CN114637994A - Network security data acquisition method and system based on artificial intelligence and cloud platform - Google Patents
Network security data acquisition method and system based on artificial intelligence and cloud platform Download PDFInfo
- Publication number
- CN114637994A CN114637994A CN202210330162.6A CN202210330162A CN114637994A CN 114637994 A CN114637994 A CN 114637994A CN 202210330162 A CN202210330162 A CN 202210330162A CN 114637994 A CN114637994 A CN 114637994A
- Authority
- CN
- China
- Prior art keywords
- thread
- security
- thread security
- interaction data
- label
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 49
- 238000013473 artificial intelligence Methods 0.000 title claims description 21
- 230000002452 interceptive effect Effects 0.000 claims abstract description 97
- 238000012545 processing Methods 0.000 claims abstract description 86
- 238000004458 analytical method Methods 0.000 claims abstract description 14
- 238000005457 optimization Methods 0.000 claims abstract description 14
- 230000008569 process Effects 0.000 claims abstract description 12
- 230000003993 interaction Effects 0.000 claims description 266
- 238000013480 data collection Methods 0.000 claims description 33
- 238000000605 extraction Methods 0.000 claims description 21
- 238000005065 mining Methods 0.000 claims description 18
- 238000004590 computer program Methods 0.000 claims description 10
- 238000003860 storage Methods 0.000 claims description 8
- 238000004891 communication Methods 0.000 claims description 3
- 238000012790 confirmation Methods 0.000 abstract description 21
- 238000001514 detection method Methods 0.000 abstract description 18
- 230000002349 favourable effect Effects 0.000 abstract description 3
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 230000006872 improvement Effects 0.000 description 4
- 238000007418 data mining Methods 0.000 description 3
- 239000000463 material Substances 0.000 description 3
- 230000000644 propagated effect Effects 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000011156 evaluation Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000026676 system process Effects 0.000 description 2
- 230000003044 adaptive effect Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000010977 jade Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 239000003607 modifier Substances 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 241000894007 species Species 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Abstract
The reference thread security event interactive data and the reference thread security theme interactive data bound by a reference thread security event label and a reference thread security theme label are subjected to collaborative security analysis processing, so that the corresponding situation between the thread security event interactive data and the thread security theme interactive data can be ensured, when thread security detection is carried out, thread security confirmation can be carried out through the thread security theme interactive data of an object to be detected, thread security confirmation can be carried out through the thread security event interactive data of the object to be detected, thread security confirmation is carried out through the thread security event interactive data of the object to be detected, and thread security confirmation is carried out by combining the thread security theme interactive data and the thread security event interactive data, so that the optimization of the thread security theme interactive data and the thread security event interactive data can be realized in the thread security confirmation process, the method is favorable for improving the accuracy and the reliability of the object thread safety detection.
Description
Technical Field
The application relates to the technical field of data acquisition, in particular to a network security data acquisition method and system based on artificial intelligence and a cloud platform.
Background
In recent years, with the development of artificial intelligence, data security situation is more severe, and various data security events emerge endlessly. Under the current situation, internet companies have also achieved a general consensus: although the attack cannot be completely prevented, the bottom line is sensitive data and cannot be leaked. That is, the server may be hung up, but sensitive data cannot be dragged away. Servers are an acceptable loss for internet companies, but sensitive data leaks can have a significant reputation and economic impact on the company.
At present, as the technology of data transmission through a network becomes more and more mature, the efficiency of acquiring data transmission can be effectively improved, and a good experience feeling is brought to a user. There are some problems that may interfere with the data acquisition, for example, the acquired data has a safety hazard, which may cause leakage or damage of private information of the user, thereby making it difficult to ensure the accuracy and credibility of the acquired data.
Disclosure of Invention
In view of the above, the application provides a network security data acquisition method and system based on artificial intelligence, and a cloud platform.
In a first aspect, a method for acquiring network security data based on artificial intelligence is provided, the method at least including:
acquiring reference thread security event interactive data bound to a reference thread security event label in current thread service interactive data and reference thread security theme interactive data bound to a reference thread security theme label in the current thread service interactive data; the reference thread security event label and the reference thread security theme label have a corresponding condition;
and performing collaborative security analysis processing on the reference thread security event interactive data and the thread security subject interactive data of the target.
In an independently implemented embodiment, the current thread service interaction data includes thread service interaction data collected by a current thread session data collection port; the obtaining of the reference thread security event interaction data bound to the reference thread security event tag in the current thread service interaction data and the reference thread security theme interaction data bound to the reference thread security theme tag in the current thread service interaction data includes:
performing correlation mining on the thread security event label and the thread security theme label covered by the current thread service interaction data based on the port division condition of the thread session data collection port as a first preset division condition to obtain a reference thread security event label and a reference thread security theme label with corresponding conditions;
and according to the thread security event set bound with the reference thread security event label and the thread security theme set bound with the reference thread security theme label, sequentially performing thread service interaction data feature extraction processing on the current thread service interaction data to obtain the reference thread security event interaction data bound with the thread security event set and the reference thread security theme interaction data bound with the thread security theme set.
In an embodiment of independent implementation, the obtaining of the reference thread security event interaction data bound to the reference thread security event tag in the current thread service interaction data and the reference thread security topic interaction data bound to the reference thread security topic tag in the current thread service interaction data includes:
acquiring a first thread service interaction data processing result description which is transmitted by the thread session data collection port and bound with the current thread service interaction data based on the port division condition of the thread session data collection port as a second preset division condition;
describing a matching condition of a thread security event label and a thread security theme label in the current thread service interactive data and thread security event interactive data and thread security theme interactive data which are respectively bound by the thread security event label and the thread security theme label based on the processing result of the first thread service interactive data, and determining a reference thread security event label and a reference thread security theme label which have corresponding conditions in the current thread service interactive data based on the matching condition;
and obtaining reference thread security event interactive data bound with the reference thread security event label and reference thread security theme interactive data bound with the reference thread security theme label in the thread security event interactive data and the thread security theme interactive data covered by the first thread service interactive data processing result description.
In a separately implemented embodiment, the method further comprises:
based on the first thread service interaction data processing result description, the matching condition is not included, correlation mining is carried out on the thread security event label and the thread security theme label covered by the current thread service interaction data, and a reference thread security event label and a reference thread security theme label with corresponding conditions are obtained;
and according to the thread security event set bound with the reference thread security event label and the thread security theme set bound with the reference thread security theme label, sequentially performing thread service interaction data feature extraction processing on the current thread service interaction data to obtain the reference thread security event interaction data bound with the thread security event set and the reference thread security theme interaction data bound with the thread security theme set.
In an embodiment of independent implementation, the obtaining of the reference thread security event interaction data bound to the reference thread security event tag in the current thread service interaction data and the reference thread security topic interaction data bound to the reference thread security topic tag in the current thread service interaction data includes:
acquiring a second thread service interaction data processing result description which is transmitted by the thread session data collection port and bound with the current thread service interaction data based on the port division condition of the thread session data collection port as a third preset division condition; the second thread service interaction data processing result describes thread security event tags covered by the current thread service interaction data and thread security event interaction data bound with the thread security event tags;
performing label optimization and thread service interaction data feature extraction processing on the current thread service interaction data to obtain thread security protection subject labels covered by the current thread service interaction data and thread security protection subject interaction data bound with the thread security protection subject labels; performing correlation mining on thread security event labels covered by the second thread service interaction data processing result description and the obtained thread security theme labels to obtain reference thread security event labels and reference thread security theme labels with corresponding conditions;
and determining reference thread security protection theme interactive data bound with the reference thread security protection theme label in the obtained thread security protection theme interactive data, and obtaining the reference thread security protection event interactive data bound with the reference thread security protection event label and covered by the processing result description of the second thread service interactive data.
In an embodiment of independent implementation, the obtaining of the reference thread security event interaction data bound to the reference thread security event tag in the current thread service interaction data and the reference thread security topic interaction data bound to the reference thread security topic tag in the current thread service interaction data includes:
acquiring a third thread service interaction data processing result description which is transmitted by the thread session data collection port and bound with the current thread service interaction data based on the port division condition of the thread session data collection port as a fourth preset division condition;
the third thread service interaction data processing result description comprises a reference thread security event label and a reference thread security theme label which have corresponding conditions, reference thread security event interaction data bound with the reference thread security event label and reference thread security theme interaction data bound with the reference thread security theme label; and acquiring the reference thread security event label and the reference thread security subject label which are covered by the third thread service interaction data processing result description and have corresponding conditions, and reference thread security event interaction data bound with the reference thread security event label and reference thread security subject interaction data bound with the reference thread security subject label.
In an independently implemented embodiment, the performing collaborative security profiling processing on the reference thread security event interaction data and the thread security subject interaction data of the target includes:
generating a description result of the existing relation between the reference thread security event label and the reference thread security subject label according to the first key description of the reference thread security event label and the second key description of the reference thread security subject label;
and performing collaborative security analysis processing on the reference thread security event interactive data and the thread security subject interactive data of the target based on the description result of the existing connection.
In a separately implemented embodiment, further comprising:
obtaining thread security event description and thread security theme description; the thread security event description is obtained by performing characteristic feature extraction processing on the reference thread security event interaction data, and the thread security topic description is obtained by performing characteristic feature extraction processing on the reference thread security topic interaction data;
and/or obtaining thread security event identification and thread security subject identification; the thread security event identification is obtained by performing identification updating on the reference thread security event interaction data;
the thread security theme identification is obtained by carrying out identification updating on the reference thread security theme interactive data;
and collaboratively and safely analyzing and processing the thread security event description and the thread security theme description, and/or collaboratively and safely analyzing and processing the thread security event identifier and the thread security theme identifier.
In a second aspect, an artificial intelligence based network security data acquisition system is provided, which comprises a processor and a memory, wherein the processor and the memory are in communication with each other, and the processor is used for retrieving a computer program from the memory and implementing the method by running the computer program.
In a third aspect, an embodiment of the present application provides a cloud platform, where the cloud platform includes a readable storage medium storing a program to implement the method.
The method, the system and the cloud platform for acquiring network security data based on artificial intelligence can carry out collaborative security analysis processing on reference thread security event interactive data and reference thread security theme interactive data bound by a reference thread security event tag and a reference thread security theme tag which have corresponding conditions in current thread service interactive data, thereby ensuring the corresponding conditions between the thread security event interactive data and the thread security theme interactive data, so that thread security confirmation can be carried out through the thread security theme interactive data of an object to be detected during thread security detection, thread security confirmation can be carried out through the thread security event interactive data of the object to be detected, and thread security confirmation can be carried out by combining the thread security theme interactive data and the thread security event interactive data, therefore, optimization of thread security protection theme interactive data and thread security protection event interactive data can be achieved in the thread security confirmation process, and the accuracy and the reliability of object thread security detection are improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.
Fig. 1 is a flowchart of a network security data acquisition method based on artificial intelligence according to an embodiment of the present application.
Fig. 2 is a block diagram of an artificial intelligence-based network security data acquiring apparatus according to an embodiment of the present application.
Fig. 3 is an architecture diagram of an artificial intelligence based network security data acquisition system according to an embodiment of the present application.
Detailed Description
In order to better understand the technical solutions, the technical solutions of the present application are described in detail below with reference to the drawings and specific embodiments, and it should be understood that the specific features in the embodiments and examples of the present application are detailed descriptions of the technical solutions of the present application, and are not limitations of the technical solutions of the present application, and the technical features in the embodiments and examples of the present application may be combined with each other without conflict.
Referring to fig. 1, a method for acquiring network security data based on artificial intelligence is shown, which may include the following technical solutions described in step102 and step 104.
step102, obtaining reference thread security event interaction data bound by a reference thread security event label in current thread service interaction data and reference thread security theme interaction data bound by a reference thread security theme label in the current thread service interaction data; and the reference thread security event label and the reference thread security subject label have corresponding conditions.
The current thread service interaction data comprises thread service interaction data distributed at a current thread session data collection port for collection. And the corresponding situation is used for representing that the reference thread security event label and the reference thread security topic label belong to the same thread security topic.
In this embodiment, step102 can be divided into two steps, step1021 and step 1022.
step1021, performing correlation mining on the thread security event tags and the thread security subject tags covered by the current thread service interaction data to obtain reference thread security event tags and reference thread security subject tags with corresponding conditions in the thread security event tags and the thread security subject tags.
In the present embodiment, step11 and tep12 may be performed when step1021 is performed.
step11, performing label optimization on the current thread service interaction data to obtain thread security event labels and thread security theme labels covered by the current thread service interaction data.
step12, performing correlation mining on the thread security event label and the thread security subject label to obtain a reference thread security event label and a reference thread security subject label with corresponding conditions.
In this embodiment, correlation mining may be performed by using the positioning condition between the thread security event tag and the thread security topic tag.
Further, the thread security theme tags can be respectively considered as current thread security theme tags, and the similarity between the optimized set of each thread security event tag and the optimized set of the current thread security theme tag is determined. Then, the thread security event label with the maximum similarity to the current thread security topic label can be determined as a reference thread security event label and a reference thread security topic label which are matched with each other. Therefore, the matched reference thread security event label and the reference thread security theme label can be obtained according to the corresponding situation of the thread security event thread security theme in positioning.
In this embodiment, correlation mining may also be performed by using an AI artificial intelligence thread method.
Furthermore, the configuration of the correlation mining thread can be completed by utilizing the marked thread security theme-thread security event matching real-time configuration example cluster. Then, a matching evaluation result of each thread security event thread security topic cluster can be determined by using the correlation mining thread, and two thread security event thread security topics with the best matching evaluation result are determined as the reference thread security event tag and the reference thread security topic tag. Therefore, the relevance mining can be realized by utilizing an AI artificial intelligence thread method.
step1022, sequentially performing thread service interaction data feature extraction processing on the current thread service interaction data according to the thread security event set bound with the reference thread security event tag and the thread security theme set bound with the reference thread security theme tag to obtain the reference thread security event interaction data bound with the thread security event set and the reference thread security theme interaction data bound with the thread security theme set.
And the thread security event set is used for representing a set formed by an optimized set of thread security event labels in the current thread service interaction data. And the thread security theme set is used for representing a set formed by an optimized set of thread security theme labels in the current thread service interaction data.
In this embodiment, the thread security event set bound to the reference thread security event tag, the thread security topic set bound to the reference thread security topic tag, and the current thread service interaction data may be input into a thread service interaction data mining layer, and thread service interaction data mining may be performed to obtain the reference thread security event interaction data and the reference thread security topic interaction data.
step104, performing collaborative security analysis processing on the reference thread security event interactive data and the thread security subject interactive data of the target.
In this embodiment, the reference thread security event interaction data and the reference thread security topic interaction data may be processed in cooperation with security analysis in a database preset by the data acquisition system, so that a thread security topic interaction data set and a thread security event interaction data set are formed in the database. And subsequently, when the thread security detection is carried out on the object to be detected, matching the thread security protection theme interactive data of the object with the thread service interactive data in the stored thread security protection theme interactive data set, and obtaining the thread security protection event interactive data matched with the thread security protection theme interactive data in matching. And then, the thread safety of the object to be detected can be determined through the obtained thread security event interaction data.
According to the description contents, the reference thread security event interactive data and the reference thread security theme interactive data bound with the reference thread security event tag and the reference thread security theme tag which have corresponding conditions in the current thread service interactive data can be analyzed and processed in a coordinated and safe manner, so that the corresponding conditions between the thread security event interactive data and the thread security theme interactive data can be ensured, when thread security detection is carried out, thread security confirmation can be carried out through the thread security theme interactive data of an object to be detected, thread security confirmation can also be carried out through the thread security event interactive data of the object to be detected, thread security confirmation can also be carried out by combining the thread security theme interactive data and the thread security event interactive data, and optimization of the thread security theme interactive data and the thread security event interactive data can be realized in the thread security confirmation process, the method is favorable for improving the accuracy and the credibility of the object thread safety detection.
In this embodiment, searching for a thread security event and a thread security topic that are matched is facilitated, and the thread security event and the thread security topic can be matched through a description result of the relationship.
The present disclosure shows a collaborative security profiling processing method, which can execute the contents described in step202-step204 when step104 is executed.
step202, generating a description result of the existence relation between the reference thread security event label and the reference thread security subject label according to the first key description of the reference thread security event label and the second key description of the reference thread security subject label.
In the process of performing label optimization on current thread service interaction data to obtain thread security event labels and thread security subject labels, thread security key descriptions with differences are extracted for thread security event labels and thread security subject labels with differences in order to divide the thread security event labels and the thread security subject labels in the current thread service interaction data.
In this embodiment, when step202 is executed, the first key description and the second key description may be concatenated to generate a linked description result. For example, if the first key description is 16 bits and the second key description is also 16 bits, the associated description result is 32 bits, where the first 16 bits are the first key description and the last 16 bits are the second key description.
step204, based on the description result of the existing connection, performing collaborative security analysis processing on the reference thread security event interactive data and the thread security subject interactive data of the target.
In this embodiment, the description result with the relationship may be regarded as reference data, and the reference thread security event interaction data and the reference thread security topic interaction data are both matched. Therefore, thread security event interaction data and thread security subject interaction data can be quickly searched through the description result with the relation.
In this embodiment, multiple data related to the reference thread security event and the reference thread security topic may be analyzed and processed in cooperation with security.
The method for acquiring the network security data based on the artificial intelligence disclosed by the disclosure can specifically comprise the contents described in step302 and step 304.
step302, obtaining thread security event description and thread security subject description; the thread security event description is obtained by performing characteristic feature extraction processing on the reference thread security event interaction data, and the thread security topic description is obtained by performing characteristic feature extraction processing on the reference thread security topic interaction data; and/or the presence of a gas in the gas,
obtaining thread security event identification and thread security theme identification; the thread security event identification is obtained by performing identification updating on the reference thread security event interaction data; the thread security theme identification is obtained by performing identification updating on the reference thread security theme interactive data.
It is understood that step302 includes at least 3 schemes. Namely, only step3021 is executed to obtain the thread security event description and the thread security topic description. And only executing step3022 to obtain the thread security event identifier and the thread security theme identifier. Step3021 and step3022 are performed together.
In this embodiment, when step3021 is executed, processing steps such as feature extraction and content description may be performed on the reference thread security event interaction data and the reference thread security topic interaction data to obtain the thread security event description and the thread security topic description. In this embodiment, on the basis that the thread session data collection port satisfies the feature extraction processing, when step3021 is executed, the thread security event description and the thread security topic description may be directly obtained from the information transmitted by the data acquisition system.
When step3022 is executed, the thread security event interaction data and the reference thread security theme interaction data may be input into a pre-configured identifier detection thread to obtain the thread security event identifier and the thread security theme identifier that are bound. In this embodiment, on the basis that the thread session data collection port satisfies the requirement of performing the identification detection, when step3022 is executed, the thread security event identification and the thread security topic identification may be directly obtained from the information transmitted by the data acquisition system.
step304, performing collaborative security analysis processing on the thread security event description and the thread security topic description, and/or performing collaborative security analysis processing on the thread security event identifier and the thread security topic identifier.
When step304 is executed, the description result of the existing relation determined in step202 may be regarded as reference data, the thread security event description and the thread security subject description may be processed in a security analysis manner in cooperation, and/or the thread security event identifier and the thread security subject identifier may be processed in a security analysis manner in cooperation.
Furthermore, multi-identification description can be carried out on thread security topics and thread security events, thread security detection is facilitated, and an object database is also facilitated to be built. The object database may include information such as thread security event interaction data, thread security topic interaction data, object identification, and the like.
The method for acquiring the network security data based on the artificial intelligence can specifically comprise the contents described in step401-step 403.
step401, determine the port partition of the thread session data collection port.
In this embodiment, the data acquisition system information of the thread session data collection port may be obtained, and the port division condition of the data acquisition system may be obtained by analyzing the data acquisition system information.
step402, obtaining information such as a reference thread security event label and a reference thread security subject label with corresponding conditions in the thread security event labels and the thread security subject labels covered by the current thread service interaction data, and thread service interaction data, description, identification and the like bound to the reference thread security event labels and the reference thread security subject labels.
Wherein, when step402 is executed, the thread session data collection port based on the different division condition can correspond to the step with difference. The following is an explanation of the four data acquisition systems indicated in the present disclosure in turn.
(1) And the port division condition of the thread session data collection port is a first preset division condition.
The data acquisition system for the first preset division condition has the performance of collecting thread service interaction data and does not have the performance of processing the thread service interaction data.
Further, step4021 and step4022 may be performed when step402 is performed.
Step4021, based on the port division condition of the thread session data collection port as a first preset division condition, performing correlation mining on a thread security event label and a thread security subject label covered by the current thread service interaction data to obtain a reference thread security event label and a reference thread security subject label with corresponding conditions; and according to the thread security event set bound with the reference thread security event label and the thread security theme set bound with the reference thread security theme label, sequentially performing thread service interaction data feature extraction processing on the current thread service interaction data to obtain the reference thread security event interaction data bound with the thread security event set and the reference thread security theme interaction data bound with the thread security theme set.
step4022, processing the obtained reference thread security event interaction data and the reference thread security theme interaction data by identifying a detection thread, a characteristic feature extraction processing thread and other information mining threads to obtain information such as thread security event description, thread security theme description, thread security event identification, thread security theme identification and the like.
(2) And the port division condition of the thread session data collection port is a second preset division condition.
The data acquisition system of the second preset division case may be a data acquisition system having a structured performance. The data acquisition system can collect current thread service interaction data, process the current thread service interaction data, and select thread security protection theme interaction data, thread security protection event identification and thread security protection theme identification information from the current thread service interaction data. Some of the data acquisition systems can also directly output the matching condition of the thread security event and the thread security theme, and some of the data acquisition systems cannot. In this embodiment, the data acquisition system of the second preset division condition may further output a thread safety key description, a distribution condition, and the like of the data acquisition system.
Further, in executing step402, the contents described in step21-step24 may be executed.
Step21, based on the port division condition of the thread session data collection port being a second preset division condition, obtains a first thread service interaction data processing result description bound with the current thread service interaction data transmitted by the thread session data collection port.
And the first thread service interaction data processing result description is information obtained after the data acquisition system of the second preset division condition processes the current thread service interaction data. The first thread service interaction data processing result description comprises thread security event interaction data and thread security theme interaction data which are respectively bound with a thread security event label and a thread security theme label in the current thread service interaction data. According to the inconsistency between the first thread business interaction data processing result description and the sample data, two processing steps of step22 and step23 exist.
step22, including step221-step 222.
step221, describing a matching condition of a thread security event tag and a thread security theme tag in the current thread service interaction data and thread security event interaction data and thread security theme interaction data respectively bound to the thread security event tag and the thread security theme tag based on the processing result of the first thread service interaction data, and determining that a reference thread security event tag and a reference thread security theme tag with a corresponding condition exist in the current thread service interaction data based on the matching condition.
And the matching condition is used for representing the thread security event label and the thread security subject label which are matched in the current thread service interaction data. For example, the data acquisition system may directly output the thread security event tag and the thread security theme tag in a cluster manner. And the thread security event label and the thread security subject label in each cluster are the reference thread security event label and the reference thread security subject label with corresponding conditions. For example, the data acquisition system may extract a consistent tag for the matched thread security event tag and thread security topic tag. The reference thread security event label and the reference thread security subject label with corresponding conditions can be determined through the label.
step222, obtaining reference thread security event interaction data bound to the reference thread security event tag and reference thread security theme interaction data bound to the reference thread security event tag, from the thread security event interaction data and the thread security theme interaction data covered by the first thread service interaction data processing result description.
When step222 is executed, bound reference thread security event interaction data and reference thread security theme interaction data can be extracted through key descriptions of the reference thread security event label and the reference thread security theme label.
step23, based on the thread service interaction data processing result description, performing correlation mining on the thread security event label and the thread security theme label covered by the current thread service interaction data to obtain a reference thread security event label and a reference thread security theme label with corresponding conditions; and according to a thread security event set bound with the reference thread security event label and a thread security theme set bound with the reference thread security theme label, sequentially performing thread service interaction data feature extraction processing on the current thread service interaction data to obtain reference thread security event interaction data bound with the thread security event set and reference thread security theme interaction data bound with the thread security theme set.
When the first thread service interaction data processing result description does not include the matching condition, even though the data acquisition system can output the thread security event interaction data and the thread security theme interaction data, the matching condition cannot be obtained. Therefore, the steps described in step22 are continuously required to be executed on the current thread service interaction data to obtain the matched reference thread security theme and reference thread security event.
step24, processing the reference thread security event interaction data and the reference thread security theme interaction data through the characteristic feature extraction processing thread to obtain thread security event description and thread security theme description, and obtaining information such as thread security event identification and thread security theme identification bound with the reference thread security event label and the reference thread security theme label from the first thread service interaction data processing result description.
(3) And the port division condition of the thread session data collection port is a third preset division condition.
Further, step31-step35 may be performed when step402 is performed.
Step31, based on the port division condition of the thread session data collection port being a third preset division condition, obtains a second thread service interaction data processing result description transmitted by the thread session data collection port and bound with the current thread service interaction data.
And the second thread service interaction data processing result description is information obtained after the third preset division condition data acquisition system processes the current thread service interaction data. And the processing result of the second thread service interaction data describes thread security event tags covered by the current thread service interaction data and thread security event interaction data bound with the thread security event tags.
step32, performing label optimization and thread service interaction data feature extraction processing on the current thread service interaction data to obtain thread security protection subject labels covered by the current thread service interaction data and thread security protection subject interaction data bound with the thread security protection subject labels.
When step32 is executed, a thread security protection theme label and an optimization set bound with the thread security protection theme label can be obtained by utilizing a label optimization thread configured in advance. And then inputting the optimization set bound by the thread security theme label and the current thread service interaction data (which can also be a description set bound by the current thread service interaction data) into a thread service interaction data mining layer to obtain the thread security theme interaction data.
step33, performing correlation mining on the thread security event label covered by the second thread service interaction data processing result description and the obtained thread security theme label to obtain a reference thread security event label and a reference thread security theme label with corresponding conditions.
In this embodiment, the thread security event label covered by the second thread service interaction data processing result description and the optimization set thereof may be obtained first. Then, by utilizing the corresponding situation of the thread security event and the thread security theme in positioning, the thread security event optimized set with the maximum similarity to each thread security theme optimized set is respectively determined, and the two thread security events with the maximum similarity and the thread security theme are determined as the reference thread security event label and the reference thread security theme label with the corresponding situation.
In this embodiment, a thread may also be simulated by using a matching degree configured in advance, and the reference thread security event tag and the reference thread security subject tag in which the corresponding situation exists are determined.
step34, determining reference thread security theme interaction data bound with the reference thread security theme label in the obtained thread security theme interaction data, and obtaining reference thread security event interaction data bound with the reference thread security event label and covered by the processing result of the second thread service interaction data.
When step34 is executed, the bound reference thread security event interaction data and the reference thread security topic interaction data can be extracted through the key description of the reference thread security event label and the reference thread security topic label.
step35, processing the reference thread security theme interaction data through information mining threads such as characteristic feature extraction processing threads and identification detection threads to obtain information such as thread security theme description and thread security theme identification, and obtaining information such as thread security event description and thread security event identification bound with the reference thread security event label from the second thread service interaction data processing result description.
(4) The port division condition of the thread session data collection port is a fourth preset division condition.
The performance of the data acquisition system for the fourth predetermined division condition may be configured as desired. The capabilities of such data acquisition systems may be configurable according to instructions. In this embodiment, the data acquisition system may collect current thread service interaction data, and may process the current thread service interaction data according to the method of step1021-step1022 to obtain information such as the reference thread security event tag and the reference thread security topic tag in which corresponding conditions exist, and each bound thread service interaction data, identifier, description, and the like.
Further, in performing step402, step41-step43 may be performed.
Step41, based on the port division condition of the thread session data collection port being a fourth preset division condition, obtains a third thread service interaction data processing result description bound with the current thread service interaction data transmitted by the thread session data collection port.
The third thread service interaction data processing result description is information obtained after the fourth preset division condition data acquisition system processes the current thread service interaction data. The third thread service interaction data processing result description comprises a reference thread security event label and a reference thread security theme label which have corresponding conditions, reference thread security event interaction data bound with the reference thread security event label and reference thread security theme interaction data bound with the reference thread security theme label.
step42, obtaining the reference thread security event label and the reference thread security theme label which are covered by the third thread service interaction data processing result description and have corresponding conditions, and the reference thread security event interaction data bound with the reference thread security event label and the reference thread security theme interaction data bound with the reference thread security theme label.
When step42 is executed, the reference thread security event label and the reference thread security topic label which have corresponding conditions and the thread service interaction data bound to each label can be obtained by analyzing the third thread service interaction data processing result description.
step43, the description and identification of the binding of the reference thread security event label and each reference thread security topic label can also be obtained by analyzing the third thread service interaction data processing result description.
For at least one of the four descriptions, after information such as the reference thread security event label and the reference thread security subject label with corresponding conditions, and thread service interaction data, identification, characteristics and the like bound to the reference thread security event label and the reference thread security subject label with corresponding conditions are obtained through step401-step402, step403 can be executed, and the information such as the reference thread security event label and the reference thread security subject label with corresponding conditions, and thread service interaction data, identification, description and the like bound to the reference thread security event label and the reference thread security subject label with corresponding conditions are analyzed and processed in a collaborative and safe mode.
In this embodiment, the thread service interaction data descriptions bound to the reference thread security event tag and the reference thread security theme tag respectively may also be prestored. Therefore, the description matching efficiency is improved, and the thread safety detection accuracy is further improved.
When thread safety detection is carried out, collected thread service interaction data can be obtained from a data acquisition system, a thread security event label and a thread security theme label of an object to be detected, which are contained in the thread service interaction data, are obtained through a thread security event and thread security theme optimization technology, then thread security event interaction data are selected from the thread service interaction data according to a thread security event set bound by the thread security event label, and thread security theme interaction data are selected from the thread service interaction data according to a thread security theme set bound by the thread security theme label. Thread security detection may then be performed in at least one of the following ways.
Firstly, matching thread security event description mined from the thread security event interactive data with thread security event description stored in a cache device of a bound data acquisition system, and determining a bound object database to determine object thread safety according to a description result of the existence relation bound by the random thread security event description in the matching.
Secondly, matching thread security protection subject descriptions mined from the thread security protection event interactive data with thread security protection subject descriptions stored in a cache device of a bound data acquisition system, and determining a bound object database to determine the object thread safety according to a description result of the existence relation bound by the random thread security protection subject descriptions in the matching.
Thirdly, matching thread security event description and thread security subject description mined from the thread security event interaction data with thread security event description and thread security subject description stored in a cache device of a bound data acquisition system, and determining a bound object database to determine the object thread security according to a description result of the existence relation bound between the thread security event description and the thread security subject description in the matching (the description result of the existence relation where the thread security event description and the thread security subject description are consistent).
After determining the object database of the object to be detected, the thread safety and the related identification information of the object to be detected may be determined from the determined object database.
Therefore, thread safety confirmation can be carried out through thread security protection theme interactive data of the object to be detected, thread safety confirmation can also be carried out through thread security protection event interactive data of the object to be detected, and thread safety confirmation can also be carried out by combining the thread security protection theme interactive data and the thread security protection event interactive data, so that optimization of the thread security protection theme interactive data and the thread security protection event interactive data can be realized in the thread safety confirmation process, and the accuracy and the reliability of object thread safety detection can be improved.
On the basis of the above, please refer to fig. 2 in combination, there is provided an artificial intelligence based network security data acquiring apparatus 200, applied to an artificial intelligence based network security data acquiring system, the apparatus comprising:
a data obtaining module 210, configured to obtain reference thread security event interaction data bound to a reference thread security event tag in current thread service interaction data, and reference thread security theme interaction data bound to a reference thread security theme tag in the current thread service interaction data; the reference thread security event label and the reference thread security subject label have corresponding conditions;
and the data analysis module 220 is configured to perform collaborative security analysis processing on the reference thread security event interaction data and the thread security subject interaction data of the target.
On the basis of the above, please refer to fig. 3, which shows an artificial intelligence based network security data acquisition system 300, comprising a processor 310 and a memory 320, which are in communication with each other, wherein the processor 310 is configured to read a computer program from the memory 320 and execute the computer program to implement the above method.
On the basis of the above, there is also provided a computer-readable storage medium on which a computer program is stored, which when executed implements the above-described method.
On the basis, the embodiment of the present application provides a cloud platform, where the cloud platform includes a readable storage medium storing a program, and a computer program stored in the readable storage medium implements the method when running.
In summary, based on the above-mentioned solution, the reference thread security event interaction data and the reference thread security topic interaction data bound by the reference thread security event tag and the reference thread security topic tag having corresponding conditions in the current thread service interaction data can be collaboratively and safely analyzed, so as to ensure the corresponding conditions between the thread security event interaction data and the thread security topic interaction data, therefore, during thread security detection, thread security confirmation can be performed through the thread security topic interaction data of the object to be detected, thread security confirmation can be performed through the thread security event interaction data of the object to be detected, thread security confirmation can be performed by combining the thread security topic interaction data and the thread security event interaction data, thereby optimizing the thread security topic interaction data and the thread security event interaction data during the thread security confirmation, the method is favorable for improving the accuracy and the reliability of the object thread safety detection.
It should be appreciated that the system and its modules shown above may be implemented in a variety of ways. For example, in some embodiments, the system and its modules may be implemented in hardware, software, or a combination of software and hardware. Wherein the hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory and executed by a suitable instruction execution system, such as a microprocessor or specially designed hardware. Those skilled in the art will appreciate that the methods and systems described above may be implemented using computer executable instructions and/or embodied in processor control code, such code being provided, for example, on a carrier medium such as a diskette, CD-or DVD-ROM, a programmable memory such as read-only memory (firmware), or a data carrier such as an optical or electronic signal carrier. The system and its modules of the present application may be implemented not only by hardware circuits such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., but also by software executed by various types of processors, for example, or by a combination of the above hardware circuits and software (e.g., firmware).
It is to be noted that different embodiments may produce different advantages, and in different embodiments, any one or combination of the above advantages may be produced, or any other advantages may be obtained.
Having thus described the basic concept, it will be apparent to those skilled in the art that the foregoing detailed disclosure is to be considered merely illustrative and not restrictive of the broad application. Various modifications, improvements and adaptations to the present application may occur to those skilled in the art, although not explicitly described herein. Such modifications, improvements and adaptations are proposed in the present application and thus fall within the spirit and scope of the exemplary embodiments of the present application.
Also, this application uses specific language to describe embodiments of the application. Reference throughout this specification to "one embodiment," "an embodiment," and/or "some embodiments" means that a particular feature, structure, or characteristic described in connection with at least one embodiment of the present application is included in at least one embodiment of the present application. Therefore, it is emphasized and should be appreciated that two or more references to "an embodiment" or "one embodiment" or "an alternative embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, some features, structures, or characteristics of one or more embodiments of the present application may be combined as appropriate.
Moreover, those skilled in the art will appreciate that aspects of the present application may be illustrated and described in terms of several patentable species or situations, including any new and useful combination of processes, machines, manufacture, or materials, or any new and useful improvement thereon. Accordingly, various aspects of the present application may be embodied entirely in hardware, entirely in software (including firmware, resident software, micro-code, etc.) or in a combination of hardware and software. The above hardware or software may be referred to as "data block," module, "" engine, "" unit, "" component, "or" system. Furthermore, aspects of the present application may be represented as a computer product, including computer readable program code, embodied in one or more computer readable media.
The computer storage medium may comprise a propagated data signal with the computer program code embodied therewith, for example, on baseband or as part of a carrier wave. The propagated signal may take any of a variety of forms, including electromagnetic, optical, etc., or any suitable combination. A computer storage medium may be any computer-readable medium that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code located on a computer storage medium may be propagated over any suitable medium, including radio, cable, fiber optic cable, RF, or the like, or any combination of the preceding.
Computer program code required for the operation of various portions of the present application may be written in any one or more programming languages, including an object oriented programming language such as Java, Scala, Smalltalk, Eiffel, JADE, Emerald, C + +, C #, VB.NET, Python, and the like, a conventional programming language such as C, Visual Basic, Fortran 2003, Perl, COBOL 2002, PHP, ABAP, a dynamic programming language such as Python, Ruby, and Groovy, or other programming languages, and the like. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any form of network, such as a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet), or in a cloud computing environment, or as a service using, for example, software as a service (SaaS).
Additionally, the order in which elements and sequences of the processes described herein are processed, the use of alphanumeric characters, or the use of other designations, is not intended to limit the order of the processes and methods described herein, unless explicitly claimed. While various presently contemplated embodiments of the invention have been discussed in the foregoing disclosure by way of example, it is to be understood that such detail is solely for that purpose and that the appended claims are not limited to the disclosed embodiments, but, on the contrary, are intended to cover all modifications and equivalent arrangements that are within the spirit and scope of the embodiments herein. For example, although the system components described above may be implemented by hardware devices, they may also be implemented by software-only solutions, such as installing the described system on an existing server or mobile device.
Similarly, it should be noted that in the foregoing description of embodiments of the application, various features are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure aiding in the understanding of one or more of the embodiments. This method of disclosure, however, is not intended to imply that more features are required than are expressly recited in the claims. Indeed, the embodiments may be characterized as having less than all of the features of a single disclosed embodiment.
Where numerals describing the number of components, attributes or the like are used in some embodiments, it is to be understood that such numerals used in the description of the embodiments are modified in some instances by the modifier "about", "approximately" or "substantially". Unless otherwise indicated, "about", "approximately" or "substantially" indicates that the numbers allow for adaptive variation. Accordingly, in some embodiments, the numerical parameters used in the specification and claims are approximations that may vary depending upon the desired properties of the individual embodiments. In some embodiments, the numerical parameter should take into account the specified significant digits and employ a general digit preserving approach. Notwithstanding that the numerical ranges and parameters setting forth the broad scope of the range are approximations, in the specific examples, such numerical values are set forth as precisely as possible within the scope of the application.
The entire contents of each patent, patent application publication, and other material cited in this application, such as articles, books, specifications, publications, documents, and the like, are hereby incorporated by reference into this application. Except where the application is filed in a manner inconsistent or contrary to the present disclosure, and except where the claim is filed in its broadest scope (whether present or later appended to the application) as well. It is noted that the descriptions, definitions and/or use of terms in this application shall control if they are inconsistent or contrary to the statements and/or uses of the present application in the material attached to this application.
Finally, it should be understood that the embodiments described herein are merely illustrative of the principles of embodiments of the present application. Other variations are also possible within the scope of the present application. Thus, by way of example, and not limitation, alternative configurations of the embodiments of the present application can be viewed as being consistent with the teachings of the present application. Accordingly, the embodiments of the present application are not limited to only those embodiments explicitly described and depicted herein.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (10)
1. An artificial intelligence-based network security data acquisition method, characterized by at least comprising:
acquiring reference thread security event interactive data bound to a reference thread security event label in current thread service interactive data and reference thread security theme interactive data bound to a reference thread security theme label in the current thread service interactive data; the reference thread security event label and the reference thread security subject label have corresponding conditions;
and performing collaborative security analysis processing on the reference thread security event interactive data and the thread security subject interactive data of the target.
2. The method of claim 2, wherein the current thread traffic interaction data comprises thread traffic interaction data collected distributed across a current thread session data collection port; the obtaining of the reference thread security event interaction data bound to the reference thread security event tag in the current thread service interaction data and the reference thread security theme interaction data bound to the reference thread security theme tag in the current thread service interaction data includes:
performing correlation mining on the thread security event label and the thread security theme label covered by the current thread service interaction data based on the port division condition of the thread session data collection port as a first preset division condition to obtain a reference thread security event label and a reference thread security theme label with corresponding conditions;
and according to the thread security event set bound with the reference thread security event label and the thread security theme set bound with the reference thread security theme label, sequentially performing thread service interaction data feature extraction processing on the current thread service interaction data to obtain the reference thread security event interaction data bound with the thread security event set and the reference thread security theme interaction data bound with the thread security theme set.
3. The method of claim 1 or 3, wherein the obtaining of the reference thread security event interaction data bound to the reference thread security event tag in the current thread transaction interaction data and the reference thread security topic interaction data bound to the reference thread security topic tag in the current thread transaction interaction data comprises:
acquiring a first thread service interaction data processing result description which is transmitted by the thread session data collection port and bound with the current thread service interaction data based on the port division condition of the thread session data collection port as a second preset division condition;
describing a matching condition of a thread security event label and a thread security theme label in the current thread service interactive data and thread security event interactive data and thread security theme interactive data which are respectively bound by the thread security event label and the thread security theme label based on the processing result of the first thread service interactive data, and determining a reference thread security event label and a reference thread security theme label which have corresponding conditions in the current thread service interactive data based on the matching condition;
and obtaining reference thread security event interactive data bound with the reference thread security event label and reference thread security theme interactive data bound with the reference thread security theme label in the thread security event interactive data and the thread security theme interactive data covered by the first thread service interactive data processing result description.
4. The method of claim 3, wherein the method further comprises:
based on the first thread service interaction data processing result description, the matching condition is not included, correlation mining is carried out on the thread security event label and the thread security theme label covered by the current thread service interaction data, and a reference thread security event label and a reference thread security theme label with corresponding conditions are obtained;
and according to the thread security event set bound with the reference thread security event label and the thread security theme set bound with the reference thread security theme label, sequentially performing thread service interaction data feature extraction processing on the current thread service interaction data to obtain the reference thread security event interaction data bound with the thread security event set and the reference thread security theme interaction data bound with the thread security theme set.
5. The method of claim 4, wherein the obtaining of the reference thread security event interaction data bound to the reference thread security event tag in the current thread transaction interaction data and the reference thread security topic interaction data bound to the reference thread security topic tag in the current thread transaction interaction data comprises:
acquiring a second thread service interaction data processing result description which is transmitted by the thread session data collection port and bound with the current thread service interaction data based on the port division condition of the thread session data collection port as a third preset division condition; the second thread service interaction data processing result describes thread security event tags covered by the current thread service interaction data and thread security event interaction data bound with the thread security event tags;
performing label optimization and thread service interaction data feature extraction processing on the current thread service interaction data to obtain thread security protection subject labels covered by the current thread service interaction data and thread security protection subject interaction data bound with the thread security protection subject labels; performing correlation mining on the thread security event label covered by the second thread service interaction data processing result description and the obtained thread security theme label to obtain a reference thread security event label and a reference thread security theme label with corresponding conditions;
and determining reference thread security protection theme interactive data bound with the reference thread security protection theme label in the obtained thread security protection theme interactive data, and obtaining the reference thread security protection event interactive data bound with the reference thread security protection event label and covered by the processing result description of the second thread service interactive data.
6. The method of claim 5, wherein the obtaining of the reference thread security event interaction data bound to the reference thread security event tag in the current thread transaction interaction data and the reference thread security topic interaction data bound to the reference thread security topic tag in the current thread transaction interaction data comprises:
acquiring a third thread service interaction data processing result description which is transmitted by the thread session data collection port and bound with the current thread service interaction data based on the port division condition of the thread session data collection port as a fourth preset division condition;
the third thread service interaction data processing result description comprises a reference thread security event label and a reference thread security theme label which have corresponding conditions, reference thread security event interaction data bound with the reference thread security event label and reference thread security theme interaction data bound with the reference thread security theme label; and acquiring the reference thread security event label and the reference thread security subject label which are covered by the third thread service interaction data processing result description and have corresponding conditions, and reference thread security event interaction data bound with the reference thread security event label and reference thread security subject interaction data bound with the reference thread security subject label.
7. The method of claim 6, wherein the performing a collaborative security profiling process on the reference thread security event interaction data and the target thread security topic interaction data comprises:
generating a description result of the existing relation between the reference thread security event label and the reference thread security subject label according to the first key description of the reference thread security event label and the second key description of the reference thread security subject label;
and performing collaborative security analysis processing on the reference thread security event interactive data and the thread security subject interactive data of the target based on the description result of the existing connection.
8. The method of claim 7, further comprising:
obtaining thread security event description and thread security theme description; the thread security event description is obtained by performing characteristic feature extraction processing on the reference thread security event interaction data, and the thread security theme description is obtained by performing characteristic feature extraction processing on the reference thread security theme interaction data;
and/or obtaining thread security event identification and thread security subject identification; the thread security event identification is obtained by performing identification updating on the reference thread security event interaction data;
the thread security theme identification is obtained by carrying out identification updating on the reference thread security theme interactive data;
and collaboratively and safely analyzing and processing the thread security event description and the thread security subject description, and/or collaboratively and safely analyzing and processing the thread security event identifier and the thread security subject identifier.
9. An artificial intelligence based network security data acquisition system comprising a processor and a memory in communication with each other, the processor being configured to retrieve a computer program from the memory and to implement the method of any one of claims 1 to 8 by running the computer program.
10. A cloud platform comprising a readable storage medium storing a program to perform the method recited in claim 1.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210330162.6A CN114637994B (en) | 2022-03-31 | 2022-03-31 | Network security data acquisition method and system based on artificial intelligence and cloud platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210330162.6A CN114637994B (en) | 2022-03-31 | 2022-03-31 | Network security data acquisition method and system based on artificial intelligence and cloud platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114637994A true CN114637994A (en) | 2022-06-17 |
| CN114637994B CN114637994B (en) | 2022-09-30 |
Family
ID=81951689
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210330162.6A Active CN114637994B (en) | 2022-03-31 | 2022-03-31 | Network security data acquisition method and system based on artificial intelligence and cloud platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114637994B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130007137A1 (en) * | 2011-06-28 | 2013-01-03 | Microsoft Corporation | Electronic Conversation Topic Detection |
| CN112163156A (en) * | 2020-10-06 | 2021-01-01 | 翁海坤 | Big data processing method based on artificial intelligence and cloud computing and cloud service center |
| CN114218034A (en) * | 2021-11-03 | 2022-03-22 | 张俊杰 | Online office security processing method in big data scene and big data server |
-
2022
- 2022-03-31 CN CN202210330162.6A patent/CN114637994B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130007137A1 (en) * | 2011-06-28 | 2013-01-03 | Microsoft Corporation | Electronic Conversation Topic Detection |
| CN112163156A (en) * | 2020-10-06 | 2021-01-01 | 翁海坤 | Big data processing method based on artificial intelligence and cloud computing and cloud service center |
| CN114218034A (en) * | 2021-11-03 | 2022-03-22 | 张俊杰 | Online office security processing method in big data scene and big data server |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114637994B (en) | 2022-09-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10521224B2 (en) | Automatic identification of relevant software projects for cross project learning | |
| US9235410B2 (en) | Tracking software package dependencies using a graph model | |
| US10127147B2 (en) | Automated software compliance analysis | |
| US11106801B1 (en) | Utilizing orchestration and augmented vulnerability triage for software security testing | |
| CN113918937B (en) | Illegal event identification method and system based on big data | |
| LU503512B1 (en) | Operating method for construction of knowledge graph based on naming rule and caching mechanism | |
| CN112016138A (en) | Method and device for automatic safe modeling of Internet of vehicles and electronic equipment | |
| CN110866029A (en) | sql statement construction method, device, server and readable storage medium | |
| CN113609261A (en) | Vulnerability information mining method and device based on knowledge graph of network information security | |
| US20220405184A1 (en) | Method, electronic device, and computer program product for data processing | |
| CN106529281A (en) | Executable file processing method and device | |
| CN114637994B (en) | Network security data acquisition method and system based on artificial intelligence and cloud platform | |
| CN114329116B (en) | Artificial intelligence-based intelligent park resource matching degree analysis method and system | |
| CN111400414A (en) | Decision-making method and system based on standardized enterprise data and electronic equipment | |
| US9910925B2 (en) | Managing searches for information associated with a message | |
| CN115187191A (en) | Scientific research project progress monitoring method and system based on teaching centralized control management | |
| US20220350919A1 (en) | Fast and flexible remediation of sensitive information using document object model structures | |
| CN111209458A (en) | Data processing system and method for web crawler | |
| CN114691830B (en) | Network security analysis method and system based on big data | |
| CN113393523B (en) | Method and device for automatically monitoring computer room image and electronic equipment | |
| CN110727767B (en) | Method and system for expanding text sample | |
| CN114911534B (en) | Page information extraction method, setting method, device, electronic equipment and medium | |
| Sigvardsson | Code Cloning Habits Of The Jupyter Notebook Community | |
| CN114662861A (en) | Equipment point inspection personnel configuration method and system based on artificial intelligence | |
| CN115794609A (en) | Script sharing method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220913 Address after: Room 1210-1211, Block C, Gold Tower, Tuoji City Plaza, No. 683, Changjiang West Road, High-tech Zone, Hefei City, Anhui Province, 230031 Applicant after: Anhui Miyu Technology Co.,Ltd. Address before: 657000 No. 135, matiyan Road, Pingba village committee, Zhongtun Township, Zhenxiong County, Zhaotong City, Yunnan Province Applicant before: Yu Dequan |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: Room 1610, Building C, Tuoji City Plaza, No. 683 Changjiang West Road, High tech Zone, Hefei City, Anhui Province, 230031 Patentee after: Anhui Miyu Technology Co.,Ltd. Country or region after: Zhong Guo Address before: Room 1210-1211, Block C, Gold Tower, Tuoji City Plaza, No. 683, Changjiang West Road, High-tech Zone, Hefei City, Anhui Province, 230031 Patentee before: Anhui Miyu Technology Co.,Ltd. Country or region before: Zhong Guo |