CN115967646A - Internet-based computer network data security intelligent protection system - Google Patents
Internet-based computer network data security intelligent protection system Download PDFInfo
- Publication number
- CN115967646A CN115967646A CN202211641444.4A CN202211641444A CN115967646A CN 115967646 A CN115967646 A CN 115967646A CN 202211641444 A CN202211641444 A CN 202211641444A CN 115967646 A CN115967646 A CN 115967646A
- Authority
- CN
- China
- Prior art keywords
- computer network
- signal
- data
- network
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention discloses an internet-based computer network data security intelligent protection system, relates to the technical field of data security intelligent protection, and solves the technical problem that risk subject analysis cannot be performed when data is abnormal when a computer network operates in the prior art; according to the invention, risk subject analysis is carried out when computer network data is abnormal through a real-time risk subject analysis unit, external invasion signals, natural fluctuation signals and shutdown maintenance signals are generated through the risk subject analysis and are sent to a server, so that data security analysis is carried out when the computer network data is abnormal, meanwhile, the abnormal reasons can be judged, and the computer network data protection is maintained in a targeted manner, and the high efficiency and the safety of the computer network data protection are improved; and the operation detection and analysis are carried out on the operation of the computer network, and whether the operation of the computer network is qualified or not is judged, so that the safety of data generated in the operation process of the computer network is ensured, and the data safety of the computer network is improved.
Description
Technical Field
The invention relates to the technical field of intelligent protection of data security, in particular to an intelligent protection system of computer network data security based on the Internet.
Background
With the wide application of computer network technology, the development of all industries tends to be combined with the computer network technology, the daily life and the people who eat and wear the computer network cannot leave the network, the network is inevitably full of information about life, resources and the like of the people, in addition, the computer network technology occupies an extremely important position in all fields and the development of social economy, and the computer network technology also has immeasurable value and more highlights the importance of the information security of the computer network;
however, in the prior art, when a computer network runs, risk subject analysis cannot be performed when data is abnormal, so that abnormal reasons cannot be accurately divided, which causes lack of pertinence in maintenance, reduces maintenance efficiency and increases maintenance cost;
in view of the above technical drawbacks, a solution is proposed.
Disclosure of Invention
The invention aims to solve the problems and provides an intelligent protection system for computer network data safety based on the Internet, which analyzes potential safety hazards of a computer network in the operation process and judges whether the current computer network has the potential safety hazards or not, so that timely rectification control is performed in the operation process, the safety failure rate of the computer network is reduced, the qualified efficiency of data transmission of the computer network is ensured, and the operation quality of the computer network is improved; and the performance analysis is carried out on the data safety protection of the computer network, and whether the data safety protection performance of the computer network is qualified or not in the operation process is judged, so that the qualification of data safety transmission is ensured, and meanwhile, the data protection performance is detected in real time.
The purpose of the invention can be realized by the following technical scheme:
the utility model provides a computer network data security intelligence protection system based on internet, includes the server, and the server communication is connected with:
the network operation detection and analysis unit is used for carrying out operation detection and analysis on the operation of the computer network, judging whether the computer network is qualified or not, acquiring a network operation time period, acquiring an operation detection and analysis coefficient of the computer network in the network operation time period, comparing the operation detection and analysis coefficient to generate a network operation detection qualified signal and a network operation detection unqualified signal, and sending the network operation detection qualified signal and the network operation detection unqualified signal to the server;
the real-time risk main body analysis unit is used for carrying out risk main body analysis when the computer network data is abnormal, generating an external intrusion signal, a natural fluctuation signal and an outage maintenance signal through the risk main body analysis, and sending the external intrusion signal, the natural fluctuation signal and the outage maintenance signal to the server;
the network hidden danger analysis unit is used for analyzing the potential safety hazards of the computer network in the operation process, generating operation high-risk signals and operation low-risk signals through analysis and sending the operation high-risk signals and the operation low-risk signals to the server;
and the protection performance detection unit is used for carrying out performance analysis on the data security protection of the computer network, judging whether the data security protection performance of the computer network is qualified in the operation process, generating a high-cost protection signal, a low-efficiency protection signal, a firewall qualified protection signal, an encryption low-efficiency signal and an encryption high-efficiency signal through analysis, and sending the signals to the server.
As a preferred embodiment of the present invention, the operation process of the network operation detection and analysis unit is as follows:
acquiring the failure judgment qualification rate of a computer network in a network operation time period and the time consumption for automatically recovering operation after a network failure occurs; acquiring controllable precision of the flow of the corresponding node of the computer network in the network operation time period; obtaining an operation detection analysis coefficient of the computer network in a network operation time period through analysis;
comparing the operation detection analysis coefficient of the computer network within the network operation time period with an operation detection analysis coefficient threshold value:
if the operation detection analysis coefficient of the computer network exceeds the operation detection analysis coefficient threshold value within the network operation time period, judging that the operation detection analysis of the computer network is normal, generating a network operation detection qualified signal and sending the network operation detection qualified signal to a server; and if the operation detection analysis coefficient of the computer network does not exceed the operation detection analysis coefficient threshold value within the network operation time period, judging that the operation detection analysis of the computer network is abnormal, generating a network operation detection unqualified signal and sending the network operation detection unqualified signal to the server.
In a preferred embodiment of the present invention, the operation of the real-time risk subject analysis unit is as follows:
after the network operation detection is passed, if the data transmission efficiency of the computer network is reduced, judging that the data of the computer network is abnormal, acquiring the time when the data transmission speed in the computer network floats and the floating span corresponding to the data transmission speed, acquiring the time when the data transmission quantity in the computer network is reduced and the reduced span corresponding to the data transmission quantity, acquiring the operation recovery time length in the computer network according to the floating span corresponding to the data transmission speed and the reduced span corresponding to the data transmission quantity, and taking the operation recovery time length as the parameters of the speed floating influence degree and the data quantity influence degree;
if the interval duration between the time of data transmission speed fluctuation in the computer network and the time of data volume reduction in the computer network exceeds the preset duration, if the operation recovery duration corresponding to the span reduction of the data volume exceeds the data volume recovery duration threshold, judging that the data is a risk subject, generating an external intrusion signal and sending the external intrusion signal to a server; and if the operation recovery time length of the floating span corresponding to the data transmission speed exceeds the data volume recovery time length threshold value, judging that the data transmission is a risk subject, generating a natural fluctuation signal and sending the natural fluctuation signal to the server.
As a preferred embodiment of the present invention, if the time when the data transmission speed in the computer network fluctuates and the time interval duration when the amount of data transmitted in the computer network decreases do not exceed the preset time duration, if the floating trend of the operation recovery duration corresponding to the span decrease of the amount of data transmitted is consistent with the floating trend of the operation recovery duration corresponding to the span decrease of the amount of data transmitted, or the difference value between the operation recovery duration corresponding to the span decrease of the amount of data transmitted and the corresponding increase speed of the operation recovery duration corresponding to the span decrease of the amount of data transmitted does not exceed the difference threshold, it is determined that the computer network transmission channel is a risk subject, and an outage maintenance signal is generated and sent to the server;
and if the operation recovery time length of the reduced span corresponding to the transmission data amount is not consistent with the floating trend of the operation recovery time length of the floating span of the data transmission speed, and the difference value of the operation recovery time length of the reduced span corresponding to the transmission data amount, corresponding to the increase speed, and the operation recovery time length of the floating span of the data transmission speed exceeds the difference threshold value, judging that the computer network transmission channel is a non-risk main body, and maintaining the corresponding transmission data amount or the corresponding data transmission speed.
As a preferred embodiment of the present invention, the operation process of the network hidden danger analyzing unit is as follows:
acquiring the continuous fault frequency of corresponding hardware equipment in the computer network in the current operation process and the average floating span of the software execution processing speed in the computer network in the current operation process, and respectively comparing the continuous fault frequency threshold and the average floating span threshold:
if the continuous fault frequency of corresponding hardware equipment in the computer network in the current running process exceeds the continuous fault frequency threshold value or the average floating span of the software execution processing speed in the computer network in the previous running process exceeds the average floating span threshold value, judging that the computer network has running potential safety hazards, generating a running high-risk signal and sending the running high-risk signal to a server;
if the continuous fault frequency of the corresponding hardware equipment in the computer network does not exceed the continuous fault frequency threshold value in the current operation process and the average floating span of the software execution processing speed in the computer network does not exceed the average floating span threshold value in the current operation process, judging that the computer network has no operation potential safety hazard, generating an operation low-risk signal and sending the operation low-risk signal to the server.
As a preferred embodiment of the present invention, the operation process of the protective performance detecting unit is as follows:
the ratio of the access user quantity blocked by a firewall to the total access user quantity in the computer network operation process and the ratio of the required access time length of stored data to the encryption and decryption consumption time length in the computer network operation process are collected and respectively marked as a user screening quantity ratio and a secret use time ratio, and simultaneously the user screening quantity ratio and the secret use time ratio are respectively compared with a ratio threshold value range and a time ratio threshold value:
if the user screening quantity ratio of the computer network exceeds the ratio threshold range, generating a high-cost protection signal and sending the high-cost protection signal to a server; if the user screening amount ratio of the computer network does not exceed the ratio threshold range, judging that the protection performance of the firewall does not meet the current operation requirement, generating a low-efficiency protection signal and sending the low-efficiency protection signal to a server; if the user screening quantity ratio of the computer network is in the ratio threshold range, judging that the protection performance of the firewall meets the current operation requirement, generating a firewall qualified protection signal and sending the firewall qualified protection signal to the server;
if the encryption use time ratio of the computer network exceeds the time ratio threshold, judging that the data encryption strength meets the current operation requirement, generating an encryption high-efficiency signal and sending the encryption high-efficiency signal to a server; and if the encryption use time ratio of the computer network does not exceed the time ratio threshold value, judging that the data encryption strength does not meet the current operation requirement, generating an encryption low-efficiency signal and sending the encryption low-efficiency signal to the server.
Compared with the prior art, the invention has the beneficial effects that:
1. in the invention, the operation detection and analysis are carried out on the operation of the computer network, and whether the operation of the computer network is qualified or not is judged, so that the safety of data generated in the operation process of the computer network is ensured, the data safety of the computer network is improved, and the potential safety hazard of the operation data of the computer network is reduced; risk principal analysis is carried out when the computer network data is abnormal, and the affected object of the current computer network data is judged, so that data security analysis is carried out when the computer network data is abnormal, meanwhile, the abnormal reason can be judged, and the targeted maintenance can be carried out, and the high efficiency and the safety of computer network data protection are improved;
2. in the invention, potential safety hazard analysis is carried out on the computer network in the operation process, and whether the current computer network has potential safety hazard is judged, so that timely inching control is carried out in the operation process, the safety fault rate of the computer network is reduced, the qualified data transmission efficiency of the computer network is ensured, and the operation quality of the computer network is improved; the data safety protection of the computer network is subjected to performance analysis, and whether the data safety protection performance of the computer network is qualified in the operation process is judged, so that the qualification of data safety transmission is ensured, the data safety protection performance is detected in real time, the data protection can be reasonably planned while the data transmission safety performance is ensured, and the cost of the data protection is controlled.
Drawings
In order to facilitate understanding for those skilled in the art, the present invention will be further described with reference to the accompanying drawings.
Fig. 1 is a schematic block diagram of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without inventive step based on the embodiments of the present invention, are within the scope of protection of the present invention.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the invention. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
Referring to fig. 1, an internet-based computer network data security intelligent protection system includes a server, the server is connected with a network operation detection analysis unit, a real-time risk main body analysis unit, a network hidden danger analysis unit and a protection performance detection unit in a communication manner, wherein the server is connected with the network operation detection analysis unit, the real-time risk main body analysis unit, the network hidden danger analysis unit and the protection performance detection unit in a bidirectional communication manner;
the server generates a network operation detection analysis signal and sends the network operation detection analysis signal to the network operation detection analysis unit, and the network operation detection analysis unit performs operation detection analysis on the operation of the computer network after receiving the network operation detection analysis signal and judges whether the operation of the computer network is qualified or not, so that the safety of data generated in the operation process of the computer network is ensured, the data safety of the computer network is improved, and the potential safety hazard of the operation data of the computer network is reduced;
acquiring a network operation time period, acquiring the fault judgment qualification rate of a computer network in the network operation time period and the time consumption for automatic recovery operation after a network fault occurs, and marking the fault judgment qualification rate of the computer network in the network operation time period and the time consumption for automatic recovery operation after the network fault occurs as HGL and HHS respectively; acquiring the controllable accuracy of the flow of the corresponding node of the computer network in the network operation time period, and marking the controllable accuracy of the flow of the corresponding node of the computer network in the network operation time period as KJD;
by the formula
Obtaining an operation detection analysis coefficient C of the computer network in a network operation time period, wherein d1, d2 and d3 are preset proportionality coefficients, d1 is larger than d2 and larger than d3 is larger than 0, beta is an error correction factor, and the value is1.124;
Comparing the operation detection analysis coefficient C of the computer network within the network operation time period with an operation detection analysis coefficient threshold value:
if the operation detection analysis coefficient C of the computer network exceeds the operation detection analysis coefficient threshold value in the network operation time period, judging that the operation detection analysis of the computer network is normal, generating a network operation detection qualified signal and sending the network operation detection qualified signal to a server;
if the operation detection analysis coefficient C of the computer network does not exceed the operation detection analysis coefficient threshold value within the network operation time period, judging that the operation detection analysis of the computer network is abnormal, generating a network operation detection unqualified signal and sending the network operation detection unqualified signal to a server; after receiving a signal that the network operation detection is unqualified, the server maintains the performance of the computer network;
after receiving the network operation detection qualified signal, the server generates a real-time risk main body analysis signal and sends the real-time risk main body analysis signal to the real-time risk main body analysis unit when the real-time computer network data is abnormal, the real-time risk main body analysis unit performs risk main body analysis when the computer network data is abnormal after receiving the real-time risk main body analysis signal and judges an affected object of the current computer network data, so that data security analysis is performed when the computer network data is abnormal, meanwhile, the abnormal reason can be judged, maintenance is performed in a targeted manner, and the high efficiency and the safety of computer network data protection are improved;
after the network operation detection is passed, if the data transmission efficiency of the computer network is reduced, judging that the data of the computer network is abnormal, acquiring the time when the data transmission speed in the computer network floats and the floating span corresponding to the data transmission speed, and simultaneously acquiring the time when the data transmission quantity in the computer network is reduced and the reducing span corresponding to the data transmission quantity, acquiring the operation recovery time length in the computer network according to the floating span corresponding to the data transmission speed and the reducing span corresponding to the data transmission quantity, and taking the operation recovery time length as parameters of the speed floating influence degree and the data quantity influence degree, wherein the operation recovery time length is expressed as the required time length for controlling before the speed or the data quantity floats when the transmission speed and the data quantity are in a floating trend, namely, keeping the speed within a qualified threshold range and keeping the data quantity unreduced;
if the interval duration between the time of data transmission speed fluctuation in the computer network and the time of data volume reduction in the computer network exceeds the preset duration, if the operation recovery duration corresponding to the span reduction of the data volume exceeds the data volume recovery duration threshold, judging that the data is a risk subject, generating an external intrusion signal and sending the external intrusion signal to a server; if the operation recovery duration of the floating span corresponding to the data transmission speed exceeds the data volume recovery duration threshold, judging that the data transmission is a risk subject, generating a natural fluctuation signal and sending the natural fluctuation signal to a server;
if the time when the data transmission speed in the computer network floats and the time interval duration when the data transmission quantity in the computer network is reduced do not exceed the preset time duration, if the floating trend of the operation recovery duration corresponding to the span reduction of the transmission data quantity is consistent with the floating trend of the operation recovery duration corresponding to the data transmission speed, or the difference value of the amplitude corresponding to the growth speed of the operation recovery duration corresponding to the span reduction of the transmission data quantity and the growth speed of the operation recovery duration corresponding to the data transmission speed floating span does not exceed the difference threshold, judging that a computer network transmission channel is a risk main body, generating an operation stopping maintenance signal and sending the operation stopping maintenance signal to a server, and after receiving the operation stopping maintenance signal, detecting and maintaining the network operation while managing and controlling the transmission data quantity and the data transmission by the server;
if the operation recovery time length of the reduced span corresponding to the transmission data amount is not consistent with the floating trend of the operation recovery time length of the floating span of the data transmission speed, and the difference value of the operation recovery time length corresponding to the reduced span of the transmission data amount, the increase speed corresponding to the increase speed and the operation recovery time length of the floating span of the data transmission speed exceeds the difference threshold value, the computer network transmission channel is judged to be a non-risk main body, and the corresponding transmission data amount or the data transmission speed is maintained;
when the computer network operates normally, the server generates a network hidden danger analysis signal and sends the network hidden danger analysis signal to the network hidden danger analysis unit, and after the network hidden danger analysis unit receives the network hidden danger analysis signal, the network hidden danger analysis unit analyzes the potential safety hazard of the computer network in the operation process and judges whether the potential safety hazard exists in the current computer network, so that timely inching control is performed in the operation process, the safety failure rate of the computer network is reduced, the data transmission qualified efficiency of the computer network is ensured, and the operation quality of the computer network is enhanced;
acquiring the continuous fault frequency of the corresponding hardware equipment in the computer network in the current operation process and the average floating span of the software execution processing speed in the computer network in the current operation process, and respectively comparing the continuous fault frequency of the corresponding hardware equipment in the computer network in the current operation process and the average floating span of the software execution processing speed in the computer network in the current operation process with a continuous fault frequency threshold value and an average floating span threshold value:
if the continuous fault frequency of corresponding hardware equipment in the computer network exceeds a continuous fault frequency threshold value in the current running process or the average floating span of the execution processing speed of software in the computer network exceeds an average floating span threshold value in the previous running process, judging that the computer network has running potential safety hazards, generating a running high-risk signal and sending the running high-risk signal to a server, and after receiving the running high-risk signal, carrying out maintenance and rectification on the corresponding software and hardware of the computer network by the server; the hardware is represented by a data storage hard disk, a processor and other devices, and the software is represented by a data transmission node, a transmission terminal and the like;
if the continuous fault frequency of the corresponding hardware equipment in the computer network does not exceed the continuous fault frequency threshold value in the current operation process and the average floating span of the software execution processing speed in the computer network does not exceed the average floating span threshold value in the current operation process, judging that the computer network has no operation potential safety hazard, generating an operation low-risk signal and sending the operation low-risk signal to the server;
the server generates a protection performance detection signal and sends the protection performance detection signal to the protection performance detection unit, after the protection performance detection unit receives the protection performance detection signal, the performance analysis is carried out on the data safety protection of the computer network, whether the data safety protection performance of the computer network is qualified or not in the operation process is judged, and therefore the qualification of data safety transmission is guaranteed;
acquiring the ratio of the access user blocking amount of a firewall to the total access user amount in the computer network operation process and the ratio of the required access time length of stored data to the encryption and decryption consumption time length in the computer network operation process, respectively marking the ratio of the access user blocking amount of the firewall to the total access user amount in the computer network operation process and the ratio of the required access time length of the stored data to the encryption and decryption consumption time length in the computer network operation process as a user screening amount ratio and a preset encryption use time ratio, and respectively comparing the user screening amount ratio and the preset encryption use time ratio with a ratio threshold range and a time ratio threshold:
if the user screening quantity ratio of the computer network exceeds the ratio threshold range, judging that the protection performance of the firewall excessively meets the current operation requirement, generating a high-cost protection signal and sending the high-cost protection signal to a server, and after receiving the high-cost protection signal, the server controls the protection performance of the protection wall;
if the user screening quantity ratio of the computer network does not exceed the ratio threshold range, judging that the protection performance of the firewall does not meet the current operation requirement, generating a low-efficiency protection signal and sending the low-efficiency protection signal to the server, and after receiving the low-efficiency protection signal, the server strengthens the protection performance of the protection wall;
if the user screening quantity ratio of the computer network is in the ratio threshold range, judging that the protection performance of the firewall meets the current operation requirement, generating a firewall qualified protection signal and sending the firewall qualified protection signal to the server;
if the encryption use time ratio of the computer network exceeds the time ratio threshold value, judging that the data encryption strength meets the current operation requirement, generating an encryption high-efficiency signal and sending the encryption high-efficiency signal to a server; if the encryption using time ratio of the computer network does not exceed the time ratio threshold value, the encryption intensity of the data is judged not to meet the current operation requirement, an encryption low-efficiency signal is generated and sent to the server, and after the server receives the encryption low-efficiency signal, the encryption intensity is adjusted according to the time length requirement of the computer network data access, so that the safety performance of the data is ensured.
The formulas are obtained by acquiring a large amount of data and performing software simulation, and the coefficients in the formulas are set by the technicians in the field according to actual conditions;
when the system is used, the network operation detection analysis unit is used for carrying out operation detection analysis on the operation of the computer network, judging whether the operation of the computer network is qualified or not, acquiring a network operation time period, acquiring an operation detection analysis coefficient of the computer network in the network operation time period, comparing the operation detection analysis coefficient to generate a network operation detection qualified signal and a network operation detection unqualified signal, and sending the network operation detection qualified signal and the network operation detection unqualified signal to the server; performing risk main body analysis when computer network data is abnormal through a real-time risk main body analysis unit, generating an external intrusion signal, a natural fluctuation signal and an outage maintenance signal through the risk main body analysis, and sending the external intrusion signal, the natural fluctuation signal and the outage maintenance signal to a server; the method comprises the steps that a network hidden danger analysis unit analyzes potential safety hazards of a computer network in the operation process, generates high-risk operation signals and low-risk operation signals through analysis, and sends the high-risk operation signals and the low-risk operation signals to a server; the data security protection of the computer network is subjected to performance analysis through the protection performance detection unit, whether the data security protection performance of the computer network is qualified or not in the operation process is judged, and a high-cost protection signal, a low-efficiency protection signal, a firewall qualified protection signal, an encrypted low-efficiency signal and an encrypted high-efficiency signal are generated through analysis and sent to the server.
The preferred embodiments of the invention disclosed above are intended to be illustrative only. The preferred embodiments are not intended to be exhaustive or to limit the invention to the precise form disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best utilize the invention. The invention is limited only by the claims and their full scope and equivalents.
Claims (6)
1. The utility model provides a computer network data security intelligence protection system based on internet which characterized in that, includes the server, and the server communication is connected with:
the network operation detection and analysis unit is used for carrying out operation detection and analysis on the operation of the computer network, judging whether the operation of the computer network is qualified or not, acquiring a network operation time period, acquiring an operation detection and analysis coefficient of the computer network in the network operation time period, comparing the operation detection and analysis coefficient to generate a network operation detection qualified signal and a network operation detection unqualified signal, and sending the network operation detection qualified signal and the network operation detection unqualified signal to the server;
the real-time risk main body analysis unit is used for carrying out risk main body analysis when the computer network data is abnormal, generating an external intrusion signal, a natural fluctuation signal and an outage maintenance signal through the risk main body analysis, and sending the external intrusion signal, the natural fluctuation signal and the outage maintenance signal to the server;
the network hidden danger analysis unit is used for analyzing the potential safety hazards of the computer network in the operation process, generating operation high-risk signals and operation low-risk signals through analysis and sending the operation high-risk signals and the operation low-risk signals to the server;
the protection performance detection unit is used for carrying out performance analysis on data safety protection of the computer network, judging whether the data safety protection performance of the computer network is qualified in the operation process, generating a high-cost protection signal, a low-efficiency protection signal, a firewall qualified protection signal, an encrypted low-efficiency signal and an encrypted high-efficiency signal through analysis, and sending the signals to the server.
2. The intelligent protection system for computer network data safety based on internet as claimed in claim 1, wherein the operation process of the network operation detection analysis unit is as follows:
acquiring the failure judgment qualification rate of a computer network in a network operation time period and the time consumption for automatically recovering operation after a network failure occurs; acquiring the controllable precision of the flow of the corresponding node of the computer network in the network operation time period; obtaining an operation detection analysis coefficient of the computer network in a network operation time period through analysis;
comparing the operation detection analysis coefficient of the computer network within the network operation time period with an operation detection analysis coefficient threshold value:
if the operation detection analysis coefficient of the computer network exceeds the operation detection analysis coefficient threshold value within the network operation time period, judging that the operation detection analysis of the computer network is normal, generating a qualified network operation detection signal and sending the qualified network operation detection signal to a server; and if the operation detection analysis coefficient of the computer network does not exceed the operation detection analysis coefficient threshold value in the network operation time period, judging that the operation detection analysis of the computer network is abnormal, generating an unqualified network operation detection signal and sending the unqualified network operation detection signal to a server.
3. The intelligent internet-based computer network data security protection system according to claim 1, wherein the real-time risk subject analysis unit operates as follows:
after the network operation detection is passed, if the data transmission efficiency of the computer network is reduced, judging that the data of the computer network is abnormal, acquiring the time when the data transmission speed in the computer network floats and the floating span corresponding to the data transmission speed, acquiring the time when the data transmission quantity in the computer network is reduced and the reduced span corresponding to the data transmission quantity, acquiring the operation recovery time length in the computer network according to the floating span corresponding to the data transmission speed and the reduced span corresponding to the data transmission quantity, and taking the operation recovery time length as the parameters of the speed floating influence degree and the data quantity influence degree;
if the interval duration between the time of data transmission speed fluctuation in the computer network and the time of data volume transmission reduction in the computer network exceeds a preset duration, if the operation recovery duration corresponding to the span reduction of the data volume transmission exceeds a data volume recovery duration threshold, judging that the data per se is a risk subject, generating an external intrusion signal and sending the external intrusion signal to a server; and if the operation recovery time length of the floating span corresponding to the data transmission speed exceeds the data volume recovery time length threshold value, judging that the data transmission is a risk subject, generating a natural fluctuation signal and sending the natural fluctuation signal to the server.
4. The internet-based computer network data security intelligent protection system of claim 3, wherein if the time when the data transmission speed in the computer network fluctuates and the time interval time when the amount of data transmitted in the computer network decreases do not exceed the preset time, if the operation recovery time corresponding to the span reduction of the amount of data transmitted is consistent with the floating trend of the operation recovery time corresponding to the span floating of the data transmission speed, or the difference value between the operation recovery time corresponding to the span reduction of the amount of data transmitted and the increase speed corresponding to the operation recovery time corresponding to the span increase speed and the data transmission speed does not exceed the difference threshold, it is determined that the computer network transmission channel is a risk subject, and the outage maintenance signal is generated and sent to the server;
and if the operation recovery time length of the reduced span corresponding to the transmission data amount is not consistent with the floating trend of the operation recovery time length of the floating span of the data transmission speed, and the difference value of the operation recovery time length of the reduced span corresponding to the transmission data amount, corresponding to the increase speed, and the operation recovery time length of the floating span of the data transmission speed exceeds the difference threshold value, judging that the computer network transmission channel is a non-risk main body, and maintaining the corresponding transmission data amount or the corresponding data transmission speed.
5. The intelligent protection system for computer network data safety based on internet as claimed in claim 1, wherein the operation process of the network hidden danger analysis unit is as follows:
acquiring the continuous fault frequency of corresponding hardware equipment in the computer network in the current operation process and the average floating span of the software execution processing speed in the computer network in the current operation process, and respectively comparing the continuous fault frequency threshold and the average floating span threshold:
if the continuous fault frequency of corresponding hardware equipment in the computer network in the current running process exceeds the continuous fault frequency threshold value or the average floating span of the software execution processing speed in the computer network in the previous running process exceeds the average floating span threshold value, judging that the computer network has running potential safety hazards, generating a running high-risk signal and sending the running high-risk signal to a server;
if the continuous fault frequency of the corresponding hardware equipment in the computer network does not exceed the continuous fault frequency threshold value in the current running process, and the average floating span of the software execution processing speed in the computer network does not exceed the average floating span threshold value in the current running process, judging that the computer network has no running potential safety hazard, generating a running low-risk signal and sending the running low-risk signal to the server.
6. The intelligent protection system for data security of computer network based on Internet as claimed in claim 1, wherein the operation process of the protection performance detection unit is as follows:
the method comprises the following steps of collecting the ratio of the access user quantity blocked by a firewall in the computer network operation process to the total access user quantity and the ratio of the required access time length of stored data in the computer network operation process to the encryption and decryption consumption time length, respectively marking the ratios as a user screening quantity ratio and a secret use time ratio, and respectively comparing the user screening quantity ratio and the secret use time ratio with a ratio threshold value range and a time ratio threshold value:
if the user screening quantity ratio of the computer network exceeds the ratio threshold range, generating a high-cost protection signal and sending the high-cost protection signal to a server; if the user screening quantity ratio of the computer network does not exceed the ratio threshold range, judging that the protection performance of the firewall does not meet the current operation requirement, generating a low-efficiency protection signal and sending the low-efficiency protection signal to the server; if the user screening quantity ratio of the computer network is within the ratio threshold range, judging that the protection performance of the firewall meets the current operation requirement, generating a firewall qualified protection signal and sending the firewall qualified protection signal to a server;
if the encryption use time ratio of the computer network exceeds the time ratio threshold value, judging that the data encryption strength meets the current operation requirement, generating an encryption high-efficiency signal and sending the encryption high-efficiency signal to a server; and if the encryption use time ratio of the computer network does not exceed the time ratio threshold value, judging that the data encryption strength does not meet the current operation requirement, generating an encryption low-efficiency signal and sending the encryption low-efficiency signal to a server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211641444.4A CN115967646A (en) | 2022-12-20 | 2022-12-20 | Internet-based computer network data security intelligent protection system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211641444.4A CN115967646A (en) | 2022-12-20 | 2022-12-20 | Internet-based computer network data security intelligent protection system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115967646A true CN115967646A (en) | 2023-04-14 |
Family
ID=87354261
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211641444.4A Pending CN115967646A (en) | 2022-12-20 | 2022-12-20 | Internet-based computer network data security intelligent protection system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115967646A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116937410A (en) * | 2023-07-28 | 2023-10-24 | 山东汇能电气有限公司 | Intelligent remote inflatable cabinet wireless monitoring system based on Internet |
| CN117176466A (en) * | 2023-09-28 | 2023-12-05 | 安徽万链科技有限公司 | Information communication technology safety monitoring system and monitoring method thereof |
-
2022
- 2022-12-20 CN CN202211641444.4A patent/CN115967646A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116937410A (en) * | 2023-07-28 | 2023-10-24 | 山东汇能电气有限公司 | Intelligent remote inflatable cabinet wireless monitoring system based on Internet |
| CN117176466A (en) * | 2023-09-28 | 2023-12-05 | 安徽万链科技有限公司 | Information communication technology safety monitoring system and monitoring method thereof |
| CN117176466B (en) * | 2023-09-28 | 2024-05-10 | 广东民新通信科技有限公司 | Information communication technology safety monitoring system and monitoring method thereof |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN115967646A (en) | Internet-based computer network data security intelligent protection system | |
| CN115085994B (en) | Information centralized security management system of cloud computing internal physical machine | |
| CN115514562B (en) | Data security early warning method and system | |
| CN115657631B (en) | Intelligent monitoring system for industrial control equipment operation field environment | |
| CN116208531A (en) | Communication information transmission safety monitoring system based on big data | |
| CN114444984B (en) | Remote education-based school internal and external management system | |
| CN108809706A (en) | A kind of network risks monitoring system of substation | |
| CN109932585B (en) | Self-adaptive binary search algorithm for positioning malicious users of neighborhood network of smart power grid | |
| CN116051131B (en) | Seal circulation supervision system based on data analysis | |
| CN112910728A (en) | Data security monitoring method and device | |
| CN112153076A (en) | Computer network safety intrusion detection system | |
| CN206149326U (en) | Data acquisition analysis monitoring system | |
| CN104796822A (en) | Audio howling detection method, video monitoring method and system using same | |
| CN115834325A (en) | SD-WAN-oriented network hardware operation management system | |
| CN109981358A (en) | A kind of adaptive network performance method for early warning based on built-up pattern | |
| CN115904881A (en) | Self-adaptive control system of computer running program based on sensing module | |
| CN202424749U (en) | Intranet flow control system | |
| CN115099291A (en) | Building energy-saving monitoring method | |
| CN113726724B (en) | Method and gateway for evaluating and detecting security risk of home network environment | |
| CN115639423A (en) | Internet-based intelligent distribution box monitoring control method and system | |
| CN115619263A (en) | Laboratory teaching management and control system based on wisdom campus | |
| Čisar et al. | EWMA based threshold algorithm for intrusion detection | |
| CN114005256A (en) | Alarm delay device design method and system based on alarm duration probability function | |
| CN112838957A (en) | Flow prediction system with intelligent scheduling function | |
| CN116820896B (en) | Physical signal-based non-invasive industrial control terminal abnormality detection method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |