CN115277235B - Software anomaly monitoring method based on blockchain - Google Patents
Software anomaly monitoring method based on blockchain Download PDFInfo
- Publication number
- CN115277235B CN115277235B CN202210916187.4A CN202210916187A CN115277235B CN 115277235 B CN115277235 B CN 115277235B CN 202210916187 A CN202210916187 A CN 202210916187A CN 115277235 B CN115277235 B CN 115277235B
- Authority
- CN
- China
- Prior art keywords
- data
- node
- subsystem
- blockchain
- detection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The invention discloses a software anomaly monitoring method based on a block chain, which is based on a distributed system and comprises a plurality of subsystems, wherein the subsystems interact data with a central database through a switching center, and the method comprises the following steps: collecting network flow data between the inside of the system and the outside network and log data in the system as data to be detected; after the data to be detected of each subsystem are summarized, the system analyzes the data and extracts the characteristics based on a deep learning method to obtain possible abnormal data; after the possible abnormal data are detected, the possible abnormal data are summarized to a checking and counting module, whether the abnormality reported by each subsystem is true or not is checked, and the detection accuracy is counted; establishing a alliance chain maintained by a system, and recording statistical abnormal data on the alliance chain; a consensus mechanism is established to determine the record rights of the nodes of the federation chain. The invention solves the defect of the current abnormal software detection and solves the limitation of the traditional abnormal recording mode represented by the log.
Description
Technical Field
The invention belongs to the technical field of computers, and particularly relates to a software anomaly monitoring method based on a blockchain.
Background
With the rapid development of information technology, computer and internet technologies are widely used in various fields, and meanwhile, the security of a computer system is also provided with a serious challenge, and the threat from computer viruses and hacking is also increased, so that the abnormality detection of software is difficult when a user accesses the computer. With the continuous development of the blockchain technology, the method brings various opportunities for government social management, judicial practice development and social management in the field of civilian life, and is widely applied in the field of social management. Blockchains are an important component of new generation information technology, and are novel database technology integrating multiple technologies such as distributed network, encryption technology, intelligent contract and the like. The integrated application of blockchain technology plays an important role in new technological innovations and industrial changes.
In the aspect of anomaly detection, although monitoring means and strategies are various, the accuracy of different methods is different, and the current advanced method is mainly based on deep learning, and analysis is performed on system flow, system logs and the like through methods such as log analysis, feature extraction and the like, and then anomaly detection is performed. The method for performing anomaly detection by deep learning can be divided into two types, namely a supervision type and an unsupervised type, wherein the supervision type comprises logistic regression, decision trees and the like, and the unsupervised type mainly comprises clustering and the like. Whereas, for various anomalies detected by the above-described method, the conventional method is mainly to record in the form of logs whose contents are not necessarily disclosed and may be tampered with.
Disclosure of Invention
In order to solve the problems, the invention provides a software anomaly monitoring method based on a blockchain, which solves the defects of the current anomaly software detection and the limitations of the traditional anomaly recording mode represented by logs.
In order to achieve the above purpose, the invention adopts the following technical scheme: a software anomaly monitoring method based on a block chain is based on a distributed system comprising a plurality of subsystems, wherein the subsystems interact data with a central database through a switching center, and the method comprises the following steps:
collecting network flow data between the inside of the system and the outside network and log data in the system as data to be detected;
after the data to be detected of each subsystem are summarized, the system analyzes the data and extracts the characteristics based on a deep learning method to obtain possible abnormal data; after the possible abnormal data are detected, the possible abnormal data are summarized to a checking and counting module, whether the abnormality reported by each subsystem is true or not is checked, and the detection accuracy is counted;
establishing a alliance chain maintained by a system, and recording statistical abnormal data on the alliance chain;
a consensus mechanism is established to determine the record rights of the nodes of the federation chain.
When the network flow between the inside of the system and the external network is collected, the firewall is utilized to collect the network flow in real time before the flow enters and exits the system, and the network flow is transferred to the first detection module, so that flow abnormality analysis is carried out based on a deep learning method.
Further, the log data in the system come from all subsystems in the system, and all subsystems in the system periodically gather the latest log content into a second detection module and perform log abnormality analysis based on a deep learning method.
Further, the alliance chain maintained by the system adopts a Fabric architecture, each subsystem is used as a Fabric node, and each node comprises a client, a network node, a CA node and a sequencing node; the network node is responsible for simulating transaction and accounting, and the CA node provides digital certificate service for each node of Fabric;
before the abnormal information found by each node is uplink, each node carries out digital signature on the abnormal information, then the signed data is delivered to the sequencing node, the sequencing node determines the uplink priority order of the information of each node according to a certain consensus mechanism, and meanwhile, the state database of the Fabric node is correspondingly updated.
Further, the abnormal information on the alliance chain is used for external inquiry, when an external legal registered user correctly inputs user name and password information, the system positions and extracts the abnormal information on a corresponding block according to the inquiry requirement of the user, encrypts the information and transmits the encrypted information to the user;
the encryption process uses a session key that is temporarily generated and has a short period of use.
Further, when a consensus mechanism is established, counting the accuracy of detection by adopting a PoW mechanism when sequencing nodes in a alliance chain decide an order; combining a rights and interests proving PoS mechanism, and determining the rights and interests of each node through the number and accuracy of anomaly detection; the greater the benefit, the greater the opportunity to obtain billing rights.
Further, after a certain number of blocks are added into a chain, the rights of the node with the largest rights are zeroed, so that the node is prevented from monopoly accounting rights.
Further, the system periodically screens out subsystems with always lower detection accuracy and changes the detection strategy of the subsystems.
The beneficial effect of adopting this technical scheme is:
the invention synthesizes various detection strategies, designs a distributed abnormality detection method, is deployed in each subsystem, the system takes relevant information of a collecting system from a network flow, a system real-time log and the like as detection samples, classifies and analyzes the samples by a deep learning method and the like, discovers possible abnormalities therefrom and reports the possible abnormalities to a special statistics and inspection module, and the module can summarize and further verify reported information to distinguish real abnormal behaviors.
According to the invention, by utilizing the characteristic that the blockchain is not tamperable, all subsystems jointly maintain a alliance chain, and abnormal information which is verified is recorded on the chain, so that the accuracy of the information and the detection reliability are ensured. By utilizing the characteristic that the blockchain is difficult to tamper, the invention records the exception on the alliance chain maintained by the system, ensures that the data information of the uplink cannot be tampered by a third party and cannot be repudiated. But also prevents unilateral modification of own history data. Because of the federation chain, only nodes inside the system may have accounting rights, which provides good protection against tamper attacks from outside, while even internal nodes want to sign at least half of the nodes' consent to content modification on the chain. In a word, the exception is recorded in a blockchain mode, so that the tamper attack on the log can be effectively resisted. Based on the distributed technology, each subsystem is provided with a complete account book, so that unilateral data loss and faults can be prevented, and the reality and reliability of a detection result are ensured. All subsystems commonly maintain a alliance chain, the alliance chain adopts a Fabric architecture, all the subsystems acquire digital certificates through CA nodes, and a series of operations such as encryption, signature and the like of the information to be uplinked are realized by utilizing symmetric and asymmetric cryptographic algorithms, so that the tamper-proof property of the information to be uplinked is further ensured.
The invention is based on anomaly analysis of deep learning. By using deep learning as a tool for anomaly analysis extraction, a large number of pre-trained depth models can be obtained, an existing anomaly detection algorithm can be combined, and the depth feature extraction has stronger dimension reduction capability than a common linear method. The method is easy to implement in view of the public availability of depth models and detection methods. The deep learning provides a method for enabling a computer to automatically learn mode features, and feature learning is integrated into a model building process, so that the incompleteness caused by artificial design features is reduced, and the accuracy of an abnormality detection process is greatly improved.
The invention also provides a consensus mechanism based on the PoS, which determines the priority order of the detected abnormality recorded by the subsystem on the chain, and further, the detection strategy can be further adjusted based on the priority order. The invention is designed by a multi-consensus mechanism. In particular, the uplink operation needs to determine the consensus mechanism on which the federation chain is based, so that the subsystems reach a unified agreement. In the system, in order to avoid the waste of calculation power, the most common PoW mechanism is not directly used, but is combined with the PoS mechanism, so that a benefit determination mode based on workload and working quality is formed, a mechanism for preventing individual node rights from being too large and enjoying absolute dominance to block chain accounting is designed, and the inherent defects of the PoW mechanism and the PoS mechanism are corrected. Meanwhile, an optimization mechanism of the detection strategy is introduced, and the strategy with low detection accuracy is replaced, so that the accuracy is further improved.
Drawings
FIG. 1 is a schematic diagram of a distributed system according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of an internal process flow of a subsystem according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating the monitoring method according to an embodiment of the present invention;
FIG. 4 is a diagram of a federated chain architecture in accordance with an embodiment of the present invention;
fig. 5 is a schematic diagram of the principle of the anti-monopoly mechanism in the embodiment of the invention.
Detailed Description
The present invention will be further described with reference to the accompanying drawings, in order to make the objects, technical solutions and advantages of the present invention more apparent.
In this embodiment, the present invention provides a software anomaly monitoring method based on blockchain, as shown in fig. 1, and the distributed system includes a plurality of subsystems, where the subsystems interact data with a central database through a switching center, as shown in fig. 3, and includes the steps of:
collecting network flow data between the inside of the system and the outside network and log data in the system as data to be detected;
after the data to be detected of each subsystem are summarized, the system analyzes the data and extracts the characteristics based on a deep learning method to obtain possible abnormal data; after the possible abnormal data are detected, the possible abnormal data are summarized to a checking and counting module, whether the abnormality reported by each subsystem is true or not is checked, and the detection accuracy is counted;
establishing a alliance chain maintained by a system, and recording statistical abnormal data on the alliance chain;
a consensus mechanism is established to determine the record rights of the nodes of the federation chain.
As shown in fig. 2 and 3, when network traffic between the inside and the outside of the system is collected, for safety, the firewall is used to collect the traffic in real time before the traffic enters and exits the system, and the traffic is transferred to the first detection module, and traffic abnormality analysis is performed based on a deep learning method, so that abnormal traffic can be prevented from entering and exiting more effectively.
The log data in the system come from each subsystem in the system, possible anomalies from the interior are recorded, the function of detecting internal attack and malicious nodes is achieved, the latest log content is collected to a second detection module by each subsystem in the system regularly, and log anomaly analysis is carried out based on a deep learning method.
As an optimization scheme of the embodiment, after the data to be detected of each subsystem are summarized, the system analyzes the data and extracts the characteristics based on a deep learning method to obtain possible abnormal data; after the possible abnormal data are detected, the possible abnormal data are summarized to a checking and counting module, whether the abnormality reported by each subsystem is true or not is checked, and the detection accuracy is counted.
After the data to be detected are summarized, the system analyzes the data based on the deep learning method and extracts the characteristics of the data, so that possible anomalies are analyzed, and the data can be specifically classified into supervised learning and unsupervised learning. In a larger scale distributed system, each subsystem may take a different approach. This also results in different detection accuracy and different types and numbers of attacks that may be encountered by different subsystems. Therefore, after detecting the possible anomalies, it is also necessary to aggregate them to a special checking and statistics module, which not only checks whether the anomalies reported by the subsystems are true, but also performs statistics on the accuracy of their detection.
As an optimization scheme of the above embodiment, as shown in fig. 4, the federation chain maintained by the system adopts a Fabric architecture, each subsystem is used as a Fabric node, and each node includes a client, a network node, a CA node and a sequencing node; the network node is responsible for simulating transaction and accounting, and the CA node provides digital certificate service for each node of Fabric;
before the abnormal information found by each node is uplink, each node carries out digital signature on the abnormal information, then the signed data is delivered to the sequencing node, the sequencing node determines the uplink priority order of the information of each node according to a certain consensus mechanism, and meanwhile, the state database of the Fabric node is correspondingly updated.
Preferably, the abnormal information on the alliance chain is used for external inquiry, when an external legal registered user correctly inputs user name and password information, the system positions and extracts the abnormal information on a corresponding block according to the inquiry requirement of the user, encrypts the information and transmits the encrypted information to the user;
to prevent an exhaustive attack on the key, this encryption process uses a session key that is temporarily generated and has a short period of use.
As an optimization scheme of the above embodiment, if the blockchain recording exception is adopted, the problem of who records in the decentralised system needs to be solved, and the solution is to introduce a proper consensus mechanism to determine the recording rights of each node. In the most widely used Proof of Work (PoW) mechanism, a great amount of calculation is needed to prove the workload to acquire the recording rights, which causes a waste of calculation force, and if the mechanism is directly used, only the workload (i.e. the detected abnormal number) is used as a measurement standard, the detected quality (i.e. accuracy) may be ignored.
When a consensus mechanism is established, counting the accuracy of detection by adopting a PoW mechanism when sequencing nodes in a alliance chain decide an order; combining a rights and interests proving PoS mechanism, and determining the rights and interests of each node through the number and accuracy of anomaly detection; the greater the benefit, the greater the opportunity to obtain billing rights.
It should be noted that, between the number and the accuracy, the accuracy is higher in priority, and the influence on the rights is greater.
As an optimization scheme of the above embodiment, the consensus mechanism combines the features of two mechanisms, namely PoW and PoS, but needs to solve two problems, namely, the "monopoly" problem under this equity mechanism: some situations may occur in which the node with higher detection accuracy and higher detection number has too much rights to "monopoly" the billing rights.
As shown in FIG. 5, after a certain number of blocks are added to the chain, the interests of the maximum interest node are zeroed, preventing the node from monopoly accounting rights.
Aiming at the problem that the accuracy of different detection strategies is different, the system periodically screens out subsystems with always lower detection accuracy and changes the detection strategies so as to improve the detection accuracy, so that monopoly problems possibly caused by nodes with high detection accuracy can be further avoided, and the low-accuracy nodes can increase the opportunity of participating in recording by changing the detection strategies.
The foregoing has shown and described the basic principles and main features of the present invention and the advantages of the present invention. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, and that the above embodiments and descriptions are merely illustrative of the principles of the present invention, and various changes and modifications may be made without departing from the spirit and scope of the invention, which is defined in the appended claims. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (7)
1. The software anomaly monitoring method based on the blockchain is characterized by comprising a plurality of subsystems, wherein the subsystems interact data with a central database through a switching center, and the method comprises the following steps:
collecting network flow data between the inside of the system and the outside network and log data in the system as data to be detected;
after the data to be detected of each subsystem are summarized, the system analyzes the data and extracts the characteristics based on a deep learning method to obtain possible abnormal data; after the possible abnormal data are detected, the possible abnormal data are summarized to a checking and counting module, whether the abnormality reported by each subsystem is true or not is checked, and the detection accuracy is counted;
establishing a alliance chain maintained by a system, and recording statistical abnormal data on the alliance chain; establishing a consensus mechanism to determine the recording rights of all nodes of the alliance chain;
when a consensus mechanism is established, counting the accuracy of detection by adopting a PoW mechanism when sequencing nodes in a alliance chain decide an order; combining a rights and interests proving PoS mechanism, and determining the rights and interests of each node through the number and accuracy of anomaly detection; the greater the benefit, the greater the opportunity to obtain billing rights.
2. The blockchain-based software anomaly monitoring method of claim 1, wherein when network traffic between the inside and the outside of the system is collected, the network traffic is collected in real time before entering and exiting the system by using a firewall and is transferred to the first detection module, and the flow anomaly analysis is performed based on a deep learning method.
3. The blockchain-based software exception monitoring method according to claim 1 or 2, wherein the log data in the system is from each subsystem in the system, and each subsystem in the system periodically gathers the latest log content into the second detection module, and performs log exception analysis based on a deep learning method.
4. The blockchain-based software exception monitoring method of claim 1, wherein the system-maintained coalition chain adopts a Fabric architecture, each subsystem is used as a Fabric node, each subsystem comprises a client, a network node and a CA node, and leads to a sequencing node; the network node is responsible for simulating transaction and accounting, and the CA node provides digital certificate service for each node of Fabric;
before the abnormal information found by each Fabric node is uplink, each Fabric node carries out digital signature on the abnormal information, then the signed data is delivered to a sequencing node, the sequencing node determines the uplink priority order of the information of each node according to a consensus mechanism, and meanwhile, a state database of the Fabric node is correspondingly updated.
5. The software anomaly monitoring method based on the blockchain as in claim 4, wherein anomaly information on the alliance chain is provided for external inquiry, when an external legal registered user correctly inputs user name password information, the system locates and extracts the anomaly information on a corresponding block according to the inquiry requirement of the user, encrypts the information and transmits the encrypted information to the user;
the encryption process uses a session key that is temporarily generated and has a short period of use.
6. The blockchain-based software exception monitoring method of claim 1, wherein the zeroing of the interests of the largest node of interest after a certain number of blocks are added to the chain prevents the node from monopolizing the accounting rights.
7. The blockchain-based software exception monitoring method of claim 6, wherein the system periodically screens out subsystems whose detection accuracy is always low and replaces their detection strategies.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210916187.4A CN115277235B (en) | 2022-08-01 | 2022-08-01 | Software anomaly monitoring method based on blockchain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210916187.4A CN115277235B (en) | 2022-08-01 | 2022-08-01 | Software anomaly monitoring method based on blockchain |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115277235A CN115277235A (en) | 2022-11-01 |
CN115277235B true CN115277235B (en) | 2023-08-22 |
Family
ID=83747967
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210916187.4A Active CN115277235B (en) | 2022-08-01 | 2022-08-01 | Software anomaly monitoring method based on blockchain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115277235B (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109934710A (en) * | 2018-11-08 | 2019-06-25 | 杭州基尔区块链科技有限公司 | The intelligent common recognition mechanism suitable for intellectual property alliance chain based on bilateral card |
CN110958136A (en) * | 2019-11-11 | 2020-04-03 | 国网山东省电力公司信息通信公司 | Deep learning-based log analysis early warning method |
CN111163165A (en) * | 2019-12-28 | 2020-05-15 | 北京工业大学 | Voting consensus method based on Fabric alliance chain |
WO2021203797A1 (en) * | 2020-04-07 | 2021-10-14 | 南京邮电大学 | Alliance chain-based method for storing vehicle maintenance and servicing data |
CN113592677A (en) * | 2021-05-08 | 2021-11-02 | 河海大学 | Education certificate management system based on alliance chain and building method |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190370793A1 (en) * | 2018-06-04 | 2019-12-05 | Decentralized Finance Labs, Inc. | Hybrid consensus for blockchain using proof of work and proof of stake |
-
2022
- 2022-08-01 CN CN202210916187.4A patent/CN115277235B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109934710A (en) * | 2018-11-08 | 2019-06-25 | 杭州基尔区块链科技有限公司 | The intelligent common recognition mechanism suitable for intellectual property alliance chain based on bilateral card |
CN110958136A (en) * | 2019-11-11 | 2020-04-03 | 国网山东省电力公司信息通信公司 | Deep learning-based log analysis early warning method |
CN111163165A (en) * | 2019-12-28 | 2020-05-15 | 北京工业大学 | Voting consensus method based on Fabric alliance chain |
WO2021203797A1 (en) * | 2020-04-07 | 2021-10-14 | 南京邮电大学 | Alliance chain-based method for storing vehicle maintenance and servicing data |
CN113592677A (en) * | 2021-05-08 | 2021-11-02 | 河海大学 | Education certificate management system based on alliance chain and building method |
Non-Patent Citations (1)
Title |
---|
Fabric defect detection based on deep-feature and low-rank decomposition;zhoufeng liu‘等;《Journal of engineered fibers and fabrics》;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN115277235A (en) | 2022-11-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112651006B (en) | Power grid security situation sensing system | |
CN107483455B (en) | Flow-based network node anomaly detection method and system | |
Garcia-Teodoro et al. | Anomaly-based network intrusion detection: Techniques, systems and challenges | |
CN101803337B (en) | Intrusion detection method and system | |
Wan et al. | Feature-selection-based ransomware detection with machine learning of data analysis | |
Jiang et al. | Anomaly detection via one class SVM for protection of SCADA systems | |
CN112306019A (en) | Industrial control safety audit system based on protocol deep analysis and application thereof | |
Jia et al. | Big-data analysis of multi-source logs for anomaly detection on network-based system | |
CN114785563B (en) | Encryption malicious traffic detection method of soft voting strategy | |
CN115883236A (en) | Power grid intelligent terminal cooperative attack monitoring system | |
Chen et al. | An effective metaheuristic algorithm for intrusion detection system | |
CN109995722A (en) | Magnanimity detection data analysis system towards APT protection | |
Marino et al. | Data-driven correlation of cyber and physical anomalies for holistic system health monitoring | |
CN113645215B (en) | Abnormal network traffic data detection method, device, equipment and storage medium | |
CN115277235B (en) | Software anomaly monitoring method based on blockchain | |
KR20070077517A (en) | Profile-based web application intrusion detection system and the method | |
CN115883213B (en) | APT detection method and system based on continuous time dynamic heterogeneous graph neural network | |
CN111490976A (en) | Dynamic baseline management and monitoring method for industrial control network | |
Liao et al. | Research on network intrusion detection method based on deep learning algorithm | |
CN115766235A (en) | Network security early warning system and early warning method | |
Xu | Research on network intrusion detection method based on machine learning | |
Xu et al. | [Retracted] Method of Cumulative Anomaly Identification for Security Database Based on Discrete Markov chain | |
Hong et al. | Intrusion prevention system in the network of digital mine | |
Wei et al. | Extracting novel attack strategies for industrial cyber-physical systems based on cyber range | |
Srivastav et al. | Evaluation of network intrusion detection system using PCA and NBA |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |