CN115544508A - Computer system security management system and method based on big data - Google Patents

Computer system security management system and method based on big data Download PDF

Info

Publication number
CN115544508A
CN115544508A CN202211292039.6A CN202211292039A CN115544508A CN 115544508 A CN115544508 A CN 115544508A CN 202211292039 A CN202211292039 A CN 202211292039A CN 115544508 A CN115544508 A CN 115544508A
Authority
CN
China
Prior art keywords
data
information
virus
detection
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211292039.6A
Other languages
Chinese (zh)
Inventor
张超然
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202211292039.6A priority Critical patent/CN115544508A/en
Publication of CN115544508A publication Critical patent/CN115544508A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/568Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1448Management of the data involved in backup or backup restore
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/903Querying
    • G06F16/90335Query processing
    • G06F16/90344Query processing by using string matching techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Virology (AREA)
  • General Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Quality & Reliability (AREA)
  • Automation & Control Theory (AREA)
  • Bioethics (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明涉及计算机安全管理技术领域,具体为一种基于大数据的计算机系统安全管理系统及方法,包括:访问管理模块、数据上传与使用模块、数据库、定期检测模块和反馈模块;通过所述访问管理模块对访问者的身份信息进行登记并设置开放权限,将确认的身份信息发送至所述数据库和所述数据上传与使用模块;通过所述数据上传与使用模块对数据的上传和使用进行管理;通过所述数据库储存所有的身份信息和上传与使用的数据;通过所述定期检测模块对计算机软硬件进行定期检测,并将检测的结果发送至所述反馈模块;通过所述反馈模块显示检测结果并判断数据是否异常;进一步解决校园计算机系统的安全性问题。

Figure 202211292039

The present invention relates to the technical field of computer security management, specifically a computer system security management system and method based on big data, including: an access management module, a data upload and use module, a database, a regular detection module and a feedback module; through the access The management module registers the visitor's identity information and sets open permissions, and sends the confirmed identity information to the database and the data upload and use module; manages the upload and use of data through the data upload and use module ; Store all identity information and uploaded and used data through the database; regularly detect the computer software and hardware through the regular detection module, and send the detection results to the feedback module; display the detection through the feedback module The result and judge whether the data is abnormal; further solve the security problem of the campus computer system.

Figure 202211292039

Description

一种基于大数据的计算机系统安全管理系统及方法A computer system security management system and method based on big data

技术领域technical field

本发明涉及计算机安全管理技术领域,具体为一种基于大数据的计算机系统安全管理系统及方法。The invention relates to the technical field of computer security management, in particular to a computer system security management system and method based on big data.

背景技术Background technique

计算机系统是指用于数据库管理的计算机硬软件及网络系统,它的特点是能进行精确、快速的计算和判断,而且通用性好,使用容易,还能联成网络。随着网络的迅速发展,计算机技术成为高校学生必不可少的一门课程,所以,校园机房也成为校园建造中不可或缺的组成部分,然而,人们在使用计算机时仍存在一定的隐患。Computer system refers to the computer hardware, software and network system used for database management. It is characterized by accurate and fast calculation and judgment, good versatility, easy to use, and can be connected into a network. With the rapid development of the network, computer technology has become an indispensable course for college students. Therefore, the campus computer room has also become an indispensable part of campus construction. However, there are still certain hidden dangers when people use computers.

由于在校园内面对的客体大多为学生,需要避免不良网页、不良广告等的出现,此外,病毒的出现可能会导致计算机系统整个瘫痪,从而造成十分重大的影响,因此,对校园计算机系统的安全性管理仍有待加强。Since most of the objects faced on campus are students, it is necessary to avoid the appearance of bad web pages and bad advertisements. In addition, the emergence of viruses may cause the entire computer system to be paralyzed, which will cause a very significant impact. Therefore, the computer system on campus Security management still needs to be strengthened.

所以,人们需要一种基于大数据的计算机系统安全管理系统及方法来解决上述问题,通过利用智能审核模型和信息过滤技术对信息进行审核与过滤,从而减少不良信息的出现;通过利用软件仿真扫描法识别计算机内的病毒并进行查杀,从而避免病毒的入侵。Therefore, people need a computer system security management system and method based on big data to solve the above problems. By using intelligent audit model and information filtering technology to audit and filter information, thereby reducing the occurrence of bad information; by using software simulation to scan There is no way to identify and kill viruses in the computer, so as to avoid the invasion of viruses.

发明内容Contents of the invention

本发明的目的在于提供一种基于大数据的计算机系统安全管理系统及方法,以解决上述背景技术中提出的问题。The purpose of the present invention is to provide a computer system security management system and method based on big data, so as to solve the problems raised in the above-mentioned background technology.

为了解决上述技术问题,本发明提供如下技术方案:一种基于大数据的计算机系统安全管理系统,所述系统包括:访问管理模块、数据上传与使用模块、数据库、定期检测模块和反馈模块;In order to solve the above technical problems, the present invention provides the following technical solutions: a computer system security management system based on big data, the system includes: an access management module, a data upload and use module, a database, a regular detection module and a feedback module;

通过所述访问管理模块对访问者的身份信息进行登记并设置开放权限,将确认的身份信息发送至所述数据库和所述数据上传与使用模块;Registering the identity information of the visitor through the access management module and setting open permissions, and sending the confirmed identity information to the database and the data upload and use module;

通过所述数据上传与使用模块对数据的上传和使用进行管理;Manage the upload and use of data through the data upload and use module;

通过所述数据库储存所有的身份信息和上传与使用的数据;Store all identity information and upload and use data through said database;

通过所述定期检测模块对计算机软硬件进行定期检测,并将检测的结果发送至所述反馈模块;Regularly detect computer software and hardware through the regular detection module, and send the detection result to the feedback module;

通过所述反馈模块显示检测结果并判断数据是否异常,若异常则进行报警。The detection result is displayed through the feedback module to determine whether the data is abnormal, and if abnormal, an alarm is issued.

进一步的,所述访问管理模块包括身份登记单元和权限设置单元;所述身份登记单元用于对访问者的身份信息进行登记,并确认该访问者是否属于学校成员,若属于学校成员,则将身份信息上传至所述数据库,若不属于学校成员,则停止访问;所述权限设置单元用于根据访问者的不同身份开放计算机不同的权限,所述开放计算机权限具体包括若确认该访问者身份为老师,则开启教师访问模式;若确认该访问者身份为学生,则开启学生访问模式等。Further, the access management module includes an identity registration unit and an authority setting unit; the identity registration unit is used to register the identity information of the visitor, and confirm whether the visitor is a member of the school, and if the visitor is a member of the school, the The identity information is uploaded to the database, if it does not belong to the school member, then stop the visit; the authority setting unit is used to open different permissions of the computer according to the different identities of the visitors, and the open computer permissions specifically include if the identity of the visitor is confirmed If the visitor is a teacher, the teacher access mode is turned on; if the visitor is confirmed to be a student, the student access mode is turned on.

进一步的,所述数据上传与使用模块包括上传管理单元、信息过滤单元和数据备份单元;所述上传管理单元用于检测访问者上传的文件是否符合校园管理规范并检测该文件是否含有病毒;所述信息过滤单元用于利用信息过滤技术过滤访问者在使用数据过程中遇到的不良信息;所述数据备份单元用于对访问者上传、使用的数据进行备份;Further, the data upload and use module includes an upload management unit, an information filtering unit and a data backup unit; the upload management unit is used to detect whether the file uploaded by the visitor complies with the campus management norms and whether the file contains a virus; The information filtering unit is used to filter bad information encountered by visitors in the process of using data by using information filtering technology; the data backup unit is used to back up the data uploaded and used by visitors;

所述上传管理单元包括内容审核子单元和病毒检测子单元;所述内容审核子单元用于利用智能审核模型对上传的文件内容进行审核,判断是否符合校园管理规范,若符合校园管理规范,则进行文件上传,若不符合校园管理规范,则显示上传失败;所述病毒检测子单元用于利用基于字符串的搜索法检测上传的文件数据是否含有病毒。The upload management unit includes a content review subunit and a virus detection subunit; the content review subunit is used to review the uploaded file content using an intelligent review model to determine whether it meets the campus management norms, and if it meets the campus management norms, then When uploading a file, if it does not comply with the campus management norms, it will display that the upload fails; the virus detection subunit is used to detect whether the uploaded file data contains a virus by using a string-based search method.

进一步的,所述数据库还包括病毒库与敏感词库;所述病毒库用于存储可能存在的计算机病毒的特征字符串;所述敏感词库用于存储不符合校园管理规范的敏感词信息。Further, the database also includes a virus database and a sensitive word database; the virus database is used to store the characteristic strings of possible computer viruses; the sensitive word database is used to store sensitive word information that does not comply with campus management norms.

进一步的,所述定期检测模块包括时间控制单元、硬件检测单元和软件检测单元;所述时间控制单元通过设置一个时间阀,控制所述硬件检测单元和所述软件检测单元的启动时间;所述硬件检测单元用于检测计算机硬件功能是否能够正常使用;所述软件检测单元用于检测计算机系统中的病毒;Further, the regular detection module includes a time control unit, a hardware detection unit and a software detection unit; the time control unit controls the startup time of the hardware detection unit and the software detection unit by setting a time valve; the The hardware detection unit is used to detect whether the computer hardware function can be used normally; the software detection unit is used to detect viruses in the computer system;

所述软件检测单元包括病毒识别子单元、病毒查杀子单元和病毒报警子单元;所述病毒识别子单元用于识别计算机系统中的病毒;所述病毒查杀子单元用于清理所述病毒识别子单元识别到的病毒;所述病毒报警子单元用于对无法清除的病毒进行报警处理,并将该信号发送至所述反馈模块。The software detection unit includes a virus recognition subunit, a virus killing subunit and a virus alarm subunit; the virus recognition subunit is used to identify viruses in the computer system; the virus killing subunit is used to clean up the virus The virus identified by the identification subunit; the virus alarm subunit is used for alarming the virus that cannot be removed, and sending the signal to the feedback module.

进一步的,所述反馈模块显示所述定期检测模块检测的结果,并对该结果进行判断,若为异常,则进行报警处理。Further, the feedback module displays the detection result of the periodic detection module, and judges the result, and if it is abnormal, performs alarm processing.

一种基于大数据的计算机系统安全管理方法,包括以下步骤:A computer system security management method based on big data, comprising the following steps:

S1:对访问者的身份信息进行登记并设置开放权限;S1: Register the visitor's identity information and set open permissions;

S2:对访问者上传和使用的数据进行管理与检测,并进行备份;S2: Manage, detect and back up the data uploaded and used by visitors;

S3:将所有的身份信息和上传与使用的数据存储到所述数据库;S3: store all identity information and uploaded and used data in the database;

S4:对计算机系统的软硬件进行定期检测;S4: Regularly inspect the software and hardware of the computer system;

S5:显示检测结果并判断数据是否异常,若异常则进行报警。S5: Display the detection result and judge whether the data is abnormal, and alarm if abnormal.

进一步的,在步骤S1中:对访问者的身份信息进行登记,并根据数据库中记录的成员信息判断该访问者是否属于学校成员,若属于学校成员,则根据其身份信息开放对应的权限,若不属于学校成员,则停止访问。Further, in step S1: register the identity information of the visitor, and judge whether the visitor belongs to the school member according to the member information recorded in the database, and if the visitor belongs to the school member, open the corresponding authority according to his identity information, if If you are not a member of the school, stop accessing.

进一步的,在步骤S2中:为了检测访问者上传的文件是否符合校园管理规范,利用智能审核模型对上传的数据进行审核,若符合校园管理规范,则进行文件的上传,若不符合校园管理规范,则显示上传失败:Further, in step S2: In order to detect whether the files uploaded by the visitors conform to the campus management norms, use the intelligent audit model to review the uploaded data, if they conform to the campus management norms, then upload the files, if they do not conform to the campus management norms , the upload failed:

S201:首先计算文件内容关键词与敏感词库内敏感词信息的相似度:S201: First calculate the similarity between the keyword in the file content and the sensitive word information in the sensitive word database:

利用word embedding算法将上传的文件内容映射到一个数值向量空间中,建立坐标系,通过对上传的文件信息进行处理,得到向量集A,通过对所述敏感词库信息的处理,得到向量集B,设定γ为向量集A与向量集B的相似度,此时Use the word embedding algorithm to map the uploaded file content into a numerical vector space, establish a coordinate system, and process the uploaded file information to obtain vector set A, and obtain vector set B by processing the sensitive lexicon information , set γ as the similarity between vector set A and vector set B, at this time

Figure BDA0003901419130000031
Figure BDA0003901419130000031

若γ值大于所设阈值m,则表示文件内容的敏感词与所述敏感词库的敏感词相似,此时便不符合校园管理规范,反之,则符合校园管理规范;If the γ value is greater than the set threshold m, it means that the sensitive words in the file content are similar to the sensitive words in the sensitive lexicon, and at this time it does not conform to the campus management norms; otherwise, it conforms to the campus management norms;

S202:判断文件内容是否符合校园管理规范,若符合,则可以对文件进行上传,若不符合,则停止文件的上传,并显示上传失败;S202: Determine whether the content of the file complies with the campus management norms, if so, upload the file, if not, stop uploading the file, and display upload failure;

同时,为了检测上传的文件数据是否含有病毒,利用基于字符串的搜索法根据所述病毒库来进行检测,所述基于字符串的搜索法属于本领域技术人员的常规技术手段,因此,并未做出过多的赘述。At the same time, in order to detect whether the uploaded file data contains a virus, a search method based on a character string is used to detect according to the virus database. The search method based on a character string belongs to the conventional technical means of those skilled in the art, therefore, there is no Make too many repetitions.

为了避免访问者在使用数据过程中遇到计算机内的不良信息,利用信息过滤技术进行过滤:In order to prevent visitors from encountering bad information in the computer during the use of data, information filtering technology is used to filter:

S203:首先基于向量空间模型提取出网页中所有词汇的特征值:S203: First extract the feature values of all words in the web page based on the vector space model:

设定网页中形成的文本集合为R,文本中的第i个词汇为Ri,并设定数据库中的训练文本集为M,则该词汇与文本集的对数互信息量logI(Ri,R)为:Set the text set formed in the webpage as R, the i-th vocabulary in the text as R i , and set the training text set in the database as M, then the logarithmic mutual information logI(R i ,R) is:

Figure BDA0003901419130000041
Figure BDA0003901419130000041

其中,P(Ri|R)表示词汇Ri在文本集R中的比重,p(Ri)表示词汇Ri在训练文本集M中的比重;此时,将所有词汇根据上式的互信息量进行排序,并选取一些排在较高位的词汇作为特征项;Among them, P(R i |R) represents the proportion of vocabulary R i in the text set R, and p(R i ) represents the proportion of vocabulary R i in the training text set M; The amount of information is sorted, and some higher-ranked words are selected as feature items;

S204:接着计算提取的特征项与所述敏感词库内信息的相似度:S204: Next, calculate the similarity between the extracted feature item and the information in the sensitive lexicon:

将选取的特征项设定为Wi,并形成一个集合W,β为所述特征项与敏感词库信息的相似度:Set the selected feature item as W i , and form a set W, β is the similarity between the feature item and the sensitive lexicon information:

Figure BDA0003901419130000042
Figure BDA0003901419130000042

S205:然后通过设定阈值n,判断该网页信息是否为不良信息,若大于设定的阈值n,则表示该网页含有不良信息,反之,则表示该网页符合要求;并清除含有不良信息的网页,保留正常使用的网页。S205: Then by setting the threshold n, determine whether the web page information is bad information, if it is greater than the set threshold n, it means that the web page contains bad information, otherwise, it means that the web page meets the requirements; and clear the web page containing bad information , leaving the normal use of the page.

进一步的,在步骤S4中:通过在系统中安装一个时间阀来控制对计算机软硬件检测启动的时间,在时间阀中设置一个时间周期,如24小时,此时,表示每24小时对计算机系统软硬件进行一次检测;Further, in step S4: by installing a time valve in the system to control the time to start the computer software and hardware detection, a time period is set in the time valve, such as 24 hours, at this time, it means that the computer system is checked every 24 hours A detection of software and hardware;

时间阀开启后,则进入硬件检测模式和软件检测模式;所述硬件检测模式通过启动一系列电脑检测工具来检测计算机硬件功能是否能够正常使用,所述电脑检测工具包括CPU-Z用来检测处理器和显卡;HD TUNE用来检测硬盘传输速率,硬盘容量,健康状态,温度及磁盘表面扫描;Super PI用来检测CPU稳定性等;所述软件检测模式通过利用软件仿真扫描法对计算机病毒进行识别,并利用计算机中安装的杀毒软件将识别到的病毒进行查杀,所述软件仿真扫描法属于本领域技术人员的常规技术手段,因此,并未做出过多的赘述;若杀毒软件无法彻底清理识别到的病毒,则进入报警系统,将信号发送给所述反馈模块。After the time valve is opened, then enter the hardware detection mode and the software detection mode; The hardware detection mode detects whether the computer hardware function can be used normally by starting a series of computer detection tools, and the computer detection tools include CPU-Z for detection processing HD TUNE is used to detect the hard disk transfer rate, hard disk capacity, health status, temperature and disk surface scanning; Super PI is used to detect CPU stability, etc.; the software detection mode is used to detect computer viruses by using the software simulation scanning method Identify, and use the anti-virus software installed in the computer to check and kill the identified virus. The software simulation scanning method belongs to the conventional technical means of those skilled in the art, so it is not repeated too much; if the anti-virus software cannot Thoroughly clean up the identified virus, enter the alarm system, and send the signal to the feedback module.

进一步的,在步骤S5中:显示系统检测的结果,包括硬件功能检测结果,软件病毒检测结果,若结果显示为正常,则不进行报警处理,若结果显示为异常,则进行提醒并报警。Further, in step S5: display system detection results, including hardware function detection results, software virus detection results, if the result is normal, then no alarm processing, if the result is abnormal, then remind and alarm.

与现有技术相比,本发明所达到的有益效果是:Compared with the prior art, the beneficial effects achieved by the present invention are:

本发明通过对身份信息进行登记,有效的避免了不属于本校人员对电脑的登录;通过设置权限,更有利于不同的人对电脑的使用;通过利用智能审核模型审核数据,更有利于检测上传的文件是否符合校园管理规范;通过利用基于字符串的搜索法检测文件是否含有病毒,有效的避免因文件上传而导致的病毒入侵;通过利用信息过滤技术有效的避免了在使用数据过程中遇到计算机内的不良信息;通过设置时间阀控制硬件检测与软件检测的时间,从而对电脑进行定期自动清理,更有利于避免病毒的入侵;通过对无法清理的病毒进行及时报警处理,更有利于工作人员发现问题,从而减少因病毒的出现导致计算机系统瘫痪的问题。By registering the identity information, the present invention effectively avoids the login of the computer by personnel who do not belong to the school; by setting the authority, it is more conducive to the use of the computer by different people; by using the intelligent audit model to audit data, it is more conducive to detection and uploading Whether the files conform to the campus management regulations; by using the string-based search method to detect whether the files contain viruses, effectively avoiding virus intrusion caused by file uploads; Bad information in the computer; by setting the time valve to control the time of hardware detection and software detection, the computer can be cleaned automatically on a regular basis, which is more conducive to avoiding virus intrusion; by timely alarming and processing of viruses that cannot be cleaned, it is more conducive to work Personnel find problems, thereby reducing the problem of computer system paralysis due to the emergence of viruses.

附图说明Description of drawings

附图用来提供对本发明的进一步理解,并且构成说明书的一部分,与本发明的实施例一起用于解释本发明,并不构成对本发明的限制。在附图中:The accompanying drawings are used to provide a further understanding of the present invention, and constitute a part of the description, and are used together with the embodiments of the present invention to explain the present invention, and do not constitute a limitation to the present invention. In the attached picture:

图1是本发明一种基于大数据的计算机系统安全管理系统的结构图;Fig. 1 is a structural diagram of a computer system security management system based on big data of the present invention;

图2是本发明一种基于大数据的计算机系统安全管理方法的流程图。Fig. 2 is a flowchart of a computer system security management method based on big data in the present invention.

具体实施方式detailed description

以下结合附图对本发明的优选实施例进行说明,应当理解,此处所描述的优选实施例仅用于说明和解释本发明,并不用于限定本发明。The preferred embodiments of the present invention will be described below in conjunction with the accompanying drawings. It should be understood that the preferred embodiments described here are only used to illustrate and explain the present invention, and are not intended to limit the present invention.

请参阅图1-图2,本发明提供技术方案:一种基于大数据的计算机系统安全管理系统,所述系统包括:访问管理模块、数据上传与使用模块、数据库、定期检测模块和反馈模块;Referring to Fig. 1-Fig. 2, the present invention provides a technical solution: a computer system security management system based on big data, the system includes: an access management module, a data upload and use module, a database, a regular detection module and a feedback module;

通过所述访问管理模块对访问者的身份信息进行登记并设置开放权限,将确认的身份信息发送至所述数据库和所述数据上传与使用模块;Registering the identity information of the visitor through the access management module and setting open permissions, and sending the confirmed identity information to the database and the data upload and use module;

通过所述数据上传与使用模块对数据的上传和使用进行管理;Manage the upload and use of data through the data upload and use module;

通过所述数据库储存所有的身份信息和上传与使用的数据;Store all identity information and upload and use data through said database;

通过所述定期检测模块对计算机软硬件进行定期检测,并将检测的结果发送至所述反馈模块;Regularly detect computer software and hardware through the regular detection module, and send the detection result to the feedback module;

通过所述反馈模块显示检测结果并判断数据是否异常,若异常则进行报警。The detection result is displayed through the feedback module to determine whether the data is abnormal, and if abnormal, an alarm is issued.

进一步的,所述访问管理模块包括身份登记单元和权限设置单元;所述身份登记单元用于对访问者的身份信息进行登记,并确认该访问者是否属于学校成员,若属于学校成员,则将身份信息上传至所述数据库,若不属于学校成员,则停止访问;所述权限设置单元用于根据访问者的不同身份开放计算机不同的权限,所述开放计算机权限具体包括若确认该访问者身份为老师,则开启教师访问模式;若确认该访问者身份为学生,则开启学生访问模式等。Further, the access management module includes an identity registration unit and an authority setting unit; the identity registration unit is used to register the identity information of the visitor, and confirm whether the visitor is a member of the school, and if the visitor is a member of the school, the The identity information is uploaded to the database, if it does not belong to the school member, then stop the visit; the authority setting unit is used to open different permissions of the computer according to the different identities of the visitors, and the open computer permissions specifically include if the identity of the visitor is confirmed If the visitor is a teacher, the teacher access mode is turned on; if the visitor is confirmed to be a student, the student access mode is turned on.

进一步的,所述数据上传与使用模块包括上传管理单元、信息过滤单元和数据备份单元;所述上传管理单元用于检测访问者上传的文件是否符合校园管理规范并检测该文件是否含有病毒;所述信息过滤单元用于利用信息过滤技术过滤访问者在使用数据过程中遇到的不良信息;所述数据备份单元用于对访问者上传、使用的数据进行备份;Further, the data upload and use module includes an upload management unit, an information filtering unit and a data backup unit; the upload management unit is used to detect whether the file uploaded by the visitor complies with the campus management norms and whether the file contains a virus; The information filtering unit is used to filter bad information encountered by visitors in the process of using data by using information filtering technology; the data backup unit is used to back up the data uploaded and used by visitors;

所述上传管理单元包括内容审核子单元和病毒检测子单元;所述内容审核子单元用于利用智能审核模型对上传的文件内容进行审核,判断是否符合校园管理规范,若符合校园管理规范,则进行对文件的上传,若不符合校园管理规范,则显示上传失败;所述病毒检测子单元用于利用基于字符串的搜索法检测上传的文件数据是否含有病毒。The upload management unit includes a content review subunit and a virus detection subunit; the content review subunit is used to review the uploaded file content using an intelligent review model to determine whether it meets the campus management norms, and if it meets the campus management norms, then If the uploading of the file does not comply with the campus management norms, the uploading failure will be displayed; the virus detection subunit is used to detect whether the uploaded file data contains a virus by using a string-based search method.

进一步的,所述数据库还包括病毒库与敏感词库;所述病毒库用于存储可能存在的计算机病毒的特征字符串;所述敏感词库用于存储不符合校园管理规范的敏感词信息。Further, the database also includes a virus database and a sensitive word database; the virus database is used to store the characteristic strings of possible computer viruses; the sensitive word database is used to store sensitive word information that does not comply with campus management norms.

进一步的,所述定期检测模块包括时间控制单元、硬件检测单元和软件检测单元;所述时间控制单元通过设置一个时间阀,控制所述硬件检测单元和所述软件检测单元的启动时间;所述硬件检测单元用于检测计算机硬件功能是否能够正常使用;所述软件检测单元用于检测计算机系统中的病毒;Further, the regular detection module includes a time control unit, a hardware detection unit and a software detection unit; the time control unit controls the startup time of the hardware detection unit and the software detection unit by setting a time valve; the The hardware detection unit is used to detect whether the computer hardware function can be used normally; the software detection unit is used to detect viruses in the computer system;

所述软件检测单元包括病毒识别子单元、病毒查杀子单元和病毒报警子单元;所述病毒识别子单元用于识别计算机系统中的病毒;所述病毒查杀子单元用于清理所述病毒识别子单元识别到的病毒;所述病毒报警子单元用于对无法清除的病毒进行报警处理,并将该信号发送至所述反馈模块,通过对无法清理的病毒进行及时报警处理,更有利于工作人员发现问题,从而减少因病毒的出现导致计算机系统瘫痪的问题。The software detection unit includes a virus recognition subunit, a virus killing subunit and a virus alarm subunit; the virus recognition subunit is used to identify viruses in the computer system; the virus killing subunit is used to clean up the virus The virus identified by the identification sub-unit; the virus alarm sub-unit is used to alarm the virus that cannot be cleared, and send the signal to the feedback module, and it is more conducive to timely alarm processing for the virus that cannot be cleaned. The staff finds problems, thereby reducing the problem of computer system paralysis due to the emergence of viruses.

进一步的,所述反馈模块显示所述定期检测模块检测的结果,并对该结果进行判断,若为异常,则进行报警处理。Further, the feedback module displays the detection result of the periodic detection module, and judges the result, and if it is abnormal, performs alarm processing.

一种基于大数据的计算机系统安全管理方法,包括以下步骤:A computer system security management method based on big data, comprising the following steps:

S1:对访问者的身份信息进行登记并设置开放权限;S1: Register the visitor's identity information and set open permissions;

S2:对访问者上传和使用的数据进行管理与检测,并进行备份;S2: Manage, detect and back up the data uploaded and used by visitors;

S3:将所有的身份信息和上传与使用的数据存储到所述数据库;S3: store all identity information and uploaded and used data in the database;

S4:对计算机系统的软硬件进行定期检测;S4: Regularly inspect the software and hardware of the computer system;

S5:显示检测结果并判断数据是否异常,若异常则进行报警。S5: Display the detection result and judge whether the data is abnormal, and alarm if abnormal.

进一步的,在步骤S1中:对访问者的身份信息进行登记,并根据数据库中记录的成员信息判断该访问者是否属于学校成员,若属于学校成员,则根据其身份信息开放对应的权限,且通过设置权限,更有利于不同的人对电脑的使用,若不属于学校成员,则停止访问。Further, in step S1: register the identity information of the visitor, and judge whether the visitor belongs to the school member according to the member information recorded in the database, and if the visitor belongs to the school member, open the corresponding authority according to his identity information, and By setting permissions, it is more beneficial for different people to use the computer. If they are not members of the school, access will be stopped.

进一步的,在步骤S2中:为了检测访问者上传的文件是否符合校园管理规范,利用智能审核模型对上传的数据进行审核,若符合校园管理规范,则进行文件的上传,若不符合校园管理规范,则显示上传失败:Further, in step S2: In order to detect whether the files uploaded by the visitors conform to the campus management norms, use the intelligent audit model to review the uploaded data, if they conform to the campus management norms, then upload the files, if they do not conform to the campus management norms , the upload failed:

S201:首先计算文件内容关键词与敏感词库内敏感词信息的相似度:S201: First calculate the similarity between the keyword in the file content and the sensitive word information in the sensitive word database:

利用word embedding算法将上传的文件内容映射到一个数值向量空间中,建立坐标系,通过对上传的文件信息进行处理,得到向量集A,通过对所述敏感词库信息的处理,得到向量集B,设定γ为向量集A与向量集B的相似度,此时Use the word embedding algorithm to map the uploaded file content into a numerical vector space, establish a coordinate system, and process the uploaded file information to obtain vector set A, and obtain vector set B by processing the sensitive lexicon information , set γ as the similarity between vector set A and vector set B, at this time

Figure BDA0003901419130000081
Figure BDA0003901419130000081

若γ值大于所设阈值m,则表示文件内容的敏感词与所述敏感词库的敏感词相似,此时便不符合校园管理规范,反之,则符合校园管理规范;If the γ value is greater than the set threshold m, it means that the sensitive words in the file content are similar to the sensitive words in the sensitive lexicon, and at this time it does not conform to the campus management norms; otherwise, it conforms to the campus management norms;

S202:判断文件内容是否符合校园管理规范,若符合,则可以对文件进行上传,若不符合,则停止文件的上传,并显示上传失败;S202: Determine whether the content of the file complies with the campus management norms, if so, upload the file, if not, stop uploading the file, and display upload failure;

同时,为了检测上传的文件数据是否含有病毒,利用基于字符串的搜索法根据所述病毒库来进行检测,从而有效的规避了因文件数据的上传而导致病毒入侵的问题出现,所述基于字符串的搜索法属于本领域技术人员的常规技术手段,因此,并未做出过多的赘述。At the same time, in order to detect whether the uploaded file data contains viruses, the search method based on character strings is used to detect according to the virus database, thereby effectively avoiding the problem of virus intrusion caused by the upload of file data. The string search method belongs to the conventional technical means of those skilled in the art, therefore, too many details are not given here.

为了避免访问者在使用数据过程中遇到计算机内的不良信息,利用信息过滤技术进行过滤:In order to prevent visitors from encountering bad information in the computer during the use of data, information filtering technology is used to filter:

S203:首先基于向量空间模型提取出网页中所有词汇的特征值:S203: First extract the feature values of all words in the web page based on the vector space model:

设定网页中形成的文本集合为R,文本中的第i个词汇为Ri,并设定数据库中的训练文本集为M,则该词汇与文本集的对数互信息量logI(Ri,R)为:Set the text set formed in the webpage as R, the i-th vocabulary in the text as R i , and set the training text set in the database as M, then the logarithmic mutual information logI(R i ,R) is:

Figure BDA0003901419130000082
Figure BDA0003901419130000082

其中,P(Ri|R)表示词汇Ri在文本集R中的比重,P(Ri)表示词汇Ri在训练文本集M中的比重;此时,将所有词汇根据上式的互信息量进行排序,并选取一些排在较高位的词汇作为特征项;Among them, P(R i |R) represents the proportion of vocabulary R i in the text set R, and P(R i ) represents the proportion of vocabulary R i in the training text set M; The amount of information is sorted, and some higher-ranked words are selected as feature items;

S204:接着计算提取的特征项与所述敏感词库内信息的相似度:S204: Next, calculate the similarity between the extracted feature item and the information in the sensitive lexicon:

将选取的特征项设定为Wi,并形成一个集合W,β为所述特征项与敏感词库信息的相似度:Set the selected feature item as W i , and form a set W, β is the similarity between the feature item and the sensitive lexicon information:

Figure BDA0003901419130000091
Figure BDA0003901419130000091

S205:然后通过设定阈值n,判断该网页信息是否为不良信息,若大于设定的阈值n,则表示该网页含有不良信息,反之,则表示该网页符合要求,未出现不良信息;之后,并清除含有不良信息的网页,保留正常使用的网页。S205: Then, by setting the threshold n, it is judged whether the web page information is bad information, if it is greater than the set threshold n, it means that the web page contains bad information, otherwise, it means that the web page meets the requirements and no bad information appears; after that, And remove the web pages containing bad information, and keep the web pages in normal use.

进一步的,在步骤S4中:通过在系统中安装一个时间阀来控制对计算机软硬件检测启动的时间,在时间阀中设置一个时间周期,如设置24小时为一个时间周期,此时,表示每24小时对计算机系统软硬件进行一次检测,通过利用时间阀控制电脑做到定期自动清理系统,更有利于避免计算机病毒的出现;Further, in step S4: by installing a time valve in the system to control the time to start the computer software and hardware detection, set a time period in the time valve, such as setting 24 hours as a time period, at this time, it means that every The software and hardware of the computer system are inspected 24 hours a day. By using the time valve to control the computer to automatically clean the system on a regular basis, it is more conducive to avoiding the emergence of computer viruses;

时间阀开启后,则进入硬件检测模式和软件检测模式;所述硬件检测模式通过启动一系列电脑检测工具来检测计算机硬件功能是否能够正常使用,所述电脑检测工具包括CPU-Z用来检测处理器和显卡;HD TUNE用来检测硬盘传输速率,硬盘容量,健康状态,温度及磁盘表面扫描;Super PI用来检测CPU稳定性等;所述软件检测模式通过利用软件仿真扫描法对计算机病毒进行识别,并利用计算机中安装的杀毒软件将识别到的病毒进行查杀,所述软件仿真扫描法属于本领域技术人员的常规技术手段,因此,并未做出过多的赘述;若杀毒软件无法彻底清理识别到的病毒,则进入报警系统,将信号发送给所述反馈模块,通过对无法清理的病毒进行及时报警处理,更有利于工作人员发现问题,从而减少因病毒的出现导致计算机系统瘫痪的问题。After the time valve is opened, then enter the hardware detection mode and the software detection mode; The hardware detection mode detects whether the computer hardware function can be used normally by starting a series of computer detection tools, and the computer detection tools include CPU-Z for detection processing HD TUNE is used to detect the hard disk transfer rate, hard disk capacity, health status, temperature and disk surface scanning; Super PI is used to detect CPU stability, etc.; the software detection mode is used to detect computer viruses by using the software simulation scanning method Identify, and use the anti-virus software installed in the computer to check and kill the identified virus. The software simulation scanning method belongs to the conventional technical means of those skilled in the art, so it is not repeated too much; if the anti-virus software cannot Thoroughly clean up the identified virus, enter the alarm system, and send the signal to the feedback module, and timely alarm the virus that cannot be cleaned up, which is more conducive to the staff to find the problem, thereby reducing the occurrence of the virus and causing the computer system to be paralyzed The problem.

进一步的,在步骤S5中:显示系统检测的结果,包括硬件功能检测结果,软件病毒检测结果,若结果显示为正常,则不进行报警处理,若结果显示为异常,则进行提醒并报警,便于提醒工作人员对计算机系统的修复与处理。Further, in step S5: display the result of system detection, including hardware function detection result, software virus detection result, if the result shows as normal, then do not carry out alarm processing, if the result shows as abnormal, then remind and report to the police, convenient Remind the staff to repair and deal with the computer system.

实施例一:Embodiment one:

在步骤S1中:对访问者的身份信息进行登记,并根据数据库中记录的成员信息判断该访问者身份,此时系统接收到该访问者身份信息在数据库内的记录表中存在,为“学生-张三”,系统开启学生访问模式,让计算机处于学生访问界面;In step S1: register the visitor's identity information, and judge the visitor's identity according to the member information recorded in the database. At this time, the system receives that the visitor's identity information exists in the record table in the database, which is "student - Zhang San", the system opens the student access mode, so that the computer is in the student access interface;

在步骤S2中:为了检测“学生-张三”上传的文件是否符合校园管理规范,利用智能审核模型对上传的数据进行审核:In step S2: In order to detect whether the uploaded file of "Student-Zhang San" complies with the campus management norms, the uploaded data is reviewed using the intelligent review model:

S201:首先计算文件内容关键词与敏感词库内敏感词信息的相似度:S201: First calculate the similarity between the keyword in the file content and the sensitive word information in the sensitive word database:

利用word embedding算法将上传的文件内容映射到一个数值向量空间中,建立坐标系,通过对上传的文件信息进行处理,得到向量集A,通过对所述敏感词库信息的处理,得到向量集B,设定γ为向量集A与向量集B的相似度,此时Use the word embedding algorithm to map the uploaded file content into a numerical vector space, establish a coordinate system, and process the uploaded file information to obtain vector set A, and obtain vector set B by processing the sensitive lexicon information , set γ as the similarity between vector set A and vector set B, at this time

Figure BDA0003901419130000101
Figure BDA0003901419130000101

通过遍历,发现该文件内容信息与敏感词库的信息相似度为30%;Through traversal, it is found that the similarity between the content information of the file and the information in the sensitive lexicon is 30%;

S202:由于该文件内容信息与敏感词库信息相似度为30%小于所设阈值0.9,此时,该文件符合校园管理规范,可以对系统进行文件的上传;S202: Since the similarity between the content information of the file and the sensitive lexicon information is 30% and less than the set threshold of 0.9, at this time, the file complies with the campus management regulations, and the file can be uploaded to the system;

同时,为了检测上传的文件数据是否含有病毒,利用基于字符串的搜索法根据所述病毒库来进行检测,从而有效的规避因文件数据的上传而导致病毒入侵的问题出现,通过系统检测,发现并未识别到病毒,此刻,显示文件上传成功。At the same time, in order to detect whether the uploaded file data contains viruses, the search method based on character strings is used to detect according to the virus database, so as to effectively avoid the problem of virus invasion caused by the upload of file data. Through system detection, it is found that No virus was identified. At this moment, it shows that the file was uploaded successfully.

为了避免“学生-张三”在使用数据过程中遇到计算机内的不良信息,利用信息过滤技术进行过滤:In order to prevent "student-Zhang San" from encountering bad information in the computer during the use of data, use information filtering technology to filter:

S203:首先基于向量空间模型提取出网页中所有词汇的特征值:S203: First extract the feature values of all words in the web page based on the vector space model:

设定网页中形成的文本集合为R,文本中的第i个词汇为Ri,并设定数据库中的训练文本集为M,则该词汇与文本集的对数互信息量logI(Ri,R)为:Set the text set formed in the webpage as R, the i-th vocabulary in the text as R i , and set the training text set in the database as M, then the logarithmic mutual information logI(R i ,R) is:

Figure BDA0003901419130000102
Figure BDA0003901419130000102

其中,P(Ri|R)表示词汇Ri在文本集R中的比重,P(Ri)表示词汇Ri在训练文本集M中的比重;此时,将所有词汇根据上式的互信息量进行排序,并选取一些排在较高位的词汇作为特征项;Among them, P(R i |R) represents the proportion of vocabulary R i in the text set R, and P(R i ) represents the proportion of vocabulary R i in the training text set M; The amount of information is sorted, and some higher-ranked words are selected as feature items;

S204:接着计算提取的特征项与所述敏感词库内信息的相似度:S204: Next, calculate the similarity between the extracted feature item and the information in the sensitive lexicon:

将选取的特征项设定为Wi,并形成一个集合W,β为所述特征项与敏感词库信息的相似度:Set the selected feature item as W i , and form a set W, β is the similarity between the feature item and the sensitive lexicon information:

Figure BDA0003901419130000111
Figure BDA0003901419130000111

S205:然后通过设定阈值0.8,判断该网页信息是否为不良信息,若大于设定的阈值0.8,清除该网页,若小于设定的阈值0.8,则保留该网页,从而避免计算机中可能存在不良信息的网页出现。S205: Then, by setting a threshold of 0.8, it is judged whether the web page information is bad information, if it is greater than the set threshold of 0.8, the web page is cleared, and if it is less than the set threshold of 0.8, the web page is kept, thereby avoiding possible bad information in the computer The information page appears.

在“学生-张三”结束使用电脑后,将该成员上传的文件数据与使用的网页数据进行备份,发送至所述数据库。After the "student-Zhang San" finishes using the computer, the file data uploaded by the member and the web page data used are backed up and sent to the database.

在步骤S4中:通过在系统中安装一个时间阀来控制对计算机软硬件检测启动的时间,在时间阀中设置12小时的周期,表示每12小时对计算机系统软硬件进行一次检测;时间阀开启后,则进入硬件检测模式和软件检测模式;所述硬件检测模式通过启动一系列电脑检测工具来检测计算机硬件功能,所述电脑检测工具包括CPU-Z用来检测处理器和显卡;HDTUNE用来检测硬盘传输速率,硬盘容量,健康状态,温度及磁盘表面扫描;Super PI用来检测CPU稳定性等;所述软件检测模式通过利用软件仿真扫描法对计算机病毒进行识别,并利用计算机中安装的杀毒软件将识别到的病毒进行查杀;若杀毒软件无法彻底清理识别到的病毒,则进入报警系统,将信号发送给所述反馈模块;In step S4: by installing a time valve in the system to control the time to start the computer software and hardware detection, a 12-hour cycle is set in the time valve, which means that the computer system software and hardware are detected once every 12 hours; the time valve is opened Afterwards, then enter hardware detection mode and software detection mode; Described hardware detection mode detects computer hardware function by starting a series of computer detection tools, and described computer detection tool comprises CPU-Z and is used for detecting processor and graphics card; HDTUNE is used for Detect hard disk transfer rate, hard disk capacity, health status, temperature and disk surface scanning; Super PI is used to detect CPU stability, etc.; the software detection mode identifies computer viruses by using software simulation scanning method, and uses The anti-virus software checks and kills the identified virus; if the anti-virus software cannot thoroughly clean up the identified virus, it enters the alarm system and sends a signal to the feedback module;

此时,系统检测到计算机硬件功能正常,软件部分也未识别到病毒。At this time, the system detects that the computer hardware is functioning normally, and the software part does not recognize the virus.

在步骤S5中:显示系统检测的结果,硬件功能状态良好,软件功能正常且无病毒。In step S5: the result of the system detection is displayed, the hardware function is in good condition, the software function is normal and there is no virus.

最后应说明的是:以上所述仅为本发明的优选实例而已,并不用于限制本发明,尽管参照前述实施例对本发明进行了详细的说明,对于本领域的技术人员来说,其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。Finally, it should be noted that: the above is only a preferred example of the present invention, and is not intended to limit the present invention. Although the present invention has been described in detail with reference to the foregoing embodiments, for those skilled in the art, it can still be The technical solutions recorded in the foregoing embodiments are modified, or some of the technical features are equivalently replaced. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present invention shall be included within the protection scope of the present invention.

Claims (10)

1. A big data-based computer system security management system is characterized in that: the system comprises: the system comprises an access management module, a data uploading and using module, a database, a periodic detection module and a feedback module;
the identity information of an accessor is registered and an opening authority is set through the access management module, and the confirmed identity information is sent to the database and the data uploading and using module;
the data uploading and using module is used for managing the uploading and using of the data;
storing all identity information and uploaded and used data through the database;
the software and hardware of the computer are periodically detected by the periodic detection module, and the detection result is sent to the feedback module;
and displaying the detection result through the feedback module, judging whether the data is abnormal or not, and alarming if the data is abnormal.
2. The big data based computer system security management system of claim 1, wherein: the access management module comprises an identity registration unit and a permission setting unit; the identity registration unit is used for registering identity information of the visitor and confirming whether the visitor belongs to a school member or not; the permission setting unit is used for opening different permissions of the computer according to different identities of visitors.
3. The big data based computer system security management system of claim 1, wherein: the data uploading and using module comprises an uploading management unit, an information filtering unit and a data backup unit; the uploading management unit is used for detecting whether the file uploaded by the visitor meets the campus management specification or not and detecting whether the file contains viruses or not; the information filtering unit is used for filtering bad information encountered by a visitor in the data using process by using an information filtering technology; the data backup unit is used for backing up data uploaded and used by an accessor;
the uploading management unit comprises a content audit subunit and a virus detection subunit; the content auditing subunit is used for auditing the uploaded file content by using an intelligent auditing model and judging whether the uploaded file content conforms to the campus management specification; the virus detection subunit is used for detecting whether the uploaded file data contains viruses or not by using a search method based on character strings.
4. The big data based computer system security management system of claim 1, wherein: the database also comprises a virus library and a sensitive word library; the virus library is used for storing characteristic character strings of possible computer viruses; the sensitive word bank is used for storing sensitive word information which does not accord with campus management specifications.
5. The big data based computer system security management system of claim 1, wherein: the periodic detection module comprises a time control unit, a hardware detection unit and a software detection unit; the time control unit controls the starting time of the hardware detection unit and the software detection unit by arranging a time valve; the hardware detection unit is used for detecting whether the hardware function of the computer can be normally used; the software detection unit is used for detecting viruses in the computer system;
the software detection unit comprises a virus identification subunit, a virus searching and killing subunit and a virus alarm subunit; the virus identification subunit is used for identifying a virus in the computer system; the virus searching and killing subunit is used for cleaning the virus identified by the virus identification subunit; the virus alarm subunit is used for carrying out alarm processing on the virus which cannot be cleared and sending the signal to the feedback module.
6. A computer system security management method based on big data is characterized in that: the method comprises the following steps:
s1: registering identity information of an accessor and setting an opening authority;
s2: managing and detecting data uploaded and used by an accessor, and backing up the data;
s3: storing all identity information and data uploaded and used to the database;
s4: regularly detecting software and hardware of a computer system;
s5: and displaying the detection result, judging whether the data is abnormal or not, and alarming if the data is abnormal.
7. The big-data based computer system security management method of claim 6, wherein: in step S1: and registering the identity information of the visitor, judging whether the visitor belongs to a school member or not according to the member information recorded in the database, if so, opening the corresponding authority according to the identity information, and if not, stopping the access.
8. The big-data based computer system security management method of claim 6, wherein: in step S2: in order to detect whether the file uploaded by the visitor meets the campus management specification, the uploaded data is audited by using an intelligent auditing model:
s201: firstly, calculating the similarity between the keywords of the file content and the sensitive word information in the sensitive word library:
mapping the uploaded file content to a numerical vector space by using a word embedding algorithm, establishing a coordinate system, processing the uploaded file information to obtain a vector set A, processing the sensitive word bank information to obtain a vector set B, and setting gamma as the similarity of the vector set A and the vector set B, wherein at the moment
Figure FDA0003901419120000031
If the gamma value is larger than the set threshold value m, the sensitive words representing the content of the file are similar to the sensitive words of the sensitive word bank, and the campus management standard is not met at the moment, otherwise, the campus management standard is met;
s202: judging whether the file content meets the campus management specification, if so, uploading the file, and if not, stopping uploading the file and displaying uploading failure;
meanwhile, in order to detect whether the uploaded file data contains viruses or not, detection is performed according to the virus library by using a character string-based search method.
9. The big data based computer system security management method of claim 8, wherein: in step S2: in order to avoid that visitors encounter bad information in the computer in the process of using data, the information is filtered by using an information filtering technology:
s203: firstly, extracting characteristic values of all words in a webpage based on a vector space model:
setting a text set formed in a webpage as R, and setting the ith vocabulary in the text as R i And setting the training text set in the database as M, then the logarithm mutual information amount logI (R) of the vocabulary and the text set i And R) is:
Figure FDA0003901419120000032
wherein, P (R) i R) represents the vocabulary R i Specific gravity in text set R, P (R) i ) Representing the word R i Specific gravity in the training text set M; at the moment, all the vocabularies are sequenced according to the mutual information quantity of the formula, and some vocabularies arranged at higher positions are selected as characteristic items;
s204: and then calculating the similarity between the extracted feature items and the information in the sensitive word stock:
setting the selected feature item as W i And forming a set W, wherein beta is the similarity between the characteristic item and the sensitive word stock information:
Figure FDA0003901419120000033
s205: and then judging whether the webpage information is bad information or not by setting a threshold value n, removing the webpage containing the bad information, and reserving the normally used webpage.
10. The big data based computer system security management method of claim 6, wherein: in step S4: the method comprises the steps that a time valve is installed in a system to control the starting time of computer software and hardware detection, and after the time valve is started, a hardware detection mode and a software detection mode are started; the hardware detection mode detects whether the hardware function of the computer can be normally used by starting a series of computer detection tools; the software detection mode is used for identifying computer viruses by using a software simulation scanning method and searching and killing the identified viruses by using antivirus software installed in a computer; and if the antivirus software cannot thoroughly clean the identified virus, entering an alarm system and sending a signal to the feedback module.
CN202211292039.6A 2022-10-21 2022-10-21 Computer system security management system and method based on big data Pending CN115544508A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211292039.6A CN115544508A (en) 2022-10-21 2022-10-21 Computer system security management system and method based on big data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211292039.6A CN115544508A (en) 2022-10-21 2022-10-21 Computer system security management system and method based on big data

Publications (1)

Publication Number Publication Date
CN115544508A true CN115544508A (en) 2022-12-30

Family

ID=84735671

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211292039.6A Pending CN115544508A (en) 2022-10-21 2022-10-21 Computer system security management system and method based on big data

Country Status (1)

Country Link
CN (1) CN115544508A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116089961A (en) * 2023-02-14 2023-05-09 哈尔滨晨亿科技有限公司 Big data-based computer intelligent image management system and method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116089961A (en) * 2023-02-14 2023-05-09 哈尔滨晨亿科技有限公司 Big data-based computer intelligent image management system and method
CN116089961B (en) * 2023-02-14 2023-07-21 河南省中视新科文化产业有限公司 Big data-based computer intelligent image management system and method

Similar Documents

Publication Publication Date Title
US11748416B2 (en) Machine-learning system for servicing queries for digital content
CN105516127B (en) User cross-domain behavior pattern mining method for insider threat detection
WO2022116419A1 (en) Automatic determination method and apparatus for domain name infringement, electronic device, and storage medium
CN110990836B (en) Code leakage detection system and method based on natural language processing technology
WO2019041774A1 (en) Customer information screening method and apparatus, electronic device, and medium
CN110909348A (en) Internal threat detection method and device
CN112839014A (en) Method, system, device and medium for establishing model for identifying abnormal visitor
Lago et al. Visual and textual analysis for image trustworthiness assessment within online news
CN118656495B (en) Public opinion publishing traceability method, device, equipment and storage medium thereof
CN118606520A (en) A software supply chain malicious open source project monitoring and early warning method and device
CN115544508A (en) Computer system security management system and method based on big data
CN117573819A (en) Data security control method for establishing intelligent assistant based on AIGC+enterprise internal knowledge base
CN107196942B (en) An Insider Threat Detection Method Based on User Language Features
CN113919630A (en) Enterprise economic crime detection method, system and equipment
CN110866700B (en) Method and device for determining enterprise employee information disclosure source
Gafny et al. Poster: applying unsupervised context-based analysis for detecting unauthorized data disclosure
CN104156351B (en) Taxpayer tax administration transaction behavior recognition method based on taxpayer annular reports
CN110598397A (en) Deep learning-based Unix system user malicious operation detection method
CN114610982B (en) Computer network data acquisition, analysis and management method, equipment and storage medium
US20190318223A1 (en) Methods and Systems for Data Analysis by Text Embeddings
CN116911294A (en) Method, device, equipment and medium for identifying sensitive field
KR20100115451A (en) Security method for protecting the leakage of the information of a company
CN112182441A (en) Method and device for detecting violation data
US20220358150A1 (en) Natural language processing and machine-learning for event impact analysis
CN116522337A (en) API semantic-based unbiased detection method for malicious software family

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20221230