CN116127522B - Safety risk analysis method and system based on multi-source data acquisition - Google Patents
Safety risk analysis method and system based on multi-source data acquisition Download PDFInfo
- Publication number
- CN116127522B CN116127522B CN202310404960.3A CN202310404960A CN116127522B CN 116127522 B CN116127522 B CN 116127522B CN 202310404960 A CN202310404960 A CN 202310404960A CN 116127522 B CN116127522 B CN 116127522B
- Authority
- CN
- China
- Prior art keywords
- data
- equipment
- acquisition
- indexes
- source
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S10/00—Systems supporting electrical power generation, transmission or distribution
- Y04S10/50—Systems or methods supporting the power network operation or management, involving a certain degree of interaction with the load-side end user applications
Abstract
The invention provides a security risk analysis method and system based on multi-source data acquisition, and relates to the technical field of data processing. The method comprises the steps of acquiring data according to an acquisition target to obtain a multi-source data set, inputting the multi-source data set and acquisition equipment information into a cloud platform for storage to obtain a data storage distribution block, analyzing equipment safety analysis and data value of a plurality of data sources according to the cloud platform, acquiring a plurality of data value indexes and equipment safety indexes for network training, and acquiring risk coefficients for identifying potential safety hazards of the multi-source data set. The method solves the technical problems that potential safety hazards based on data acquired by data acquisition equipment cannot be intuitively known in the prior art, and potential safety hazards cannot be known when analysis based on the acquired data is applicable. The method has the technical effects of realizing visual cognition on the potential safety hazard condition of the acquired data, and improving reference for the user to use the currently acquired data for data application and analysis of the acquired target.
Description
Technical Field
The invention relates to the technical field of data processing, in particular to a security risk analysis method and system based on multi-source data acquisition.
Background
In the present informatization era, data acquisition based on data acquisition equipment has become a requirement of many fields, however, with the continuous development of data acquisition technology, the defects of potential safety hazards existing in the acquired data and the defects of potential safety hazards existing in the acquisition equipment are also attracting more and more attention.
Based on data acquisition equipment, data acquisition is carried out, and the defect that potential safety hazards exist in acquired data per se exists. For example, in data acquisition devices such as temperature sensors and humidity sensors, problems such as data tampering and data leakage may occur due to hardware and software design defects. Meanwhile, due to software development defects or hardware design errors, the data acquisition equipment may have loopholes, so that an attacker can invade the equipment in a remote attack or physical attack mode, and further tamper, steal or destroy the data.
In the prior art, when data source data are acquired based on data acquisition equipment, the potential safety hazard condition of the acquired data cannot be intuitively known, so that unknown potential safety hazard exists when analysis based on the acquired data is applicable.
Disclosure of Invention
The application provides a safety risk analysis method and system based on multi-source data acquisition, which are used for solving the technical problems that potential safety hazards based on data acquired by data acquisition equipment cannot be intuitively known in the prior art, so that the potential safety hazards cannot be known when analysis based on the acquired data is applicable.
In view of the above problems, the present application provides a security risk analysis method and system based on multi-source data acquisition.
In a first aspect of the present application, there is provided a security risk analysis method based on multi-source data acquisition, the method comprising: data acquisition is carried out on a plurality of data sources according to a first acquisition target, so as to obtain a multi-source data set; inputting the multi-source data set into the cloud platform for storage to obtain a data storage distribution block, wherein the data storage distribution block comprises a plurality of sub-blocks, and each sub-block is used for storing data of one data source; acquiring acquisition equipment information corresponding to the plurality of data sources; storing the acquired equipment information into corresponding sub-blocks, and carrying out equipment security analysis on the plurality of data sources according to the cloud platform to obtain a plurality of equipment security indexes; analyzing the data value in the multi-source data set based on the first acquisition target to acquire a plurality of data value indexes; and performing network training by taking the plurality of equipment safety indexes and the plurality of data value indexes as training data sets, and acquiring a first risk coefficient for identifying potential safety hazards of the multi-source data sets.
In a second aspect of the present application, there is provided a security risk analysis system based on multi-source data acquisition, the system comprising: the data acquisition execution module is used for carrying out data acquisition on a plurality of data sources according to the first acquisition target to obtain a multi-source data set; the data distribution storage module is used for inputting the multi-source data set into the cloud platform for storage to obtain a data storage distribution block, wherein the data storage distribution block comprises a plurality of sub-blocks, and each sub-block is used for storing data of one data source; the equipment information acquisition module is used for acquiring acquisition equipment information corresponding to the plurality of data sources; the equipment safety analysis module is used for storing the acquired equipment information into corresponding sub-blocks, and carrying out equipment safety analysis on the plurality of data sources according to the cloud platform to obtain a plurality of equipment safety indexes; the data value analysis module is used for analyzing the data value in the multi-source data set based on the first acquisition target to acquire a plurality of data value indexes; the risk coefficient acquisition module is used for performing network training by taking the plurality of equipment safety indexes and the plurality of data value indexes as training data sets to acquire a first risk coefficient for identifying potential safety hazards of the multi-source data sets.
One or more technical solutions provided in the present application have at least the following technical effects or advantages:
according to the method provided by the embodiment of the application, the multiple data sources are acquired according to the first acquisition target, so that a multi-source data set is obtained; inputting the multi-source data set into the cloud platform for storage to obtain a data storage distribution block, wherein the data storage distribution block comprises a plurality of sub-blocks, and each sub-block is used for storing data of one data source; the data storage distribution block is adopted for data isolation storage, so that data pollution caused by data mixed storage is avoided, and accuracy of whether safety risk analysis exists in collected data based on the multi-source data set is affected. Acquiring acquisition equipment information corresponding to the plurality of data sources; storing the acquired equipment information into corresponding sub-blocks, and carrying out equipment security analysis on the plurality of data sources according to the cloud platform to obtain a plurality of equipment security indexes; analyzing the data value in the multi-source data set based on the first acquisition target to acquire a plurality of data value indexes; and performing network training by taking the plurality of equipment safety indexes and the plurality of data value indexes as training data sets, acquiring a first risk coefficient for identifying potential safety hazards of the multi-source data sets, and constructing a risk mapping model to realize the acquisition of the risk coefficient with high accuracy and high credibility. The embodiment realizes the technical effects of having visual cognition on the potential safety hazard condition of the acquired data, and improving the reference for the user to use the currently acquired data for data application and analysis of the acquired target.
Drawings
Fig. 1 is a schematic flow chart of a security risk analysis method based on multi-source data collection provided by the present application;
fig. 2 is a schematic flow chart of building a risk mapping model in a security risk analysis method based on multi-source data collection provided by the present application;
fig. 3 is a schematic flow chart of obtaining a device security index in a security risk analysis method based on multi-source data collection provided in the present application;
fig. 4 is a schematic structural diagram of a security risk analysis system based on multi-source data collection provided in the present application.
Reference numerals illustrate: the system comprises a data acquisition and execution module 1, a data distribution and storage module 2, an equipment information acquisition module 3, an equipment safety analysis module 4, a data value analysis module 5 and a risk coefficient acquisition module 6.
Detailed Description
The application provides a safety risk analysis method and system based on multi-source data acquisition, which are used for solving the technical problems that potential safety hazards based on data acquired by data acquisition equipment cannot be intuitively known in the prior art, so that the potential safety hazards cannot be known when analysis based on the acquired data is applicable. The method has the technical effects of realizing visual cognition on the potential safety hazard condition of the acquired data, and improving reference for the user to use the currently acquired data for data application and analysis of the acquired target.
The technical scheme of the invention obtains, stores, uses, processes and the like the data, which all meet the relevant regulations of national laws and regulations.
In the following, the technical solutions of the present invention will be clearly and completely described with reference to the accompanying drawings, and it should be understood that the described embodiments are only some embodiments of the present invention, but not all embodiments of the present invention, and that the present invention is not limited by the exemplary embodiments described herein. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention. It should be further noted that, for convenience of description, only some, but not all of the drawings related to the present invention are shown.
Example 1
As shown in fig. 1, the present application provides a security risk analysis method based on multi-source data collection, where the method is applied to a data security analysis system, and the system is communicatively connected to a cloud platform, and the method includes:
s100, carrying out data acquisition on a plurality of data sources according to a first acquisition target to obtain a multi-source data set;
s200, inputting the multi-source data set into the cloud platform for storage to obtain a data storage distribution block, wherein the data storage distribution block comprises a plurality of sub-blocks, and each sub-block is used for storing data of one data source;
Specifically, in this embodiment, the first acquisition target is an unspecified object that is planned to be analyzed, and by way of example, the first acquisition target may be a passenger flow condition of a certain scenic spot, a quarter precipitation condition of a certain lake, a power consumption condition of residents in a certain area, and a temperature change condition of an environment in a certain area.
It should be appreciated that the data analysis can fully and correctly reflect the general view of the objective condition of the first acquisition target. The present embodiment thus determines the plurality of data sources from which data associated with the first acquisition target may be acquired by analyzing the first acquisition target. For example, when the first collection target is a condition of electricity consumption of residents in a certain area, the data source may be an ammeter, a property company or an electric power company.
After a plurality of data sources for generating the related data of the first acquisition target are determined according to the first acquisition target, the data acquisition is further carried out on the plurality of data sources respectively to obtain a multi-source data set, and the plurality of data sets of the multi-source data set are mapped with the plurality of data sources.
In order to reduce occupation of data storage to storage space of a local server, the embodiment inputs the multi-source data set into the cloud platform to store the data of the multi-source data set based on a data storage distribution block. The data storage distribution block is composed of a plurality of data storage function sub-blocks, and each data storage function sub-block is used for storing a data set of one data source.
The data storage distribution block is adopted for data isolation storage, so that data pollution caused by data mixed storage is avoided, and accuracy of whether safety risk analysis exists in collected data based on the multi-source data set is affected.
S300, acquiring acquisition equipment information corresponding to the plurality of data sources;
in one embodiment, the method steps provided herein further comprise:
s310, sending a time situation awareness instruction to acquisition equipment corresponding to the multi-source data set;
s320, carrying out synchronicity analysis on the time of each acquisition device according to the time situation sensing instruction, if the real-time synchronicity is in an abnormal condition, positioning the identification acquisition device with abnormal synchronicity, and carrying out time synchronicity processing on the acquisition of the identification acquisition device.
Specifically, in this embodiment, the data collection methods of different data sources are different, and thus the collection apparatuses for performing data collection of the data sources are also different. When the first collection target is a situation of electricity consumption of residents in a certain area, the data source can be an ammeter, a property company and an electric power company, electricity consumption data collection in the ammeter is carried out based on remote monitoring electricity consumption data collection equipment, the property company electricity consumption data collection is carried out based on network crawler collection equipment, and regional electricity consumption data calling is carried out on the electric power company based on a monitoring data system.
In this embodiment, according to the difference of data sources, an acquisition device used for acquiring data of the data sources is manually set, and acquisition device information corresponding to the plurality of data sources is acquired, where the acquisition device information includes a device transmission channel environment, a network environment where the device is located, and a temporary data storage environment.
The equipment information is subsequently used for equipment safety analysis to obtain equipment safety indexes of a plurality of pieces of acquisition equipment, and the equipment safety indexes reflect the possibility that the acquired data is leaked, polluted and tampered due to hacking in the data transmission process of the acquisition equipment after the data is acquired from a data source, namely the safety of the data acquisition and transmission process.
In this embodiment, the multiple data sources are synchronously acquired based on the multiple acquisition devices, so as to realize data security of a certain instant of the first acquisition target can be analyzed based on the multiple source data set. Thus, the present embodiment requires a synchronization analysis of multiple acquisition devices prior to data acquisition.
Specifically, a time situation awareness instruction is sent to the acquisition equipment corresponding to the multi-source data set based on the data security analysis system, and the time situation awareness instruction is used for testing response delay time of the acquisition equipment responding to the instruction sent by the data security analysis system.
After receiving the time situation awareness instruction sent by the data security analysis system, the acquisition equipment generates and sends instruction receiving feedback to obtain instruction receiving feedback time of a plurality of acquisition equipment mapped by a plurality of data sources, wherein the instruction receiving feedback time can reflect the data acquisition delay condition of the acquisition equipment.
And presetting a response time range, wherein the preset response time range is a response time delay standard of the acquisition equipment for receiving the instruction, and if the response time delay of a plurality of acquisition equipment is within the preset response time range, the response time of the plurality of acquisition equipment is considered to have synchronism, and the real-time synchronism is in a normal condition.
And traversing the preset response time range by the multiple instruction receiving feedback time to perform synchronicity analysis, and determining M acquisition devices corresponding to M instruction receiving feedback times which do not meet the preset response time range in the multiple instruction receiving feedback time if the real-time synchronicity is in an abnormal condition. And positioning M acquisition devices with abnormal synchronicity, carrying out abnormal identification, generating M identification acquisition devices, and carrying out time synchronization processing on the acquisition of the M identification acquisition devices.
The embodiment ensures that a plurality of data acquisition devices corresponding to a plurality of data sources have synchronism when acquiring data of the data sources, so as to realize the technical effect that the obtained multi-source data set can analyze the data security of the first acquisition target at a certain instant.
S400, storing the acquired equipment information into corresponding sub-blocks, and carrying out equipment security analysis on the plurality of data sources according to the cloud platform to obtain a plurality of equipment security indexes;
in one embodiment, as shown in fig. 3, the device security analysis is performed on the plurality of data sources according to the cloud platform to obtain a plurality of device security indexes, and step S400 of the method provided in the present application further includes:
s410, identifying the acquired equipment information through the cloud platform, and determining an equipment transmission channel environment, a network environment where equipment is located and a data temporary storage environment;
s420, carrying out equipment safety analysis according to the equipment transmission channel environment, the network environment where the equipment is located and the data temporary storage environment to obtain equipment transmission safety indexes, equipment network safety indexes and equipment storage safety indexes;
and S430, calculating the equipment transmission security index, the equipment network security index and the equipment storage security index to obtain a plurality of equipment security indexes corresponding to a plurality of acquisition equipment.
In one embodiment, the method steps provided herein further comprise:
s431, identifying the information of the data acquisition devices through the cloud platform, and judging whether the data acquisition modes of the data acquisition devices are the same;
s432, if the data acquisition modes of the data acquisition devices are different, acquiring a first characteristic safety index, wherein the first characteristic safety index represents a result of data acquisition safety assessment based on device data acquisition mode differentiation;
s433, adjusting the plurality of equipment safety indexes according to the first characteristic safety index.
Specifically, in this embodiment, the collection device information is uploaded to a cloud platform, and according to the mapping relationship between the plurality of collection devices and the plurality of data sources, a plurality of pieces of collection device information of the plurality of collection devices are correspondingly stored in a data storage function sub-block.
The embodiment performs data analysis operation based on the cloud platform instead of the local server so as to reduce the waste of the data analysis on the computing power resources of the local server. Specifically, the cloud platform is used for carrying out equipment security analysis on the plurality of data sources to obtain a plurality of equipment security indexes, wherein the equipment security indexes reflect the possibility of leakage, pollution and tampering of the acquired data, namely the security of the data acquisition and transmission process, caused by hacking in the data transmission process after the acquisition equipment acquires the data from the data sources.
In this embodiment, the collected device information includes a device transmission channel environment, a network environment where the device is located, and a data temporary storage environment. The equipment transmission channel environment is a transmission channel for transmitting data back to the data security analysis system after the acquisition equipment continues data acquisition by the data source, and consists of a topological structure, a security mechanism, a protocol and a protocol stack. The network environment where the equipment is located is divided into a local area network, a wide area network and the Internet, when the data source is an electric power company, the data of the electric power company are often disclosed in the Internet, and the network environment where the acquisition equipment for acquiring the data is located is the Internet. The temporary data storage environment is used for carrying out data encryption measures and identity verification measures of equipment or areas temporarily storing collected data in the transmission process by the collecting equipment.
And identifying and extracting the information of the acquisition equipment through the cloud platform, so as to obtain equipment transmission channel environments of a plurality of acquisition equipment, network environments where the equipment is located and data temporary storage environments.
Sample acquisition equipment information of a plurality of sample acquisition equipment is obtained, and a plurality of groups of sample equipment transmission channel environments, network environments where the sample equipment is located and sample data temporary storage environments are obtained based on the plurality of sample acquisition equipment information extraction.
Based on the expert in the aspect of data transmission safety, carrying out security index assignment on a plurality of groups of sample equipment transmission channel environments of a plurality of sample acquisition equipment, a network environment where the sample equipment is located and a temporary sample data storage environment one by one based on personal experience. Obtaining a plurality of sample equipment transmission safety indexes corresponding to a plurality of sample equipment transmission channel environments, a plurality of sample equipment network safety indexes corresponding to network environments where a plurality of sample equipment are located, and a plurality of sample equipment storage safety indexes corresponding to a plurality of sample data temporary storage environments.
Based on the BP neural network, a device transmission safety index analysis model is constructed, input data of the device transmission safety index analysis model is a device transmission channel environment of the acquisition device, and an output result is a device transmission safety index of the acquisition device.
And taking the environment of a plurality of groups of sample equipment transmission channels and the sample equipment transmission safety index as sample data, and adopting identification division processing to obtain a training set, a test set and a verification set of data volume of 8:1:1. Training and testing the equipment transmission safety index analysis model based on the test set and the verification set, verifying the output accuracy of the equipment transmission safety index analysis model based on the verification set, and considering that the model training is qualified when the output accuracy of the equipment transmission safety index analysis model is higher than 97%.
And constructing the equipment network security index analysis model and the equipment storage security index analysis model by adopting the same method for constructing the equipment transmission security index analysis model.
And respectively inputting the equipment transmission channel environment, the network environment where the equipment is located and the data temporary storage environment of the acquisition equipment into an equipment transmission safety index analysis model, an equipment network safety index analysis model and an equipment storage safety index analysis model, and carrying out equipment safety analysis to obtain equipment transmission safety indexes, equipment network safety indexes and equipment storage safety indexes of the acquisition equipment.
And obtaining a plurality of data transmission security experts, and assigning security importance weights of a plurality of subjective equipment transmission channel environments, network environments where the equipment is located and temporary data storage environments based on personal experience. And carrying out mean value calculation on a plurality of groups of subjective assignment, eliminating subjective influence, and obtaining objective security importance weight assignment of equipment transmission channel environment, security importance weight assignment of network environment where the equipment is located and security importance weight assignment of data temporary storage environment.
And carrying out weighted calculation and weighted calculation result addition calculation on the equipment transmission safety index, the equipment network safety index and the equipment storage safety index based on the safety importance weight assignment of the equipment transmission channel environment, the safety importance weight assignment of the network environment where the equipment is located and the safety importance weight assignment of the data temporary storage environment, so as to obtain the equipment safety index corresponding to the acquisition equipment. And obtaining a plurality of equipment safety indexes corresponding to a plurality of acquisition equipment by adopting the method for obtaining the equipment safety indexes corresponding to the acquisition equipment.
Further, in this embodiment, a data collection device corresponds to a data collection manner, where the data collection manner of the data collection device includes, but is not limited to, crawler collection, data sensor collection, and data monitoring system collection. The characteristic safety indexes of all the existing data acquisition modes (data acquisition equipment) are preset, the characteristic safety indexes represent macroscopic data acquisition safety of a certain type of data acquisition mode, the characteristic safety indexes are set to have experience dependence and are only used for reference in the embodiment, therefore, the embodiment ranks the safety degree of all the existing data acquisition modes from high to low based on the safety of all the known existing data acquisition equipment, and performs weight assignment based on ranking results, for example, all the existing data acquisition equipment has 5 types, 5 data acquisition modes are ranked, and weights of the ranking first to fifth are 5/(1+2+3+4+5), 4/(1+2+3+4+5), 3/(1+2+3+4+5), 2/(1+2+2+2+3+4+5), and 1/(1+2+3+4+5), and the weight assignment of the 5 data acquisition modes is used as the characteristic safety indexes corresponding to the data acquisition modes in 5 types.
The first characteristic value is a characteristic safety index set of all the existing data acquisition devices, the first characteristic safety index represents differentiation based on the data acquisition modes of the devices, when data acquisition safety evaluation is carried out, the deviation condition of an evaluation result is evaluated, and the characteristic safety index is used for carrying out characteristic safety index optimization of multiple data acquisition devices when the data acquisition modes of the multiple data acquisition devices are different.
In this embodiment, the cloud platform is used to identify the information of the collecting device, so as to obtain a plurality of data collecting modes of a plurality of collecting devices, and directly perform consistency judgment, so as to determine whether the data collecting modes of the data collecting devices are the same.
And if the data acquisition modes of the data acquisition devices are different, according to the data acquisition modes of the data acquisition devices, carrying out corresponding characteristic safety index calling in the first characteristic safety index to obtain the characteristic safety index of the data acquisition devices.
And multiplying the characteristic safety index of each data acquisition device by the safety indexes of the devices of each data acquisition device to optimally adjust the safety indexes of the devices of each data acquisition device.
The technical effect of providing a high credible reference for the data risk of obtaining a plurality of data sources through subsequent analysis is achieved by obtaining a plurality of device safety indexes of each data acquisition device.
S500, analyzing the data value in the multi-source data set based on the first acquisition target to acquire a plurality of data value indexes;
in one embodiment, based on the first acquisition target, analyzing the data value in the multi-source data set to obtain a plurality of data value indexes, and the method step S500 provided in the present application further includes:
s510, obtaining a self-checking result by carrying out data self-checking on the multi-source data set, wherein the self-checking result comprises an integrity index;
s520, carrying out correlation recognition on the multi-source data set based on the first acquisition target to obtain a duty ratio coefficient of correlation data to corresponding acquisition source total data, and generating a correlation index;
s530, carrying out difficulty recognition on the data acquisition path of the multi-source data set based on the first acquisition target to obtain amplitude larger than a preset difficulty index and generate a difficulty index;
s540, acquiring a plurality of data value indexes corresponding to the multi-source data set according to the integrity index, the correlation index and the difficulty index.
Specifically, in the present embodiment, the data value is used to evaluate the data integrity of the data set acquired from the data source based on the acquisition device, the correlation with the first acquisition target, and the acquisition difficulty in data acquisition from the data source.
In this embodiment, based on the first acquisition target, a data value analysis is performed on a data set corresponding to a random data source in the multi-source data set, and a data value index of the data set corresponding to the random data source is obtained as an example, so as to describe a method for obtaining the data value index. In this implementation, the random data source is a first data source, a data set corresponding to the first data source is a first data set, and the obtained data value index is a first data value index.
The standard data format of the complete data generated by the first data source is obtained, wherein the standard data format is a plurality of sample data attributes, and the data integrity index is 100% when the data attributes of the plurality of data in the acquired data set and the plurality of sample data attributes are consistent.
And calling the first data set based on the multi-source data set, and performing data self-checking on the first data set, wherein the data self-checking comprises data quantity self-checking and data attribute type self-checking. The data amount (unit K or M) of the first data set is obtained based on the data self-test, and the N data attributes of the first data set are obtained based on the data self-test.
For example, when the data source corresponding to the first data set is a property company, the plurality of sample data attributes in the standard data format include electricity consumption, electricity consumption time, electricity consumption load, electricity consumption equipment and the like.
Matching and matching the N data attributes with the plurality of sample data attributes to obtain the number of the N data attributes conforming to the plurality of sample data attributes, and further performing duty ratio calculation of the conforming amount and the plurality of sample data attributes to obtain the integrity index of the first data set. The higher the integrity index, the higher the integrity of the first data set.
And obtaining the target name of the first acquisition target, extracting N data attribute names based on N data attributes, calculating N similarities of the target name and the N data attribute names based on the existing word vector method, and carrying out mean value calculation on the N similarities to obtain mean value similarity. K data attributes corresponding to K similarities larger than the average value similarity are reserved, and K is a positive integer smaller than N. And calculating the duty ratio coefficient of the data volume of the K data attributes to the data volume of the first data set as the correlation index of the first data source, wherein the correlation index reflects the data availability of the data in the first data source when the data in the first data source is used for analyzing the first acquisition target.
The method comprises the steps of obtaining a plurality of sample data sources formed by a plurality of types of data sources, and obtaining a plurality of sample data acquisition authorities of the plurality of sample data sources, a plurality of sample data source data downloading costs and a plurality of sample data accuracy rates. And based on manual work, carrying out data acquisition difficulty assignment of a sample data source according to the acquisition weight limit, the data downloading cost and the data accuracy, obtaining a plurality of sample difficulty indexes, wherein the assignment range is 0-100 minutes, and manual work is preferred by experts in the data analysis and processing field.
Obtaining a plurality of groups of sample data sources, sample data acquisition authorities, sample data source data downloading cost, sample data accuracy and sample difficulty index. Dividing a plurality of groups of sample data identifiers into a training set, a testing set and a verification set, constructing a data acquisition difficulty scoring model based on a BP neural network, wherein input data of the data acquisition difficulty scoring model is data acquisition authority, data downloading cost and data recording accuracy of a data source, and an output result is a data difficulty index.
Model training and verification of the data acquisition difficulty scoring model are carried out based on the training set and the testing set, the data acquisition difficulty scoring model output accuracy test is carried out based on the testing set, and when the data acquisition difficulty scoring model output accuracy is higher than 95%, the data acquisition difficulty scoring model training is considered successful.
And carrying out average value calculation on the plurality of sample difficulty indexes to generate the preset difficulty index, wherein the higher the absolute difficulty index of the data source is higher than the percentage degree of the preset difficulty index, the higher the data acquisition difficulty of the data source is, and if the absolute difficulty index of the data source is lower than the preset difficulty index, the lower the data acquisition threshold based on the data source is, the data acquisition difficulty can be considered to be absent.
Obtaining data acquisition permission of a first data set, data downloading cost of the first data source and accuracy rate of recorded data in the data source as input data, inputting a built data acquisition difficulty scoring model to carry out difficulty recognition, outputting an absolute difficulty index of the first data source, further carrying out difference calculation with the preset difficulty index, calculating an index difference and a percentage of the preset difficulty index to obtain amplitude (percentage) larger than the preset difficulty index, and generating the difficulty index of the first data source.
And carrying out dimensionless processing on the integrity index, the relatedness index and the difficulty index of the first data set, removing index units, adding and processing to obtain a data value index of the first data set, wherein the data value index reflects the data analysis value of the data set acquired from the data source.
And obtaining a plurality of integrity indexes, correlation indexes and difficulty indexes of a plurality of data sources mapped by the multi-source data set by adopting the same method for obtaining the integrity indexes, correlation indexes and difficulty indexes of the first data set. And further obtaining a plurality of data value indices corresponding to the multi-source dataset based on a plurality of integrity indices, relevance indices, and difficulty indices of a plurality of data sources mapped by the multi-source dataset.
The technical effect of providing a high credible reference for obtaining the data risk of a plurality of data sources for subsequent analysis is achieved by analyzing and determining a plurality of data value indexes of a plurality of data sources in the multi-source data set.
And S600, performing network training by taking the plurality of equipment safety indexes and the plurality of data value indexes as training data sets, and acquiring a first risk coefficient for identifying the potential safety hazard of the multi-source data set.
In one embodiment, as shown in fig. 2, the method steps provided in the present application further include:
s610, generating a mapping data set according to the equipment security indexes and the data value indexes, wherein the mapping data set is mapping information corresponding to the equipment security and the data value one by one;
S620, carrying out vectorization processing on the mapping data set, building a risk mapping model based on the vectorized data set, and outputting the first risk coefficient;
and S630, the risk mapping model comprises a first training network layer and a second training network layer, wherein the first training network layer is used for training a functional relation based on the plurality of equipment safety indexes and the first risk coefficient convergence, and the second training network layer is used for training a functional relation based on the plurality of data value indexes and the first risk coefficient convergence.
In one embodiment, after the risk mapping module is built, step S620 of the method provided in the present application further includes:
s621, carrying out back propagation calculation on the risk mapping model to obtain a back propagation simulation result;
s622, obtaining a deviation vector according to the counter propagation simulation result;
and S623, generating a feedback excitation network layer based on the deviation vector, and optimizing the risk mapping model according to the feedback excitation network layer, wherein the feedback excitation network layer is used for minimizing the deviation vector sum of the output data of the risk mapping model.
Specifically, it should be understood that in this embodiment, each of the multiple source data sets has a data value index, and the collection device corresponding to the data source corresponding to each data set has a device security index.
Based on this, in this embodiment, according to the mapping relationship among the data source, the data set, and the collection device, a mapping relationship between the plurality of device security indexes and the plurality of data value indexes is constructed, and the mapping data set is generated, where the mapping data set includes mapping information that multiple groups of device security indexes and data value indexes are in one-to-one correspondence.
And carrying out vectorization processing on the mapping data set, wherein in the vectorization processing, the mapping data set is specifically converted into a standardized form by using a dimensionless method so as to eliminate unit differences among different variables in the mapping data set, so that the different data in the mapping data set have comparability.
The method comprises the steps of building a risk mapping model, wherein input data of the risk mapping model are mapping data formed by equipment safety indexes and data value indexes corresponding to the same group of data sources and data acquisition equipment, an output result is a risk coefficient of the group of data sources and the data acquisition equipment, the risk coefficient represents that one data source data acquisition is performed based on one acquisition equipment, and the obtained data are used for data analysis of a first acquisition target and use of data safety hidden danger severity conditions.
The risk mapping model includes a first training network layer and a second training network layer in addition to the input layer and the output layer. And inputting a group of mapping information which is input into the equipment safety index and corresponds to the data value index one by one into the risk mapping model, wherein the input data of the first training network layer is the equipment safety index, the output result is a function relation of the equipment safety index and the first risk coefficient convergence, and the output result is identified in the equipment safety index. The input data of the second training network layer is a data value index, the output result is a function relation between the data value index and the convergence of the first risk coefficient, and the function relation in the output result is identified in the data value index.
Specifically, a plurality of sample collection devices corresponding to the plurality of sample data sources are obtained, and a plurality of sample data sets obtained by performing data collection of the plurality of sample data sources based on the plurality of sample collection devices are obtained.
Sample collection device information of a plurality of sample collection devices is obtained, and a plurality of sample device safety indexes of the plurality of sample collection devices are obtained by adopting the same method in step S400. Based on the plurality of sample data sets of the plurality of sample data sources, a plurality of sample data value indices are obtained using the same party of step S600.
And combining the mapping relation among the sample data source, the sample data acquisition equipment and the sample data set to obtain a plurality of groups of sample data source-sample equipment safety indexes-sample data value indexes. And (3) connecting a plurality of network security domain experts, data protection and privacy domain experts in a letter or public channel mode, so that the plurality of experts can perform data acquisition potential safety hazard analysis and assignment on a plurality of sample data sources based on the sample equipment security index-sample data value index to obtain a plurality of sample risk coefficient sets of the plurality of sample data sources, wherein each sample risk coefficient set comprises sample risk coefficients assigned by the network security domain experts and sample risk coefficients assigned by the data protection and privacy domain experts. And carrying out mean value calculation on the data in each sample risk coefficient set to eliminate the subjectivity of the data, and taking the mean sample risk coefficient as the sample risk coefficient of the sample data source. A plurality of groups of sample data sources, sample equipment safety indexes, sample data value indexes and sample risk coefficients are obtained by adopting the method.
Based on the plurality of sets of sample data source-sample device security index-sample data value index-sample risk coefficients, a plurality of sample functional relationships between the plurality of sets of sample device security index-sample risk coefficients are obtained.
Based on a cyclic neural network, a first training network layer is constructed, input data of the first training network layer is an equipment safety index, an output result is a function relation between the equipment safety index and the first risk coefficient, and the output result is finally marked on the equipment safety index.
And training the first training network layer based on the training set and the testing set, verifying the first training network layer based on the verifying set, and considering the first training network layer as qualified when the output accuracy of the first training network layer is higher than 92.7%.
The construction methods of the first training network layer and the second training network layer are consistent, and specifically, a plurality of sample function relations among a plurality of groups of sample data value index-sample risk coefficients are obtained based on a plurality of groups of sample data source-sample equipment safety index-sample data value index-sample risk coefficients.
And constructing a second training network layer based on the cyclic neural network, wherein input data of the second training network layer is a data value index, an output result is a function relation between the data value index and the first risk coefficient, and the function relation in the output result is finally marked in the data value index.
And training the second training network layer based on the training set and the testing set, verifying the second training network layer based on the verifying set, and considering the second training network layer as qualified when the output accuracy of the second training network layer is higher than 97.6%. Loading the first training network layer and the second training network layer which are qualified in training into the risk mapping model to complete the construction of the risk mapping model.
Further, performing back propagation calculation on the risk mapping model, wherein specific back propagation calculation is to invert the risk mapping model, and input a sample risk coefficient into the risk mapping model as input data to obtain the back propagation simulation result, wherein the back propagation simulation result is a back equipment safety index and a back data value index.
And obtaining a sample equipment safety index-sample data value index corresponding to the plurality of sample risk coefficients. And calculating to obtain a deviation vector of each group of the sample equipment safety index-sample data value index and the corresponding reverse equipment safety index-reverse data value index, and obtaining a plurality of deviation vectors corresponding to a plurality of sample risk coefficients, wherein the deviation vectors are specifically (safety index deviation and value index deviation).
And respectively carrying out vector summation calculation on the plurality of deviation vectors to obtain a plurality of deviation vector sums, further sequencing the plurality of deviation vector sums from large to small, extracting a maximum value to generate a feedback excitation network layer, wherein the feedback excitation network layer is used for optimizing model parameters of a first training network layer and a second training network layer of the risk mapping model. The feedback excitation network layer is used for minimizing the deviation vector sum of the output data of the risk mapping model. The feedback excitation network layer is constructed to achieve the purpose of improving the output accuracy of the risk mapping model.
And inputting the mapping data sets of the plurality of data sources in the mapping data sets into the risk mapping model one by one for data analysis to obtain a plurality of first risk coefficients of the plurality of data sources. When the first risk coefficients represent data acquisition of a plurality of data sources by adopting a plurality of data acquisition devices with different types, the obtained data are used for carrying out the first acquisition target analysis, and the intensity of potential safety hazards of the data is caused due to the comprehensive influence of defects of the data acquisition devices, defects of the data generated by the data sources and defects in the transmission and storage process after the data acquisition.
According to the embodiment, the risk coefficient with high accuracy and high credibility is obtained by constructing the risk mapping model, and the risk coefficient can enable a user to intuitively know the potential safety hazard condition of the acquired data, so that the technical effects of data application and reference improvement on analysis of the acquired target are achieved for whether the user uses the currently acquired data.
Example two
Based on the same inventive concept as the security risk analysis method based on multi-source data collection in the foregoing embodiments, as shown in fig. 4, the present application provides a security risk analysis system based on multi-source data collection, where the system includes:
the data acquisition execution module 1 is used for carrying out data acquisition on a plurality of data sources according to a first acquisition target to obtain a multi-source data set;
the data distribution storage module 2 is used for inputting the multi-source data set into a cloud platform for storage to obtain a data storage distribution block, wherein the data storage distribution block comprises a plurality of sub-blocks, and each sub-block is used for storing data of one data source;
the device information acquisition module 3 is used for acquiring acquisition device information corresponding to the plurality of data sources;
The equipment safety analysis module 4 is used for storing the acquired equipment information into corresponding sub-blocks, and carrying out equipment safety analysis on the plurality of data sources according to the cloud platform to obtain a plurality of equipment safety indexes;
the data value analysis module 5 is configured to analyze the data values in the multi-source data set based on the first acquisition target, and obtain a plurality of data value indexes;
and the risk coefficient acquisition module 6 is used for performing network training by taking the plurality of equipment safety indexes and the plurality of data value indexes as training data sets to acquire a first risk coefficient for identifying the potential safety hazard of the multi-source data set.
In one embodiment, the system further comprises:
the mapping array generation unit is used for generating a mapping data set according to the plurality of equipment security indexes and the plurality of data value indexes, wherein the mapping data set is mapping information corresponding to the equipment security and the data value one by one;
the risk coefficient analysis unit is used for carrying out vectorization processing on the mapping data set, building a risk mapping model based on the vectorized data set and outputting the first risk coefficient;
the risk mapping model is used for comprising a first training network layer and a second training network layer, the first training network layer is used for training a function relation based on the plurality of equipment safety indexes and the first risk coefficient convergence, and the second training network layer is used for training a function relation based on the plurality of data value indexes and the first risk coefficient convergence.
In one embodiment, the system further comprises:
the back propagation calculation unit is used for carrying out back propagation calculation on the risk mapping model to obtain a back propagation simulation result;
the deviation vector acquisition unit is used for acquiring a deviation vector according to the back propagation simulation result;
and the mapping model optimizing unit is used for generating a feedback excitation network layer based on the deviation vector, and optimizing the risk mapping model according to the feedback excitation network layer, wherein the feedback excitation network layer is used for minimizing the deviation vector sum of the output data of the risk mapping model.
In one embodiment, the system further comprises:
the environment identification execution unit is used for identifying the acquired equipment information through the cloud platform by the environment and determining the equipment transmission channel environment, the network environment where the equipment is located and the data temporary storage environment;
the equipment safety analysis unit is used for carrying out equipment safety analysis according to the equipment transmission channel environment, the network environment where the equipment is located and the data temporary storage environment to obtain equipment transmission safety indexes, equipment network safety indexes and equipment storage safety indexes;
And the safety index calculation unit is used for calculating the equipment transmission safety index, the equipment network safety index and the equipment storage safety index to obtain a plurality of equipment safety indexes corresponding to a plurality of acquisition equipment.
In one embodiment, the system further comprises:
the equipment information identification unit is used for identifying the acquired equipment information through the cloud platform and judging whether the data acquisition modes of all the data acquisition equipment are the same or not;
the safety index acquisition unit is used for acquiring a first characteristic safety index if the data acquisition modes of the data acquisition devices are different, wherein the first characteristic safety index represents a result of data acquisition safety assessment based on the difference of the data acquisition modes of the devices;
and the safety index adjusting unit is used for adjusting the plurality of equipment safety indexes according to the first characteristic safety index.
In one embodiment, the system further comprises:
the data self-checking execution unit is used for obtaining a self-checking result by carrying out data self-checking on the multi-source data set, wherein the self-checking result comprises an integrity index;
the correlation recognition unit is used for carrying out correlation recognition on the multi-source data set based on the first acquisition target to obtain a duty ratio coefficient of correlation data to corresponding acquisition source total data and generate a correlation index;
The difficulty identifying unit is used for identifying the difficulty of the data acquisition path of the multi-source data set based on the first acquisition target to obtain the amplitude larger than a preset difficulty index and generate a difficulty index;
and the data value obtaining unit is used for obtaining a plurality of data value indexes corresponding to the multi-source data set according to the integrity index, the correlation index and the difficulty index.
In one embodiment, the system further comprises:
the sensing instruction sending unit is used for sending a time situation sensing instruction to the acquisition equipment corresponding to the multi-source data set;
and the synchronicity analysis unit is used for synchronicity analysis of the time of each acquisition device according to the time situation sensing instruction, positioning the identification acquisition device with synchronicity abnormality if the real-time synchronicity is in an abnormal condition, and performing time synchronicity processing on the acquisition of the identification acquisition device.
Any of the methods or steps described above may be stored as computer instructions or programs in various non-limiting types of computer memories, and identified by various non-limiting types of computer processors, thereby implementing any of the methods or steps described above.
Based on the above-mentioned embodiments of the present invention, any improvements and modifications to the present invention without departing from the principles of the present invention should fall within the scope of the present invention.
Claims (5)
1. A security risk analysis method based on multi-source data acquisition, characterized in that the method is applied to a data security analysis system, the system is in communication connection with a cloud platform, and the method comprises:
data acquisition is carried out on a plurality of data sources according to a first acquisition target, so as to obtain a multi-source data set;
inputting the multi-source data set into the cloud platform for storage to obtain a data storage distribution block, wherein the data storage distribution block comprises a plurality of sub-blocks, and each sub-block is used for storing data of one data source;
acquiring acquisition equipment information corresponding to the plurality of data sources;
storing the acquired equipment information into corresponding sub-blocks, and carrying out equipment security analysis on the plurality of data sources according to the cloud platform to obtain a plurality of equipment security indexes;
analyzing the data value in the multi-source data set based on the first acquisition target to acquire a plurality of data value indexes;
Performing network training by taking the plurality of equipment safety indexes and the plurality of data value indexes as training data sets, and acquiring a first risk coefficient for identifying potential safety hazards of the multi-source data sets;
the method further comprises the steps of:
sending a time situation awareness instruction to acquisition equipment corresponding to the multi-source data set;
carrying out synchronicity analysis on the time of each acquisition device according to the time situation sensing instruction, if the real-time synchronicity is in an abnormal condition, positioning the identification acquisition device with abnormal synchronicity, and carrying out time synchronicity processing on the acquisition of the identification acquisition device;
generating a mapping data set according to the plurality of equipment security indexes and the plurality of data value indexes, wherein the mapping data set is mapping information corresponding to the equipment security and the data value one by one;
carrying out vectorization processing on the mapping data set, building a risk mapping model based on the vectorized data set, and outputting the first risk coefficient, wherein the method further comprises the following steps of: performing back propagation calculation on the risk mapping model to obtain a back propagation simulation result; obtaining a deviation vector according to the counter propagation simulation result; generating a feedback excitation network layer based on the deviation vector, and optimizing the risk mapping model according to the feedback excitation network layer, wherein the feedback excitation network layer is used for minimizing the deviation vector sum of output data of the risk mapping model;
The risk mapping model comprises a first training network layer and a second training network layer, the first training network layer is used for training a function relation based on the plurality of equipment safety indexes and the first risk coefficient convergence, and the second training network layer is used for training a function relation based on the plurality of data value indexes and the first risk coefficient convergence.
2. The method of claim 1, wherein the performing device security analysis on the plurality of data sources according to the cloud platform results in a plurality of device security indices, the method comprising:
identifying the acquired equipment information through the cloud platform, and determining an equipment transmission channel environment, a network environment where equipment is located and a data temporary storage environment;
performing equipment security analysis according to the equipment transmission channel environment, the network environment where the equipment is located and the data temporary storage environment to obtain equipment transmission security indexes, equipment network security indexes and equipment storage security indexes;
and calculating the equipment transmission security index, the equipment network security index and the equipment storage security index to obtain a plurality of equipment security indexes corresponding to a plurality of acquisition equipment.
3. The method of claim 2, wherein the method further comprises:
identifying the information of the acquisition equipment through the cloud platform, and judging whether the data acquisition modes of all the data acquisition equipment are the same;
if the data acquisition modes of the data acquisition devices are different, acquiring a first characteristic safety index, wherein the first characteristic safety index represents a result of data acquisition safety assessment based on device data acquisition mode differentiation;
and adjusting the plurality of equipment safety indexes according to the first characteristic safety index.
4. The method of claim 1, wherein analyzing the data value in the multi-source dataset based on the first acquisition goal, obtaining a plurality of data value indices, the method comprising:
obtaining a self-checking result by carrying out data self-checking on the multi-source data set, wherein the self-checking result comprises an integrity index;
performing relevance recognition on the multi-source data set based on the first acquisition target to obtain a duty ratio coefficient of relevance data to corresponding acquisition source total data, and generating a relevance index;
performing difficulty recognition on a data acquisition path of the multi-source data set based on the first acquisition target to obtain amplitude larger than a preset difficulty index, and generating a difficulty index;
And acquiring a plurality of data value indexes corresponding to the multi-source data set according to the integrity index, the correlation index and the difficulty index.
5. A security risk analysis system based on multi-source data acquisition, the system comprising:
the data acquisition execution module is used for carrying out data acquisition on a plurality of data sources according to the first acquisition target to obtain a multi-source data set;
the data distribution storage module is used for inputting the multi-source data set into the cloud platform for storage to obtain a data storage distribution block, wherein the data storage distribution block comprises a plurality of sub-blocks, and each sub-block is used for storing data of one data source;
the equipment information acquisition module is used for acquiring acquisition equipment information corresponding to the plurality of data sources;
the equipment safety analysis module is used for storing the acquired equipment information into corresponding sub-blocks, and carrying out equipment safety analysis on the plurality of data sources according to the cloud platform to obtain a plurality of equipment safety indexes;
the data value analysis module is used for analyzing the data value in the multi-source data set based on the first acquisition target to acquire a plurality of data value indexes;
The risk coefficient acquisition module is used for performing network training by taking the plurality of equipment safety indexes and the plurality of data value indexes as training data sets to acquire a first risk coefficient for identifying potential safety hazards of the multi-source data sets;
the sensing instruction sending unit is used for sending a time situation sensing instruction to the acquisition equipment corresponding to the multi-source data set;
the synchronicity analysis unit is used for synchronicity analysis of the time of each acquisition device according to the time situation awareness instruction, positioning the identification acquisition device with synchronicity abnormality if the real-time synchronicity is in an abnormal condition, and performing time synchronicity processing on the acquisition of the identification acquisition device;
the mapping array generation unit is used for generating a mapping data set according to the plurality of equipment security indexes and the plurality of data value indexes, wherein the mapping data set is mapping information corresponding to the equipment security and the data value one by one;
the risk coefficient analysis unit is used for carrying out vectorization processing on the mapping data set, building a risk mapping model based on the vectorized data set and outputting the first risk coefficient;
the back propagation calculation unit is used for carrying out back propagation calculation on the risk mapping model to obtain a back propagation simulation result;
The deviation vector acquisition unit is used for acquiring a deviation vector according to the back propagation simulation result;
the mapping model optimizing unit is used for generating a feedback excitation network layer based on the deviation vector, and optimizing the risk mapping model according to the feedback excitation network layer, wherein the feedback excitation network layer is used for minimizing the deviation vector sum of the output data of the risk mapping model;
the risk mapping model is used for comprising a first training network layer and a second training network layer, the first training network layer is used for training a function relation based on the plurality of equipment safety indexes and the first risk coefficient convergence, and the second training network layer is used for training a function relation based on the plurality of data value indexes and the first risk coefficient convergence.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310404960.3A CN116127522B (en) | 2023-04-17 | 2023-04-17 | Safety risk analysis method and system based on multi-source data acquisition |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310404960.3A CN116127522B (en) | 2023-04-17 | 2023-04-17 | Safety risk analysis method and system based on multi-source data acquisition |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116127522A CN116127522A (en) | 2023-05-16 |
| CN116127522B true CN116127522B (en) | 2023-06-30 |
Family
ID=86303131
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310404960.3A Active CN116127522B (en) | 2023-04-17 | 2023-04-17 | Safety risk analysis method and system based on multi-source data acquisition |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116127522B (en) |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108683663B (en) * | 2018-05-14 | 2021-04-20 | 中国科学院信息工程研究所 | Network security situation assessment method and device |
| CN109165840B (en) * | 2018-08-20 | 2022-06-21 | 平安科技(深圳)有限公司 | Risk prediction processing method, risk prediction processing device, computer equipment and medium |
| CN115643035A (en) * | 2021-07-05 | 2023-01-24 | 中国石油化工股份有限公司 | Network security situation assessment method based on multi-source log |
| CN115170863A (en) * | 2022-06-08 | 2022-10-11 | 东软睿驰汽车技术(沈阳)有限公司 | Method, device and equipment for estimating risk based on multi-source data and storage medium |
| CN115296876A (en) * | 2022-07-26 | 2022-11-04 | 北京科能腾达信息技术股份有限公司 | Network security early warning system of self-adaptation mimicry technique |
| CN114997344B (en) * | 2022-08-04 | 2022-10-25 | 中关村科学城城市大脑股份有限公司 | Multi-source data planning method and system based on urban brain |
| CN115442122B (en) * | 2022-09-01 | 2023-03-17 | 北京赛博易安科技有限公司 | Fusion analysis method and system for network security data |
| CN115766096A (en) * | 2022-10-21 | 2023-03-07 | 蒙明粉 | Network security protection system based on big data |
-
2023
- 2023-04-17 CN CN202310404960.3A patent/CN116127522B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN116127522A (en) | 2023-05-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107862447B (en) | Intelligent laboratory quality supervision and management system for inspection and detection | |
| CN112990330B (en) | User energy abnormal data detection method and device | |
| CN113792453A (en) | Partial discharge monitoring system, method and device based on digital twins | |
| US11906112B2 (en) | Methods for safety management of compressors in smart gas pipeline network and internet of things systems thereof | |
| CN107749031A (en) | Risk control system after the automatic update method of risk control system, loan after loan | |
| CN111931047B (en) | Artificial intelligence-based black product account detection method and related device | |
| CN114386626A (en) | Equipment state evaluation and operation and maintenance strategy formulation realization system based on digital twinning | |
| CN115086089A (en) | Method and system for network security assessment prediction | |
| CN116366374A (en) | Security assessment method, system and medium for power grid network management based on big data | |
| Jiang et al. | Synchrophasor measurement‐based correlation approach for dominant mode identification in bulk power systems | |
| CN116248489A (en) | Information system risk assessment method and system | |
| CN113822781B (en) | Ecological environment supervision method and system based on block chain | |
| Chen et al. | AI maintenance: a robustness perspective | |
| CN114298558A (en) | Electric power network safety studying and judging system and studying and judging method thereof | |
| CN116127522B (en) | Safety risk analysis method and system based on multi-source data acquisition | |
| CN113762973A (en) | Data processing method and device, computer readable medium and electronic equipment | |
| CN116244975B (en) | Transmission line wire state simulation system based on digital twin technology | |
| CN117061211A (en) | Data processing method and system based on network security management | |
| CN115481941B (en) | Multifunctional area combined intelligent security management method and system | |
| CN115442122B (en) | Fusion analysis method and system for network security data | |
| Yuan et al. | A software behavior trustworthiness measurement method based on data mining | |
| Yu et al. | Knowledge reasoning of transmission line component detection using CRITIC and TOPSIS approaches | |
| Hu et al. | Method of informational and psychological influence evaluation in social networks based on fuzzy logic | |
| CN114697230A (en) | Energy station safety monitoring system and method based on zero trust | |
| Wei et al. | Reliability assessment of cloud computing platform based on semiquantitative information and evidential reasoning |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |