering method, device and storage medium based on semantic similarity
US20200065389A1 (en) * 2017-10-10 2020-02-27 Tencent Technology (Shenzhen) Company Limited Semantic analysis method and apparatus, and storage medium
KR20190133931A (en) * 2018-05-24 2019-12-04 한국과학기술원 Method to response based on sentence paraphrase recognition for a dialog system
KR20200080822A (en) * 2018-12-27 2020-07-07 포항공과대학교 산학협력단 A method for mapping a natural language sentence to an SQL query
CN110909165A (en) * 2019-11-25 2020-03-24 杭州网易再顾科技有限公司 Data processing method, device, medium and electronic equipment
CN111917792A (en) * 2020-08-10 2020-11-10 武汉思普崚技术有限公司 Method and system for analyzing and mining flow safety
CN113505293A (en) * 2021-06-15 2021-10-15 深圳追一科技有限公司 Information pushing method and device, electronic equipment and storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
王旭仁;李娜;何发镁;王彦丽;宋蓓;: "基于改进聚类算法的网络舆情分析系统研究", 情报学报, no. 05, 24 May 2014 (2014-05-24) *
王立平;赵晖;: "融合词向量与关键词提取的微博话题发现", 现代计算机, no. 23, 15 August 2020 (2020-08-15) *

Also Published As

Publication number Publication date
CN114201956B (en) 2024-07-05

Similar Documents

Publication Publication Date Title
CN110516067B (en) Public opinion monitoring method, system and storage medium based on topic detection
CN110851761A (en) Infringement detection method, device and equipment based on block chain and storage medium
CN108509793A (en) A kind of user's anomaly detection method and device based on User action log data
CN111813960A (en) Data security audit model device and method based on knowledge graph and terminal equipment
JP2012113542A (en) Device and method for emotion estimation, program and recording medium for the same
CN113990352B (en) User emotion recognition and prediction method, device, equipment and storage medium
CN110909531A (en) Method, device, equipment and storage medium for discriminating information security
CN109582954A (en) Method and apparatus for output information
CN115188067A (en) Video behavior identification method and device, electronic equipment and storage medium
CN117351336A (en) Image auditing method and related equipment
CN115495744A (en) Threat information classification method, device, electronic equipment and storage medium
CN117251551A (en) Natural language processing system and method based on large language model
CN115238799A (en) AI-based random forest malicious traffic detection method and system
JP6563350B2 (en) Data classification apparatus, data classification method, and program
CN109359481A (en) It is a kind of based on BK tree anti-collision search about subtract method
CN114201956A (en) Safety protection method and system for industrial internet
CN115563296A (en) Fusion detection method and system based on content semantics
CN114201955B (en) Internet flow platform monitoring method and system
CN111464687A (en) Strange call request processing method and device
CN115391674A (en) Method, device, equipment and storage medium for efficiently suppressing false information of network community
CN114168731B (en) Internet media flow safety protection method and system
Lavesson et al. Similarity assessment for removal of noisy end user license agreements
CN114818716A (en) Risk subject identification method and device, storage medium and equipment
CN114416923A (en) News entity linking method and system based on rich text characteristics
CN114662487A (en) Text segmentation method and device, electronic equipment and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 607a, 6 / F, No. 31, Fuchengmenwai street, Xicheng District, Beijing 100037

Applicant after: Beijing Guorui Digital Intelligence Technology Co.,Ltd.

Address before: 607a, 6 / F, No. 31, Fuchengmenwai street, Xicheng District, Beijing 100037

Applicant before: Beijing Zhimei Internet Technology Co.,Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant