CN115422536A - Data processing method and server based on cloud computing - Google Patents

Data processing method and server based on cloud computing Download PDF

Info

Publication number
CN115422536A
CN115422536A CN202211102682.8A CN202211102682A CN115422536A CN 115422536 A CN115422536 A CN 115422536A CN 202211102682 A CN202211102682 A CN 202211102682A CN 115422536 A CN115422536 A CN 115422536A
Authority
CN
China
Prior art keywords
office
threat
potential
activity data
collaborative
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202211102682.8A
Other languages
Chinese (zh)
Inventor
邓宝
倪家镇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202211102682.8A priority Critical patent/CN115422536A/en
Publication of CN115422536A publication Critical patent/CN115422536A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/103Workflow collaboration or project management

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Human Resources & Organizations (AREA)
  • Strategic Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Entrepreneurship & Innovation (AREA)
  • General Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Tourism & Hospitality (AREA)
  • Economics (AREA)
  • Quality & Reliability (AREA)
  • Operations Research (AREA)
  • Data Mining & Analysis (AREA)
  • Marketing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a data processing method and a server based on cloud computing, wherein an information risk trend report of a digital office session corresponding to-be-processed cooperative office activity data is determined through a derived dynamic threat event relation network; determining office threat trend characteristics based on the information risk trend report; generating a threat coping strategy for the digital office session through the office threat trend feature.

Description

Data processing method and server based on cloud computing
The application is a divisional application with the application number of '2022103818755', the application date of '20220413' and the application name of 'a data processing method and a server for handling cloud computing office threats'.
Technical Field
The invention relates to the technical field of cloud computing, in particular to a data processing method and a server based on cloud computing.
Background
The "cloud" is one of the hottest concepts in the internet industry. With the rapid development of the internet, especially the convenience of the mobile internet, data explosion has led to an exponential increase in the demand of individuals and enterprises for data processing power and storage space. The cloud computing technology has gradually become the first choice for transformation in various fields due to its powerful data processing and massive data storage capability. Taking online office as an example, the integration of online office and cloud computing can significantly improve office efficiency and reduce unnecessary cost overhead. However, for security processing in cloud computing office, there is a few techniques that can accurately and comprehensively perform office threat analysis.
Disclosure of Invention
The invention provides a data processing method and a server based on cloud computing, and adopts the following technical scheme in order to achieve the technical purpose.
The first aspect is a data processing method based on cloud computing, applied to a data processing server, the method comprising: carrying out potential office resource threat identification on the cooperative office activity data to be processed, and determining the potential office resource threat description content of the cooperative office activity data to be processed; determining target threat behavior event expressions which satisfy a set relationship with the to-be-processed cooperative office activity data from a designated threat distribution template set in combination with the potential office resource threat description content; and determining a derived dynamic threat event relation network pointed by the to-be-processed cooperative office activity data through the expression of the target threat behavior event and the distribution of the designated basic dynamic cooperative office threats.
In an independently implementable design approach, prior to the identifying potential office resource threats to the co-office activity data to be processed, the method further comprises: determining the assigned threat distribution template set in combination with the assigned statistical result of the collaborative office activity data paradigm and the assigned base dynamic collaborative office threat distribution;
wherein the set of specified threat distribution templates includes: a mapping list of template potential office resource threat clusters and template threat behavioral event expressions that reflect activity data states of a specified staged collaborative office task, template potential office resource threat description content of a collaborative office activity data paradigm, and template threat behavioral event expressions to which a template collaborative office threat distribution is directed, the template threat behavioral event expressions serving to determine a template collaborative office threat distribution to which the collaborative office activity data paradigm is directed, the template collaborative office threat distribution being a derived dynamic collaborative office threat distribution generated for the collaborative office activity data paradigm.
In an independently implementable design, the determining the set of assigned threat distribution templates in conjunction with the collaborative office activity data paradigm for an assigned statistical result and the assigned base dynamic collaborative office threat distribution comprises: determining a sequence of collaborative office activity data paradigms of the collaborative office activity data paradigms including the specified statistical result, the sequence of collaborative office activity data paradigms carrying: reflecting the data state of various appointed activities of at least one appointed staged cooperative office task; determining the template collaborative office threat distribution pointed to by the collaborative office activity data paradigm and the specified base dynamic collaborative office threat distribution;
determining the set of assigned threat distribution templates in conjunction with the mapping list of collaborative office activity data paradigms and template collaborative office threat distribution data, the set of assigned threat distribution templates including: a mapping list of potential office resource threat descriptors reflecting the specified activity data state and the template threat behavioral event expression;
wherein the at least one designated staged collaborative office task includes one or more of: the system comprises a file transmission task, a report modification task, an identity verification task, a biological characteristic comparison task and a cloud storage task.
In an independently implementable design, said determining said template collaborative office threat distribution to which said collaborative office activity data paradigm points from said collaborative office activity data paradigm and said specified underlying dynamic collaborative office threat distribution comprises:
adjusting a group of collaborative office activity data paradigms, and determining undetermined collaborative office activity data matched with the active office project state and activity data dimension of the designated basic collaborative office activity data, wherein the designated basic collaborative office activity data is node-based collaborative office activity data pointed by the designated basic dynamic collaborative office threat distribution;
performing potential office resource threat identification on the pending collaborative office activity data, and determining a template potential office resource threat sequence of the collaborative office activity data paradigm, wherein the template potential office resource threat sequence comprises: reflecting the template potential office resource threat cluster of the appointed staged cooperative office task;
optimizing threat behavior event expressions corresponding to potential office resource threat labels in the assigned basic dynamic collaborative office threat distribution via the template potential office resource threat cluster, and determining the template collaborative office threat distribution of the collaborative office activity data paradigm.
In an independently implementable design idea, the performing potential office resource threat identification on the to-be-processed cooperative office activity data and determining the potential office resource threat description content of the to-be-processed cooperative office activity data includes: potential office resource threat identification is carried out on the cooperative office activity data to be processed, and a label vector of the potential office resource threat of the specified statistical result is determined; determining the description content of the potential office resource threat in combination with the tag vector of the specified statistical result potential office resource threat;
wherein the description content of the potential office resource threat comprises: at least one of a potential office resource threat vector cluster and a description content track; determining, by the tag vector in conjunction with the specified statistical result potential office resource threat, the potential office resource threat descriptive content, including one or more of: determining a cluster of potential office resource threat vectors reflecting a staged collaborative office task via the assigned statistical result label vectors of potential office resource threats; and resolving the description content track reflecting the staged cooperative office task by combining the potential office resource threat vector cluster reflecting at least one staged cooperative office task.
In an independently implementable design, the determining, from a set of assigned threat distribution templates, a target threat behavioral event expression that satisfies a set relationship with the pending collaborative office activity data in conjunction with the potential office resource threat descriptors includes: in combination with the potential office resource threat description contents of the appointed staged cooperative office task in the to-be-processed cooperative office activity data, centrally locating pointed target template potential office resource threat description contents from the appointed threat distribution template; determining threat behavior event expression of the appointed staged cooperative office task and determining target threat behavior event expression of the cooperative office activity data to be processed according to template threat behavior event expression pointed by the target template potential office resource threat description content;
the step of locating pointed target template potential office resource threat description contents from the designated threat distribution template set in combination with the potential office resource threat description contents of the designated staged collaborative office task in the to-be-processed collaborative office activity data includes: determining the common evaluation between the potential office resource threat description content of the appointed staged collaborative office task and the potential office resource threat description content of the corresponding template in the appointed threat distribution template set; and determining the template potential office resource threat description content with the largest common evaluation as the target template potential office resource threat description content.
In an independently implementable design concept, the potential office resource threat description content is a description content track parsed by combining a potential office resource threat tag vector; the determining of the commonness evaluation between the potential office resource threat description content of the staged collaborative office task and the corresponding template potential office resource threat description content in the designated threat distribution template set includes:
analyzing a description content track reflecting the appointed staged cooperative office task by combining a potential office resource threat vector cluster of the appointed staged cooperative office task;
determining a specified difference description value between the description content track and a corresponding template description content track in the threat distribution template set, the specified difference description value representing the commonality evaluation;
wherein the specifying a disparity description value comprises: cosine difference descriptor/euclidean difference descriptor; the determining the template potential office resource threat description content with the largest common evaluation as the target template potential office resource threat description content comprises the following steps: and determining the template description content track with the minimum specified difference description value as the potential office resource threat description content of the target template.
In an independently implementable design, the determining a commonality assessment between the potential office resource threat descriptors of the staged collaborative office task and corresponding template potential office resource threat descriptors in the specified threat distribution template set includes:
respectively determining common evaluation between the potential office resource threat description content of each local task and the template potential office resource threat description content of the corresponding local task in the specified threat distribution template set on the basis that one specified staged collaborative office task is characterized by the potential office resource threat description content of not less than two local tasks, and determining not less than two staged common evaluation;
and determining the global common evaluation between the designated staged cooperative office task and the corresponding designated staged cooperative office task in each cooperative office activity data example by combining the global calculation results of the at least two staged common evaluations.
In an independently implementable design idea, the derived dynamic threat event relationship network pointed to by the to-be-processed cooperative office activity data is: a callable derived dynamic collaborative office threat distribution directed to abnormal activity behavior in the to-be-processed collaborative office activity data.
A second aspect is a data processing server comprising a memory and a processor; the memory and the processor are coupled; the memory for storing computer program code, the computer program code comprising computer instructions; wherein the computer instructions, when executed by the processor, cause the data processing server to perform the method of the first aspect.
A third aspect is a computer-readable storage medium having stored thereon a computer program which, when executed, performs the method of the first aspect.
According to one embodiment of the invention, the data processing server can identify potential office resource threats after determining the cooperative office activity data to be processed, locate pointed target threat behavior event expressions from a specified threat distribution template set in time by reflecting potential office resource threat description contents of staged cooperative office tasks, adaptively update threat behavior event expressions for specified basic dynamic cooperative office threat distribution by the target threat behavior event expressions, and adaptively determine a derived dynamic threat event relationship network considering the cooperative office activity data to be processed. When the derived dynamic threat event relation network is determined, the threat behavior event expression does not need to be updated frequently, and the execution complexity is weakened to a certain extent; and in combination with the periodic characteristics of the cooperative office staged task description content, determining in advance that the information scale of the appointed threat distribution template set is small, so that the data processing server can locate a target threat behavior event expression from the appointed threat distribution template set in time in combination with the potential office resource threat description content of the cooperative office activity data to be processed, and accurately and timely determine a derived dynamic threat event relation network which meets the set relation with the cooperative office activity data to be processed by means of the target threat behavior event expression and the appointed basic cooperative office threat distribution.
Drawings
Fig. 1 is a schematic flow chart of a data processing method based on cloud computing according to an embodiment of the present invention.
Fig. 2 is a block diagram of a data processing apparatus based on cloud computing according to an embodiment of the present invention.
Detailed Description
In the following, the terms "first", "second" and "third", etc. are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, features defined as "first", "second" or "third", etc., may explicitly or implicitly include one or more of the features.
Fig. 1 is a schematic flowchart illustrating a cloud computing-based data processing method according to an embodiment of the present invention, where the cloud computing-based data processing method may be implemented by a data processing server, and the data processing server may include a memory and a processor; the memory and the processor are coupled; the memory for storing computer program code, the computer program code comprising computer instructions; wherein, when the processor executes the computer instruction, the data processing server is caused to execute the technical solution described in the following steps.
S11: and carrying out potential office resource threat identification on the cooperative office activity data to be processed, and determining the potential office resource threat description content of the cooperative office activity data to be processed.
For the embodiment of the invention, the to-be-processed cooperative office activity data may be cooperative office activity data uploaded by an office operation terminal, or may be a group of cooperative office activity data screened from a designated office activity information set in combination with the operation preference of a user. Further, the collaborative office activity data may be activity data collected for abnormal activity behaviors in an office interaction environment.
For example, the to-be-processed cooperative office activity data may be understood as interactive data generated by a plurality of office operation terminals during the cooperative office process. The potential office resource threat identification of the cooperative office activity data to be processed can be understood as office key threat behavior identification of interaction data generated by a plurality of office operation terminals in the cooperative office process.
Further, potential office resource threat identification is carried out on the processed collaborative office task activity data through a related collaborative office potential office resource threat identification thought, and potential office resource threat description content pointed by the to-be-processed collaborative office activity data is determined.
In the embodiment of the invention, the description content of the potential office resource threats (office key threat behavior characteristic content) of the cooperative office activity data to be processed can be label vector information of each potential office resource threat, and can also be a description content track which reflects staged cooperative office tasks and is obtained by combining the analysis result of the potential office resource threat label vectors in the activity data.
S12: and determining a target threat behavior event expression meeting a set relationship with the to-be-processed cooperative office activity data from a specified threat distribution template set in combination with the potential office resource threat description content.
For the embodiment of the present invention, the designated threat distribution template set may be understood as a preset reference threat template set. Satisfying the set relationship may be in accordance with a matching index. The target threat behavioral event expression may be understood as a threat behavioral event signature that matches the pending collaborative office activity data. It is to be appreciated that in embodiments of the present invention, the data processing server may determine the set of assigned threat distribution templates in advance in conjunction with a statistical data paradigm of the collaborative office activity. Wherein the assigned threat distribution template set carries a template threat behavior event expression directed to the template potential office resource threat description content determined from the collaborative office activity data paradigm, the template threat behavior event expression being used to determine the template collaborative office threat distribution directed to by the collaborative office activity data paradigm.
Further, after determining the potential office resource threat description contents of each designated staged collaborative office task in the to-be-processed collaborative office activity data, the data processing server may screen out a target template potential office resource threat description content most similar to the potential office resource threat description contents from the template potential office resource threats of the collaborative office activity data paradigm, and finally determine a target template threat behavior event expression pointed by the target template potential office resource threat description content from the designated threat distribution template set, and determine the target template threat behavior event expression as the target threat behavior event expression considered with the to-be-processed collaborative office activity data.
It is to be understood that the present invention is not limited to the distribution architecture of the specified threat distribution template set, for example, for another embodiment, the specified threat distribution template set may include: a template threat behavioral event expression for use in determining a template collaborative office threat distribution to which a preset collaborative office activity data paradigm points, and a mapping list of template potential office resource threat descriptive content determined from the collaborative office activity data paradigm and the template threat behavioral event expression.
After the potential office resource threat description contents of the collaborative office activity data to be processed are determined, matching the potential office resource threat description contents reflecting each appointed staged collaborative office task with an appointed threat distribution template set is combined, and template threat behavior event expressions similar to the orientation of the potential office resource threat description contents are determined from the assigned threat distribution template set and serve as target threat behavior event expressions of the staged collaborative office tasks in the collaborative office activity data to be processed. And determining target threat behavior event expressions of each staged collaborative office task by combining the above ideas, such as: and target threat behavior event expressions pointed by tasks such as a file transmission task, an identity verification task, a cloud storage task and the like are determined, so that a group of target threat behavior event expressions considering the cooperative office activity data to be processed are determined.
S13: and determining a derived dynamic threat event relation network pointed by the to-be-processed cooperative office activity data through the target threat behavior event expression and the assigned basic dynamic cooperative office threat distribution.
For the embodiment of the invention, after the target threat behavior event expression pointed by the to-be-processed cooperative office activity data is determined, the data processing server can optimize the threat behavior event in the assigned basic dynamic cooperative office activity threat distribution through the target threat behavior event expression, and determine the derived dynamic threat event relation network of the threat event description content reflecting the abnormal activity behavior in the to-be-processed cooperative office activity data. And the assigned basic dynamic collaborative office threat distribution can be understood as a dynamic collaborative office threat characteristic diagram of a preset standard. The derived dynamic threat event relationship network may be understood as a virtual dynamic collaborative office threat signature graph.
In the embodiment of the invention, the data processing server can identify the potential office resource threat after determining the cooperative office activity data to be processed, locate pointed target threat behavior event expressions from a specified threat distribution template set in time by reflecting the potential office resource threat description content of staged cooperative office tasks, adaptively adjust the threat behavior event expressions of specified basic dynamic cooperative office threat distribution by the target threat behavior event expressions, and adaptively determine a derived dynamic threat event relationship network considering the cooperative office activity data to be processed.
It can be understood that when the derived dynamic threat event relationship network is determined, the threat behavior event expression does not need to be updated frequently, and the execution complexity is weakened to a certain extent; and in combination with the periodic characteristics of the cooperative office staged task description content, determining in advance that the information scale of the appointed threat distribution template set is small, so that the data processing server can locate a target threat behavior event expression from the appointed threat distribution template set in time in combination with the potential office resource threat description content of the cooperative office activity data to be processed, and accurately and timely determine a derived dynamic threat event relation network which meets the set relation with the cooperative office activity data to be processed by means of the target threat behavior event expression and the appointed basic cooperative office threat distribution.
For an independently implementable technical solution, before the identification of the potential office resource threat to the co-office activity data to be processed, the method may further include the technical solution recorded in S10.
S10: determining the assigned threat distribution template set in combination with the assigned statistical-resultant collaborative office activity data paradigm and the assigned base dynamic collaborative office threat distribution.
For embodiments of the present invention, a collaborative office activity data paradigm including data states of activities of tasks specifying statistics may be determined and different activity data states of tasks in the collaborative office activity data paradigm may be manually annotated. And then, determining derived dynamic collaborative office threat distributions respectively pointed to by the specified statistical result collaborative office activity data paradigm through the threat behavior event adjusting thought through the collaborative office activity data paradigm annotated by the description content and the specified basic dynamic collaborative office threat distribution. In an embodiment of the present invention, a derived dynamic collaborative office threat distribution generated in conjunction with a collaborative office activity data paradigm and a specified base dynamic collaborative office threat distribution is taken as a template collaborative office threat distribution.
For example, if there are 12 examples of collaborative office activity data, the data processing server determines 12 corresponding template collaborative office threat distributions, and determines a set of templates for specifying the threat distribution according to the information about the 12 template collaborative office threat distributions.
For an independently implementable technical solution, the technical solution recorded in S10 may exemplarily further include S101 and S102.
S101, determining a collaborative office activity data instance sequence of the collaborative office activity data instance including the specified statistical result, where the collaborative office activity data instance sequence carries: reflecting a plurality of designated activity data states of at least one designated staged collaborative office task;
for the embodiment of the present invention, the sequence of collaborative office activity data paradigms (which may be understood as sample collaborative office activity data) may include a collaborative office activity data paradigms with certain statistical results. The collaborative office activity data paradigm of a certain statistical result can carry different activity data states of each task, so that the determined assigned threat distribution template set is guaranteed to include rich template information, such as template potential office resource threat description content, template threat behavior event expression and the like.
In an embodiment of the present invention, 12 collaborative office activity data paradigms are collected to determine a collaborative office activity data paradigms sequence in combination with different states of a file transmission task, a report modification task, an identity verification task, a biological characteristic comparison task, and a cloud storage task of different abnormal activity behaviors in an office interaction environment. The 12 collaborative office activity data instances may include multiple designated activity data states of each group of designated staged collaborative office tasks, where the designated staged collaborative office tasks refer to tasks such as a file transmission task, a report modification task, an identity verification task, and a cloud storage task that are analyzed from the nodal collaborative office activity data.
S102: determining a template dynamic collaborative office threat distribution pointed to by the collaborative office activity data paradigm and the specified base dynamic collaborative office threat distribution.
For the embodiment of the present invention, the pointed derived dynamic collaborative office threat distribution may be determined by combining each set of collaborative office activity data paradigms and a given base dynamic collaborative office threat distribution. Each template dynamic collaborative office threat distribution corresponds to a set of threat behavior event update indications.
For a separately implementable solution, examples of how to determine a template dynamic collaborative office threat distribution via a specified base dynamic collaborative office threat distribution and a collaborative office activity data paradigm may include the following.
S1021: and adjusting a group of collaborative office activity data examples, and determining the pending collaborative office activity data matched with the active office project state and the activity data dimension of the specified basic collaborative office activity data.
In S1021, the specified base collaborative office activity data is the nodal collaborative office activity data to which the specified base dynamic collaborative office threat distribution points.
For the embodiment of the invention, in the generation period of the threat distribution template set, adjustment operations such as collaborative office task identification, active office project state optimization, activity data simplification and the like can be performed for each group of collaborative office activity data examples, and undetermined collaborative office activity data matched with the active office project state and activity data dimension of the specified basic collaborative office activity data are determined. Wherein, the adjustment operation can be understood as a standardized operation on a series of activity data.
It is to be appreciated that the specified base collaborative office activity data can be understood as migration transformed activity data in which the specified base dynamic collaborative office threat is distributed in a specified activity data vector list. It can also be understood that the assigned-base dynamic collaborative office threat distribution is determined derivative dynamic collaborative office threat distribution by combining a determined description content event sequence, such as i potential office resource threat tag vectors, and threat behavior events of assigned statistical results, such as j groups of threat behavior events, after the data processing server identifies potential office resource threats to the assigned-base collaborative office activity data, where i and j are positive integers.
S1022: performing potential office resource threat identification on the pending collaborative office activity data, and determining a template potential office resource threat sequence of the collaborative office activity data paradigm, wherein the template potential office resource threat sequence comprises: and reflecting the template potential office resource threat cluster of the appointed staged cooperative office task.
It is to be appreciated that after the pending collaborative office activity data is determined, in conjunction with the specified potential office resource threat identification concept, mining a specified statistical result of potential office resource threats, such as 136 potential office resource threats, 212 potential office resource threats, or 80 potential office resource threats, from the pending collaborative office activity data, the extracted quantitative value of the potential office resource threat statistics can affect the depth information record of the specified staged collaborative office task.
Generally, threat event potential office resource threat signatures specifying statistical results may be identified, such as a signature vector that marks 80 potential office resource threats in the real-time collaborative office activity data, which may include signature vectors of staged tasks such as a file transfer task, an identity verification task, a biometric comparison task, and a cloud storage task.
For the template potential office resource threat clusters, in another embodiment of the present invention, the numbers of the template potential office resource threats may be determined according to a preset condition, and the template potential office resource threat clusters reflecting each set of staged collaborative office tasks are determined. For example, the data processing server extracts 136 potential office resource threats from the co-office paradigm activity data to be processed.
In an embodiment of the present invention, the information of each potential office resource threat includes: number and vector label. For different collaborative office activity data paradigms, the number and the statistical result of the potential office resource threats reflecting the same designated staged collaborative office task are the same, but the vector labels of the potential office resource threats are different.
S1023: optimizing threat behavior event expressions corresponding to the potential office resource threat labels in the assigned basic dynamic collaborative office threat distribution through the template potential office resource threat cluster, and determining the template collaborative office threat distribution of the collaborative office activity data paradigm.
For the embodiment of the invention, the data processing server is specified with the conversion records of the potential office resource threat cluster and the specified threat behavior event, and the conversion records represent that the characteristics of which part of the threat behavior event need to be changed when the specified staged cooperative office task reflected by the potential office resource threat cluster generates the pointed dynamic task relationship network.
For example, if the identity verification task in the specified base dynamic collaborative office threat distribution involves 6 sets of threat behavioral events; it may be possible to update 6 sets of threat activity events in embodiments of the present invention. Additionally, threat behavior event update indications for the current 6 sets of threat behavior events may be determined from the template threat behavior event expressions pointed to by the identity verification task activity data states in the collaborative office activity data paradigm.
Calculating one by one, and updating threat behavior event expressions of all tasks to ensure that the generated derived dynamic collaborative office threat distribution can be determined when meeting the specified requirements. The template threat behavior event expression pointed to by each template potential office resource threat cluster in the to-be-processed collaborative office activity data paradigm, in other words, the template threat behavior event expression pointed to by each task activity data state in the to-be-processed collaborative office activity data paradigm, may be determined, and the template collaborative office threat distribution data pointed to by the to-be-processed collaborative office activity data paradigm may be determined. The template collaborative office threat distribution data may include: a template potential office resource threat cluster for each of the staged collaborative office tasks and a mapping list of the template threat behavioral event expressions.
In the embodiment of the invention, after the derived dynamic collaborative office threat distribution is effectively generated for a collaborative office activity data paradigm, template collaborative office threat distribution data to which the collaborative office activity data paradigm points can be determined in combination with a mapping list reflecting template potential office resource threat clusters of each staged collaborative office task and template threat behavior event expressions. Thus, S1021-S1023 describe the process of determining a corresponding template collaborative office threat distribution through a set of collaborative office activity data paradigms.
S103: determining the set of assigned threat distribution templates in conjunction with the mapping list of collaborative office activity data paradigms and template collaborative office threat distribution data, the set of assigned threat distribution templates including: a mapping list of potential office resource threat descriptors reflecting each set of said specified activity data states to template threat behavioral event expressions.
For the embodiment of the present invention, the template collaborative office threat distribution pointed to by each group of collaborative office activity data paradigms may be determined according to the above ideas, and then the template collaborative office threat distribution data pointed to by each group of collaborative office activity data paradigms may be determined.
After determining the template collaborative office threat distribution data for each collaborative office activity data paradigm, a set of assigned threat distribution templates may be generated in conjunction with the collaborative office activity data paradigm and the mapping list of template collaborative office threat distribution data. As can be appreciated, the set of assigned threat distribution templates may include a mapping list of template potential office resource threat clusters and template threat behavior event expressions that reflect activity data states of each set of assigned staged collaborative office tasks, template potential office resource threat description content data for each collaborative office activity data paradigm, and template threat behavior event expressions to which each template collaborative office threat distribution points.
In the embodiment of the invention, a threat distribution template set is designated, and information is stored by using a group of template threat behavior event expressions pointed by the whole template cooperative office threat distribution. It will be appreciated that the above describes how a set of specified threat distribution templates is generated.
In specific implementation, the data processing server identifies potential office resource threats to the acquired to-be-processed cooperative office activity data, and after determining the description content of the potential office resource threats, matches the description content of the potential office resource threats adaptively combined with the to-be-processed cooperative office activity data with a specified threat distribution template set, and locates target threat behavior event expressions of different staged cooperative office tasks from the set.
For an embodiment that can be implemented independently, the content recorded in S11 may exemplarily include the following content.
S111: potential office resource threat identification is carried out on the cooperative office activity data to be processed, and a label vector of the potential office resource threat of the specified statistical result is determined;
in an embodiment of the invention, the adjustment operation of the data processing server on the to-be-processed cooperative office activity data can be understood as that after the to-be-processed cooperative office activity data is subjected to cooperative office task identification, active office project state optimization, activity data simplification and the like, undetermined activity data with the dimension consistent with that of the specified basic cooperative office activity data is determined, and then, potential office resource threat identification can be performed on the undetermined activity data by combining with the specified cooperative office potential office resource threat marking idea. For example, potential office resource threat identification is performed on the activity data to be determined through 80 collaborative office potential office resource threat marking ideas, and tag vectors of the 80 collaborative office potential office resource threats are determined.
S112: and determining the description content of the potential office resource threat by combining the label vectors of the specified statistical result potential office resource threats.
For the embodiment of the invention, after the potential office resource threat tag vector of the collaborative office activity data to be processed is determined, the potential office resource threat description content of at least one designated staged collaborative office task can be determined.
For a given staged collaborative office task such as a file transfer task, the potential office resource threat profile may contain not less than two idea representations as follows.
Idea (1) of representing potential office resource threat description content of a designated staged collaborative office task by using label vector clusters of potential office resource threats
In an embodiment of the present invention, a potential office resource threat vector cluster reflecting a specified staged collaborative office task may be used as a potential office resource threat description content of the specified staged collaborative office task. In the embodiment of the invention, although the same staged collaborative office task is reflected by the same number and number of potential office resource threats for different collaborative office activity data, the vector labels of the potential office resource threats with the same number in the activity data vector system are different in different collaborative office activity data.
The idea (2) is to represent the potential office resource threat description content of a designated staged threat event task by utilizing the analytic track of the potential office resource threat vector cluster
In an embodiment of the present invention, the description content track reflecting the staged collaborative office task may be analyzed in combination with the potential office resource threat vector cluster reflecting a specified staged collaborative office task. And taking the description content track as the potential office resource threat description content of the specified staged cooperative office task.
For the content recorded in S12, in the embodiment of the present invention, the target threat behavior event expression of the collaborative office activity data to be processed may be found from the specified threat distribution template set through the commonality evaluation between the potential office resource threat description contents.
For an independently implementable solution, S12 exemplarily may include the following: s121: and in combination with the potential office resource threat description contents of the appointed staged cooperative office task in the to-be-processed cooperative office activity data, positioning pointed target template potential office resource threat description contents from the appointed threat distribution template set.
For an independently implementable solution, S121 exemplarily may include the following: s1211, determining the common evaluation between the potential office resource threat description content of the appointed staged collaborative office task and the potential office resource threat description content of the corresponding template in the appointed threat distribution template set. In the embodiment of the invention, similar template potential office resource threat description contents can be selected from a specified threat distribution template set through different determination ideas by combining different output states of the potential office resource threat description contents.
Corresponding to the condition that the template potential office resource threat description content stored in the appointed threat distribution template set is the template potential office resource threat vector cluster, the common evaluation between the potential office resource threat description content and the template potential office resource threat description content aiming at an appointed staged cooperative office task can be determined by combining cosine difference description among the potential office resource threat vector clusters.
For another embodiment, the commonality assessment may also be expressed as an integrated result of cosine difference descriptions between potential office resource threats. The smaller the cosine difference description value between the two groups of potential office resource threat vector clusters is, the higher the commonality evaluation between the designated staged collaborative office tasks reflected by the two groups of potential office resource threat vector clusters is proved.
Based on the fact that the template potential office resource threat description content stored in the assigned threat distribution template set is the template description content track, S1211 may include the following content.
S12111: and resolving a description content track reflecting the appointed staged collaborative office task by combining a potential office resource threat vector cluster of the appointed staged collaborative office task.
S12112: and determining a specified difference description value between the description content track and the corresponding template description content track in the specified threat distribution template set, wherein the specified difference description value represents the common evaluation.
In the embodiment of the invention, the common evaluation value among the description contents of the potential office resource threats can be determined by utilizing the Euclidean difference description value. When the potential office resource threat description content is the description content track, the common evaluation of the two description content tracks can be better reflected by adopting the Euclidean difference description value. Correspondingly, the smaller the Euclidean difference description value between the two description content tracks is, the more similar the change conditions of the two description content tracks are proved, and the higher the commonality evaluation is, and correspondingly, the larger the commonality evaluation between the appointed staged collaborative office tasks respectively pointed by the two description content tracks is. For another embodiment, a federated model may also be utilized to determine the target template potential office resource threat descriptors. For any potential office resource threat vector cluster of a designated staged cooperative office task in the cooperative office activity data to be processed, a cosine difference description value can be respectively calculated with the potential office resource threat vector cluster pointed by each template cooperative office threat distribution in the template cooperative office threat distribution template set. If at least two groups of template potential office resource threat clusters which are the same as the cosine difference description values of the potential office resource threat vector clusters exist in the template collaborative office threat distribution template set, further generating Euclidean difference description values between each template potential office resource threat cluster and the potential office resource threat vector clusters; therefore, the target template potential office resource threat description content which is most approximate to the description content track change pointed by the current potential office resource threat vector cluster is accurately positioned.
For another embodiment, the common evaluation between the potential office resource threat description content of the staged collaborative office task and the template potential office resource threat description content in the specified threat distribution template set can be determined through different ideas by combining the attribute characteristics of different tasks.
For one possible embodiment, S1211 may include the following.
S1201: on the basis that one designated staged collaborative office task is characterized by the potential office resource threat description contents of not less than two local tasks, the common evaluation between the potential office resource threat description contents of each local task and the template potential office resource threat description contents of the corresponding local task in the designated threat distribution template set is respectively determined, and not less than two staged common evaluations are determined.
For example, reporting potential office resource threat descriptors for modification tasks includes: and the potential office resource threat description contents respectively pointed to by the online modification task and the offline modification task. The description contents of potential office resource threats of the file transmission task comprise: and respectively pointing to the potential office resource threat description contents by the online transmission task and the offline transmission task. The description contents of the potential office resource threats of the biometric comparison task comprise: and the real-time characteristic comparison task and the delay characteristic comparison task respectively point to the description contents of the potential office resource threats.
For example, taking a report modification task as an example, the data processing server determines, according to any thought of determining common evaluation among assigned staged collaborative office tasks, common evaluation between the potential office resource threat description contents of the online modification task and the potential office resource threat description contents of each online potential office resource in an assigned threat distribution template set. Correspondingly, the staged common evaluation pointed by the offline modification task is determined according to the above thought. Therefore, after the potential office resource threat description content of the online/offline modification task in the cooperative office activity data to be processed is compared with the template potential office resource threat description content of the online/offline modification task pointed by the template cooperative office threat distribution, a group of staged common evaluation is determined.
It is to be appreciated that for a given set of threat distribution templates generated from the 12 collaborative office activity data paradigms, 12 sets of staged commonalities evaluations will be determined for potential office resource threat descriptors for the videoconference task in the pending collaborative office activity data.
S1202: and determining the global common evaluation between the designated staged cooperative office task and the corresponding designated staged cooperative office task in each cooperative office activity data example by combining the global calculation results of the at least two staged common evaluations.
For the staged collaborative office tasks such as the report modification task, the biometric feature comparison task and the file transmission task, which can be characterized by the potential office resource threat description contents of two local tasks, after the staged common evaluation pointed by each local task is calculated, the two staged common evaluations can be subjected to global processing (such as summation processing and weighting processing) to serve as the common evaluation of the collaborative office activity data to be processed and the task corresponding to one collaborative office activity data example.
In the embodiment of the invention, for the condition that part of the collaborative office tasks comprise two or more local tasks, a plurality of staged common evaluation global processing ideas can be adopted, so that global common evaluation of appointed staged collaborative office tasks such as report modification tasks, file transmission tasks, biological characteristic comparison tasks and the like can be more accurately compared, and further, target threat behavior event expression of the appointed staged collaborative office tasks is more accurately determined from an appointed threat distribution template set.
And S1212, determining the template potential office resource threat description content with the largest common evaluation as the target template potential office resource threat description content.
It is to be understood that, according to one of the methods described in S1211, the commonalities between the potential office resource threat description contents in the collaborative office activity data to be processed and the template potential office resource threat description contents pointed to in each activity data case are respectively calculated, and the template potential office resource threat description contents with the largest commonalities are determined as the target template potential office resource threat description contents.
And S122, determining the threat behavior event expression of the appointed staged cooperative office task and determining the target threat behavior event expression of the cooperative office activity data to be processed according to the template threat behavior event expression pointed by the target template potential office resource threat description content.
In an embodiment of the present invention, the designated threat distribution template set stores template potential office resource threat description contents pointed to by the activity data state of each group of designated staged collaborative office tasks, and a mapping list of the template potential office resource threat description contents and the template threat behavior event expressions.
For example, if Q designated staged co-office tasks can be broken down from each set of co-office activity data. For example, 5 types of assigned staged collaborative office tasks: the system comprises a file transmission task, a report modification task, an identity verification task, a biological characteristic comparison task and a cloud storage task. Each template potential office resource threat description content corresponds to a group of template threat behavior event expressions, and in view of this, at least W kinds of template threat behavior event expressions pointed to by the W template potential office resource threat description contents are stored in the designated threat distribution template set.
With respect to a distribution framework in a given set of threat distribution templates: and if the template potential office resource threat description content is a template description content track formed by analyzing the vector label of the template potential office resource threat, the appointed threat distribution template set at least stores W template threat behavior event expressions pointed by the W template description content tracks. And if the template potential office resource threat description content is a group of vector label clusters of the template potential office resource threats, namely the template potential office resource threat vector clusters, the assigned threat distribution template set at least stores W template threat behavior event expressions pointed by the W template potential office resource threat vector clusters.
After determining the potential office resource threat description content of the appointed staged cooperative office task from the cooperative office activity data to be processed, the data processing server can match with the appointed threat distribution template set, determine the similar target template potential office resource threat description content from the appointed threat distribution template set, and further determine the target threat behavior event expression suitable for the potential office resource threat description content by combining the template threat behavior event expression pointed by the target template potential office resource threat description content. For example, the template threat behavior event expression pointed by the target template potential office resource threat description content is determined by the mare to be the target threat behavior event expression suitable for the appointed staged cooperative office task corresponding to the potential office resource threat description content in the to-be-processed cooperative office activity data.
In the embodiment of the invention, the target threat behavior event expression of the appointed staged cooperative office task in the cooperative office activity data to be processed can be determined through the appointed difference description value of the threat description content of the potential office resource, so that the processing efficiency can be improved, the threat behavior event update indication of the threat event relationship network to be determined can be accurately determined, and the threat event relationship network can be determined in time.
In the embodiment of the invention, the derived dynamic threat event relationship network can record the relation and cause and effect among the possible threat events, and the derived dynamic threat event relationship network is updated in real time, so that the data risk events in the digital office process can be comprehensively and abundantly recorded, and further the analysis basis of the subsequent data information protection system is provided. Based on this, under some independently implementable design considerations, after determining the derived dynamic threat event relationship network to which the pending collaborative office activity data points, the method may further include: determining an information risk trend report of the digital office conversation corresponding to the to-be-processed cooperative office activity data through a derived dynamic threat event relationship network; determining office threat trend characteristics based on the information risk trend report; generating a threat coping strategy for the digital office session through the office threat trend feature.
In the embodiment of the invention, the information risk trend report of the digital office conversation can be obtained by combining the forecast of the event upstream-downstream relation of the derived dynamic threat event relation network, so that the information risk trend report is subjected to centralized office threat trend characteristic mining, and the accuracy and the matching degree of the generated threat coping strategy can be guaranteed by utilizing the office threat trend characteristic.
Determining office threat trend characteristics based on the information risk trend reports under some independently implementable design considerations may include the following: determining node risk trend characteristics and scene risk trend characteristics in the information risk trend report; aligning the nodularized risk trend characteristics and the scenarized risk trend characteristics in the information risk trend report based on the characteristic correlation degree between the nodularized risk trend characteristics and the scenarized risk trend characteristics in the information risk trend report to obtain a characteristic alignment result; determining the aligned error-reported scenic risk trend feature as a to-be-processed scenic risk trend feature, and determining abnormal behavior preference matched with the to-be-processed scenic risk trend feature according to the characteristic distance between the scenic risk trend feature in the feature alignment result and the to-be-processed scenic risk trend feature; aligning the abnormal behavior preference matched with the to-be-processed scenic risk tendency characteristic to obtain a behavior preference alignment result; determining an office threat event set in the information risk trend report and abnormal behavior preferences corresponding to the office threat event set according to the behavior preference alignment result and the feature alignment result; and determining office threat trend characteristics according to the office threat event set and the abnormal behavior preference corresponding to the office threat event set.
In the embodiment of the invention, the office threat event set can be subjected to event classification according to the abnormal behavior preference corresponding to the office threat event set, and then office threat trend characteristics can be pertinently positioned according to the classification result.
Under some independently implementable design considerations, the determining nodal risk trend signatures and scenic risk trend signatures in the information risk trend report includes: determining at least two nodularized risk trend descriptions and at least two scenarized risk trend descriptions in the information risk trend report; determining a nodularization risk trend description difference and a nodularization risk trend description difference between the at least two nodularization risk trend descriptions, and determining a scenarization risk trend description difference and a scenarization risk trend description difference between the at least two scenarization risk trend descriptions; combining the at least two nodal risk trend descriptions according to the nodal risk trend description difference and the nodal risk trend description difference to obtain a nodal risk trend feature in the information risk trend report; a nodulated risk trend feature comprises at least one nodulated risk trend description; combining the at least two scene risk trend descriptions according to the scene risk trend description difference and the scene risk trend description difference to obtain scene risk trend characteristics in the information risk trend report; one scenic risk trend feature includes at least one scenic risk trend description.
Under some design ideas which can be independently implemented, aligning the nodularized risk trend features and the scenarized risk trend features in the information risk trend report based on the feature correlation between the nodularized risk trend features and the scenarized risk trend features in the information risk trend report to obtain a feature alignment result, including: determining the scenarized risk trend characteristics in the information risk trend report as derived scenarized risk trend characteristics, and determining the nodalized risk trend characteristics in the information risk trend report as derived nodalized risk trend characteristics; determining a target risk trend profile for the information risk trend report based on the determined contextualized risk trend description; determining a nodularization risk trend description in the target template description; determining a description difference between the nodularized risk trend description in the target template description and the nodularized risk trend description in the derived nodularized risk trend feature as the feature correlation degree between the derived nodularized risk trend feature and the derived nodularized risk trend feature; and when the feature correlation degree is greater than or equal to the correlation degree judgment value, aligning the derived scene-oriented risk trend feature and the derived node-oriented risk trend feature to obtain a feature alignment result.
Based on the same inventive concept, fig. 2 illustrates a block diagram of a cloud computing-based data processing apparatus provided in an embodiment of the present invention, and the cloud computing-based data processing apparatus may include the following modules to implement the relevant method steps illustrated in fig. 1.
The threat identification module 210 is configured to perform potential office resource threat identification on the to-be-processed cooperative office activity data, and determine potential office resource threat description content of the to-be-processed cooperative office activity data.
And the expression determining module 220 is configured to determine, from the designated threat distribution template set, a target threat behavior event expression satisfying a set relationship with the to-be-processed collaborative office activity data in combination with the potential office resource threat description content.
And the data analysis module 230 is configured to determine, through the target threat behavior event expression and the assigned basic dynamic collaborative office threat distribution, a derived dynamic threat event relationship network to which the to-be-processed collaborative office activity data points.
The related embodiment applied to the invention can achieve the following technical effects: the data processing server can identify potential office resource threats after determining the cooperative office activity data to be processed, locate pointed target threat behavior event expressions from a designated threat distribution template set in time by reflecting potential office resource threat description contents of staged cooperative office tasks, adaptively update threat behavior event expressions of designated basic dynamic cooperative office threat distribution through the target threat behavior event expressions, and adaptively determine a derived dynamic threat event relationship network considering the cooperative office activity data to be processed. When the derived dynamic threat event relation network is determined, the threat behavior event expression does not need to be updated frequently, and the execution complexity is weakened to a certain extent; and in combination with the periodic characteristics of the cooperative office staged task description contents, determining in advance that the information scale of the appointed threat distribution template set is small, so that the data processing server can timely position a target threat behavior event expression from the appointed threat distribution template set in combination with the potential office resource threat description contents of the cooperative office activity data to be processed, and accurately and timely determine a derived dynamic threat event relation network meeting the set relation with the cooperative office activity data to be processed by means of the target threat behavior event expression and the appointed basic cooperative office threat distribution.
The above description is only a specific embodiment of the present invention. Those skilled in the art can conceive of changes or substitutions based on the specific embodiments provided by the present invention, and all such changes or substitutions are intended to be included within the scope of the present invention.

Claims (8)

1. A data processing method based on cloud computing is characterized by being applied to a data processing server and comprising the following steps:
determining an information risk trend report of the digital office conversation corresponding to the collaborative office activity data to be processed through a derived dynamic threat event relationship network;
determining office threat trend characteristics based on the information risk trend report;
generating a threat coping strategy for the digital office session through the office threat trend feature.
2. The method of claim 1, wherein the method further comprises:
carrying out potential office resource threat identification on the cooperative office activity data to be processed, and determining the potential office resource threat description content of the cooperative office activity data to be processed;
determining a target threat behavior event expression meeting a set relationship with the to-be-processed cooperative office activity data from a specified threat distribution template set in combination with the potential office resource threat description content;
and determining a derived dynamic threat event relation network pointed by the to-be-processed cooperative office activity data through the target threat behavior event expression and the assigned basic dynamic cooperative office threat distribution.
3. The method of claim 2, wherein prior to the identifying potential office resource threats to the co-office activity data to be processed, the method further comprises: determining the assigned threat distribution template set in combination with the assigned statistical result of the collaborative office activity data paradigm and the assigned base dynamic collaborative office threat distribution;
wherein the set of specified threat distribution templates comprises: a mapping list of template potential office resource threat clusters and template threat behavioral event expressions that reflect activity data states of a specified staged collaborative office task, template potential office resource threat description content of a collaborative office activity data paradigm, and template threat behavioral event expressions to which a template collaborative office threat distribution is directed, the template threat behavioral event expressions serving to determine a template collaborative office threat distribution to which the collaborative office activity data paradigm is directed, the template collaborative office threat distribution being a derived dynamic collaborative office threat distribution generated for the collaborative office activity data paradigm.
4. The method of claim 3, wherein the determining the designated threat distribution template set in conjunction with the designated statistical resultant collaborative office activity data paradigm and the designated base dynamic collaborative office threat distribution comprises: determining a sequence of collaborative office activity data paradigms of the collaborative office activity data paradigms including the specified statistical result, the sequence of collaborative office activity data paradigms carrying: reflecting a plurality of designated activity data states of at least one designated staged collaborative office task; determining the template collaborative office threat distribution pointed to by the collaborative office activity data paradigm and the specified base dynamic collaborative office threat distribution;
determining the set of assigned threat distribution templates in conjunction with the mapping list of collaborative office activity data paradigms and template collaborative office threat distribution data, the set of assigned threat distribution templates including: a mapping list of potential office resource threat descriptors reflecting the specified activity data state and the template threat behavioral event expression;
wherein the at least one designated staged collaborative office task includes one or more of: the system comprises a file transmission task, a report modification task, an identity verification task, a biological characteristic comparison task and a cloud storage task.
5. The method of claim 4, wherein determining the template collaborative office threat distribution to which the collaborative office activity data paradigm is directed through the collaborative office activity data paradigm and the specified base dynamic collaborative office threat distribution comprises:
adjusting a group of collaborative office activity data paradigms, and determining undetermined collaborative office activity data matched with the active office project state and the activity data dimension of the specified basic collaborative office activity data, wherein the specified basic collaborative office activity data is nodulated collaborative office activity data pointed to by the specified basic dynamic collaborative office threat distribution;
performing potential office resource threat identification on the pending collaborative office activity data, and determining a template potential office resource threat sequence of the collaborative office activity data paradigm, where the template potential office resource threat sequence includes: reflecting the template potential office resource threat cluster of the appointed staged cooperative office task;
and optimizing threat behavior event expressions corresponding to potential office resource threat labels in the designated basic dynamic collaborative office threat distribution through the template potential office resource threat cluster, and determining the template collaborative office threat distribution of the collaborative office activity data paradigm.
6. The method of claim 3, wherein the performing potential office resource threat identification on the co-office activity data to be processed and determining the potential office resource threat descriptive content of the co-office activity data to be processed comprises: potential office resource threat identification is carried out on the cooperative office activity data to be processed, and a label vector of the potential office resource threat of the specified statistical result is determined; determining the description content of the potential office resource threat in combination with the tag vector of the specified statistical result potential office resource threat;
wherein the description content of the potential office resource threat comprises: at least one of a potential office resource threat vector cluster and a description content track; determining, by the tag vector in conjunction with the specified statistical result potential office resource threat, the potential office resource threat descriptive content, including one or more of: determining a cluster of potential office resource threat vectors reflecting a staged collaborative office task via the assigned statistical result label vectors of potential office resource threats; and analyzing the description content track reflecting the staged cooperative office task by combining the potential office resource threat vector cluster reflecting at least one staged cooperative office task.
7. The method of claim 3, wherein the determining, from a set of specified threat distribution templates, a targeted threat behavioral event expression that satisfies a set relationship with the pending collaborative office activity data in conjunction with the potential office resource threat description content comprises: in combination with the potential office resource threat description contents of the appointed staged cooperative office task in the to-be-processed cooperative office activity data, centrally locating pointed target template potential office resource threat description contents from the appointed threat distribution template; determining threat behavior event expression of the appointed staged cooperative office task and determining target threat behavior event expression of the cooperative office activity data to be processed according to template threat behavior event expression pointed by the target template potential office resource threat description content;
wherein the step of collectively locating, in combination with the potential office resource threat descriptive contents of the designated staged collaborative office task in the to-be-processed collaborative office activity data, the targeted target template potential office resource threat descriptive contents from the designated threat distribution template includes: determining the commonness evaluation between the potential office resource threat description content of the appointed staged collaborative office task and the potential office resource threat description content of the corresponding template in the appointed threat distribution template set; and determining the template potential office resource threat description content with the largest common evaluation as the target template potential office resource threat description content.
8. A data processing server, comprising: a memory and a processor; the memory and the processor are coupled; the memory for storing computer program code, the computer program code comprising computer instructions; wherein the computer instructions, when executed by the processor, cause the data processing server to perform the method of any one of claims 1-7.
CN202211102682.8A 2022-04-13 2022-04-13 Data processing method and server based on cloud computing Withdrawn CN115422536A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211102682.8A CN115422536A (en) 2022-04-13 2022-04-13 Data processing method and server based on cloud computing

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210381875.5A CN114676423B (en) 2022-04-13 2022-04-13 Data processing method and server for dealing with cloud computing office threats
CN202211102682.8A CN115422536A (en) 2022-04-13 2022-04-13 Data processing method and server based on cloud computing

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN202210381875.5A Division CN114676423B (en) 2022-04-13 2022-04-13 Data processing method and server for dealing with cloud computing office threats

Publications (1)

Publication Number Publication Date
CN115422536A true CN115422536A (en) 2022-12-02

Family

ID=82077257

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202210381875.5A Active CN114676423B (en) 2022-04-13 2022-04-13 Data processing method and server for dealing with cloud computing office threats
CN202211102682.8A Withdrawn CN115422536A (en) 2022-04-13 2022-04-13 Data processing method and server based on cloud computing

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN202210381875.5A Active CN114676423B (en) 2022-04-13 2022-04-13 Data processing method and server for dealing with cloud computing office threats

Country Status (1)

Country Link
CN (2) CN114676423B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115146261B (en) * 2022-07-08 2023-10-03 浙江中国小商品城集团股份有限公司 Data threat processing method and server for coping with digital cloud service
CN115271407B (en) * 2022-07-21 2023-09-26 内蒙古怀峰科技股份有限公司 Industrial Internet data processing method and system based on artificial intelligence

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105184156B (en) * 2015-06-26 2018-01-12 北京神州绿盟信息安全科技股份有限公司 A kind of security threat management method and system
CN109361690B (en) * 2018-11-19 2020-07-07 中国科学院信息工程研究所 Method and system for generating threat handling strategy in network
US20210390510A1 (en) * 2020-06-16 2021-12-16 Proofpoint, Inc. Dynamically Providing Cybersecurity Training Based on User-Specific Threat Information
CN114186272A (en) * 2021-12-10 2022-03-15 天津痴凡互联网科技有限公司 Big data threat protection method and system based on digital office

Also Published As

Publication number Publication date
CN114676423B (en) 2023-01-06
CN114676423A (en) 2022-06-28

Similar Documents

Publication Publication Date Title
US11915104B2 (en) Normalizing text attributes for machine learning models
CN114676423B (en) Data processing method and server for dealing with cloud computing office threats
CN113627566B (en) Phishing early warning method and device and computer equipment
CN111259952B (en) Abnormal user identification method, device, computer equipment and storage medium
CN113656686B (en) Task report generation method and service system based on production and teaching fusion
CN112950347B (en) Resource data processing optimization method and device, storage medium and terminal
CN112583640A (en) Service fault detection method and device based on knowledge graph
Syuntyurenko The digital environment: The trends and risks of development
CN113986674A (en) Method and device for detecting abnormity of time sequence data and electronic equipment
CN110310028B (en) Method and apparatus for crowdsourcing
CN109711849B (en) Ether house address portrait generation method and device, electronic equipment and storage medium
CN111159241A (en) Click conversion estimation method and device
CN113138906A (en) Call chain data acquisition method, device, equipment and storage medium
Kern et al. Statistical quality control for human-based electronic services
CN111626783A (en) Offline information setting method and device for realizing event conversion probability prediction
Zhang et al. AFOA: an adaptive fruit fly optimization algorithm with global optimizing ability
CN116127189A (en) User operation method, device, equipment and computer storage medium
CN115168509A (en) Processing method and device of wind control data, storage medium and computer equipment
CN113468142A (en) Data transfer request processing method, device, equipment and storage medium
CN111144091B (en) Customer service member determination method and device and group member identification determination method
CN118337534B (en) Data monitoring system for determining abnormal flow
Cui et al. Answer aggregation for crowdsourcing microtasks using approximate global optimal searching
CN116975300B (en) Information mining method and system based on big data set
KR102676806B1 (en) Ttp based automated playbook generation method and system performing the same
WO2023021647A1 (en) Estimation device, estimation method, and estimation program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20221202