CN114389902B - Block chain-based network security monitoring method and system - Google Patents

Block chain-based network security monitoring method and system Download PDF

Info

Publication number
CN114389902B
CN114389902B CN202210292673.3A CN202210292673A CN114389902B CN 114389902 B CN114389902 B CN 114389902B CN 202210292673 A CN202210292673 A CN 202210292673A CN 114389902 B CN114389902 B CN 114389902B
Authority
CN
China
Prior art keywords
access
node
blockchain
security
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210292673.3A
Other languages
Chinese (zh)
Other versions
CN114389902A (en
Inventor
司苗珍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Sinodata Technology Co ltd
Original Assignee
Beijing Sinodata Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Sinodata Technology Co ltd filed Critical Beijing Sinodata Technology Co ltd
Priority to CN202210292673.3A priority Critical patent/CN114389902B/en
Publication of CN114389902A publication Critical patent/CN114389902A/en
Application granted granted Critical
Publication of CN114389902B publication Critical patent/CN114389902B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a network security monitoring method and system based on a block chain. The method comprises the following steps: receiving a network data access request sent by a blockchain access node, and acquiring network security feature data from the access request; calculating an access security value of a blockchain access node according to the network security feature data; inputting the network security feature data into a pre-constructed node security evaluation model, and outputting a node security evaluation value; and if the access security value is greater than the security evaluation value, allowing access, updating the node security evaluation model by using the network security feature data, and if the access security value is less than the security evaluation value, forbidding access. Each node is maintained with an evaluation model capable of evaluating the security of other nodes, and the evaluation model can be dynamically updated along with the access of other nodes, so that the accuracy of the evaluation model is improved, and the security degree of network monitoring is improved.

Description

Block chain-based network security monitoring method and system
Technical Field
The invention relates to the field of block chain data processing, in particular to a network security monitoring method and system based on a block chain.
Background
Blockchains are a term of art in information technology. In essence, the system is a shared database, and the data or information stored in the shared database has the characteristics of 'unforgeability', 'whole-course trace', 'traceability', 'public transparency', 'collective maintenance', and the like. Based on the characteristics, the block chain technology lays a solid 'trust' foundation, creates a reliable 'cooperation' mechanism and has wide application prospect. The network Security (Cyber Security) means that the hardware, software and data in the system of the network system are protected and are not damaged, changed and leaked due to accidental or malicious reasons, the system continuously, reliably and normally operates, and the network service is not interrupted.
In the conventional network security monitoring method for a block chain, security of an access node is generally considered by each receiving node, and if the node is a node already registered in the block chain, the access of the node is directly allowed, so that for a node which maliciously sends an access request, the security in the block chain cannot be guaranteed. The application provides a network security monitoring method and system capable of improving the security of block link points.
Disclosure of Invention
The invention provides a network security monitoring method based on a block chain, which comprises the following steps:
step S110, a block chain receiving node receives a network data access request sent by a block chain access node, and network security feature data are obtained from the access request;
step S120, the block chain receiving node calculates an access security value of the block chain access node according to the network security feature data;
step S130, inputting network security feature data into a pre-constructed node security evaluation model by the block link receiving node, and outputting a node security evaluation value;
and step S140, comparing the access security value with the security evaluation value, if the access security value is greater than the security evaluation value, allowing the access of the blockchain access node, updating the node security evaluation model by using the network security feature data, and if the access security value is less than the security evaluation value, forbidding the access of the blockchain access node.
The method for monitoring network security based on the blockchain comprises the steps that the blockchain is composed of a plurality of blockchain link points, the blockchain link point for sending data is used as a blockchain access node, the blockchain link point for receiving data is used as a blockchain receiving node, the blockchain access node organizes a network data access request, the network data access request is sent to the blockchain receiving node, the blockchain receiving node is used for monitoring network security, and a data access party is allowed or forbidden to access the node.
The network security monitoring method based on the blockchain is characterized in that a data transmission protocol is preset between each blockchain access node and each blockchain receiving node, the data transmission protocol includes network security feature data, and the network security feature data includes a network address, a node attribute, an access service category, frequent access times, and a credit value.
The network security monitoring method based on the block chain as described above, wherein each block chain node may perform data communication with each other, but each block chain node has different limits for other block chain nodes, including different ranges of network addresses allowed to be accessed, different attributes of devices allowed to be accessed, different degrees of openness for access service classes, different security evaluations due to access times, and different permissions allowed to be accessed by different credit values.
The network security monitoring method based on the blockchain comprises the steps of obtaining network security feature data from an access request to form a network security feature data set; acquiring preset weights corresponding to all characteristic requirements in a network security characteristic data set; and calculating an access security value according to the network security feature data and the corresponding preset weight.
The present application further provides a network security monitoring system based on a block chain, including:
the network security characteristic data acquisition module is used for receiving a network data access request sent by the blockchain access node and acquiring network security characteristic data from the access request;
the access security value calculation module is used for calculating the access security value of the access node of the block chain according to the network security feature data;
the node safety evaluation value calculation module is used for inputting the network safety characteristic data into a pre-constructed node safety evaluation model and outputting a node safety evaluation value;
and the comparison module is used for comparing the access security value with the security evaluation value, allowing the access of the blockchain access node if the access security value is greater than the security evaluation value, updating the node security evaluation model by using the network security feature data, and forbidding the access of the blockchain access node if the access security value is less than the security evaluation value.
The network security monitoring system based on the blockchain is characterized in that the blockchain is composed of a plurality of blockchain link points, the blockchain link point for sending data is used as a blockchain access node, the blockchain link point for receiving data is used as a blockchain receiving node, the blockchain access node organizes a network data access request, the network data access request is sent to the blockchain receiving node, and the blockchain receiving node performs network security monitoring to allow or prohibit a data access party to access the node.
The network security monitoring system based on the blockchain is characterized in that a data transmission protocol is preset between each blockchain access node and each blockchain receiving node, the data transmission protocol includes network security feature data, and the network security feature data includes a network address, a node attribute, an access service category, frequent access times, and a credit value.
The network security monitoring system based on the block chain as described above, wherein each block chain node may perform data communication with each other, but each block chain node has different limits for other block chain nodes, including different ranges of network addresses allowed to be accessed, different attributes of devices allowed to be accessed, different degrees of openness for access service classes, different security evaluations due to access times, and different permissions allowed to be accessed by different credit values.
The network security monitoring system based on the block chain as described above, wherein the access security value calculation module specifically includes: acquiring network security feature data from the access request to form a network security feature data set; acquiring preset weights corresponding to all characteristic requirements in a network security characteristic data set; and calculating an access security value according to the network security feature data and the corresponding preset weight.
The invention has the following beneficial effects: by adopting the technical scheme, each node maintains the evaluation model capable of evaluating the security of other nodes, and the evaluation model can be dynamically updated along with the access of other nodes so as to improve the accuracy of the evaluation model, thereby ensuring that the access can be more accurately released or intercepted according to the security of the access request of other nodes when the other nodes have data access, and improving the security degree of network monitoring.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present invention, and other drawings can be obtained by those skilled in the art according to the drawings.
Fig. 1 is a flowchart of a network security monitoring method based on a block chain according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a network security monitoring system based on a block chain according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example one
As shown in fig. 1, an embodiment of the present invention provides a network security monitoring method based on a block chain, including:
step 110, receiving a network data access request sent by a blockchain access node by a blockchain receiving node, and acquiring network security feature data from the access request;
the block chain is composed of a plurality of block chain link points, the block chain link points for sending data are used as block chain access nodes, the block chain link points for receiving data are used as block chain receiving nodes, the block chain access nodes organize network data access requests, the network data access requests are sent to the block chain receiving nodes, the block chain receiving nodes are used for network security monitoring, and data access parties are allowed or forbidden to access the nodes.
A data transmission protocol is preset between each blockchain access node and each blockchain receiving node, the data transmission protocol comprises network security feature data, and the network security feature data comprises but is not limited to network addresses, node attributes, access service types, frequent access times, credit values and the like. Each block chain node can carry out data communication, but each block chain node has different limits for other block chain nodes, for example, the block chain nodes have different ranges of network addresses allowed to be accessed, different attributes of equipment allowed to be accessed, different degrees of openness for accessing service types, different security evaluations brought by access times, different permissions of allowing access for different credit values and the like, and the security evaluation values of the node on other nodes are obtained by comprehensively considering various security factors; for example, block link point a accesses block chain node B and block link point C, the IP address range allowed to be accessed in block link point B is 1.0.0.0 to 126.0.0.0, the IP address range allowed to be accessed by block link point C is 98.0.0.0 to 191.255.255.255, if the IP address of block chain node a is 50.122.31.52, block link point B allows block chain node a access, block chain node C does not allow block chain node a access, and if the IP address of block chain node a is 111.122.31.52, both block link point B and block link point C allow access in terms of IP address, then other influencing factors are comprehensively considered.
Step 120, the blockchain receiving node calculates an access security value of the blockchain access node according to the network security feature data;
specifically, network security feature data are obtained from the access request to form a network security feature data set
Figure 51556DEST_PATH_IMAGE001
Wherein, in the step (A),
Figure 234275DEST_PATH_IMAGE002
for feature elements, n is the number of elements in the set. For example: is a network address,
Figure 89711DEST_PATH_IMAGE003
For node attributes (i.e. the node terminal device attributes),
Figure 750500DEST_PATH_IMAGE004
For accessing traffic classes (i.e. the type of traffic requested by a blockchain access node from a blockchain recipient node),
Figure 564872DEST_PATH_IMAGE005
For the number of frequent accesses (i.e. the number of access requests sent by an access node to a receiving node within a predetermined time range),
Figure 590597DEST_PATH_IMAGE006
Is the node credit value.
Acquiring preset weight corresponding to each characteristic requirement in network security characteristic data set
Figure 123210DEST_PATH_IMAGE007
The preset weight is pre-agreed by the blockchain receiving node and the blockchain access node in advance according to the node attribute and the like, and then the access security value is calculated to be
Figure 650006DEST_PATH_IMAGE008
Wherein, in the step (A),
Figure 584464DEST_PATH_IMAGE009
access security for access nodes to a blockchain
Figure 781090DEST_PATH_IMAGE010
Indicating whether the network address of the requesting node is an illegal network address domain of the access node; if not, then
Figure 800999DEST_PATH_IMAGE010
Is 1, if so, then
Figure 616639DEST_PATH_IMAGE010
Is 0;
Figure 405603DEST_PATH_IMAGE011
for the ith feature element in the network security feature data set,
Figure 38710DEST_PATH_IMAGE012
and the weighted value corresponding to the ith characteristic element is set, the value of i is 1 to n, and n is the total quantity of the characteristic elements of the network security characteristic data set.
Step 130, the blockchain receiving node inputs the network security feature data into a pre-constructed node security evaluation model, outputs a node security evaluation value, compares the access security value with the security evaluation value, allows the blockchain access node to access if the access security value is greater than the security evaluation value, updates the node security evaluation model by using the network security feature data, and forbids the access of the blockchain access node if the access security value is less than the security evaluation value;
and a node security evaluation model suitable for all other block link points to access is constructed in each block link receiving node in advance, the evaluation model is constructed according to historical access data of each access node and is used for evaluating the security of the access node, and the evaluation model can be dynamically updated according to the access data of each access node, so that the security evaluation accuracy of the receiving node on the access node is improved.
Specifically, the node safety evaluation model is constructed by
Figure 545915DEST_PATH_IMAGE013
Wherein, in the process,
Figure 148934DEST_PATH_IMAGE014
the output node safety measurement and evaluation value is obtained;
Figure 57985DEST_PATH_IMAGE015
representing the total number of the service types of the access nodes belonging to the service types of the receiving nodes;
Figure 596413DEST_PATH_IMAGE016
a total number indicating that the service class of the access node does not belong to the service class of the receiving node;
Figure 590914DEST_PATH_IMAGE017
for each sub-data model function,
Figure 13936DEST_PATH_IMAGE018
is a sub data model function weight;
Figure 511914DEST_PATH_IMAGE019
wherein, in the step (A),
Figure 486823DEST_PATH_IMAGE020
for the input layer to hidden layer thresholds in a neural network,
Figure 30937DEST_PATH_IMAGE021
weights for input layers to hidden layers in a neural network,
Figure 913442DEST_PATH_IMAGE022
the weights for the hidden layer to the output layer,
Figure 734768DEST_PATH_IMAGE023
as a function of the input layer to the hidden layer
Figure 677316DEST_PATH_IMAGE024
And b is a neural network correction value.
If the access security of the access node of the block chain is obtained through calculation
Figure 459458DEST_PATH_IMAGE025
If the access node is determined to be safe, the access node is allowed to access the receiving node, and in order to make the node safety evaluation model more accurate, the access node data received this time is output to the node safety evaluation model, so as to improve the model output precision.
If the access security of the access node of the block chain is obtained through calculation
Figure 145654DEST_PATH_IMAGE026
If the access node is a node which is not accessed by the receiving node, the security evaluation value of the receiving node before the access node is higher, but the security of the accessed data is lower, that is, the data is possibly hidden in the security, so that the receiving node rejects the data access and returns a response that the data access is not allowed to the access node.
Example two
As shown in fig. 2, a second embodiment of the present application provides a network security monitoring system 20 based on a block chain, where the block chain is composed of a plurality of block link points, the block link point for sending data is used as a block chain access node, the block link point for receiving data is used as a block chain receiving node, the block chain access node organizes a network data access request, sends the network data access request to the block chain receiving node, and the block chain receiving node performs network security monitoring to allow or prohibit a data access party to access the node. The network security monitoring system 20 specifically includes:
the network security feature data acquisition module 21 is configured to receive a network data access request sent by a blockchain access node, and acquire network security feature data from the access request;
a data transmission protocol is preset between each blockchain access node and each blockchain receiving node, the data transmission protocol comprises network security feature data, and the network security feature data comprises but is not limited to network addresses, node attributes, access service types, frequent access times, credit values and the like. Each block chain node can carry out data communication, but each block chain node has different limits for other block chain nodes, for example, the block chain nodes have different ranges of network addresses allowed to be accessed, different attributes of equipment allowed to be accessed, different degrees of openness for accessing service types, different security evaluations brought by access times, different permissions of allowing access for different credit values and the like, and the security evaluation values of the node on other nodes are obtained by comprehensively considering various security factors; for example, block link point a accesses block chain node B and block link point C, the IP address range allowed to be accessed in block link point B is 1.0.0.0 to 126.0.0.0, the IP address range allowed to be accessed by block link point C is 98.0.0.0 to 191.255.255.255, if the IP address of block chain node a is 50.122.31.52, block link point B allows block chain node a access, block chain node C does not allow block chain node a access, and if the IP address of block chain node a is 111.122.31.52, both block link point B and block link point C allow access in terms of IP address, then other influencing factors are comprehensively considered.
An access security value calculation module 22, configured to calculate an access security value of the blockchain access node according to the network security feature data;
specifically, network security feature data are obtained from the access request to form a network security feature data set
Figure 821486DEST_PATH_IMAGE027
Wherein, in the step (A),
Figure 934936DEST_PATH_IMAGE028
for feature elements, n is the number of elements in the set. For example: is a network address,
Figure 125746DEST_PATH_IMAGE029
For node attributes (i.e. the node terminal device attributes),
Figure 677950DEST_PATH_IMAGE030
For accessing traffic classes (i.e. the type of traffic requested by a blockchain access node from a blockchain recipient node),
Figure 5026DEST_PATH_IMAGE031
For the number of frequent accesses (i.e. the number of access requests sent by an access node to a receiving node within a predetermined time range),
Figure 492639DEST_PATH_IMAGE032
Is the node credit value.
Obtaining preset weight corresponding to each characteristic requirement in network security characteristic data set
Figure 905166DEST_PATH_IMAGE033
The preset weight is pre-agreed by the blockchain receiving node and the blockchain access node in advance according to the node attribute and the like, and then the access security value is calculated to be
Figure 198744DEST_PATH_IMAGE034
Wherein, in the step (A),
Figure 456026DEST_PATH_IMAGE035
for the access security of the blockchain access node,
Figure 911278DEST_PATH_IMAGE036
indicating whether the network address of the requesting node is an illegal network address domain of the access node; if not, then
Figure 14363DEST_PATH_IMAGE036
Is 1, if so, then
Figure 580473DEST_PATH_IMAGE036
Is 0;
Figure 147721DEST_PATH_IMAGE037
for the ith feature element in the network security feature data set,
Figure 836191DEST_PATH_IMAGE038
and the weighted value corresponding to the ith characteristic element is set, the value of i is 1 to n, and n is the total quantity of the characteristic elements of the network security characteristic data set.
The node safety evaluation value calculation module 23 is used for inputting the network safety characteristic data into a node safety evaluation model which is constructed in advance and outputting a node safety evaluation value;
and a node security evaluation model suitable for all other block link points to access is constructed in each block link receiving node in advance, the evaluation model is constructed according to historical access data of each access node and is used for evaluating the security of the access node, and the evaluation model can be dynamically updated according to the access data of each access node, so that the security evaluation accuracy of the receiving node on the access node is improved.
Specifically, the node safety evaluation model is constructed by
Figure 488890DEST_PATH_IMAGE039
Wherein, in the step (A),
Figure 858691DEST_PATH_IMAGE040
the output node safety measurement and evaluation value is obtained;
Figure 952549DEST_PATH_IMAGE041
representing the total number of the service types of the access nodes belonging to the service types of the receiving nodes;
Figure 15183DEST_PATH_IMAGE042
indicating traffic class of access node notTotal number of traffic classes belonging to the receiving node;
Figure 702647DEST_PATH_IMAGE043
for each sub-data model function,
Figure 141719DEST_PATH_IMAGE044
is a sub data model function weight;
Figure 355663DEST_PATH_IMAGE045
wherein, in the process,
Figure 323619DEST_PATH_IMAGE046
for the input layer to hidden layer thresholds in a neural network,
Figure 685330DEST_PATH_IMAGE047
weights for input layers to hidden layers in a neural network,
Figure 724830DEST_PATH_IMAGE048
for the weight of the hidden layer to the output layer,
Figure 855597DEST_PATH_IMAGE049
as a function of the input layer to the hidden layer
Figure 197717DEST_PATH_IMAGE050
And b is a neural network correction value.
And the comparison module 24 is used for comparing the access security value with the security evaluation value, allowing the access of the blockchain access node if the access security value is greater than the security evaluation value, updating the node security evaluation model by using the network security feature data, and forbidding the access of the blockchain access node if the access security value is less than the security evaluation value.
If the access security of the access node of the block chain is obtained through calculation
Figure 781145DEST_PATH_IMAGE051
If the access node is not in the access node, the security level of the data of the access node is higher than the security measurement of the receiving node before the access nodeAnd (4) evaluating, namely, if the data of the access node is determined to be safe data, allowing the access node to access the receiving node, and outputting the data of the access node received this time to the node safety evaluation model to improve the model output precision in order to make the node safety evaluation model more accurate.
If the access security of the access node of the block chain is obtained through calculation
Figure 296440DEST_PATH_IMAGE052
If the access node is a node which is not allowed to access the data, the security evaluation value of the receiving node before the access node is higher, but the security of the access data is lower, that is, the data is possibly potential safety hazard, so that the receiving node refuses the data access and returns a response which does not allow the data access to the access node.
The above-mentioned embodiments, objects, technical solutions and advantages of the present invention are further described in detail, it should be understood that the above-mentioned embodiments are only exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made on the basis of the technical solutions of the present invention should be included in the scope of the present invention.

Claims (10)

1. A network security monitoring method based on a block chain is characterized by comprising the following steps:
step S110, a blockchain receiving node receives a network data access request sent by a blockchain access node, and network security feature data are obtained from the access request;
step S120, the block chain receiving node calculates an access security value of the block chain access node according to the network security feature data;
step S130, inputting network security feature data into a pre-constructed node security evaluation model by the block link receiving node, and outputting a node security evaluation value;
step S140, comparing the access security value with the security evaluation value, if the access security value is greater than the security evaluation value, allowing the access of the blockchain access node, updating the node security evaluation model by using the network security feature data, and if the access security value is less than the security evaluation value, forbidding the access of the blockchain access node;
obtaining network security feature data from the access request to form a network security feature data set
Figure 120724DEST_PATH_IMAGE001
Wherein, in the process,
Figure 303444DEST_PATH_IMAGE002
n is the number of elements in the set;
Figure 348760DEST_PATH_IMAGE003
is the node attribute, namely the attribute of the terminal equipment of the node,
Figure 884915DEST_PATH_IMAGE004
For accessing the service category, i.e. the service category requested by the blockchain access node to the blockchain receiving node,
Figure 699287DEST_PATH_IMAGE005
The number of frequent accesses, that is, the number of access requests sent by an access node to a receiving node within a predetermined time range,
Figure 787329DEST_PATH_IMAGE006
Is a node credit value;
acquiring preset weight corresponding to each characteristic requirement in network security characteristic data set
Figure 319941DEST_PATH_IMAGE007
The preset weight is pre-agreed by the blockchain receiving node and the blockchain access node in advance according to the node attribute and the like, and then the access security value is calculated to be
Figure 784420DEST_PATH_IMAGE008
Wherein, in the step (A),
Figure 843512DEST_PATH_IMAGE009
for the access security of the blockchain access node,
Figure 836876DEST_PATH_IMAGE010
indicating whether the network address of the requesting node is an illegal network address domain of the access node; if not, then
Figure 856785DEST_PATH_IMAGE010
Is 1, if so, then
Figure 859376DEST_PATH_IMAGE010
Is 0;
Figure 648340DEST_PATH_IMAGE011
for the ith feature element in the network security feature data set,
Figure 78184DEST_PATH_IMAGE012
the weighted value corresponding to the ith characteristic element is set, the value of i is 1 to n, and n is the total quantity of the characteristic elements of the network security characteristic data set;
the node safety evaluation model is constructed by
Figure 460755DEST_PATH_IMAGE013
Wherein, in the process,
Figure 1458DEST_PATH_IMAGE014
the output node safety measurement and evaluation value is obtained;
Figure 910508DEST_PATH_IMAGE015
the total number of the service types of the access nodes belonging to the service types of the receiving nodes is represented;
Figure 245675DEST_PATH_IMAGE016
a total number indicating that the service class of the access node does not belong to the service class of the receiving node;
Figure 240176DEST_PATH_IMAGE017
for each of the sub-data model functions,
Figure 709203DEST_PATH_IMAGE018
is a sub data model function weight;
Figure 472760DEST_PATH_IMAGE019
wherein, in the step (A),
Figure 244407DEST_PATH_IMAGE020
for the input layer to hidden layer thresholds in a neural network,
Figure 460624DEST_PATH_IMAGE021
weights for input layers to hidden layers in a neural network,
Figure 608709DEST_PATH_IMAGE022
the weights for the hidden layer to the output layer,
Figure 102138DEST_PATH_IMAGE023
as a function of the input layer to the hidden layer
Figure 44686DEST_PATH_IMAGE024
And b is a neural network correction value.
2. The method as claimed in claim 1, wherein the blockchain is composed of a plurality of blockchain link points, the blockchain link point for transmitting data is used as a blockchain access node, the blockchain link point for receiving data is used as a blockchain receiving node, the blockchain access node organizes the network data access request, the network data access request is transmitted to the blockchain receiving node, the blockchain receiving node performs network security monitoring, and allows or prohibits the data access party from accessing the node.
3. The method as claimed in claim 1, wherein a data transmission protocol is pre-defined between each blockchain access node and the blockchain receiving node, the data transmission protocol includes network security feature data, and the network security feature data includes a network address, a node attribute, an access service type, a frequent access number, and a credit value.
4. The method as claimed in claim 3, wherein each of the blockchain nodes can perform data communication therebetween, and each of the blockchain nodes has different limits for other blockchain nodes, including different ranges of network addresses allowed to be accessed, different attributes of devices allowed to be accessed, different degrees of openness for access service classes, different security evaluations due to access times, and different permissions allowed to be accessed by different credit values.
5. The blockchain-based network security monitoring method of claim 1,
acquiring network security feature data from the access request to form a network security feature data set;
acquiring preset weights corresponding to all characteristic requirements in a network security characteristic data set;
and calculating an access security value according to the network security feature data and the corresponding preset weight.
6. A network security monitoring system based on a blockchain, comprising:
the network security characteristic data acquisition module is used for receiving a network data access request sent by the blockchain access node and acquiring network security characteristic data from the access request;
the access security value calculation module is used for calculating an access security value of the access node of the block chain according to the network security feature data;
the node safety evaluation value calculation module is used for inputting the network safety characteristic data into a pre-constructed node safety evaluation model and outputting a node safety evaluation value;
the comparison module is used for comparing the access security value with the security evaluation value, if the access security value is greater than the security evaluation value, allowing the access of the blockchain access node, updating the node security evaluation model by using the network security feature data, and if the access security value is less than the security evaluation value, forbidding the access of the blockchain access node;
obtaining network security feature data from the access request to form a network security feature data set
Figure 748200DEST_PATH_IMAGE001
Wherein, in the step (A),
Figure 434397DEST_PATH_IMAGE002
n is the number of elements in the set;
Figure 906966DEST_PATH_IMAGE003
is the node attribute, namely the attribute of the terminal equipment of the node,
Figure 285995DEST_PATH_IMAGE004
For accessing the traffic class, i.e. the traffic class requested by the blockchain access node to the blockchain receiving node,
Figure 601439DEST_PATH_IMAGE005
The number of frequent accesses, that is, the number of access requests sent by an access node to a receiving node within a predetermined time range,
Figure 91326DEST_PATH_IMAGE006
Is a node credit value;
acquiring preset weight corresponding to each characteristic requirement in network security characteristic data set
Figure 152823DEST_PATH_IMAGE007
The preset weight is pre-agreed by the blockchain receiving node and the blockchain access node in advance according to the node attribute and the like, and then the access security value is calculated to be
Figure 702753DEST_PATH_IMAGE008
Wherein, in the step (A),
Figure 380859DEST_PATH_IMAGE009
for the access security of the blockchain access node,
Figure 408858DEST_PATH_IMAGE010
indicating whether the network address of the requesting node is an illegal network address domain of the access node; if not, then
Figure 731386DEST_PATH_IMAGE010
Is 1, if so, then
Figure 186638DEST_PATH_IMAGE010
Is 0;
Figure 352040DEST_PATH_IMAGE011
for the ith feature element in the network security feature data set,
Figure 918150DEST_PATH_IMAGE012
the weighted value corresponding to the ith characteristic element is set, the value of i is 1 to n, and n is the total quantity of the characteristic elements of the network security characteristic data set;
the node safety evaluation model is constructed by
Figure 485398DEST_PATH_IMAGE013
Wherein, in the step (A),
Figure 236185DEST_PATH_IMAGE014
the output node safety measurement and evaluation value is obtained;
Figure 623304DEST_PATH_IMAGE015
representing the total number of the service types of the access nodes belonging to the service types of the receiving nodes;
Figure 258685DEST_PATH_IMAGE016
a total number indicating that the service class of the access node does not belong to the service class of the receiving node;
Figure 414860DEST_PATH_IMAGE017
for each sub-data model function,
Figure 477494DEST_PATH_IMAGE018
is a sub data model function weight;
Figure 86330DEST_PATH_IMAGE019
wherein, in the step (A),
Figure 400767DEST_PATH_IMAGE020
for the input layer to hidden layer thresholds in a neural network,
Figure 677028DEST_PATH_IMAGE021
weights for the input layer to the hidden layer in the neural network,
Figure 910563DEST_PATH_IMAGE022
the weights for the hidden layer to the output layer,
Figure 6695DEST_PATH_IMAGE023
as a function of the input layer to the hidden layer
Figure 983878DEST_PATH_IMAGE024
And b is a neural network correction value.
7. The system according to claim 6, wherein the blockchain is composed of a plurality of blockchain link points, the blockchain link point for sending data is used as a blockchain access node, the blockchain link point for receiving data is used as a blockchain receiving node, the blockchain access node organizes the network data access request, the network data access request is sent to the blockchain receiving node, and the blockchain receiving node performs network security monitoring to allow or prohibit the data access party to access the node.
8. The system according to claim 6, wherein a data transmission protocol is pre-defined between each blockchain access node and the blockchain receiving node, and the data transmission protocol includes network security feature data, and the network security feature data includes a network address, a node attribute, an access service type, a number of frequent accesses, and a credit value.
9. The system according to claim 8, wherein each of the blockchain nodes is capable of communicating data with each other, but each of the blockchain nodes has different limits for other blockchain nodes, including different ranges of network addresses allowed to be accessed, different attributes of devices allowed to be accessed, different degrees of openness for access service types, different security evaluations performed by access times, and different permissions allowed to be accessed by different credit values.
10. The system according to claim 6, wherein the accessing the security value calculating module specifically includes: acquiring network security feature data from the access request to form a network security feature data set; acquiring preset weights corresponding to all characteristic requirements in a network security characteristic data set; and calculating an access security value according to the network security feature data and the corresponding preset weight.
CN202210292673.3A 2022-03-24 2022-03-24 Block chain-based network security monitoring method and system Active CN114389902B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210292673.3A CN114389902B (en) 2022-03-24 2022-03-24 Block chain-based network security monitoring method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210292673.3A CN114389902B (en) 2022-03-24 2022-03-24 Block chain-based network security monitoring method and system

Publications (2)

Publication Number Publication Date
CN114389902A CN114389902A (en) 2022-04-22
CN114389902B true CN114389902B (en) 2022-06-10

Family

ID=81204887

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210292673.3A Active CN114389902B (en) 2022-03-24 2022-03-24 Block chain-based network security monitoring method and system

Country Status (1)

Country Link
CN (1) CN114389902B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114629727B (en) * 2022-04-26 2022-09-30 深圳嘉业产业发展有限公司 Block chain-based security authentication method and system
CN117040935B (en) * 2023-10-10 2024-01-23 睿至科技集团有限公司 Cloud computing-based node data security transmission method and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112685711A (en) * 2021-02-02 2021-04-20 杭州宁达科技有限公司 Novel information security access control system and method based on user risk assessment
CN113590571A (en) * 2021-09-29 2021-11-02 睿至科技集团有限公司 Method and system for sharing private cloud resources and public cloud resources
CN113946875A (en) * 2021-12-21 2022-01-18 北京中科金财科技股份有限公司 Identity authentication method and system based on block chain

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RO134065A0 (en) * 2019-08-14 2020-04-30 Ingenium Blockchain Technologies S.R.L. Platform and method for connecting a blockchain engine
KR102233468B1 (en) * 2019-11-25 2021-03-29 주식회사 스마트엠투엠 Blockchain-based security hub platform for enhancing security of habor infrastructure
CN111343192A (en) * 2020-03-06 2020-06-26 青海卓旺智慧信息科技有限公司 Network security supervision system based on block chain technology
CN113115315B (en) * 2021-04-02 2022-10-04 青岛科技大学 IOT equipment behavior credible supervision method based on block chain

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112685711A (en) * 2021-02-02 2021-04-20 杭州宁达科技有限公司 Novel information security access control system and method based on user risk assessment
CN113590571A (en) * 2021-09-29 2021-11-02 睿至科技集团有限公司 Method and system for sharing private cloud resources and public cloud resources
CN113946875A (en) * 2021-12-21 2022-01-18 北京中科金财科技股份有限公司 Identity authentication method and system based on block chain

Also Published As

Publication number Publication date
CN114389902A (en) 2022-04-22

Similar Documents

Publication Publication Date Title
CN114389902B (en) Block chain-based network security monitoring method and system
CN109698819B (en) Threat disposal management method and system in network
US8438386B2 (en) System and method for developing a risk profile for an internet service
US8499337B1 (en) Systems and methods for delegation and notification of administration of internet access
CA2762677C (en) Multiple hypothesis tracking
US20120233097A1 (en) Multiple Hypothesis Tracking
AU2017368152A1 (en) Systems and methods for generation and selection of access rules
CN108197444A (en) Right management method, device and server under a kind of distributed environment
CN112929845A (en) Vehicle networking node trust evaluation method and system based on block chain
Salau et al. Data cooperatives for neighborhood watch
CN115065512B (en) Account login method, system, device, electronic equipment and storage medium
US8239921B2 (en) System and method of retrieving a service contact identifier
Rauniyar et al. A Crowd‐Based Intelligence Approach for Measurable Security, Privacy, and Dependability in Internet of Automated Vehicles with Vehicular Fog
US20240187519A1 (en) Methods and apparatus for call traffic anomaly mitigation
CN102833107B (en) Safety access method and system
CN100586059C (en) Method for building hierachical trust model in open system
CN116915515A (en) Access security control method and system for industrial control network
Shi et al. Continuous trust evaluation of power equipment and users based on risk measurement
CN115587374B (en) Dynamic access control method and control system based on trust value
Bradatsch et al. Zero Trust Score-based Network-level Access Control in Enterprise Networks
CN116582369B (en) Willingness authentication method for online subscription
CN117040929B (en) Access processing method, device, equipment, medium and program product
CN117097568B (en) Cloud platform and data management method thereof
CN111985927B (en) Block chain address authentication method and block chain transaction method based on social network
KR102156183B1 (en) A trust index provision apparatus for an IoT device, a trust index provision method for an IoT device, a trust information management apparatus for an IoT device, a a trust information management method for an IoT device, a cooperation system of IoT devices based on trust index, a cooperation method of IoT devices based on trust index

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant