CN115001754B - Network security system capable of monitoring sensitive digital information transmission in real time - Google Patents

Network security system capable of monitoring sensitive digital information transmission in real time Download PDF

Info

Publication number
CN115001754B
CN115001754B CN202210522828.8A CN202210522828A CN115001754B CN 115001754 B CN115001754 B CN 115001754B CN 202210522828 A CN202210522828 A CN 202210522828A CN 115001754 B CN115001754 B CN 115001754B
Authority
CN
China
Prior art keywords
file
unit
suspected
files
computer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210522828.8A
Other languages
Chinese (zh)
Other versions
CN115001754A (en
Inventor
袁俊杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guoke Huadun Beijing Technology Co ltd
Original Assignee
Guoke Huadun Beijing Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guoke Huadun Beijing Technology Co ltd filed Critical Guoke Huadun Beijing Technology Co ltd
Priority to CN202210522828.8A priority Critical patent/CN115001754B/en
Publication of CN115001754A publication Critical patent/CN115001754A/en
Application granted granted Critical
Publication of CN115001754B publication Critical patent/CN115001754B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Virology (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to a network security system, in particular to a network security system capable of monitoring sensitive digital information transmission in real time. It includes file discernment module, file monitoring module, file test module, state acquisition module and file processing module, wherein: the file identification module sensitively identifies files in the computer and files being transmitted to the computer to obtain sensitive information files, virus files and suspected files; the file monitoring module monitors a sensitive information file; the file testing module isolates the suspected file from the computer and tests the suspected file; in the network security system capable of monitoring the transmission of the sensitive digital information in real time, the suspected file is tested and isolated by starting the suspected file, and then the operation condition of the virtual machine after the file is started is detected to judge the suspected file, so that the suspected file can obtain an accurate structure without influencing the operation of a computer.

Description

Network security system capable of monitoring sensitive digital information transmission in real time
Technical Field
The invention relates to a network security system, in particular to a network security system capable of monitoring sensitive digital information transmission in real time.
Background
The sensitive information comprises personal data information and virus files, and when the virus files invade the computer, the virus files can acquire the personal data information in the computer, so that the information is leaked. For this reason, a network security system is provided, which is a security system established to prevent and avoid attacks and intrusions to secure information on the network.
However, in the current virus file detection method, the comparison is performed through keywords, and when the similarity reaches a specified threshold, the file is identified as a virus file, but whether the file is a virus file cannot be accurately judged through the similarity method, and keywords of some normal files are easily similar to the virus file, so that the normal files are also identified as virus files, and the transmission of the normal files is affected.
Disclosure of Invention
The present invention is directed to a network security system capable of monitoring sensitive digital information transmission in real time, so as to solve the problems in the background art.
In order to achieve the above object, a network security system capable of real-time monitoring sensitive digital information transmission is provided, which comprises a file identification module, a file monitoring module, a file testing module, a state acquisition module and a file processing module, wherein:
the file identification module carries out sensitive identification on files in the computer and files being transmitted to the computer to obtain sensitive information files, virus files and suspected files;
the file monitoring module monitors the sensitive information file;
the file testing module isolates the suspected file from the computer and tests the suspected file;
the state acquisition module acquires the test state of the suspected file and operates the suspected file according to the acquisition result;
and the file processing module isolates the sensitive information file from the computer when the computer is attacked by the virus file.
As a further improvement of the present technical solution, the document identification module includes a keyword retrieval unit, a content identification unit, and a document deletion unit;
the keyword retrieval unit retrieves files in the computer and files being transmitted to the computer to obtain sensitive information files, virus files and suspected files;
the content identification unit identifies an image file in the computer to obtain a sensitive information file;
and the file deleting unit deletes the virus file.
As a further improvement of the technical scheme, the file monitoring module comprises a file storage unit and a state acquisition unit;
the file storage unit stores the sensitive information file;
and the state acquisition unit monitors the stored sensitive information file in real time.
As a further improvement of the technical scheme, the content for monitoring the stored sensitive information file in real time comprises file modification, file addition and file new creation.
As a further improvement of the technical scheme, the file testing module comprises a virtual machine unit and a file starting unit,
the virtual machine unit isolates the suspected file from the computer;
and the file starting unit starts the suspected file in the virtual machine unit.
As a further improvement of the technical solution, the state acquisition module includes a network speed acquisition unit, a processor acquisition unit, a disk acquisition unit, an analysis unit, and an execution unit, wherein:
the network speed acquisition unit acquires the access speed of a network in the virtual machine unit;
the processor acquisition unit acquires the processor occupancy rate in the virtual machine unit;
the disk acquisition unit acquires the disk space occupancy rate in the virtual machine unit;
the analysis unit analyzes the suspected file according to the acquisition results of the network speed acquisition unit, the processor acquisition unit and the disk acquisition unit; the execution unit executes corresponding operation according to the analysis result, and when the analysis result is a virus file, the execution unit gives an alarm and deletes the virus file; and when the analysis result is a normal file, the execution unit transfers the correction normal file into the computer.
As a further improvement of the technical solution, the analysis unit analyzes the suspected file by using a compare algorithm, and an algorithm formula of the compare algorithm is as follows:
Figure SMS_1
Figure SMS_2
in the formula (I), the compound is shown in the specification,
Figure SMS_4
a threshold value for determining a suspected file as a virus; />
Figure SMS_6
Is->
Figure SMS_9
The subscript of (1) is used for distinguishing the occupied threshold values of the suspected files on the network speed, the processor and the disk; />
Figure SMS_5
The working state of the suspected file is obtained; />
Figure SMS_7
Indicating an operative status of a suspect file>
Figure SMS_10
Threshold value>
Figure SMS_11
(ii) a 0 signifies the operative status of a suspect file>
Figure SMS_3
Threshold value->
Figure SMS_8
As a further improvement of the technical proposal, the file processing module comprises a file transfer unit,
and the file transfer unit transfers the sensitive information file stored in the computer to the virtual machine unit.
As a further improvement of the technical proposal, the file processing module also comprises a transfer recording unit, a file comparison unit and a file covering unit,
the transfer recording unit records the normal file transferred by the execution unit to obtain file information;
the file comparison unit compares the sensitive information file transferred by the file transfer unit according to the file information to obtain new sensitive information and old sensitive information; and the file covering unit covers the old sensitive information through the new sensitive information.
As a further improvement of the present technical solution, the file comparison unit compares by time.
Compared with the prior art, the invention has the following beneficial effects:
1. in the network security system capable of monitoring the transmission of the sensitive digital information in real time, the suspected file is tested and isolated by starting the suspected file, and then the operation condition of the virtual machine after the file is started is detected to judge the suspected file, so that the suspected file can obtain an accurate structure without influencing the operation of a computer.
2. In the network security system capable of monitoring the transmission of the sensitive digital information in real time, by utilizing the characteristic of isolating the virtual machine from the computer, when the computer is attacked by viruses, the sensitive information file can be transferred into the virtual machine, so that the secondary utilization of the virtual machine is realized, and the sensitive information file is protected conveniently.
3. In the network security system capable of monitoring the transmission of the sensitive digital information in real time, the sensitive information is repeatedly checked and covered through the transfer record of the virtual machine, so that the repetition rate of the sensitive information is reduced, and the occupancy rate of a disk is reduced.
Drawings
FIG. 1 is a schematic diagram of the overall module workflow of the present invention;
FIG. 2 is a schematic diagram of the workflow of the document testing module according to the present invention;
FIG. 3 is a schematic diagram of a work flow of a document processing module according to the present invention.
The various reference numbers in the figures mean:
100. a document discrimination module; 110. a keyword search unit; 120. a content identification unit; 130. a file deletion unit;
200. a file monitoring module; 210. a file storage unit; 220. a state acquisition unit;
300. a file testing module; 310. a virtual machine unit; 320. a file starting unit;
400. a state acquisition module; 410. a network speed acquisition unit; 420. a processor acquisition unit; 430. a disk acquisition unit; 440. an analysis unit; 450. an execution unit;
500. a file processing module; 510. a file transfer unit; 520. a transfer recording unit; 530. a file comparison unit; 540. and a file covering unit.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.
In the description of the present invention, it is to be understood that the terms "center", "longitudinal", "lateral", "length", "width", "thickness", "upper", "lower", "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", "clockwise", "counterclockwise", and the like, indicate orientations and positional relationships based on those shown in the drawings, and are used only for convenience of description and simplicity of description, and do not indicate or imply that the equipment or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be considered as limiting the present invention.
A first embodiment, please refer to fig. 1-3, which provides a network security system capable of real-time monitoring sensitive digital information transmission, comprising a document identification module 100, a document monitoring module 200, a document testing module 300, a status acquiring module 400, and a document processing module 500, wherein:
the file identification module 100 sensitively identifies files in the computer and files being transmitted to the computer to obtain sensitive information files, virus files and suspected files;
the file monitoring module 200 monitors the sensitive information file;
the file testing module 300 isolates the suspected file from the computer and tests the suspected file;
the state acquisition module 400 acquires the test state of the suspected file and operates the suspected file according to the acquisition result;
the file processing module 500 isolates the sensitive information file from the computer when the computer is attacked by the virus file.
Further, the document discrimination module 100 includes a keyword retrieval unit 110, a content identification unit 120, and a document deletion unit 130;
the keyword search unit 110 searches the files in the computer and the files being transmitted to the computer to obtain sensitive information files, virus files and suspected files;
the content identification unit 120 identifies image files in the computer to obtain sensitive information files, and by performing keyword retrieval and content identification on the files, sensitive information (such as login passwords, identification card numbers, identification card photos, mobile phone numbers and the like of each software) and viruses (which can influence the abnormal work of the computer and steal the sensitive information in the computer) of people can be identified;
the file deleting unit 130 deletes the virus file to prevent the virus from stealing the privacy of the individual or damaging the computer.
Further, the file monitoring module 200 includes a file storage unit 210 and a state acquisition unit 220;
the file storage unit 210 stores the sensitive information file, so that the sensitive information can be stored in a centralized manner and stored in a classified manner with other files in the computer, and the operation on the sensitive information is facilitated;
the state acquisition unit 220 monitors the stored sensitive information file in real time, and considering that there are various propagation ways of computer viruses, when a U disk carrying viruses is connected with a computer, the viruses still can enter the computer, and therefore, through monitoring the sensitive information file, after the sensitive information file changes, the state acquisition unit 220 starts to alarm.
Furthermore, the content of monitoring the stored sensitive information file in real time comprises file modification, file addition and file new creation, and considering that the sensitive information file is more important, the monitoring of the file modification, the file addition and the new creation is carried out comprehensively, so that the monitoring precision of the sensitive information file is improved.
Specifically, the file testing module 300 includes a virtual machine unit 310 and a file starting unit 320, where the virtual machine unit 310 isolates a suspected file from the computer;
the file starting unit 320 starts the suspected file in the virtual machine unit 310, considering that the suspected file still has a certain risk, if the start test is performed in the computer, the computer is still easily damaged, and therefore, by creating the virtual machine in the computer and moving the suspected file into the virtual machine for the start test, even if the suspected file is a virus, the suspected file cannot enter the computer through the virtual machine.
In addition, the state acquiring module 400 includes a network speed acquiring unit 410, a processor acquiring unit 420, a disk acquiring unit 430, an analyzing unit 440, and an executing unit 450, wherein:
the network speed acquisition unit 410 acquires the access speed of the network in the virtual machine unit 310;
the processor acquisition unit 420 acquires the processor occupancy rate in the virtual machine unit 310;
the disk acquisition unit 430 acquires the disk space occupancy rate in the virtual machine unit 310;
the analysis unit 440 analyzes the suspected file according to the acquisition results of the network speed acquisition unit 410, the processor acquisition unit 420 and the disk acquisition unit 430; it is known that computer viruses are characterized by being destructive, which manifests as occupying processing time and memory overhead, thereby causing process congestion; destroying data or files; disturbing the display of the screen, etc. Therefore, by collecting and analyzing the access speed, the processor occupancy rate and the disk space occupancy rate of the network in the virtual machine, after a suspected file is started, if one of the access speed, the processor occupancy rate and the disk space occupancy rate of the network in the virtual machine is rapidly increased, the file can be regarded as a virus file.
The execution unit 450 executes corresponding operations according to the analysis result, and when the analysis result is a virus file, the execution unit 450 alarms and deletes the virus file; when the analysis result is a normal file, the execution unit 450 transfers the correction normal file to the computer.
Further, the analysis unit 440 analyzes the suspected file by using a compare algorithm, which has the following formula:
Figure SMS_12
Figure SMS_13
in the formula (I), the compound is shown in the specification,
Figure SMS_16
a threshold value for determining a suspected file as a virus; />
Figure SMS_17
Is->
Figure SMS_20
The subscript of (1) is used for distinguishing the occupied threshold values of the suspected files on the network speed, the processor and the disk; />
Figure SMS_15
The working state of the suspected file is obtained; />
Figure SMS_19
Indicating an operative status of a suspect file>
Figure SMS_22
Threshold value>
Figure SMS_24
(ii) a That is to say when +>
Figure SMS_14
When the working state of the suspected file is smaller than the threshold value, the suspected file belongs to a normal file; 0 denotes the operating status of a suspect file>
Figure SMS_18
Threshold value->
Figure SMS_21
That is to say when +>
Figure SMS_23
And if so, the working state of the suspected file is greater than or equal to the threshold value and belongs to the virus file.
Still further, the file processing module 500 includes a file transfer unit 510, where the file transfer unit 510 transfers the sensitive information file stored in the computer to the virtual machine unit 310, as mentioned above, there are various propagation ways of computer viruses, and after the usb disk carrying viruses is connected to the computer, the viruses still can enter the computer, and in order to prevent the viruses from acquiring the sensitive information file, the sensitive information file is transferred to the virtual machine unit 310, and the viruses in the computer cannot enter the virtual machine, that is, the sensitive information file cannot be acquired.
A second embodiment, which is implemented on the basis of the first embodiment, in consideration of that the service time of the computer is longer, the number of sensitive information files in the computer is gradually increased, but some sensitive information data may be changed, such as a mobile phone number, a login password, a newly-taken id card photo, and the like, and the sensitive information only needs to be stored in one piece, but after the change is completed, the old sensitive information is still stored in the computer, which causes the disk occupancy rate of the computer to be increased, and if the old sensitive information is covered, the scanning of the sensitive information is slower due to more data in the computer, for this reason, the file processing module 500 further includes a transfer recording unit 520, a file comparison unit 530 and a file covering unit 540, and the transfer recording unit 520 records the normal file transferred by the execution unit 450, so as to obtain the file information;
the file comparison unit 530 compares the sensitive information file transferred by the file transfer unit 510 according to the file information to obtain new sensitive information and old sensitive information, and the file comparison unit 530 compares the new sensitive information and the old sensitive information by time; when information enters the virtual machine unit 310 through a network and is tested without abnormality, the information is recorded and transferred, then only information records exist in the virtual machine unit 310, when files in the computer are transferred into the virtual machine unit 310, sensitive information files are checked for duplication through the information records, then the time of the duplicated sensitive information files is compared through the file comparison unit 530, the files with the operation time closer to the local time are new sensitive information, otherwise, the files are old sensitive information, and the file covering unit 540 covers the old sensitive information through the new sensitive information, so that the sensitive information is updated, and meanwhile, the space occupation of the sensitive information is reduced, namely, the virtual machine unit 310 can achieve the effects of testing suspected files, isolating the sensitive information files from the computer, covering the duplicated sensitive information files and the like.
The foregoing shows and describes the general principles, essential features, and advantages of the invention. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, and the preferred embodiments of the present invention are described in the above embodiments and the description, and are not intended to limit the present invention. The scope of the invention is defined by the appended claims and equivalents thereof.

Claims (8)

1. A network security system for monitoring sensitive digital information transmissions in real time, comprising: the file identification module (100), the file monitoring module (200), the file testing module (300), the state acquisition module (400) and the file processing module (500) are included, wherein:
the file identification module (100) sensitively identifies files in the computer and files being transmitted to the computer to obtain sensitive information files, virus files and suspected files;
the file monitoring module (200) monitors the sensitive information file;
the file testing module (300) isolates the suspected file from the computer and tests the suspected file;
the state acquisition module (400) acquires the test state of the suspected file and operates the suspected file according to the acquisition result;
the file processing module (500) isolates the sensitive information file from the computer when the computer is attacked by the virus file;
the file testing module (300) comprises a virtual machine unit (310) and a file starting unit (320);
the virtual machine unit (310) isolates the suspected file from the computer;
the file starting unit (320) starts a suspected file in the virtual machine unit (310);
the state acquisition module (400) comprises a network speed acquisition unit (410), a processor acquisition unit (420), a disk acquisition unit (430), an analysis unit (440) and an execution unit (450), wherein:
the network speed acquisition unit (410) acquires the access speed of a network in the virtual machine unit (310);
the processor acquisition unit (420) acquires the processor occupancy rate in the virtual machine unit (310);
the disk acquisition unit (430) acquires the disk space occupancy rate in the virtual machine unit (310);
the analysis unit (440) analyzes the suspected file according to the acquisition results of the network speed acquisition unit (410), the processor acquisition unit (420) and the disk acquisition unit (430); the execution unit (450) executes corresponding operation according to the analysis result, and when the analysis result is a virus file, the execution unit (450) gives an alarm and deletes the virus file; when the analysis result is a normal file, the execution unit (450) transfers the correction normal file into the computer.
2. A network security system that can monitor sensitive digital information transmissions in real time as recited in claim 1, wherein: the document discrimination module (100) includes a keyword retrieval unit (110), a content recognition unit (120), and a document deletion unit (130);
the keyword retrieval unit (110) retrieves the files in the computer and the files being transmitted to the computer to obtain sensitive information files, virus files and suspected files;
the content identification unit (120) identifies the image file in the computer to obtain a sensitive information file;
the file deleting unit (130) deletes the virus file.
3. A network security system that can monitor sensitive digital information transmissions in real time as recited in claim 2, wherein: the file monitoring module (200) comprises a file storage unit (210) and a state acquisition unit (220);
the file storage unit (210) stores sensitive information files;
and the state acquisition unit (220) monitors the stored sensitive information file in real time.
4. A network security system that can monitor sensitive digital information transmissions in real time as recited in claim 3, wherein: the content for monitoring the stored sensitive information file in real time comprises modification of the file, addition of the file and new establishment of the file.
5. A network security system that can monitor sensitive digital information transmissions in real time as recited in claim 1, wherein: the analysis unit (440) analyzes the suspected file by adopting a compare algorithm, wherein the algorithm formula is as follows:
Figure QLYQS_1
Figure QLYQS_2
in the formula (I), the compound is shown in the specification,
Figure QLYQS_5
a threshold value for determining a suspected file as a virus; />
Figure QLYQS_8
Is->
Figure QLYQS_10
The subscript of (1) is used for distinguishing the occupied threshold values of the suspected files on the network speed, the processor and the disk; />
Figure QLYQS_4
The working state of the suspected file is obtained; />
Figure QLYQS_6
Indicating an operative status of a suspect file>
Figure QLYQS_9
Threshold value->
Figure QLYQS_11
(ii) a 0 signifies the operative status of a suspect file>
Figure QLYQS_3
Threshold value->
Figure QLYQS_7
6. A network security system that can monitor sensitive digital information transmissions in real time as recited in claim 1, wherein: the file handling module (500) comprises a file transfer unit (510),
the file transfer unit (510) transfers the sensitive information file stored in the computer to the virtual machine unit (310).
7. A network security system that can monitor sensitive digital information transmissions in real time as recited in claim 6, wherein: the file processing module (500) further comprises a transfer recording unit (520), a file comparison unit (530) and a file covering unit (540);
the transfer recording unit (520) records the normal file transferred by the execution unit (450) to obtain file information;
the file comparison unit (530) compares the sensitive information file transferred by the file transfer unit (510) according to the file information to obtain new sensitive information and old sensitive information; the file overwriting unit (540) overwrites old sensitive information with new sensitive information.
8. A network security system that can monitor sensitive digital information transmissions in real time as recited in claim 7, wherein: the file comparison unit (530) compares by time.
CN202210522828.8A 2022-05-13 2022-05-13 Network security system capable of monitoring sensitive digital information transmission in real time Active CN115001754B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210522828.8A CN115001754B (en) 2022-05-13 2022-05-13 Network security system capable of monitoring sensitive digital information transmission in real time

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210522828.8A CN115001754B (en) 2022-05-13 2022-05-13 Network security system capable of monitoring sensitive digital information transmission in real time

Publications (2)

Publication Number Publication Date
CN115001754A CN115001754A (en) 2022-09-02
CN115001754B true CN115001754B (en) 2023-04-07

Family

ID=83027880

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210522828.8A Active CN115001754B (en) 2022-05-13 2022-05-13 Network security system capable of monitoring sensitive digital information transmission in real time

Country Status (1)

Country Link
CN (1) CN115001754B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012064208A (en) * 2010-09-15 2012-03-29 Chunghwa Telecom Co Ltd Network virus prevention method and system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9681304B2 (en) * 2013-02-22 2017-06-13 Websense, Inc. Network and data security testing with mobile devices
CN104601568B (en) * 2015-01-13 2019-05-21 深信服科技股份有限公司 Virtualization security isolation method and device
CN107896215A (en) * 2017-11-24 2018-04-10 北京国网富达科技发展有限责任公司 A kind of dispositions method and device of the intruding detection system based on virtual machine
CN107864153A (en) * 2017-12-11 2018-03-30 江苏恒信和安电子科技有限公司 A kind of internet worm method for early warning based on network security sensor
CN110881049B (en) * 2019-12-16 2022-02-15 淮安信息职业技术学院 Computer network safety intelligent control system
CN111737696A (en) * 2020-06-28 2020-10-02 杭州安恒信息技术股份有限公司 Method, system and equipment for detecting malicious file and readable storage medium

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012064208A (en) * 2010-09-15 2012-03-29 Chunghwa Telecom Co Ltd Network virus prevention method and system

Also Published As

Publication number Publication date
CN115001754A (en) 2022-09-02

Similar Documents

Publication Publication Date Title
CN101751535B (en) Data loss protection through application data access classification
EP3721365B1 (en) Methods, systems and apparatus to mitigate steganography-based malware attacks
CN110912884A (en) Detection method, detection equipment and computer storage medium
KR101132197B1 (en) Apparatus and Method for Automatically Discriminating Malicious Code
US9984234B2 (en) Secure document importation via portable media
WO2014103115A1 (en) Illicit intrusion sensing device, illicit intrusion sensing method, illicit intrusion sensing program, and recording medium
US10482240B2 (en) Anti-malware device, anti-malware system, anti-malware method, and recording medium in which anti-malware program is stored
US11698962B2 (en) Method for detecting intrusions in an audit log
CN111581621A (en) Data security processing method, device, system and storage medium
CN109800569A (en) Program identification method and device
KR102263111B1 (en) Method for data security management and recording medium recording program for performing the method
CN115001754B (en) Network security system capable of monitoring sensitive digital information transmission in real time
JP4843546B2 (en) Information leakage monitoring system and information leakage monitoring method
KR20160133927A (en) Apparatus and method for detecting rooting from terminal based on android system
Ramadhan et al. Forensic malware identification using naive bayes method
US20230315855A1 (en) Exact restoration of a computing system to the state prior to infection
CN111125701B (en) File detection method, equipment, storage medium and device
CN114091609A (en) Computer network information security event processing method
CN114707144A (en) Virtual machine escape behavior detection method and device
CN113572776A (en) Illegal intrusion detection device and method
WO2021144978A1 (en) Attack estimation device, attack estimation method, and attack estimation program
CN114186278A (en) Database abnormal operation identification method and device and electronic equipment
CN113395268A (en) Online and offline fusion-based web crawler interception method
CN115238324B (en) Computer protection system and method based on management use audit safety
CN117744055A (en) Intelligent device file data leakage prevention method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant