CN114629715A - Network security protection method and system based on big data - Google Patents
Network security protection method and system based on big data Download PDFInfo
- Publication number
- CN114629715A CN114629715A CN202210330136.3A CN202210330136A CN114629715A CN 114629715 A CN114629715 A CN 114629715A CN 202210330136 A CN202210330136 A CN 202210330136A CN 114629715 A CN114629715 A CN 114629715A
- Authority
- CN
- China
- Prior art keywords
- security protection
- node
- network
- operation unit
- network security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Abstract
According to the network security protection method and system based on the big data, a part of calling requests of a first network security protection operation unit related to a global network data area are obtained; determining a second network safety protection operation unit from an enabling queue for enabling the first network safety protection operation unit according to part of the invoking request; and operating the second network safety protection operation unit, and further executing the network data area of the process corresponding to the partial network data area. According to the technical scheme provided by the embodiment of the application, the part can be searched from the network security protection operation unit related to the global network data area for mining, the network security protection theme related to the partial network data area is completed, and the mining accuracy and the mining reliability of the network security protection operation unit are improved.
Description
Technical Field
The application relates to the technical field of network security protection, in particular to a network security protection method and system based on big data.
Background
Big data (big data), or huge data, refers to the data that is too large to be captured, managed, processed and organized in a reasonable time to help the enterprise to make business decisions more positive by the current mainstream software tools. With the continuous development of science and technology, big data can be deeply combined with a plurality of technical fields, for example, the big data security protection/big data network protection that is more and more exploded at present. However, in practical application, the inventor finds that when the big data is specifically applied to the network security technology, the problem that the network security protection theme cannot be accurately mined exists, so that the accuracy and the credibility of mining of the network security protection operation unit are difficult to guarantee.
Disclosure of Invention
In view of this, the present application provides a network security protection method and system based on big data.
In a first aspect, a big data-based network security protection method is provided, where the method includes:
acquiring a part of calling requests of a first network security protection operation unit related to a global network data area; the first network security protection operation unit comprises a plurality of security protection nodes and a plurality of protection requirement calling nodes, wherein the security protection nodes and the protection requirement calling nodes are used for configuring security protection corresponding to the global network data area;
determining a second network security protection operation unit from an enabling queue for enabling the first network security protection operation unit according to the partial calling request; the network data area related to the second network security protection operation unit is a partial network data area in the global network data area;
and starting the second network security protection operation unit, and further executing security protection configuration processing of the process corresponding to the partial network data area.
In a separately implemented embodiment, the partial fetch request is a frequent item tracking request; determining a second network security protection operating unit from an enabling queue for enabling the first network security protection operating unit according to the partial invoking request, comprising:
generating a frequent trace item in the enabling queue according to the frequent trace item request;
configuring the frequent trace item at not less than two security protection nodes marked by the frequent trace of the first network security protection operation unit as the second network security protection operation unit; and according to the frequent tracking item, the first security protection node of the frequent tracking mark is a trigger node of the second network security protection operation unit, and the last security protection node of the frequent tracking mark is an end node of the second network security protection operation unit.
In an independently implemented embodiment, the partial invocation request is an activation request for characterizing the trigger node and the end node of the second network security protection operation unit; determining a second network security protection operating unit from an enabling queue for enabling the first network security protection operating unit according to the partial invoking request, comprising:
configuring the searched and wandering security protection node in the first network security protection operation unit as a trigger node of the second network security protection operation unit according to an activation request of the search trigger node;
configuring the searched and wandering security protection node in the first network security protection operation unit as an end node of the second network security protection operation unit according to the activation request of the search end node;
in the first network security protection operating unit, configuring a security protection node related to the trigger node, a security protection node related to the end node, and a security protection node and a protection requirement invoking node included between the trigger node and the end node as the second network security protection operating unit.
In a separately implemented embodiment, the method further comprises:
and in the second network security protection operation unit, respectively generating a trigger label component representing the trigger node at the security protection node related to the trigger node and generating an end label component at the security protection node related to the end node.
In a separately implemented embodiment, the method further comprises:
in the second network safety protection operation unit, a destruction control for destroying the trigger node is generated at the safety protection node related to the trigger node, and a destruction control for destroying the end node is generated at the safety protection node related to the end node;
when an activation instruction for the destruction triggering node destruction control is obtained, destroying the current safety protection node as a triggering node to judge the safety protection node related to the triggering node again;
and when an activation instruction for the destruction ending node destruction control is acquired, destroying the current safety protection node as an ending node so as to judge the safety protection node related to the ending node again.
In an independently implemented embodiment, a security node in the first network security protection operating unit performs security protection control according to a first security protection policy, and the method further includes:
and carrying out safety protection control according to a second safety protection strategy, and activating safety protection nodes related to the second network safety protection operation unit in the enabling queue.
In an independently implemented embodiment, before the enabling of the second network security defense execution unit, the method further includes:
according to the acquired stability test request, performing stability test on the second network safety protection operation unit;
and when the safety protection linkage relation of the safety protection nodes in the second network safety protection operation unit is an effective linkage relation, judging that the stability test of the second network safety protection operation unit is successful, and generating a judgment result of successful stability test in the starting queue.
In a separately implemented embodiment, the method further comprises:
and when the safety protection linkage relation of the safety protection nodes in the second network safety protection operation unit is not an effective linkage relation, judging that the stability test of the second network safety protection operation unit is inaccurate, and generating a judgment result of the inaccurate stability test in the starting queue.
In an independently implemented embodiment, the enabling the second network security defense execution unit includes:
and when the second network safety protection operation unit is completely started, displaying a safety protection configuration processing result of a process corresponding to the partial network data area at a protection requirement calling node connected with a safety protection node related to an end node of the second network safety protection operation unit.
In a separately implemented embodiment, the method further comprises:
and when the starting of the second network security protection operation unit is incomplete, generating a judgment result of incomplete starting in the starting queue.
In a second aspect, a big data-based network security protection system is provided, which includes a processor and a memory, the processor and the memory being in communication with each other, the processor being configured to retrieve a computer program from the memory and to implement the above method by executing the computer program.
According to the network security protection method and system based on the big data, a part of calling requests of a first network security protection operation unit related to a global network data area are obtained; the first network security protection operation unit comprises a plurality of security protection nodes and a plurality of protection requirement calling nodes, wherein the security protection nodes process processes corresponding to the global network data area; determining a second network safety protection operation unit from an enabling queue for enabling the first network safety protection operation unit according to part of the invoking request; the network data area related to the second network safety protection operation unit is a partial network data area in the global network data area; and operating the second network safety protection operation unit, and further executing the network data area of the process corresponding to the partial network data area. According to the technical scheme provided by the embodiment of the application, the part of the network security protection operation unit related to the global network data area can be searched for mining, the network security protection theme related to the partial network data area is completed, and the mining accuracy and the mining reliability of the network security protection operation unit are improved.
Drawings
To more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and those skilled in the art can also obtain other related drawings based on the drawings without inventive efforts.
Fig. 1 is a flowchart of a network security protection method based on big data according to an embodiment of the present disclosure.
Fig. 2 is a block diagram of a big data based network security protection device according to an embodiment of the present disclosure.
Fig. 3 is an architecture diagram of a big data based network security protection system according to an embodiment of the present application.
Detailed Description
In order to better understand the technical solutions, the technical solutions of the present application are described in detail below with reference to the drawings and specific embodiments, and it should be understood that the specific features in the embodiments and examples of the present application are detailed descriptions of the technical solutions of the present application, and are not limitations of the technical solutions of the present application, and the technical features in the embodiments and examples of the present application may be combined with each other without conflict.
Referring to fig. 1, a method for protecting network security based on big data is shown, which may include the following technical solutions described in steps S101 to S103.
S101, acquiring a part of calling requests of a first network safety protection operation unit related to a global network data area; the first network security protection operation unit comprises a plurality of security protection nodes and a plurality of protection requirement calling nodes, wherein the security protection nodes process processes corresponding to the global network data area.
In this embodiment, the network security protection system may obtain a partial invocation request for the first network security protection operation unit related to the global network data area.
It can be understood that, in this embodiment, the first network security protection operating unit related to the global network data area includes a plurality of security protection nodes and a plurality of protection requirement invoking nodes, which process processes corresponding to the global network data area. The further global network data area may be a network data area of a global network security protection subject, or may also be a network data area of a partial network security protection subject in the global network security protection subject, and the further global network data area and the first network security protection operation unit are not limited in this embodiment of the application.
It can be understood that, in this embodiment, the network security protection system may be configured with a data visualization device, the data visualization device may be configured with a launch queue, the launch queue may be configured with a first network security protection operating unit, the client may send a part of the invocation request to the network security protection system after viewing the first network security protection operating unit, and accordingly, the network security protection system may obtain the part of the invocation request.
For example, in this embodiment, the network security protection system may provide a frequent trace tagged object, and may start the frequent trace tagged object in an identification manner, so as to send a frequent trace request for the first network security protection operating unit to the network security protection system through the frequent trace tagged object, where the frequent trace request is a partial call request.
For example, in this embodiment, an activation request of the trigger node and the end node of the second network security protection operation unit may be sent to the network security protection system, and the network security protection system may obtain the requirements of the trigger node and the end node, that is, part of the invocation request.
S102, determining a second network safety protection operation unit from an enabling queue for enabling a first network safety protection operation unit according to a part of invoking requests; and the network data area related to the second network security protection operation unit is a partial network data area in the global network data area.
In this embodiment, after the network security protection system obtains the partial invocation request, the network security protection system may determine the second network security protection operating unit from the activation queue for activating the first network security protection operating unit according to the partial invocation request.
Further, in this embodiment, when the partial invocation request is a frequent item tracking request, the network security protection system determines, according to the partial invocation request, a second network security protection operating unit from an activation queue that activates the first network security protection operating unit, including: generating a frequent trace item in an enabling queue according to the frequent trace item request; configuring at least two security protection nodes of the reference security data sample in the frequent tracking marks of the first network security protection operation unit as a second network security protection operation unit; and according to the frequent tracking and marking positions of the safety protection nodes in the first network safety protection operation unit by the frequent tracking items, the first safety protection node of the frequent tracking and marking is a trigger node of the second network safety protection operation unit, and the last safety protection node of the frequent tracking and marking is an end node of the second network safety protection operation unit.
It can be understood that, in this embodiment, part of the invocation request may be a frequent item tracking request, so that a part of the first network security protection operating unit in the enabled queue is selected by directing the frequent tracking and marking object, after the network security protection system obtains the frequent item tracking request, the network security protection system may generate a frequent tracking item in the enabled queue according to the frequent item tracking request, and reference is made that not less than two security protection nodes in the first network security protection operating unit are frequently tracked and marked in the security data sample. In the frequent tracking and marking process, the security protection node intelligence of the first frequent tracking and marking is used as a trigger node of the second network security protection operation unit, the security protection node intelligence of the last frequent tracking and marking is used as an end node of the second network security protection operation unit, and at least one security protection node can be arranged between the trigger node and the end node. In the actual operation process, the network security protection system can intelligently complete the determination of the second network security protection operation unit only by sending an instruction to the network security protection system through the frequent item tracking request to obtain each security protection node in the second network security protection operation unit.
Further, in this embodiment, when a part of the invocation request is an activation request that characterizes a trigger node and an end node of the second network security protection operating unit, the network security protection system determines, according to the part of the invocation request, the second network security protection operating unit from an invocation queue that invokes the first network security protection operating unit, including: configuring the searched and wandering security protection node in the first network security protection operation unit as a trigger node of a second network security protection operation unit according to the activation request of the search trigger node; configuring the searched and wandering security protection node in the first network security protection operation unit as an end node of the second network security protection operation unit according to the activation request of the search end node; and configuring a safety protection node related to the trigger node, a safety protection node related to the end node, a safety protection node and a protection requirement invoking node which are included between the trigger node and the end node as a second network safety protection operation unit from the first network safety protection operation unit.
Further, in this embodiment, part of the invoking request is used to represent the activation request of the trigger node and the end node of the second network security protection operating unit, so that after the network security protection system obtains the activation request, the network security protection system can search the trigger node and the end node, which need to be configured by the second network security protection operating unit, from the first network security protection operating unit according to the activation request, and then the network security protection system can intelligently search the security protection node and the invoking node required for protection, which are associated among a plurality of steps, from the first network security protection operating unit.
It is understood that, in this embodiment, the network security protection system may further perform the following: and in the second network safety protection operation unit, respectively generating a trigger label component representing the trigger node at the safety protection node related to the trigger node and generating an end label component at the safety protection node related to the end node.
It is understood that, in this embodiment, the network security protection system may further perform the following: in the second network safety protection operation unit, a destruction control for destroying the trigger node is generated at the safety protection node related to the trigger node and a destruction control for destroying the end node is generated at the safety protection node related to the end node; when an activation instruction for the destruction trigger node destruction control is obtained, destroying the current safety protection node as a trigger node to judge the safety protection node related to the trigger node again; and when the activation instruction of the destruction control of the destruction end node is acquired, destroying the current safety protection node as the end node so as to judge the safety protection node related to the end node again.
It can be understood that, in this embodiment, the security node in the first network security protection operating unit performs security protection control according to the first security protection policy, and the network security protection system may further execute the following: and carrying out safety protection control according to a second safety protection strategy, and activating safety protection nodes related to the second network safety protection operation unit in the enabling queue.
Further, in this embodiment, for the security protection nodes in the first network security protection operating unit and the second network security protection operating unit, security protection control may be performed according to different security protection policies in the activation queue.
It can be understood that, in this embodiment, the network security protection system may determine that there is not less than one second network security protection operating unit from the first network security protection operating units, that is, the partial invocation request may include a requirement indicating that there is not less than one second network security protection operating unit. It can be understood that, for a first network security protection operation unit, the network security protection system may determine a plurality of network security protection operation units from the first network security protection operation unit according to a part of the retrieval request, and each determined network security protection operation unit may be understood as a second network security protection operation unit.
And S103, operating a second network security protection operation unit, and further executing security protection configuration processing of processes corresponding to partial network data areas.
In this embodiment, after determining the second network security protection operating unit, the network security protection system may start the second network security protection operating unit, and then perform security protection configuration processing on a process corresponding to a part of the network data area.
Further, in the actual operation process, if there are many processes of the global network data area related to the first network security protection operation unit, the network security protection system needs to globally start the first network security protection operation unit each time, and then performs security protection configuration processing of the process corresponding to the global network data area, so as to be able to implement accurate configuration of each process.
In this embodiment, before the network security protection system starts the second network security protection operating unit, the following may also be executed: performing stability test on the second network safety protection operation unit according to the acquired stability test request; and when the safety protection linkage relation of the safety protection nodes in the second network safety protection operation unit is an effective linkage relation, judging that the stability test of the second network safety protection operation unit is successful, and generating a judgment result of successful stability test in the starting queue.
Further, in this embodiment, before the network security protection system starts the second network security protection operation unit, the network security protection system may perform a stability test on the second network security protection operation unit, and if the stability test is accurate, it indicates that the security protection linkage relationship of the security protection nodes in the second network security protection operation unit is an effective linkage relationship, and the relationship is matched, so as to restart the second network security protection operation unit, and further execute the security protection configuration processing of the process corresponding to the partial network data area.
It can be understood that, in this embodiment, the network security protection system performs the stability test on the second network security protection operation unit, specifically, the stability test mode may be set in advance, if the second network security protection operation unit conforms to the stability test mode set in advance, it may be determined that the security protection linkage relationship of the security protection nodes in the second network security protection operation unit is an effective linkage relationship, the stability test condition of the security protection linkage relationship is passed for the stability test, and if the second network security protection operation unit does not conform to the stability test mode set in advance, the stability test condition of the security protection linkage relationship is inaccurate for the stability test. The preset stability test mode can comprise a preset basic matching mode and/or a preset accurate mode, wherein the preset basic matching mode is used for the stability test of the second network safety protection operation unit according to the matching mode, whether the safety protection linkage relation associated with the safety protection node is correct or not is judged, the preset accurate mode is used for the stability test of the second network safety protection operation unit, and the safety protection node and the protection requirement call the accuracy of node matching.
In this embodiment, the network security protection system may further execute the following: and when the safety protection linkage relation of the safety protection nodes in the second network safety protection operation unit is not an effective linkage relation, judging that the stability test of the second network safety protection operation unit is inaccurate, and generating a judgment result of the inaccurate stability test in the starting queue.
Further, in this embodiment, if the stability test condition of the second network security protection operating unit is that the stability test is inaccurate, that is, an error exists in the logic and connection of the second network security protection operating unit is represented, that is, the second network security protection operating unit is not in an effective linkage relationship. At this time, the network security protection system may generate a determination result of the inaccurate stability test of the second network security protection operation unit in the starting queue, so that the correction of the second network security protection operation unit, that is, the correction of a part of the network data area, may be prompted in real time before the second network security protection operation unit is not started, thereby improving the accuracy of the starting of the second network security protection operation unit.
Further, in this embodiment, the network security protection system starts the second network security protection operation unit, including: and when the second network safety protection operation unit is completely started, displaying the safety protection configuration processing condition of the process corresponding to the partial network data area at the protection requirement calling node matched with the safety protection node related to the second network safety protection operation unit ending node.
In this embodiment, the network security protection system starts the second network security protection operation unit, which is actually a network security protection topic of a part of the network data area related to the second network security protection operation unit, where the security protection node is used to perform mining operation on the network security protection topic, and the protection requirement invoking node may represent data related to the security protection node in the process of executing the mining operation.
In this embodiment, the network security protection system may further execute the following: and when the starting of the second network security protection operation unit is incomplete, generating a judgment result of incomplete starting in the starting queue.
In this embodiment, after the network security protection system starts the second network security protection operating unit, if the second network security protection operating unit is not enabled completely, a determination result that the second network security protection operating unit is not enabled completely may be generated in the enabled queue, and the determination result is searched, so that the incomplete enablement of the second network security protection operating unit may be obtained, and thus the second network security protection operating unit may be corrected in real time, that is, a part of the network data area may be corrected, so as to improve the accuracy of starting the second network security protection operating unit.
The embodiment of the application provides a processing procedure of a network security protection theme. The network security protection system can draw a first network security protection operation unit related to a global network data area on an enabling queue, then can acquire the requirement of frequently tracking a marked object, and further intelligently determine a second network security protection operation unit from the enabling queue enabling the first network security protection operation unit according to a frequent item tracking request, so that an activation request aiming at one security protection node in the first network security protection operation unit as a trigger node and an activation request aiming at one security protection node as an end node can be acquired, and the second network security protection operation unit is intelligently determined. When the network safety protection system obtains the second network safety protection operation unit, the stability test of the second network safety protection operation unit can be carried out, so that when the stability test is successful, the second network safety protection operation unit is started, and the safety protection configuration processing of the process corresponding to the corresponding partial network data area is executed. In addition, if the starting of the second network safety protection operation unit is incomplete or the stability test is not accurate, the network safety protection system can output a judgment result.
The embodiment of the application provides a network security protection method based on big data, which comprises the following steps:
acquiring a part of calling requests of a first network security protection operation unit related to a global network data area; the first network security protection operation unit comprises a plurality of security protection nodes and a plurality of protection requirement calling nodes, wherein the security protection nodes process processes corresponding to the global network data area; determining a second network safety protection operation unit from an enabling queue for enabling the first network safety protection operation unit according to part of the invoking request; the network data area related to the second network security protection operation unit is a partial network data area in the global network data area; and starting a second network security protection operation unit, and further executing security protection configuration processing of processes corresponding to partial network data areas. According to the network security protection method based on the big data, a part of the network security protection operation units related to the global network data area can be searched for mining, the network security protection theme related to the partial network data area is completed, and the mining accuracy and the mining reliability of the network security protection operation units are improved.
On the basis, please refer to fig. 2 in combination, which provides a big data based network security protection apparatus 200, applied to a big data based network security protection system, the apparatus includes:
a request obtaining module 210, configured to obtain a partial invocation request for a first network security protection operating unit related to a global network data area; the first network security protection operation unit comprises a plurality of security protection nodes and a plurality of protection requirement calling nodes, wherein the security protection nodes and the protection requirement calling nodes are used for configuring security protection corresponding to the global network data area;
a unit determining module 220, configured to determine, according to the partial invocation request, a second network security protection operating unit from an enabling queue that enables the first network security protection operating unit; the network data area related to the second network security protection operation unit is a partial network data area in the global network data area;
the configuration processing module 230 is configured to enable the second network security protection operating unit, and further execute security protection configuration processing of a process corresponding to the partial network data area.
On the basis of the above, please refer to fig. 3, which shows a big data based network security protection system 300, which includes a processor 310 and a memory 320, which are communicated with each other, wherein the processor 310 is configured to read a computer program from the memory 320 and execute the computer program to implement the above method.
On the basis of the above, there is also provided a computer-readable storage medium on which a computer program is stored, which when executed implements the above-described method.
In summary, based on the above scheme, a part of the invocation request for the first network security protection operation unit related to the global network data area is obtained; the first network security protection operation unit comprises a plurality of security protection nodes and a plurality of protection requirement calling nodes, wherein the security protection nodes process processes corresponding to the global network data area; determining a second network safety protection operation unit from an enabling queue for enabling the first network safety protection operation unit according to part of the invoking request; the network data area related to the second network safety protection operation unit is a partial network data area in the global network data area; and operating the second network safety protection operation unit, and further executing the network data area of the process corresponding to the partial network data area. According to the technical scheme provided by the embodiment of the application, the part can be searched from the network security protection operation unit related to the global network data area for mining, the network security protection theme related to the partial network data area is completed, and the mining accuracy and the mining reliability of the network security protection operation unit are improved.
It should be appreciated that the system and its modules shown above may be implemented in a variety of ways. For example, in some embodiments, the system and its modules may be implemented in hardware, software, or a combination of software and hardware. Wherein the hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory for execution by a suitable instruction execution system, such as a microprocessor or specially designed hardware. Those skilled in the art will appreciate that the methods and systems described above may be implemented using computer executable instructions and/or embodied in processor control code, such code being provided, for example, on a carrier medium such as a diskette, CD-or DVD-ROM, a programmable memory such as read-only memory (firmware), or a data carrier such as an optical or electronic signal carrier. The system and its modules of the present application may be implemented not only by hardware circuits such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, etc., or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., but also by software executed by various types of processors, for example, or by a combination of the above hardware circuits and software (e.g., firmware).
It is to be noted that different embodiments may produce different advantages, and in different embodiments, the advantages that may be produced may be any one or combination of the above, or any other advantages that may be obtained.
Having thus described the basic concept, it will be apparent to those skilled in the art that the foregoing detailed disclosure is to be considered merely illustrative and not restrictive of the broad application. Various modifications, improvements and adaptations to the present application may occur to those skilled in the art, although not explicitly described herein. Such modifications, improvements and adaptations are proposed in the present application and thus fall within the spirit and scope of the exemplary embodiments of the present application.
Also, this application uses specific language to describe embodiments of the application. Reference throughout this specification to "one embodiment," "an embodiment," and/or "some embodiments" means that a particular feature, structure, or characteristic described in connection with at least one embodiment of the present application is included in at least one embodiment of the present application. Therefore, it is emphasized and should be appreciated that two or more references to "an embodiment" or "one embodiment" or "an alternative embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, some features, structures, or characteristics of one or more embodiments of the present application may be combined as appropriate.
Moreover, those skilled in the art will appreciate that aspects of the present application may be illustrated and described in terms of several patentable species or situations, including any new and useful combination of processes, machines, manufacture, or materials, or any new and useful improvement thereon. Accordingly, various aspects of the present application may be embodied entirely in hardware, entirely in software (including firmware, resident software, micro-code, etc.) or in a combination of hardware and software. The above hardware or software may be referred to as "data block," module, "" engine, "" unit, "" component, "or" system. Furthermore, aspects of the present application may be represented as a computer product, including computer readable program code, embodied in one or more computer readable media.
The computer storage medium may comprise a propagated data signal with the computer program code embodied therewith, for example, on baseband or as part of a carrier wave. The propagated signal may take any of a variety of forms, including electromagnetic, optical, and the like, or any suitable combination. A computer storage medium may be any computer-readable medium that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code located on a computer storage medium may be propagated over any suitable medium, including radio, cable, fiber optic cable, RF, or the like, or any combination of the preceding.
Computer program code required for the operation of various portions of the present application may be written in any one or more programming languages, including an object oriented programming language such as Java, Scala, Smalltalk, Eiffel, JADE, Emerald, C + +, C #, VB.NET, Python, and the like, a conventional programming language such as C, Visual Basic, Fortran 2003, Perl, COBOL 2002, PHP, ABAP, a dynamic programming language such as Python, Ruby, and Groovy, or other programming languages, and the like. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any network format, such as a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet), or in a cloud computing environment, or as a service, such as a software as a service (SaaS).
Additionally, the order in which elements and sequences of the processes described herein are processed, the use of alphanumeric characters, or the use of other designations, is not intended to limit the order of the processes and methods described herein, unless explicitly claimed. While various presently contemplated embodiments of the invention have been discussed in the foregoing disclosure by way of example, it is to be understood that such detail is solely for that purpose and that the appended claims are not limited to the disclosed embodiments, but, on the contrary, are intended to cover all modifications and equivalent arrangements that are within the spirit and scope of the embodiments herein. For example, although the system components described above may be implemented by hardware devices, they may also be implemented by software-only solutions, such as installing the described system on an existing server or mobile device.
Similarly, it should be noted that in the preceding description of embodiments of the application, various features are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure aiding in the understanding of one or more of the embodiments. This method of disclosure, however, is not intended to require more features than are expressly recited in the claims. Indeed, the embodiments may be characterized as having less than all of the features of a single embodiment disclosed above.
Numerals describing the number of components, attributes, etc. are used in some embodiments, it being understood that such numerals used in the description of the embodiments are modified in some instances by the use of the modifier "about", "approximately" or "substantially". Unless otherwise indicated, "about", "approximately" or "substantially" indicates that the numbers allow for adaptive variation. Accordingly, in some embodiments, the numerical parameters used in the specification and claims are approximations that may vary depending upon the desired properties of the individual embodiments. In some embodiments, the numerical parameter should take into account the specified significant digits and employ a general digit preserving approach. Notwithstanding that the numerical ranges and parameters setting forth the broad scope of the range are approximations, in the specific examples, such numerical values are set forth as precisely as possible within the scope of the application.
The entire contents of each patent, patent application publication, and other material cited in this application, such as articles, books, specifications, publications, documents, and the like, are hereby incorporated by reference into this application. Except where the application is filed in a manner inconsistent or contrary to the present disclosure, and except where the claim is filed in its broadest scope (whether present or later appended to the application) as well. It is noted that the descriptions, definitions and/or use of terms in this application shall control if they are inconsistent or contrary to the statements and/or uses of the present application in the material attached to this application.
Finally, it should be understood that the embodiments described herein are merely illustrative of the principles of embodiments of the present application. Other variations are also possible within the scope of the present application. Thus, by way of example, and not limitation, alternative configurations of the embodiments of the present application can be viewed as being consistent with the teachings of the present application. Accordingly, the embodiments of the present application are not limited to only those embodiments explicitly described and depicted herein.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (10)
1. A big data-based network security protection method is characterized by comprising the following steps:
acquiring a part of calling requests of a first network security protection operation unit related to a global network data area; the first network security protection operation unit comprises a plurality of security protection nodes and a plurality of protection requirement calling nodes, wherein the security protection nodes and the protection requirement calling nodes are used for configuring security protection corresponding to the global network data area;
determining a second network security protection operation unit from an enabling queue for enabling the first network security protection operation unit according to the part of the calling request; the network data area related to the second network security protection operation unit is a partial network data area in the global network data area;
and starting the second network security protection operation unit, and further executing security protection configuration processing of the process corresponding to the partial network data area.
2. The method of claim 1, wherein the partial invocation request is a frequent item tracking request; determining a second network security protection operating unit from an enabling queue for enabling the first network security protection operating unit according to the partial invoking request, comprising:
generating a frequent trace item in the enabling queue according to the frequent trace item request;
configuring the frequent trace item at not less than two security protection nodes marked by the frequent trace of the first network security protection operation unit as the second network security protection operation unit; and according to the frequent tracking item, the first security protection node of the frequent tracking mark is a trigger node of the second network security protection operation unit, and the last security protection node of the frequent tracking mark is an end node of the second network security protection operation unit.
3. The method according to any one of claims 1 to 3, wherein the partial invocation request is an activation request characterizing the second network security protection execution unit trigger node and end node; determining a second network security protection operating unit from an enabling queue for enabling the first network security protection operating unit according to the partial invoking request, comprising:
configuring the searched and wandering security protection node in the first network security protection operation unit as a trigger node of the second network security protection operation unit according to an activation request of the search trigger node;
configuring the searched and wandering security protection node in the first network security protection operation unit as an end node of the second network security protection operation unit according to the activation request of the search end node;
in the first network security protection operating unit, configuring a security protection node related to the trigger node, a security protection node related to the end node, and a security protection node and a protection requirement invoking node included between the trigger node and the end node as the second network security protection operating unit.
4. The method of claim 3, further comprising:
and in the second network security protection operation unit, respectively generating a trigger label component representing the trigger node at the security protection node related to the trigger node and generating an end label component at the security protection node related to the end node.
5. The method according to any one of claims 2-4, further comprising:
in the second network safety protection operation unit, a destruction control for destroying the trigger node is generated at the safety protection node related to the trigger node, and a destruction control for destroying the end node is generated at the safety protection node related to the end node;
when an activation instruction for the destruction triggering node destruction control is obtained, destroying the current safety protection node as a triggering node to judge the safety protection node related to the triggering node again;
and when an activation instruction for the destruction ending node destruction control is acquired, destroying the current safety protection node as an ending node so as to judge the safety protection node related to the ending node again.
6. The method according to any one of claim 5, wherein the security node in the first network security protection operating unit performs security protection control according to a first security protection policy, and the method further comprises:
and carrying out safety protection control according to a second safety protection strategy, and activating safety protection nodes related to the second network safety protection operation unit in the enabling queue.
7. The method of claim 1, wherein prior to the enabling the second network security defense execution unit, the method further comprises:
according to the acquired stability test request, performing stability test on the second network safety protection operation unit;
and when the safety protection linkage relation of the safety protection nodes in the second network safety protection operation unit is an effective linkage relation, judging that the stability test of the second network safety protection operation unit is successful, and generating a judgment result of successful stability test in the starting queue.
8. The method of claim 7, further comprising:
and when the safety protection linkage relation of the safety protection nodes in the second network safety protection operation unit is not an effective linkage relation, judging that the stability test of the second network safety protection operation unit is inaccurate, and generating a judgment result of the inaccurate stability test in the starting queue.
9. The method of claim 1, wherein enabling the second network security defense execution unit comprises:
when the second network safety protection operation unit is completely started, displaying a safety protection configuration processing result of a process corresponding to the partial network data area at a protection requirement calling node connected with a safety protection node related to a second network safety protection operation unit ending node;
wherein the method further comprises:
when the enablement of the second network security protection operation unit is incomplete, a determination result that the enablement is incomplete is generated in the enablement queue.
10. A big data based network security protection system, comprising a processor and a memory, which are in communication with each other, wherein the processor is configured to retrieve a computer program from the memory and to execute the computer program to implement the method according to any one of claims 1 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210330136.3A CN114629715A (en) | 2022-03-31 | 2022-03-31 | Network security protection method and system based on big data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210330136.3A CN114629715A (en) | 2022-03-31 | 2022-03-31 | Network security protection method and system based on big data |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114629715A true CN114629715A (en) | 2022-06-14 |
Family
ID=81903575
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210330136.3A Pending CN114629715A (en) | 2022-03-31 | 2022-03-31 | Network security protection method and system based on big data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114629715A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190068650A1 (en) * | 2017-08-30 | 2019-02-28 | General Electric Company | Automated network security policy configuration |
| CN112437347A (en) * | 2020-04-30 | 2021-03-02 | 许周 | E-commerce live broadcast processing method and system based on big data and live broadcast platform |
| CN112511540A (en) * | 2020-04-10 | 2021-03-16 | 吴萌萌 | Network security analysis method and system based on big data platform |
| CN113315666A (en) * | 2021-07-02 | 2021-08-27 | 天津嘉恒达科技有限公司 | Defense control method and system for information network security |
| CN113872928A (en) * | 2021-07-28 | 2021-12-31 | 上海纽盾科技股份有限公司 | Method, client and system for obtaining benefits through network security defense |
-
2022
- 2022-03-31 CN CN202210330136.3A patent/CN114629715A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190068650A1 (en) * | 2017-08-30 | 2019-02-28 | General Electric Company | Automated network security policy configuration |
| CN112511540A (en) * | 2020-04-10 | 2021-03-16 | 吴萌萌 | Network security analysis method and system based on big data platform |
| CN112437347A (en) * | 2020-04-30 | 2021-03-02 | 许周 | E-commerce live broadcast processing method and system based on big data and live broadcast platform |
| CN113315666A (en) * | 2021-07-02 | 2021-08-27 | 天津嘉恒达科技有限公司 | Defense control method and system for information network security |
| CN113872928A (en) * | 2021-07-28 | 2021-12-31 | 上海纽盾科技股份有限公司 | Method, client and system for obtaining benefits through network security defense |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114168747A (en) | Knowledge base construction method and system based on cloud service | |
| CN113903473A (en) | Medical information intelligent interaction method and system based on artificial intelligence | |
| US11113393B2 (en) | Providing security features in write filter environments | |
| CN114629715A (en) | Network security protection method and system based on big data | |
| CN114329116B (en) | Artificial intelligence-based intelligent park resource matching degree analysis method and system | |
| CN113360562A (en) | Interface pairing method and system based on artificial intelligence and big data and cloud platform | |
| CN114417076A (en) | Production line intelligent early warning method and system based on artificial intelligence | |
| CN114238365A (en) | Service data management method and system based on intelligent education | |
| CN113485203A (en) | Method and system for intelligently controlling network resource sharing | |
| CN113610373A (en) | Information decision processing method and system based on intelligent manufacturing | |
| CN114090858B (en) | Resource pool object data acquisition method and system based on automatic crawler | |
| CN114168999A (en) | Comprehensive security method and system based on data center | |
| CN114826676B (en) | Network security data sharing and control method and system | |
| CN113610117B (en) | Underwater sensing data processing method and system based on depth data | |
| CN113409076B (en) | Method and system for constructing user portrait based on big data and cloud platform | |
| CN114691830B (en) | Network security analysis method and system based on big data | |
| CN113613252B (en) | 5G-based network security analysis method and system | |
| CN113626559A (en) | Semantic-based network document intelligent retrieval method and system | |
| CN113239332A (en) | Intelligent account filling and login processing method and system and cloud platform | |
| CN113407173A (en) | Method and system for performing visual programming on expression of medical micro server | |
| CN115495017A (en) | Data storage method and system based on big data | |
| CN113609931A (en) | Face recognition method and system based on neural network | |
| CN115374368A (en) | Internet-based network tag data processing method and system | |
| CN114169551A (en) | Cabinet inspection management method and system | |
| CN114169437A (en) | Intelligent key data attribute fusion method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20220614 |
|
| WD01 | Invention patent application deemed withdrawn after publication |