CN115696339A - Method, device, medium and equipment for establishing and evaluating safety state evaluation model - Google Patents

Method, device, medium and equipment for establishing and evaluating safety state evaluation model Download PDF

Info

Publication number
CN115696339A
CN115696339A CN202211353532.4A CN202211353532A CN115696339A CN 115696339 A CN115696339 A CN 115696339A CN 202211353532 A CN202211353532 A CN 202211353532A CN 115696339 A CN115696339 A CN 115696339A
Authority
CN
China
Prior art keywords
mobile terminal
safety
monitoring index
index data
electric power
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211353532.4A
Other languages
Chinese (zh)
Inventor
陈璐
陈牧
张涛
马媛媛
邵志鹏
戴造建
李尼格
李勇
卢子昂
方文高
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Smart Grid Research Institute Co ltd
State Grid Corp of China SGCC
State Grid Jiangsu Electric Power Co Ltd
Information and Telecommunication Branch of State Grid Jiangsu Electric Power Co Ltd
Original Assignee
State Grid Smart Grid Research Institute Co ltd
State Grid Corp of China SGCC
State Grid Jiangsu Electric Power Co Ltd
Information and Telecommunication Branch of State Grid Jiangsu Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Smart Grid Research Institute Co ltd, State Grid Corp of China SGCC, State Grid Jiangsu Electric Power Co Ltd, Information and Telecommunication Branch of State Grid Jiangsu Electric Power Co Ltd filed Critical State Grid Smart Grid Research Institute Co ltd
Priority to CN202211353532.4A priority Critical patent/CN115696339A/en
Publication of CN115696339A publication Critical patent/CN115696339A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a method, a device, a medium and equipment for constructing and evaluating a safety state evaluation model, wherein the construction method comprises the following steps: extracting monitoring index data of a mobile terminal in a normal running state and monitoring index data of an abnormal running state in each shop in a plurality of electric power mobile terminals based on a state monitoring index system; respectively quantifying the monitoring index data to obtain a positive sample set and a negative sample set; training a classification frame corresponding to an AdaBoost algorithm based on the positive sample set and the negative sample set to obtain a safety state evaluation model of the electric power mobile terminal. By implementing the method and the device, the environment type and historical reliability index are increased while the safety indexes of the universal mobile terminal such as the physical type, the system type, the data type, the application type and the network type are considered, and the safety state evaluation model of the electric power mobile terminal is established by combining the AdaBoost algorithm on the basis, so that the online safety state evaluation of the electric power mobile terminal is realized.

Description

Method, device, medium and equipment for establishing and evaluating safety state evaluation model
Technical Field
The invention relates to the technical field of electric power mobile terminal safety, in particular to a method, a device, a medium and equipment for establishing and evaluating a safety state evaluation model.
Background
With the construction and promotion of energy internet and digital transformation service of the national power grid company, the electric power mobile internet service develops at a high speed, various intelligent mobile terminals are widely accessed, and meanwhile various means aiming at the mobile terminals are layered endlessly, so that the mobile safety protection of the electric power system faces more complicated situations. Therefore, strengthening the safety construction of the mobile terminal is beneficial to improving the safety protection level of the power system.
The existing mobile terminal safety assessment scheme has the problems that index consideration is incomplete, assessment capability on dynamic change conditions of the mobile terminal is lacked, an assessment process depends on expert judgment, automatic online safety assessment cannot be achieved, and the like, and cannot be effectively applied to an actual environment.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method, an apparatus, a medium, and a device for constructing and evaluating a security status evaluation model, so as to solve the technical problem that automated online security evaluation cannot be implemented due to incomplete index consideration in the prior art.
The technical scheme provided by the invention is as follows:
the first aspect of the embodiments of the present invention provides a method for constructing a security state evaluation model of an electric mobile terminal, including: extracting monitoring index data of each electric mobile terminal in a normal running state and monitoring index data of each electric mobile terminal in an abnormal running state based on a state monitoring index system, wherein the monitoring index data comprises the monitoring index data extracted from a physical system, a system, a data system, an application system, a network system, an environment system and a historical reliability system; respectively quantifying the monitoring index data in the normal running state and the monitoring index data in the abnormal running state to obtain a positive sample set and a negative sample set; training a classification frame corresponding to an AdaBoost algorithm based on the positive sample set and the negative sample set to obtain a safety state evaluation model of the electric power mobile terminal.
Optionally, extracting monitoring index data of the physical class of the power mobile terminal based on the physical class, wherein the monitoring index data of the physical class includes monitoring index data of the power mobile terminal on the security of a key device, the security of starting authentication, the security of a local interface, the dustproof and waterproof capability and the physical safety protection capability; extracting monitoring index data of the system class of the electric power mobile terminal based on the system class, wherein the monitoring index data of the system class comprises monitoring index data of the electric power mobile terminal in resource occupation safety, operation process safety, system version safety, system authority safety, system file safety and system safety protection capacity; extracting monitoring index data of a data class of the electric power mobile terminal based on the data class, wherein the monitoring index data of the data class comprises the monitoring index data of the electric power mobile terminal in the data safety protection capability; extracting monitoring index data of the application class of the power mobile terminal based on the application class, wherein the monitoring index data of the application class comprises monitoring index data of the power mobile terminal in application source safety, application authority safety, application behavior safety and application safety protection capability; extracting monitoring index data of the network class of the electric power mobile terminal based on the network class, wherein the monitoring index data of the network class comprises monitoring index data of the electric power mobile terminal in communication state safety, network flow safety and network safety protection capability; extracting monitoring index data of the environment class of the electric power mobile terminal based on the environment class, wherein the monitoring index data of the environment class comprises monitoring index data of the temperature safety and the humidity safety of the electric power mobile terminal; and extracting the monitoring index data of the historical reliability of the electric power mobile terminal based on the historical reliability, wherein the monitoring index data of the historical reliability comprises the monitoring index data of the electric power mobile terminal scored in historical safety.
Optionally, the monitoring index data of the security of the key device includes a SIM card, a secure TF card and a digital certificate of the electric mobile terminal; the monitoring index data of the starting authentication security comprises starting authentication and biological feature identification of the electric power mobile terminal; the monitoring index data of the local interface safety comprises the local interface state of the electric power mobile terminal; the monitoring index data of the dustproof and waterproof capacity comprises the protection grade of the electric power mobile terminal; the monitoring index data of the physical safety protection capability comprises remote anti-theft and safety locking modes of the electric power mobile terminal;
the monitoring index data of the resource occupation safety comprise the CPU occupancy rate, the memory occupancy rate and the disk occupancy rate of the electric power mobile terminal; the monitoring index data of the running process safety comprises a process list of the electric power mobile terminal; the monitoring index data of the system version safety comprises the current version number of the electric power mobile terminal; monitoring index data of system authority security comprises the ROOT condition of the electric power mobile terminal; monitoring index data of system file security comprises files and file permissions of the electric power mobile terminal; the monitoring index data of the system safety protection capability comprises the system automatic updating condition of the electric power mobile terminal, the installation condition of safety special control software and virus checking and killing software;
the monitoring index data of the data safety protection capability comprises data storage encryption, important data backup and virtual identity protection of the electric power mobile terminal;
the monitoring index data of the application source safety comprises an application safety list and application signature information of the electric power mobile terminal; the monitoring index data of the application permission safety comprises sensitive permission in the application of the electric power mobile terminal; the monitoring index data of the application behavior safety comprises an illegal behavior of the power application terminal; the monitoring index data of the application safety protection capability comprises power business application of the power mobile terminal;
the monitoring index data of the communication state safety comprises a network port and a network connection state of the electric power mobile terminal; the monitoring index data of the network flow safety comprises a real-time sending rate, a real-time receiving rate, a TCP flow percentage, a UDP flow percentage and a service flow percentage of the electric power mobile terminal; the monitoring index data of the network safety protection capability comprises a special network channel, an automatic joining network and pseudo base station protection of the electric power mobile terminal;
the monitoring index data of the temperature safety comprises the environmental temperature of the electric power mobile terminal; the monitoring index data of the humidity safety comprises the environment humidity of the electric power mobile terminal;
the monitoring index data of the historical safety score comprises a recent safety state evaluation result of the electric power mobile terminal.
Optionally, the quantifying the monitoring index data of the normal operation state and the monitoring index data of the abnormal operation state respectively includes: and comparing the quantitative index data acquired from each aspect in the historical reliability classes of the physical class, the system class, the data class, the application class, the network class and the environment class with the pre-stored normal monitoring index data or the safety standard to obtain the quantitative result of each aspect.
Optionally, training a classification framework corresponding to the AdaBoost algorithm based on the positive sample set and the negative sample set to obtain a security state evaluation model of the power mobile terminal, where the classification framework includes: initializing the weight of each sample in the positive sample set and the negative sample set; training a weak classifier based on a preset iteration number; and forming the trained weak classifiers into a strong classifier to obtain the safety state evaluation model of the electric power mobile terminal.
A second aspect of the embodiments of the present invention provides a method for evaluating a security state of an electric mobile terminal, including: acquiring current monitoring index data of the electric power mobile terminal; the acquired monitoring index data are quantized and then input into the electric power mobile terminal safety state evaluation model constructed by the electric power mobile terminal safety state evaluation model construction method based on the first aspect and any one of the first aspect of the embodiment of the invention, so that the current safety state evaluation result of the electric power mobile terminal is obtained.
A third aspect of the embodiments of the present invention provides a device for constructing a security state evaluation model of an electric power mobile terminal, including: the system comprises a sample data acquisition module, a state monitoring index system and a data processing module, wherein the sample data acquisition module is used for extracting monitoring index data of each electric power mobile terminal in a normal operation state and monitoring index data of each electric power mobile terminal in an abnormal operation state based on the state monitoring index system, and the monitoring index data comprises the monitoring index data extracted from a physical system, a system, a data system, an application system, a network system, an environment system and a historical reliability system; the sample set construction module is used for respectively quantifying monitoring index data in a normal running state and monitoring index data in an abnormal running state to obtain a positive sample set and a negative sample set; and the model construction module is used for training a classification frame corresponding to the AdaBoost algorithm based on the positive sample set and the negative sample set to obtain a safety state evaluation model of the electric power mobile terminal.
A fourth aspect of the embodiments of the present invention provides an apparatus for evaluating a security state of an electric power mobile terminal, including: the real-time data acquisition module is used for acquiring current monitoring index data of the electric mobile terminal; the evaluation module is configured to quantize the acquired monitoring index data and input the quantized monitoring index data into the electric power mobile terminal safety state evaluation model constructed by the electric power mobile terminal safety state evaluation model construction method according to any one of the first aspect and the first aspect of the embodiment of the present invention, so as to obtain a current safety state evaluation result of the electric power mobile terminal.
A fifth aspect of the embodiments of the present invention provides a computer-readable storage medium, where computer instructions are stored, and the computer instructions are configured to enable the computer to execute the electric mobile terminal security state assessment model building method according to any one of the first aspect and the electric mobile terminal security state assessment method according to the second aspect of the embodiments of the present invention.
A sixth aspect of an embodiment of the present invention provides an electronic device, including: the electric power mobile terminal safety state evaluation model building method comprises a memory and a processor, wherein the memory and the processor are connected in a communication mode, the memory stores computer instructions, and the processor executes the computer instructions so as to execute the electric power mobile terminal safety state evaluation model building method according to any one of the first aspect and the electric power mobile terminal safety state evaluation method according to the second aspect of the embodiments of the invention.
The technical scheme provided by the invention has the following effects:
according to the method, the device and the storage medium for constructing the safety state evaluation model of the electric power mobile terminal, provided by the embodiment of the invention, the safety indexes of the electric power mobile terminal are considered, meanwhile, the environmental class and the historical reliability indexes are increased in order to be capable of carrying out more comprehensive safety evaluation on the electric power mobile terminal by combining the surrounding environment and the historical safety state of the terminal, the monitoring index data are extracted from the physical class system, the system class system, the data class system, the application class system, the network class system, the environmental class system and the historical reliability system, and the safety state evaluation model of the electric power mobile terminal is established by combining an AdaBoost algorithm on the basis, so that the online safety state evaluation of the electric power mobile terminal is realized.
According to the method and the device for evaluating the safety state of the electric power mobile terminal, the obtained monitoring index data are quantized and then input into the pre-constructed safety state evaluation model of the electric power mobile terminal, and therefore the on-line safety state evaluation of the electric power mobile terminal can be achieved. Therefore, the safety state evaluation method can effectively and comprehensively evaluate the real-time state of the electric mobile terminal, discover potential safety risks in time, make up for the deficiency of safety protection of the mobile terminal layer and improve the overall safety protection capability of the system.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of a method for constructing a security state evaluation model of an electric power mobile terminal according to an embodiment of the present invention;
fig. 2 and fig. 3 are block diagrams of a state monitoring index architecture in a security state evaluation model method of a power mobile terminal according to an embodiment of the present invention;
FIG. 4 is a graphical illustration of the accuracy of a training set and a test set at different iterations in accordance with an embodiment of the present invention;
FIG. 5 is a graphical illustration of the accuracy of an evaluation model at different training set and test set partitioning ratios, in accordance with an embodiment of the present invention;
FIG. 6 is a flow chart of a method for evaluating the security status of a power mobile terminal according to an embodiment of the present invention;
fig. 7 is a block diagram of a configuration of a security state evaluation model construction device of an electric power mobile terminal according to an embodiment of the present invention;
fig. 8 is a block diagram of a configuration of a security state evaluation apparatus of an electric power mobile terminal according to an embodiment of the present invention;
FIG. 9 is a schematic structural diagram of a computer-readable storage medium provided in accordance with an embodiment of the present invention;
fig. 10 is a schematic structural diagram of an electronic device provided in an embodiment of the present invention.
Detailed Description
In order to make those skilled in the art better understand the technical solutions of the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that the embodiments described herein may be practiced otherwise than as specifically illustrated or described herein. Moreover, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
According to an embodiment of the present invention, there is provided a method for constructing a security state assessment model of an electric mobile terminal, where it is noted that the steps illustrated in the flowchart of the drawings may be executed in a computer system such as a set of computer executable instructions, and that although a logical order is illustrated in the flowchart, in some cases, the steps illustrated or described may be executed in an order different from that herein.
In this embodiment, a method for constructing a security state assessment model of an electric mobile terminal is provided, which may be used in electronic devices, such as computers, mobile phones, tablet computers, and the like, fig. 1 is a flowchart of a method for constructing a security state assessment model of an electric mobile terminal according to an embodiment of the present invention, and as shown in fig. 1, the method includes the following steps:
step S101: monitoring index data of each electric mobile terminal in a normal running state and monitoring index data of each electric mobile terminal in an abnormal running state are extracted based on a state monitoring index system, wherein the state monitoring index system comprises a physical type, a system type, a data type, an application type, a network type, an environment type and historical reliability. The monitoring index data can be acquired from a mobile terminal database by adopting a currently existing data acquisition tool. For example, 500 sets of monitoring index data of each electric mobile terminal in the ten electric mobile terminal devices in the normal operation state and the abnormal operation state may be extracted, including 300 sets of monitoring index data in the normal operation state and 200 sets of monitoring index data in the abnormal operation state. The abnormal operation state can comprise the operation state of the electric mobile terminal under the conditions that the terminal is infected with virus, the terminal is subjected to flooding attack, the SIM card of the terminal is replaced, the terminal is provided with repackaging application and malicious application, and the like.
Specifically, for the condition monitoring index system employed in this embodiment: the physical indexes mainly reflect the hardware condition and the hardware protection capability of the electric mobile terminal; the system indexes mainly reflect the system running state and the system protection capability of the electric power mobile terminal; the data type indexes mainly reflect the capability of the electric mobile terminal for guaranteeing the integrity, availability and confidentiality of data, namely the safety protection capability of the data; the application indexes mainly reflect the safety and the safety protection capability of application software installed on the power mobile terminal; the network type indexes mainly reflect the safety of the real-time network state of the electric mobile terminal and the network safety protection capability; the environment type indexes mainly reflect the safety of the basic environment of the current position of the electric mobile terminal; the historical reliability index mainly considers the recent safety state evaluation result of the electric power mobile terminal.
Step S102: and quantifying the monitoring index data in the normal running state and the monitoring index data in the abnormal running state respectively to obtain a positive sample set and a negative sample set. Specifically, because the state monitoring index system includes a plurality of categories of monitoring index data, and the form of the monitoring index data of each category is different, in order to achieve the uniformity of data constituting the sample set, the obtained monitoring index data is quantized to form the sample set. For example, the obtained monitoring index data may be analyzed and quantified as values within the interval [0,1 ]. The positive sample set is composed of monitoring index data in a normal operation state, and the negative sample set is composed of monitoring index data in an abnormal operation state.
Step S103: training a classification frame corresponding to an AdaBoost algorithm based on the positive sample set and the negative sample set to obtain a safety state evaluation model of the electric power mobile terminal. The AdaBoost algorithm is an iterative boosting algorithm, and the core idea is to train different weak classifiers aiming at the same training set and then integrate the weak classifiers into one strong classifier, namely, the classification effect of the classifier is improved through iterative training. The AdaBoost algorithm is self-adaptive, the weights of the samples can be automatically adjusted in the iterative process to generate a weak classifier with a good effect, and compared with the traditional machine learning algorithm, the classifier realized by the AdaBoost algorithm can achieve higher classification precision and has higher generalization capability, and the phenomenon of overfitting is not easy to occur. In the embodiment, an AdaBoost Classifier frame provided by scimit-lean is used as a basic model training frame, model training is carried out on a positive sample set and a negative sample set which are formed on the basis of quantized data, and an electric power mobile terminal safety state evaluation model can be obtained.
According to the method for constructing the safety state evaluation model of the electric power mobile terminal, provided by the embodiment of the invention, the safety indexes of the electric power mobile terminal are considered, meanwhile, in order to be capable of combining the surrounding environment and the historical safety state of the terminal to carry out more comprehensive safety evaluation on the electric power mobile terminal, the environment indexes and the historical reliability indexes are increased, the monitoring index data are extracted from the physical system, the system, the data system, the application system, the network system, the environment system and the historical reliability system, and the safety state evaluation model of the electric power mobile terminal is established by combining an AdaBoost algorithm on the basis, so that the online safety state evaluation of the electric power mobile terminal is realized.
In an embodiment, as shown in fig. 2 and 3, extracting the monitoring index data of the electric mobile terminal in the normal operation state and the monitoring index data of the abnormal operation state based on the state monitoring index system includes: extracting monitoring index data of the physical class of the power mobile terminal based on the physical class, wherein the monitoring index data of the physical class comprises monitoring index data of the power mobile terminal in the safety of key devices, the safety of starting certification, the safety of local interfaces, the dustproof and waterproof capability and the physical safety protection capability; extracting monitoring index data of the system class of the electric power mobile terminal based on the system class, wherein the monitoring index data of the system class comprises monitoring index data of the electric power mobile terminal in resource occupation safety, operation process safety, system version safety, system authority safety, system file safety and system safety protection capacity; extracting monitoring index data of a data class of the electric power mobile terminal based on the data class, wherein the monitoring index data of the data class comprises the monitoring index data of the electric power mobile terminal in the data safety protection capability; extracting monitoring index data of the application class of the power mobile terminal based on the application class, wherein the monitoring index data of the application class comprises monitoring index data of the power mobile terminal in application source safety, application authority safety, application behavior safety and application safety protection capability; extracting monitoring index data of the network class of the electric power mobile terminal based on the network class, wherein the monitoring index data of the network class comprises monitoring index data of the communication state safety, the network flow safety and the network safety protection capability of the electric power mobile terminal; extracting monitoring index data of the environment class of the power mobile terminal based on the environment class, wherein the monitoring index data of the environment class comprises monitoring index data of the power mobile terminal in temperature safety and humidity safety; and extracting the monitoring index data of the historical reliability of the electric power mobile terminal based on the historical reliability, wherein the monitoring index data of the historical reliability comprises the monitoring index data of the electric power mobile terminal scored in historical safety.
It should be noted that, when extracting the monitoring index data related to each aspect based on the physical class, the system class, the data class, the application class, the network class, the environment class, and the historical reliability, it is necessary to extract the monitoring index data related to each aspect corresponding to the normal operating state and the monitoring index data related to each aspect corresponding to the abnormal operating state, respectively.
In one embodiment, as shown in fig. 2 and 3, quantifying the monitoring index data of the normal operation state and the monitoring index data of the abnormal operation state respectively includes:
the monitoring index data of the safety of the key device comprises an SIM card, a safety TF card and a digital certificate of the electric power mobile terminal, and the quantitative index of the safety of the key device is determined according to whether the SIM card, the safety TF card and the digital certificate of the electric power mobile terminal are changed; the monitoring index data of the starting authentication security comprises starting authentication and biological feature identification of the electric mobile terminal, and a quantitative index of the starting authentication security is determined according to whether the electric mobile terminal starts the starting authentication and the biological feature identification; the monitoring index data of the local interface safety comprises the local interface state of the electric power mobile terminal, and the quantitative index of the local interface safety is determined according to the local interface state of the electric power mobile terminal; the monitoring index data of the dustproof and waterproof capacity comprises the protection grade of the electric power mobile terminal, and the quantitative index of the dustproof and waterproof capacity is determined according to the protection grade of the electric power mobile terminal; the monitoring index data of the physical safety protection capability comprises a remote anti-theft and safety locking mode of the electric power mobile terminal, and a quantitative index of the physical safety protection capability is determined according to the remote anti-theft and safety locking mode of the electric power mobile terminal;
the monitoring index data of the resource occupation safety comprises the CPU occupancy rate, the memory occupancy rate and the disk occupancy rate of the electric power mobile terminal, and the quantitative index of the resource occupation safety is determined according to whether the CPU occupancy rate, the memory occupancy rate and the disk occupancy rate of the electric power mobile terminal exceed the normal range or not; the monitoring index data of the running process safety comprises a process list of the electric power mobile terminal, and a quantitative index of the running process safety is determined according to whether an unknown process exists in the process list of the electric power mobile terminal; the monitoring index data of the system version safety comprises the current version number of the electric power mobile terminal, and a quantitative index of the system version safety is determined according to whether the current version number of the electric power mobile terminal is lower than the lowest version requirement or not; monitoring index data of the system authority security comprises the ROOT condition of the electric power mobile terminal, and a quantitative index of the system authority security is determined according to whether the electric power mobile terminal passes through the ROOT or not; the monitoring index data of the system file security comprises files of the electric power mobile terminal and file permissions, and a quantitative index of the system file security is determined according to whether the files of the electric power mobile terminal are modified and whether the file permissions are changed; the monitoring index data of the system safety protection capability comprises the system automatic updating condition of the electric power mobile terminal and the installation condition of safety special control software and virus checking and killing software, and the quantitative index of the system safety protection capability is determined according to whether the electric power mobile terminal is provided with the system automatic updating condition and whether the safety special control software and the virus checking and killing software are installed;
the monitoring index data of the data safety protection capability comprises data storage encryption, important data backup and virtual identity protection of the electric power mobile terminal, and a quantitative index of the data safety protection capability is determined according to whether the electric power mobile terminal has a data storage encryption technology, whether the important data is backed up and whether the virtual identity protection is started;
the monitoring index data of the application source safety comprises an application safety list and application signature information of the electric power mobile terminal, and a quantitative index of the application source safety is determined according to whether unknown applications exist in an application installation list of the electric power mobile terminal and whether the application signature information is changed; the monitoring index data of the application permission safety comprises sensitive permission in the electric power mobile terminal application, and a quantitative index of the application permission safety is determined according to whether the electric power mobile terminal application applies unnecessary sensitive permission or not; the monitoring index data of the application behavior safety comprises an illegal behavior of the power application terminal, and a quantitative index of the application behavior safety is determined according to whether the illegal behavior comprising application chain starting exists in the power mobile terminal or not; the monitoring index data of the application safety protection capability comprises power business application of the power mobile terminal, and the quantitative index of the application safety protection capability is determined according to whether an application lock is opened by the power business application of the power mobile terminal;
the monitoring index data of the communication state safety comprises a network port and a network connection state of the electric power mobile terminal, and a quantitative index of the communication state safety is determined according to whether the electric power mobile terminal opens a new network port and whether network connection is established with an unknown IP address; the monitoring index data of the network flow safety comprises a real-time sending rate, a real-time receiving rate, a TCP flow percentage, a UDP flow percentage and a service flow percentage of the electric power mobile terminal, and a quantitative index of the network flow safety is determined according to whether the real-time sending rate, the real-time receiving rate, the TCP flow percentage, the UDP flow percentage and the service flow percentage of the electric power mobile terminal exceed a normal range or not; the monitoring index data of the network safety protection capability comprises a special network channel, an automatic joining network and a pseudo base station protection of the electric power mobile terminal, and the quantitative index of the network safety protection capability is determined according to whether the electric power mobile terminal is bound with the special network channel, forbids the automatic joining network and whether the pseudo base station protection is started;
the monitoring index data of the temperature safety comprises the environment temperature of the electric power mobile terminal, and the quantitative index of the temperature safety is determined according to whether the environment temperature of the electric power mobile terminal exceeds a specified range or not; the monitoring index data of the humidity safety comprises the environment humidity of the electric power mobile terminal, and the quantitative index of the humidity safety is determined according to whether the environment humidity of the electric power mobile terminal exceeds a specified range;
the monitoring index data of the historical safety score comprises a recent safety state evaluation result of the electric power mobile terminal, and a quantitative index of the historical safety score is determined according to the recent safety state evaluation result of the electric power mobile terminal.
In one embodiment, the quantifying the monitoring index data of the normal operation state and the monitoring index data of the abnormal operation state respectively further includes: and comparing the quantitative index data acquired from each aspect in the historical reliability classes of the physical class, the system class, the data class, the application class, the network class and the environment class with the pre-stored normal monitoring index data or the safety standard to obtain the quantitative result of each aspect.
Specifically, the pre-stored normal monitoring index data specifically includes specific monitoring index data (for example, a CPU occupancy normal range, application signature information, and the like) of the electric mobile terminal in a normal operation state, and a pre-set white list (for example, an application white list, an IP address white list, and the like). When the quantitative index data is compared with the pre-stored normal monitoring index data or the safety standard, whether the quantitative index data is the same as the normal monitoring index data or the safety standard or not can be specifically seen, if so, the quantitative index data is assigned to be 1, and if not, the quantitative index data is assigned to be 0. The quantitative index data is monitoring index data specifically acquired in each aspect, for example, the quantitative index data on the security of the key device is whether a SIM card, a secure TF card, and a digital certificate of the device are changed.
How each aspect determines the quantization result is specifically explained based on the above quantization method:
comparing the acquired SIM card, the security TF card and the digital certificate of the equipment with normal monitoring index data, wherein if the acquired SIM card, the security TF card and the digital certificate of the equipment are the same, the quantization result of the security of the key device is 1, and if the acquired SIM card, the security TF card and the digital certificate are different, the quantization result is 0; for the security of the start-up authentication, if the start-up authentication and the biometric feature identification are started, the value is assigned to 1, and if the start-up authentication and the biometric feature identification are not started, the value is assigned to 0, so that the security of the start-up authentication takes the average value of the two values as a quantization result, for example, if the start-up authentication is set but the biometric feature identification is not set at the current terminal, the quantization result is (1 + 0)/2 =0.5; for the safety of the local interface, if the state of the local interface is in a debugging mode, the quantization result is 1, otherwise, the quantization result is 0; for the dustproof and waterproof capacity, whether the protection level reaches a preset safety standard can be judged, the quantization result is 1 if the protection level reaches the preset safety standard, and the quantization result is 0 if the protection level does not reach the preset safety standard; and for the physical safety protection capability, the same as the starting authentication safety, and the average value calculation is carried out according to the assignment result of whether the remote anti-theft and safety locking mode is started or not to obtain a quantification result.
For the resource occupation safety, if the CPU occupancy rate, the memory occupancy rate and the disk occupancy rate exceed the normal range, the quantization result is 0, and if the CPU occupancy rate, the memory occupancy rate and the disk occupancy rate do not exceed the normal range, the quantization result is 1; for the safety of the running process, if an unknown process exists in a process list of the system, the quantization result is 0, otherwise, the quantization result is 1; for the safety of the system version, if the current version number of the system is lower than the requirement of the lowest version, the quantization result is 0, otherwise, the quantization result is 1; for the security of the system authority, if the ROOT is passed, the quantization result is 0, otherwise, the quantization result is 1; the quantization modes of the system file security, the system security protection capability, the data security protection capability, the application source security, the communication state security and the network security protection capability are the same as the quantization mode of the physical security protection capability, and are not described herein again. The quantification mode of the application permission safety, the application behavior safety and the application safety protection capability is the same as the quantification mode of the safety of the running process, and is not described herein again. The quantification mode of network flow security, temperature security and humidity security is the same as the quantification mode of resource occupation security, and is not described herein again.
Quantification of historical security scores is expressed using the following formula:
Figure BDA0003919225660000141
wherein, C 22 Refers to the historical security score quantification, result i (i =1, 2.. N.) represents the ith evaluation Result and Result in the last n (the size of n can be set according to actual conditions) safety state evaluation records of the electric mobile terminal i ∈[0,1],Result i The closer to 1, the safer the current state of the power mobile internet terminal is.
The quantization index data of each aspect is quantized by the above quantization method, and a quantization result in the interval [0,1] of 22 aspects in total is obtained. Wherein 0 represents an unsafe state, i.e. a safety accident occurs or a safety standard is not met, 1 represents a safe state, i.e. no safety risk or accident is found, and the closer the quantitative result of the index is to 1, the safer the index is. And combining the 22-aspect quantization results to obtain a 22-dimensional index vector. Thus, the positive sample set and the negative sample set respectively include a plurality of 22-dimensional index vectors.
Training a classification frame corresponding to an AdaBoost algorithm based on a positive sample set and a negative sample set to obtain a safety state evaluation model of the electric power mobile terminal, which comprises the following steps: initializing weights of the positive sample set and the negative sample set; training a weak classifier based on a preset iteration number; and forming the trained weak classifiers into a strong classifier to obtain the safety state evaluation model of the electric power mobile terminal.
Specifically, during training, a basic model training framework is built based on a Python sklern library, sample weights are initialized, weak learners are trained for an evaluation index data set within specified iteration times, the sample weights are updated in each iteration process, sample weight normalization is carried out, all weak classifiers are integrated after the specified iteration times are reached to obtain a strong classifier, and the target electric mobile terminal safety state evaluation model is obtained. In this embodiment, the base classifier is set to a CART decision tree with a depth of 2, the classification algorithm is set to "SAMME", the maximum number of iterations of the weak classifiers is set to 200, and the weight reduction coefficient of each weak learner is set to 0.5.
In order to obtain the optimal training parameters, different iteration times are set under a fixed training set and test set division ratio and the training of the model is carried out, and the result shows that the classification accuracy of the model on the training set and the test set can reach more than 95% when the iteration times are 200, and the difference between the two is less than 1% (specifically shown in fig. 4); then, different training set and test set division ratios are set on the premise that the iteration number is 200, model training is carried out, and the result is displayed in the division ratio of 4: the highest accuracy of the model at 1 was 96.25% (as shown in fig. 5 in detail).
The embodiment of the invention also provides a method for evaluating the safety state of the electric power mobile terminal, which comprises the following steps as shown in fig. 6:
step S201: acquiring current monitoring index data of the electric power mobile terminal; the monitoring index data and the index data obtained in the model construction method comprise monitoring index data of each aspect of physical class, system class, data class, application class, network class, environment class and historical reliability.
Step S202: and quantizing the acquired monitoring index data and inputting the quantized monitoring index data into the electric power mobile terminal safety state evaluation model constructed based on the electric power mobile terminal safety state evaluation model construction method of the embodiment to obtain the current safety state evaluation result of the electric power mobile terminal. The specific quantization mode refers to the quantization mode adopted in the model construction method. After the obtained monitoring index data is quantized, a 22-dimensional index vector can be obtained, and the index vector is input into the constructed model, so that the current safety state evaluation result can be obtained.
According to the method for evaluating the safety state of the electric power mobile terminal, the obtained monitoring index data are quantized and then input into the pre-constructed safety state evaluation model of the electric power mobile terminal, and therefore the on-line safety state evaluation of the electric power mobile terminal can be achieved. Therefore, the safety state evaluation method can effectively and comprehensively evaluate the real-time state of the electric mobile terminal, discover potential safety risks in time, make up for the deficiency of safety protection of the mobile terminal layer and improve the overall safety protection capability of the system.
An embodiment of the present invention further provides a device for constructing a security state evaluation model of an electric power mobile terminal, as shown in fig. 7, including:
the system comprises a sample data acquisition module, a state monitoring index system and a data processing module, wherein the sample data acquisition module is used for extracting monitoring index data of each electric mobile terminal in a normal running state and monitoring index data of an abnormal running state based on the state monitoring index system, and the monitoring index data comprises monitoring index data extracted from a physical system, a system, a data system, an application system, a network system, an environment system and a historical reliability system; for details, reference is made to the corresponding parts of the above method embodiments, which are not described herein again.
The sample set construction module is used for respectively quantifying monitoring index data in a normal running state and monitoring index data in an abnormal running state to obtain a positive sample set and a negative sample set; for details, reference is made to the corresponding parts of the above method embodiments, which are not described herein again.
And the model construction module is used for training a classification frame corresponding to the AdaBoost algorithm based on the positive sample set and the negative sample set to obtain a safety state evaluation model of the electric power mobile terminal. For details, reference is made to the corresponding parts of the above method embodiments, which are not described herein again.
The electric power mobile terminal safety state evaluation model construction device provided by the embodiment of the invention considers the safety indexes of a physical mobile terminal, a system mobile terminal, a data mobile terminal, an application mobile terminal, a network mobile terminal and other general mobile terminals, and simultaneously, in order to be capable of combining the surrounding environment and the historical safety state of the terminal to perform more comprehensive safety evaluation on the electric power mobile terminal, the environment mobile terminal and the historical reliability indexes are increased, monitoring index data are extracted from the physical mobile terminal system, the system mobile terminal system, the data mobile terminal system, the application mobile terminal system, the network mobile terminal system, the environment mobile terminal system and the historical reliability system, and an electric power mobile terminal safety state evaluation model is established by combining an AdaBoost algorithm on the basis, so that the online safety state evaluation of the electric power mobile terminal is realized.
The function description of the electric power mobile terminal safety state evaluation model construction device provided by the embodiment of the invention refers to the description of the electric power mobile terminal safety state evaluation model construction method in the above embodiment in detail.
An embodiment of the present invention further provides an apparatus for evaluating a security state of an electric mobile terminal, as shown in fig. 8, the apparatus includes:
the real-time data acquisition module is used for acquiring current monitoring index data of the electric mobile terminal; for details, reference is made to the corresponding parts of the above method embodiments, and details are not repeated herein.
And the evaluation module is used for quantizing the acquired monitoring index data and inputting the quantized monitoring index data into the electric power mobile terminal safety state evaluation model constructed based on the electric power mobile terminal safety state evaluation model construction method of the embodiment to obtain the current safety state evaluation result of the electric power mobile terminal. For details, reference is made to the corresponding parts of the above method embodiments, and details are not repeated herein.
According to the safety state evaluation device of the electric power mobile terminal, the obtained monitoring index data are quantized and then input into the pre-constructed safety state evaluation model of the electric power mobile terminal, and therefore on-line safety state evaluation of the electric power mobile terminal can be achieved. Therefore, the safety state evaluation device can effectively and comprehensively evaluate the real-time state of the electric mobile terminal, discover potential safety risks in time, make up the deficiency of safety protection of the mobile terminal layer and improve the overall safety protection capability of the system.
The function description of the safety state evaluation device of the electric power mobile terminal provided by the embodiment of the invention refers to the description of the safety state evaluation method of the electric power mobile terminal in the embodiment in detail.
An embodiment of the present invention further provides a storage medium, as shown in fig. 9, on which a computer program 601 is stored, where the instructions, when executed by a processor, implement the steps of the electric power mobile terminal security status evaluation model building method and the electric power mobile terminal security status evaluation method in the foregoing embodiments. The storage medium is also stored with audio and video stream data, characteristic frame data, an interactive request signaling, encrypted data, preset data size and the like. The storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a Flash Memory (Flash Memory), a Hard Disk (Hard Disk Drive, abbreviated as HDD), a Solid State Drive (SSD), or the like; the storage medium may also comprise a combination of memories of the kind described above.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a Flash Memory (Flash Memory), a Hard Disk (Hard Disk Drive, abbreviated as HDD), a Solid State Drive (SSD), or the like; the storage medium may also comprise a combination of memories of the kind described above.
An embodiment of the present invention further provides an electronic device, as shown in fig. 10, the electronic device may include a processor 51 and a memory 52, where the processor 51 and the memory 52 may be connected by a bus or in another manner, and fig. 10 takes the example of connection by a bus as an example.
The processor 51 may be a Central Processing Unit (CPU). The Processor 51 may also be other general purpose processors, digital Signal Processors (DSPs), application Specific Integrated Circuits (ASICs), field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, or combinations thereof.
The memory 52, which is a non-transitory computer readable storage medium, may be used to store non-transitory software programs, non-transitory computer executable programs, and modules, such as the corresponding program instructions/modules in the embodiments of the present invention. The processor 51 executes various functional applications and data processing of the processor by running the non-transitory software programs, instructions and modules stored in the memory 52, that is, implements the electric mobile terminal security state assessment model construction method and the electric mobile terminal security state assessment method in the above method embodiments.
The memory 52 may include a storage program area and a storage data area, wherein the storage program area may store an operating device, an application program required for at least one function; the storage data area may store data created by the processor 51, and the like. Further, the memory 52 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory 52 may optionally include memory located remotely from the processor 51, and these remote memories may be connected to the processor 51 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The one or more modules are stored in the memory 52, and when executed by the processor 51, perform the electric mobile terminal security status evaluation model construction method and the electric mobile terminal security status evaluation method in the embodiments shown in fig. 1 to 6.
The details of the electronic device may be understood by referring to the corresponding descriptions and effects in the embodiments shown in fig. 1 to fig. 6, and details thereof and the method for evaluating the security status of the electric mobile terminal are not described herein.
Although the embodiments of the present invention have been described in conjunction with the accompanying drawings, those skilled in the art may make various modifications and variations without departing from the spirit and scope of the invention, and such modifications and variations fall within the scope defined by the appended claims.

Claims (10)

1. A method for constructing a safety state evaluation model of an electric power mobile terminal is characterized by comprising the following steps:
extracting monitoring index data of each electric mobile terminal in a normal operation state and monitoring index data of each electric mobile terminal in an abnormal operation state based on a state monitoring index system, wherein the monitoring index data comprises the extracted monitoring index data in a physical system, a system, a data system, an application system, a network system, an environment system and a historical reliability system;
respectively quantifying the monitoring index data in the normal running state and the monitoring index data in the abnormal running state to obtain a positive sample set and a negative sample set;
training a classification frame corresponding to an AdaBoost algorithm based on the positive sample set and the negative sample set to obtain a safety state evaluation model of the electric power mobile terminal.
2. The electric power mobile terminal safety state evaluation model construction method according to claim 1, wherein extracting monitoring index data of the electric power mobile terminal in a normal operation state and monitoring index data of an abnormal operation state based on a state monitoring index system comprises:
extracting monitoring index data of the physical type of the electric power mobile terminal based on the physical type, wherein the monitoring index data of the physical type comprises monitoring index data of the electric power mobile terminal on the safety of key devices, the safety of starting certification, the safety of local interfaces, the dustproof and waterproof capability and the physical safety protection capability;
extracting monitoring index data of the system class of the electric power mobile terminal based on the system class, wherein the monitoring index data of the system class comprises monitoring index data of the electric power mobile terminal in resource occupation safety, operation process safety, system version safety, system authority safety, system file safety and system safety protection capacity;
extracting monitoring index data of a data class of the electric power mobile terminal based on the data class, wherein the monitoring index data of the data class comprises monitoring index data of the electric power mobile terminal in the data safety protection capability;
extracting monitoring index data of the application class of the power mobile terminal based on the application class, wherein the monitoring index data of the application class comprises monitoring index data of the power mobile terminal in application source safety, application authority safety, application behavior safety and application safety protection capability;
extracting monitoring index data of the network class of the electric power mobile terminal based on the network class, wherein the monitoring index data of the network class comprises monitoring index data of the electric power mobile terminal in communication state safety, network flow safety and network safety protection capability;
extracting monitoring index data of the environment class of the power mobile terminal based on the environment class, wherein the monitoring index data of the environment class comprises monitoring index data of the power mobile terminal in temperature safety and humidity safety;
and extracting the monitoring index data of the historical reliability of the electric power mobile terminal based on the historical reliability, wherein the monitoring index data of the historical reliability comprises the monitoring index data of the electric power mobile terminal scored in historical safety.
3. The electric power mobile terminal security state evaluation model construction method according to claim 2,
the monitoring index data of the key device safety comprises an SIM card, a safety TF card and a digital certificate of the electric power mobile terminal; the monitoring index data of the starting authentication security comprises starting authentication and biological feature identification of the electric power mobile terminal; the monitoring index data of the local interface safety comprises the local interface state of the electric power mobile terminal; the monitoring index data of the dustproof and waterproof capacity comprises the protection grade of the electric power mobile terminal; the monitoring index data of the physical safety protection capability comprises a remote anti-theft and safety locking mode of the electric power mobile terminal;
the monitoring index data of the resource occupation safety comprise the CPU occupancy rate, the memory occupancy rate and the disk occupancy rate of the electric power mobile terminal; the monitoring index data of the running process safety comprises a process list of the electric power mobile terminal; the monitoring index data of the system version safety comprises the current version number of the electric power mobile terminal; monitoring index data of system permission safety comprises the ROOT condition of the electric power mobile terminal; monitoring index data of system file security comprises files and file permissions of the electric power mobile terminal; the monitoring index data of the system safety protection capability comprises the system automatic updating condition of the electric power mobile terminal, the installation condition of safety special control software and virus checking and killing software;
the monitoring index data of the data safety protection capability comprises data storage encryption, important data backup and virtual identity protection of the electric power mobile terminal;
the monitoring index data of the application source safety comprises an application safety list and application signature information of the electric power mobile terminal; the monitoring index data of the application authority security comprises sensitive authority in the application of the electric power mobile terminal; the monitoring index data of the application behavior safety comprises an illegal behavior of the power application terminal; the monitoring index data of the application safety protection capability comprises power business application of the power mobile terminal;
the monitoring index data of the communication state safety comprises a network port and a network connection state of the electric power mobile terminal; the monitoring index data of the network flow safety comprises a real-time sending rate, a real-time receiving rate, a TCP flow percentage, a UDP flow percentage and a service flow percentage of the electric power mobile terminal; the monitoring index data of the network safety protection capability comprises a special network channel, an automatic joining network and pseudo base station protection of the electric power mobile terminal;
the monitoring index data of the temperature safety comprises the environmental temperature of the electric power mobile terminal; the monitoring index data of the humidity safety comprises the environment humidity of the electric power mobile terminal;
and the monitoring index data of the historical safety score comprises a recent safety state evaluation result of the electric power mobile terminal.
4. The method for constructing the safety state evaluation model of the electric power mobile terminal according to claim 2, wherein the quantifying the monitoring index data of the normal operation state and the monitoring index data of the abnormal operation state respectively comprises:
and comparing the quantitative index data acquired from each aspect in the historical reliability classes of the physical class, the system class, the data class, the application class, the network class and the environment class with the pre-stored normal monitoring index data or the safety standard to obtain the quantitative result of each aspect.
5. The method for constructing the safety state evaluation model of the electric power mobile terminal according to claim 1, wherein training a classification frame corresponding to an AdaBoost algorithm based on a positive sample set and a negative sample set to obtain the safety state evaluation model of the electric power mobile terminal comprises:
initializing the weight of each sample in the positive sample set and the negative sample set;
training a weak classifier based on preset iteration times;
and forming the trained weak classifiers into a strong classifier to obtain the safety state evaluation model of the electric power mobile terminal.
6. A safety state evaluation method for an electric power mobile terminal is characterized by comprising the following steps:
acquiring current monitoring index data of the electric power mobile terminal;
quantifying the obtained monitoring index data, and inputting the quantified monitoring index data into the electric power mobile terminal safety state evaluation model constructed based on the electric power mobile terminal safety state evaluation model construction method of any one of claims 1 to 5 to obtain the current safety state evaluation result of the electric power mobile terminal.
7. The utility model provides an electric power mobile terminal security state aassessment model construction equipment which characterized in that includes:
the system comprises a sample data acquisition module, a state monitoring index system and a data processing module, wherein the sample data acquisition module is used for extracting monitoring index data of each electric power mobile terminal in a normal operation state and monitoring index data of each electric power mobile terminal in an abnormal operation state based on the state monitoring index system, and the monitoring index data comprises the monitoring index data extracted from a physical system, a system, a data system, an application system, a network system, an environment system and a historical reliability system;
the sample set construction module is used for quantizing the monitoring index data in the normal running state and the monitoring index data in the abnormal running state respectively to obtain a positive sample set and a negative sample set;
and the model construction module is used for training a classification frame corresponding to the AdaBoost algorithm based on the positive sample set and the negative sample set to obtain a safety state evaluation model of the electric power mobile terminal.
8. An electric power mobile terminal safety state evaluation device is characterized by comprising:
the real-time data acquisition module is used for acquiring current monitoring index data of the electric mobile terminal;
the evaluation module is used for quantizing the acquired monitoring index data and inputting the quantized monitoring index data into the electric power mobile terminal safety state evaluation model constructed based on the electric power mobile terminal safety state evaluation model construction method of any one of claims 1 to 5 to obtain the current safety state evaluation result of the electric power mobile terminal.
9. A computer-readable storage medium, wherein the computer-readable storage medium stores computer instructions for causing the computer to execute the electric mobile terminal security state assessment model building method according to any one of claims 1 to 5 or the electric mobile terminal security state assessment method according to claim 6.
10. An electronic device, comprising: a memory and a processor, wherein the memory and the processor are communicatively connected with each other, the memory stores computer instructions, and the processor executes the computer instructions to execute the electric power mobile terminal security state assessment model building method according to any one of claims 1 to 5 or the electric power mobile terminal security state assessment method according to claim 6.
CN202211353532.4A 2022-10-31 2022-10-31 Method, device, medium and equipment for establishing and evaluating safety state evaluation model Pending CN115696339A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211353532.4A CN115696339A (en) 2022-10-31 2022-10-31 Method, device, medium and equipment for establishing and evaluating safety state evaluation model

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211353532.4A CN115696339A (en) 2022-10-31 2022-10-31 Method, device, medium and equipment for establishing and evaluating safety state evaluation model

Publications (1)

Publication Number Publication Date
CN115696339A true CN115696339A (en) 2023-02-03

Family

ID=85048945

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211353532.4A Pending CN115696339A (en) 2022-10-31 2022-10-31 Method, device, medium and equipment for establishing and evaluating safety state evaluation model

Country Status (1)

Country Link
CN (1) CN115696339A (en)

Similar Documents

Publication Publication Date Title
JP6918245B2 (en) Identity verification method and equipment
US20180288084A1 (en) Method and device for automatically establishing intrusion detection model based on industrial control network
CN106295349A (en) Risk Identification Method, identification device and the anti-Ore-controlling Role that account is stolen
CN112637108B (en) Internal threat analysis method and system based on anomaly detection and emotion analysis
CN113435505A (en) Construction method and device for safe user portrait
CN111049828A (en) Network attack detection and response method and system
CN114091042A (en) Risk early warning method
CN112199700B (en) Safety management method and system for MES data system
TWI604334B (en) Information System Certification Method
CN115696339A (en) Method, device, medium and equipment for establishing and evaluating safety state evaluation model
CN113010909A (en) Data security classification method and device for scientific data sharing platform
CN114363082B (en) Network attack detection method, device, equipment and computer readable storage medium
CN112272195B (en) Dynamic detection authentication system and method thereof
CN113542222B (en) Zero-day multi-step threat identification method based on dual-domain VAE
Minjie et al. Abnormal Traffic Detection Technology of Power IOT Terminal Based on PCA and OCSVM
CN107995204A (en) Hadoop framework method for evaluating trust based on Bayes models
CN111368291A (en) Method and system for realizing honeypot-like defense
CN112200254A (en) Network intrusion detection model generation method, detection method and electronic equipment
CN115913688B (en) Network data security monitoring method, device, equipment and storage medium
CN115630754B (en) Intelligent networking automobile information security prediction method, device, equipment and medium
CN114816964B (en) Risk model construction method, risk detection device and computer equipment
CN114389838A (en) Terminal security access control method for identifying abnormal service from multiple dimensions
Liu et al. Can Image Quality Metrics Detect Face Liveness?
CN114663211A (en) Cloud computing based financial report analysis method, device, equipment and storage medium
CN117610003A (en) Credibility measurement and authentication method based on domestic desktop terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination