CN115544500B - User information security management method and system - Google Patents

User information security management method and system Download PDF

Info

Publication number
CN115544500B
CN115544500B CN202211533939.5A CN202211533939A CN115544500B CN 115544500 B CN115544500 B CN 115544500B CN 202211533939 A CN202211533939 A CN 202211533939A CN 115544500 B CN115544500 B CN 115544500B
Authority
CN
China
Prior art keywords
target user
user information
social
monitoring
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211533939.5A
Other languages
Chinese (zh)
Other versions
CN115544500A (en
Inventor
周恒星
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhijing Technology Beijing Co ltd
Original Assignee
Zhijing Technology Beijing Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhijing Technology Beijing Co ltd filed Critical Zhijing Technology Beijing Co ltd
Priority to CN202211533939.5A priority Critical patent/CN115544500B/en
Publication of CN115544500A publication Critical patent/CN115544500A/en
Application granted granted Critical
Publication of CN115544500B publication Critical patent/CN115544500B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1458Management of the backup or restore process
    • G06F11/1469Backup restoration techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Quality & Reliability (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention relates to the technical field of information management, and particularly discloses a user information security management method and system. According to the method, the account of the target user is subjected to security monitoring, active monitoring record data and passive monitoring feedback data are generated, and whether the account is in a security threat state or not is comprehensively analyzed and judged; when the target user is in a security threat state, backing up and hiding the target user information; when the social user information is in a security threat state, backing up and hiding the social user information; and carrying out security threat processing monitoring, and verifying and recovering the target user information and the social user information after the security threat is removed. The method can be used for actively and passively monitoring safety, backup and hiding of target user information and social user information when the user is in a safety threat state, and then verification and recovery are carried out after the safety threat is relieved, so that the user information of the user and related social users is prevented from being stolen, deleted or changed, and normal use of user accounts is guaranteed.

Description

User information security management method and system
Technical Field
The invention belongs to the technical field of information management, and particularly relates to a user information security management method and system.
Background
Information is a representation of the presence and movement attributes of things. Information management refers to an activity for the purpose of comprehensively adopting technical, economic, policy, legal and humanistic methods and means by human beings so as to control information flow, improve information utilization efficiency and maximally realize information utility value, and is a process for scientifically planning, organizing, controlling and coordinating various relevant factors of human social information activities so as to realize reasonable development and effective utilization of information resources.
User information safety management is a common information management technology and is widely applied to life and work of people. In the prior art, an effective security management method for a user and a related social contact user is not realized for a user account, so that user information of the user and the related social contact user is easily stolen, deleted or changed after the user account is threatened to be secure, and is difficult to restore to an original state, so that the user account cannot be normally used.
Disclosure of Invention
The embodiment of the invention aims to provide a user information security management method and a user information security management system, and aims to solve the problems in the background art.
In order to achieve the above purpose, the embodiments of the present invention provide the following technical solutions:
a user information security management method specifically comprises the following steps:
carrying out safety monitoring on a target user account to generate active monitoring record data and passive monitoring feedback data, and comprehensively analyzing and judging whether the target user account is in a safety threat state;
when the mobile terminal is in a security threat state, identifying target user information in a target user account, and backing up and hiding the target user information;
when the target user account is in a security threat state, identifying social user information in the target user account, and backing up and hiding the social user information;
and carrying out security threat processing monitoring, judging whether security threats are relieved, and verifying and recovering the target user information and the social user information after the security threats are relieved.
As a further limitation of the technical solution of the embodiment of the present invention, the performing security monitoring on the target user account to generate active monitoring record data and passive monitoring feedback data, and performing comprehensive analysis to determine whether the target user account is in a security threat state specifically includes the following steps:
carrying out active safety monitoring on a target user account to generate active monitoring record data;
analyzing the active monitoring record data to judge whether the active monitoring record data has a safety risk;
when the safety risk exists, passive safety monitoring is carried out, and passive monitoring feedback data are generated;
and analyzing the passive monitoring feedback data to judge whether the passive monitoring feedback data is in a security threat state.
As a further limitation of the technical solution of the embodiment of the present invention, the performing passive safety monitoring and generating passive monitoring feedback data when there is a safety risk specifically includes the following steps:
extracting social record information when the safety risk exists;
determining a plurality of recently connected users according to the social record information;
sending passive monitoring applications to a plurality of recently contacted users;
and receiving a plurality of application feedback data fed back by the recently contacted users to generate passive monitoring feedback data.
As a further limitation of the technical solution of the embodiment of the present invention, identifying the target user information in the target user account when the target user information is in the security threat state, and backing up and hiding the target user information specifically includes the following steps:
generating a security threat signal while in a security threat state;
identifying target user information in a target user account according to the security threat signal;
creating a cloud backup space corresponding to the target user account;
and backing up the target user information in the cloud backup space, and clearing the local target user information.
As a further limitation of the technical solution of the embodiment of the present invention, identifying social user information in a target user account when the target user account is in a security threat state, and backing up and hiding the social user information specifically includes the following steps:
identifying social related information in the account of the target user according to the security threat signal;
performing user analysis on the social related information, and identifying and marking social user information;
and backing up the social user information in the cloud backup space, and clearing local social user information.
As a further limitation of the technical solution of the embodiment of the present invention, the performing security threat processing monitoring, determining whether to remove the security threat, and after the security threat is removed, verifying and recovering the target user information and the social user information specifically includes the following steps:
carrying out security threat processing monitoring and generating processing monitoring data in real time;
analyzing the processing monitoring data and judging whether to remove the security threat;
after the security threat is relieved, generating recovery verification data according to the target user information;
and according to the recovery verification data, performing verification recovery of the target user information and the social user information on the target user account.
A user information security management system, the system includes a security monitoring processing unit, a first backup hiding unit, a second backup hiding unit and a verification releasing and recovering unit, wherein:
the safety monitoring processing unit is used for carrying out safety monitoring on the account number of the target user, generating active monitoring record data and passive monitoring feedback data, and comprehensively analyzing and judging whether the account number is in a safety threat state;
the first backup hiding unit is used for identifying target user information in a target user account when the first backup hiding unit is in a security threat state, and backing up and hiding the target user information;
the second backup hiding unit is used for identifying social user information in the target user account when the target user account is in a security threat state, and backing up and hiding the social user information;
and the authentication removing and recovering unit is used for processing and monitoring the security threat, judging whether the security threat is removed or not, and after the security threat is removed, performing authentication recovery on the target user information and the social user information.
As a further limitation of the technical solution of the embodiment of the present invention, the safety monitoring processing unit specifically includes:
the active monitoring module is used for actively and safely monitoring the account number of the target user to generate active monitoring record data;
the risk judgment module is used for analyzing the active monitoring record data and judging whether the active monitoring record data has a safety risk or not;
the passive monitoring module is used for carrying out passive safety monitoring when safety risks exist and generating passive monitoring feedback data;
and the threat judgment module is used for analyzing the passive monitoring feedback data and judging whether the passive monitoring feedback data is in a safety threat state.
As a further limitation of the technical solution of the embodiment of the present invention, the passive monitoring module specifically includes:
the information extraction submodule is used for extracting social record information when the safety risk exists;
the information processing submodule is used for determining a plurality of recently connected users according to the social contact record information;
the application sending submodule is used for sending passive monitoring applications to a plurality of recently contacted users;
and the feedback processing submodule is used for receiving application feedback data fed back by a plurality of recently contacted users and generating passive monitoring feedback data.
As a further limitation of the technical solution of the embodiment of the present invention, the authentication removing and recovering unit specifically includes:
the processing monitoring module is used for processing and monitoring the security threat and generating processing monitoring data in real time;
the release judging module is used for analyzing the processing monitoring data and judging whether the security threat is released or not;
the data generation module is used for generating recovery verification data according to the target user information after the security threat is relieved;
and the verification recovery module is used for verifying and recovering the target user information and the social user information of the target user account according to the recovery verification data.
Compared with the prior art, the invention has the beneficial effects that:
the embodiment of the invention carries out safety monitoring on the account number of the target user to generate active monitoring record data and passive monitoring feedback data, and comprehensively analyzes and judges whether the target user is in a safety threat state; when the target user is in a security threat state, backing up and hiding target user information; when the social user information is in a security threat state, backing up and hiding the social user information; and carrying out security threat processing monitoring, and verifying and recovering the target user information and the social user information after the security threat is removed. The method can be used for actively and passively monitoring safety, backup and hiding of target user information and social user information when the user is in a safety threat state, and then verification and recovery are carried out after the safety threat is relieved, so that the user information of the user and related social users is prevented from being stolen, deleted or changed, and normal use of user accounts is guaranteed.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention.
Fig. 1 shows a flow chart of a method provided by an embodiment of the invention.
Fig. 2 shows a flowchart of active and passive safety monitoring in the method provided in the embodiment of the present invention.
Fig. 3 shows a flowchart of a passive safety monitoring process in the method provided by the embodiment of the present invention.
Fig. 4 shows a flowchart of target user information processing in the method provided by the embodiment of the invention.
FIG. 5 shows a flowchart of social user information processing in the method provided by the embodiment of the present invention.
Fig. 6 shows a flowchart of threat removal verification recovery in the method provided by the embodiment of the invention.
Fig. 7 is a diagram illustrating an application architecture of a system provided by an embodiment of the invention.
Fig. 8 shows a block diagram of a safety monitoring processing unit in the system according to an embodiment of the present invention.
Fig. 9 shows a block diagram of a passive monitoring module in the system according to an embodiment of the present invention.
Fig. 10 shows a block diagram of a de-authentication recovery unit in the system according to the embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
It can be understood that, in the prior art, an effective security management method for the user and the related social users is not implemented for the user account, and after the user account is compromised, user information of the user and the related social users is easily stolen, deleted or changed and is difficult to recover to an original state, so that the user account cannot be normally used.
In order to solve the problems, the embodiment of the invention carries out safety monitoring on the account of the target user to generate active monitoring record data and passive monitoring feedback data, and comprehensively analyzes and judges whether the target user is in a safety threat state; when the target user is in a security threat state, backing up and hiding the target user information; when the social user information is in a security threat state, backing up and hiding the social user information; and carrying out security threat processing monitoring, judging whether the security threat is removed or not, and verifying and recovering the target user information and the social user information after the security threat is removed. The method can carry out active and passive safety monitoring, backup and hiding of target user information and social user information are carried out when the security threat state is in the state, and then verification recovery is carried out after the security threat is relieved, so that the user information of the user and the related social user is prevented from being stolen, deleted or changed, and normal use of the user account is guaranteed.
Fig. 1 shows a flow chart of a method provided by an embodiment of the invention.
Specifically, in a preferred embodiment provided by the present invention, a method for managing user information security specifically includes the following steps:
and S101, carrying out safety monitoring on the target user account, generating active monitoring record data and passive monitoring feedback data, and comprehensively analyzing and judging whether the target user account is in a safety threat state.
In the embodiment of the invention, active monitoring record data is generated by carrying out real-time active security monitoring on a target user account, account security analysis is carried out on the active monitoring record data, whether security risks such as number scanning attack, database collision attack, remote login and the like exist is judged, recent social record information of the target user account is extracted when the security risks exist, a plurality of recent contact users frequently contacted recently with the target user account are determined by analyzing the social record information, passive monitoring applications are sent to the plurality of recent contact users, after the plurality of recent contact users receive the passive monitoring applications, social communication with the target user account can be tried, corresponding communication results are recorded, application feedback data are generated and fed back and sent, and the plurality of application feedback data are comprehensively arranged by receiving the application feedback data fed back by the plurality of recent contact users to generate the passive monitoring feedback data.
Specifically, fig. 2 shows a flowchart of active and passive safety monitoring in the method provided in the embodiment of the present invention.
In a preferred embodiment provided by the present invention, the performing security monitoring on the target user account to generate active monitoring record data and passive monitoring feedback data, and the comprehensively analyzing and determining whether the target user account is in a security threat state specifically includes the following steps:
and step S1011, carrying out active safety monitoring on the account of the target user to generate active monitoring record data.
Step S1012, analyzing the active monitoring recorded data, and determining whether there is a safety risk.
And step S1013, when the safety risk exists, performing passive safety monitoring to generate passive monitoring feedback data.
Specifically, fig. 3 shows a flowchart of the passive safety monitoring process in the method provided in the embodiment of the present invention.
In a preferred embodiment provided by the present invention, the passive safety monitoring is performed when there is a safety risk, and the generating of the passive monitoring feedback data specifically includes the following steps:
and step S10131, extracting the social contact record information when the security risk exists.
And step S10132, determining a plurality of recently connected users according to the social record information.
And step S10133, sending passive monitoring applications to a plurality of recently contacted users.
And step S10134, receiving a plurality of application feedback data fed back by the recently contacted users, and generating passive monitoring feedback data.
Further, the security monitoring of the target user account to generate active monitoring record data and passive monitoring feedback data, and the comprehensive analysis and judgment of whether the target user account is in a security threat state further includes the following steps:
and step S1014, analyzing the passive monitoring feedback data and judging whether the passive monitoring feedback data is in a security threat state.
Further, the user information security management method further comprises the following steps:
and S102, identifying target user information in a target user account when the security threat state exists, and backing up and hiding the target user information.
In the embodiment of the invention, when the mobile terminal is in a security threat state, a security threat signal is generated, information in a target user account is further identified according to the security threat signal, target user information in the target user account is obtained, a cloud backup space corresponding to the target user account is created, a first cloud space corresponding to the target user information is set in the cloud backup space, the target user information is uploaded to the first cloud space, and after the uploading of the target user information is completed, the local target user information is removed.
Specifically, fig. 4 shows a flowchart of target user information processing in the method provided by the embodiment of the present invention.
In a preferred embodiment provided by the present invention, identifying target user information in a target user account when the user is in a security threat state, and backing up and hiding the target user information specifically includes the following steps:
step S1021, when the security threat state is reached, generating a security threat signal.
Step S1022, identifying the target user information in the target user account according to the security threat signal.
In step S1023, a cloud backup space corresponding to the target user account is created.
And step S1024, backing up the target user information in the cloud backup space, and clearing the local target user information.
Further, the user information security management method further comprises the following steps:
and step S103, identifying the social user information in the target user account when the target user account is in the security threat state, and backing up and hiding the social user information.
In the embodiment of the invention, when the target user account is in the security threat state, a security threat signal is generated, information in the target user account is identified according to the security threat signal, social user information in the target user account is obtained, a second cloud space corresponding to the social user information is set in the cloud backup space, the social user information is uploaded to the second cloud space, and after the uploading of the social user information is completed, the local social user information is removed.
Specifically, fig. 5 shows a flowchart of social user information processing in the method provided in the embodiment of the present invention.
In a preferred embodiment provided by the present invention, identifying social user information in a target user account when the target user account is in a security threat state, and backing up and hiding the social user information specifically includes the following steps:
and step S1031, identifying social related information in the account of the target user according to the security threat signal.
Step S1032, carrying out user analysis on the social relevant information, and identifying and marking the social user information.
Step S1033, backup is performed on the social user information in the cloud backup space, and the local social user information is removed.
Further, the user information security management method further comprises the following steps:
and step S104, performing security threat processing monitoring, judging whether to remove the security threat, and verifying and recovering the target user information and the social user information after removing the security threat.
In the embodiment of the invention, after the target user account is in the security threat state, the security threat of the target user account is correspondingly processed, the processing monitoring data is generated in real time by carrying out security threat processing monitoring, the processing monitoring data is analyzed to judge whether the removal of the security threat of the target user account is finished, and when the removal of the security threat is not finished, the security threat processing monitoring is continued; after the safety threat is relieved, target user information is processed to generate recovery verification data, then recovery verification guidance is carried out on a login interface of a target user account according to the recovery verification data, and after the target user completes corresponding recovery verification, the target user information and social user information in the target user account are verified and recovered, so that normal use of the user account is guaranteed.
Specifically, fig. 6 shows a flowchart of threat removal verification recovery in the method provided by the embodiment of the invention.
In a preferred embodiment provided by the present invention, the performing security threat processing monitoring, determining whether to remove a security threat, and after removing the security threat, verifying and recovering the target user information and the social user information specifically includes the following steps:
and step S1041, performing security threat processing monitoring, and generating processing monitoring data in real time.
Step S1042, analyzing the processing monitoring data, and judging whether to remove the security threat.
And step S1043, after the security threat is relieved, generating recovery verification data according to the target user information.
And step S1044, verifying and recovering the target user information and the social user information of the target user account according to the recovery verification data.
Further, fig. 7 is a diagram illustrating an application architecture of the system according to the embodiment of the present invention.
In another preferred embodiment, a user information security management system includes:
and the safety monitoring processing unit 101 is configured to perform safety monitoring on the target user account, generate active monitoring record data and passive monitoring feedback data, and comprehensively analyze and judge whether the target user account is in a safety threat state.
In the embodiment of the invention, a security monitoring processing unit 101 generates active monitoring record data by performing real-time active security monitoring on a target user account, performs account security analysis on the active monitoring record data, judges whether security risks such as number scanning attack, library collision attack and remote login exist, extracts recent social record information of the target user account when the security risks exist, determines a plurality of recent contact users frequently connected with the target user account by analyzing the social record information, sends passive monitoring applications to the plurality of recent contact users, tries to perform social communication with the target user account after the plurality of recent contact users receive the passive monitoring applications, records corresponding results, generates and feeds back application feedback data, and the security monitoring processing unit 101 comprehensively sorts the plurality of application feedback data by receiving the application feedback data fed back by the plurality of recent contact users to generate the passive monitoring feedback data.
Specifically, fig. 8 shows a block diagram of a safety monitoring processing unit 101 in the system according to the embodiment of the present invention.
In a preferred embodiment provided by the present invention, the safety monitoring processing unit 101 specifically includes:
and the active monitoring module 1011 is configured to perform active security monitoring on the target user account, and generate active monitoring record data.
And a risk judgment module 1012, configured to analyze the active monitoring record data and judge whether there is a safety risk.
And the passive monitoring module 1013 is configured to perform passive safety monitoring when there is a safety risk, and generate passive monitoring feedback data.
Specifically, fig. 9 shows a block diagram of the passive monitoring module 1013 in the system provided in the embodiment of the present invention.
In a preferred embodiment of the present invention, the passive monitoring module 1013 specifically includes:
and the information extraction sub-module 10131 is used for extracting social record information when the security risk exists.
The information processing sub-module 10132 is configured to determine a plurality of recently connected users according to the social record information.
The application sending sub-module 10133 is configured to send a passive monitoring application to a plurality of recently contacted users.
The feedback processing sub-module 10134 is configured to receive a plurality of application feedback data fed back by the recently contacted users, and generate passive monitoring feedback data.
Further, the safety monitoring processing unit 101 further includes:
and a threat determination module 1014 configured to analyze the passive monitoring feedback data and determine whether the passive monitoring feedback data is in a security threat state.
Further, the user information security management system further includes:
the first backup hiding unit 102 is configured to, when the mobile terminal is in a security threat state, identify target user information in a target user account, and backup and hide the target user information.
In the embodiment of the present invention, when the first backup hiding unit 102 is in a security threat state, a security threat signal is generated, and then information in a target user account is identified according to the security threat signal, target user information in the target user account is acquired, a cloud backup space corresponding to the target user account is created, a first cloud space corresponding to the target user information is set in the cloud backup space, the target user information is uploaded to the first cloud space, and after the uploading of the target user information is completed, the local target user information is removed.
And the second backup hiding unit 103 is configured to identify social user information in the target user account when the target user account is in the security threat state, and backup and hide the social user information.
In the embodiment of the present invention, when the mobile terminal is in the security threat state, a security threat signal is generated, the second backup hiding unit 103 identifies information in the target user account according to the security threat signal, acquires social user information in the target user account, sets a second cloud space corresponding to the social user information in the cloud backup space, uploads the social user information to the second cloud space, and removes the local social user information after uploading the social user information is completed.
And a verification removing and recovering unit 104, configured to perform security threat processing monitoring, determine whether to remove the security threat, and after the security threat is removed, perform verification and recovery on the target user information and the social user information.
In the embodiment of the present invention, after the target user account is in the security threat state, the security threat of the target user account is correspondingly processed, the verification removal and recovery unit 104 generates processing and monitoring data in real time by performing security threat processing and monitoring, analyzes the processing and monitoring data, and determines whether the removal of the security threat of the target user account is completed, and when the removal of the security threat is not completed, continues to perform security threat processing and monitoring; after the safety threat is removed, processing the target user information to generate recovery verification data, further performing recovery verification guidance on a login interface of the target user account according to the recovery verification data, and after the target user completes corresponding recovery verification, realizing verification recovery of the target user information and the social user information in the target user account so as to ensure normal use of the user account.
Specifically, fig. 10 shows a block diagram of the structure of the deauthentication recovery unit 104 in the system provided by the embodiment of the present invention.
In a preferred embodiment provided by the present invention, the deauthentication recovery unit 104 specifically includes:
and a processing monitoring module 1041, configured to perform security threat processing monitoring and generate processing monitoring data in real time.
And a release judging module 1042 for analyzing the processing monitoring data and judging whether to release the security threat.
And a data generating module 1043, configured to generate recovery verification data according to the target user information after the security threat is removed.
And the verification recovery module 1044 is configured to perform verification recovery of the target user information and the social user information on the target user account according to the recovery verification data.
It should be understood that, although the steps in the flowcharts of the embodiments of the present invention are shown in sequence as indicated by the arrows, the steps are not necessarily performed in sequence as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least a portion of steps in various embodiments may include multiple sub-steps or multiple stages that are not necessarily performed at the same time, but may be performed at different times, and the order of performance of the sub-steps or stages is not necessarily sequential, but may be performed alternately or alternatingly with other steps or at least a portion of sub-steps or stages of other steps.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a non-volatile computer-readable storage medium, and can include the processes of the embodiments of the methods described above when the program is executed. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), rambus (Rambus) direct RAM (RDRAM), direct Rambus Dynamic RAM (DRDRAM), and Rambus Dynamic RAM (RDRAM), among others.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is specific and detailed, but not to be understood as limiting the scope of the present invention. It should be noted that various changes and modifications can be made by those skilled in the art without departing from the spirit of the invention, and these changes and modifications are all within the scope of the invention. Therefore, the protection scope of the present patent should be subject to the appended claims.
The above description is intended to be illustrative of the preferred embodiment of the present invention and should not be taken as limiting the invention, but rather, the intention is to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the invention.

Claims (4)

1. A user information security management method is characterized by specifically comprising the following steps:
the method comprises the following steps of carrying out safety monitoring on a target user account, generating active monitoring record data and passive monitoring feedback data, and comprehensively analyzing and judging whether the target user account is in a safety threat state, wherein the method comprises the following steps: the method comprises the steps of performing real-time active security monitoring on a target user account to generate active monitoring record data, performing account security analysis on the active monitoring record data, judging whether security risks exist or not, wherein the security risks comprise number scanning attacks, library collision attacks and remote login, extracting recent social record information of the target user account when the security risks exist, determining a plurality of recent contact users frequently connected with the target user account in the recent period by analyzing the social record information, sending passive monitoring applications to the plurality of recent contact users, trying to perform social communication with the target user account by the recent contact users after the plurality of recent contact users receive the passive monitoring applications, recording corresponding communication results, generating and feeding back application feedback data, and performing comprehensive arrangement on the plurality of application feedback data by receiving the application feedback data fed back by the plurality of recent contact users to generate passive monitoring feedback data;
when the mobile terminal is in a security threat state, identifying target user information in a target user account, and backing up and hiding the target user information;
when the target user account is in a security threat state, identifying social user information in the target user account, and backing up and hiding the social user information;
performing security threat processing monitoring, judging whether security threats are relieved or not, and verifying and recovering the target user information and the social user information after the security threats are relieved;
when the mobile terminal is in the security threat state, identifying target user information in a target user account, and backing up and hiding the target user information specifically comprises the following steps:
generating a security threat signal while in a security threat state;
identifying target user information in a target user account according to the security threat signal;
creating a cloud backup space corresponding to the target user account;
backing up the target user information in the cloud backup space, and removing local target user information;
when the target user account is in the security threat state, identifying social user information in the target user account, and backing up and hiding the social user information specifically comprises the following steps:
identifying social related information in the account of the target user according to the security threat signal;
performing user analysis on the social related information, and identifying and marking social user information;
and backing up the social user information in the cloud backup space, and clearing local social user information.
2. The method for managing user information security according to claim 1, wherein the steps of performing security threat processing monitoring, determining whether to remove security threats, and after removing security threats, verifying and recovering the target user information and the social user information specifically include the following steps:
carrying out security threat processing monitoring and generating processing monitoring data in real time;
analyzing the processing monitoring data, and judging whether the security threat is removed;
after the security threat is removed, generating recovery verification data according to the target user information;
and according to the recovery verification data, performing verification recovery of the target user information and the social user information on the target user account.
3. A user information security management system is characterized in that the system comprises a security monitoring processing unit, a first backup hiding unit, a second backup hiding unit and a verification removing and recovering unit, wherein:
the safety monitoring processing unit is used for carrying out safety monitoring on the account number of the target user, generating active monitoring record data and passive monitoring feedback data, comprehensively analyzing and judging whether the account number is in a safety threat state or not, and comprises the following steps: the method comprises the steps of performing real-time active security monitoring on a target user account to generate active monitoring record data, performing account security analysis on the active monitoring record data to judge whether security risks exist or not, wherein the security risks comprise number scanning attacks, database collision attacks and remote login, extracting recent social record information of the target user account when the security risks exist, determining a plurality of recent contact users frequently contacted recently with the target user account by analyzing the social record information, sending passive monitoring applications to the plurality of recent contact users, trying to perform social communication with the target user account by the recent contact users after the plurality of recent contact users receive the passive monitoring applications, recording corresponding communication results, generating and feeding back application feedback data, and performing comprehensive arrangement on the plurality of application feedback data by receiving the application feedback data fed back by the plurality of recent contact users to generate passive monitoring feedback data;
the first backup hiding unit is used for identifying target user information in a target user account when the first backup hiding unit is in a security threat state, and backing up and hiding the target user information;
the second backup hiding unit is used for identifying social user information in the target user account when the target user account is in a security threat state, and backing up and hiding the social user information;
the authentication removing and recovering unit is used for processing and monitoring the security threat, judging whether the security threat is removed or not, and after the security threat is removed, performing authentication recovery on the target user information and the social user information;
when the mobile terminal is in the security threat state, identifying target user information in a target user account, and backing up and hiding the target user information specifically comprises the following steps:
generating a security threat signal while in a security threat state;
identifying target user information in a target user account according to the security threat signal;
creating a cloud backup space corresponding to the target user account;
backing up the target user information in the cloud backup space, and clearing local target user information;
when the target user account is in the security threat state, identifying social user information in the target user account, and backing up and hiding the social user information specifically comprises the following steps:
identifying social related information in the account of the target user according to the security threat signal;
performing user analysis on the social related information, and identifying and marking social user information;
and backing up the social user information in the cloud backup space, and clearing local social user information.
4. The system for managing user information security according to claim 3, wherein the unit for recovering from authentication specifically comprises:
the processing monitoring module is used for processing and monitoring the security threat and generating processing monitoring data in real time;
the release judging module is used for analyzing the processing monitoring data and judging whether the security threat is released or not;
the data generation module is used for generating recovery verification data according to the target user information after the security threat is relieved;
and the verification recovery module is used for verifying and recovering the target user information and the social user information of the target user account according to the recovery verification data.
CN202211533939.5A 2022-12-02 2022-12-02 User information security management method and system Active CN115544500B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211533939.5A CN115544500B (en) 2022-12-02 2022-12-02 User information security management method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211533939.5A CN115544500B (en) 2022-12-02 2022-12-02 User information security management method and system

Publications (2)

Publication Number Publication Date
CN115544500A CN115544500A (en) 2022-12-30
CN115544500B true CN115544500B (en) 2023-03-31

Family

ID=84722167

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211533939.5A Active CN115544500B (en) 2022-12-02 2022-12-02 User information security management method and system

Country Status (1)

Country Link
CN (1) CN115544500B (en)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9037864B1 (en) * 2011-09-21 2015-05-19 Google Inc. Generating authentication challenges based on social network activity information
US10102570B1 (en) * 2013-03-14 2018-10-16 Consumerinfo.Com, Inc. Account vulnerability alerts
US9674214B2 (en) * 2013-03-15 2017-06-06 Zerofox, Inc. Social network profile data removal
CN104426884A (en) * 2013-09-03 2015-03-18 深圳市腾讯计算机系统有限公司 Method for authenticating identity and device for authenticating identity

Also Published As

Publication number Publication date
CN115544500A (en) 2022-12-30

Similar Documents

Publication Publication Date Title
Alexakos et al. Enabling digital forensics readiness for internet of vehicles
Yang et al. Security and forensics in the internet of things: Research advances and challenges
CN104699568A (en) Data backup method and terminal
CN109246088A (en) A kind of big data security system based on financial service management
CN115292294A (en) Database security management method and system
CN115544500B (en) User information security management method and system
CN116503183A (en) Safety data security encryption method and system
CN112036238A (en) Face data processing method and device, electronic equipment and storage medium
Khanuja et al. Role of metadata in forensic analysis of database attacks
CN107292133B (en) Artificial intelligence confusion technical method and device
CN102982288B (en) The encryption of data and the equipment of deciphering and method is performed in portable terminal
ALJAHDALI et al. Mobile device forensics.
Parekh et al. Memory forensic: acquisition and analysis of memory and its tools comparison
US20220027466A1 (en) System and method for generating a minimal forensic image of a dataset of interest
Toraskar et al. Efficient computer forensic analysis using machine learning approaches
CN114023331A (en) Method, device, equipment and storage medium for detecting performance of voiceprint recognition system
CN114666137A (en) Threat information processing method and device
CN113656800A (en) Malicious software behavior identification method based on encrypted flow analysis
CN110633585B (en) Hard disk locking and unlocking method, device, equipment and readable storage medium
CN113472789A (en) Attack detection method, attack detection system, storage medium and electronic equipment
El Majdoub et al. Mobile Forensics Data Acquisition
CN107968803B (en) Remote evidence obtaining method and device for mobile terminal, mobile terminal and system
CN111898107A (en) Account freezing method and device, computer equipment and storage medium
CN112039879A (en) Attack recording method, device and medium for high-interaction honeypot
CN105306496A (en) User identity detection method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant