CN116155610A - Network security monitoring method based on visualization - Google Patents

Network security monitoring method based on visualization Download PDF

Info

Publication number
CN116155610A
CN116155610A CN202310202390.XA CN202310202390A CN116155610A CN 116155610 A CN116155610 A CN 116155610A CN 202310202390 A CN202310202390 A CN 202310202390A CN 116155610 A CN116155610 A CN 116155610A
Authority
CN
China
Prior art keywords
visualization
security
monitoring
data
safety
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310202390.XA
Other languages
Chinese (zh)
Inventor
叶建锋
张平安
蔡剑宁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Institute of Information Technology
Original Assignee
Shenzhen Institute of Information Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Institute of Information Technology filed Critical Shenzhen Institute of Information Technology
Priority to CN202310202390.XA priority Critical patent/CN116155610A/en
Publication of CN116155610A publication Critical patent/CN116155610A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a network security monitoring method based on visualization, which comprises the following steps: s1: the network security monitoring is divided into areas, and the divided areas are divided into a host security visualization, a data security visualization, a network flow visualization and a security policy visualization by the security monitoring of the divided areas, so that the network security monitoring is more perfect and accurate, the security of the local network is ensured, and the security monitoring of the whole network is ensured. The network security monitoring method based on visualization ensures the security monitoring of the whole network, and the scheme is provided with an administrator terminal, so that the abnormal condition of the data is manually checked by manually watching the data condition of the display screen, and the manual visual data analysis can be performed while the abnormal analysis of the intelligent data is performed, so that the intelligent and manual simultaneous data processing functions are achieved, and the security monitoring of the network is effectively ensured.

Description

Network security monitoring method based on visualization
Technical Field
The invention relates to the technical field of network security monitoring, in particular to a network security monitoring method based on visualization.
Background
The network security monitoring is an important means for protecting data from being violated and attacked, can effectively prevent the attack of the data and avoid causing economic loss, the network security monitoring is incorporated into the network security method, the network security monitoring is a barrier arranged between the protected intranet and the external network for illegal access to the protected network, the security transmission of the data in the area is effectively protected, and the external network attack means can be resisted.
When the network is monitored safely, the network data is monitored safely by directly carrying out intelligent data screening analysis, so that the network data is updated continuously along with an attack means, loopholes are caused in screening, the data is lost and leaked, and the problem can not be found timely, and therefore, the novel network safety monitoring method effectively solves the problem of data safety monitoring.
Disclosure of Invention
The invention aims to provide a network security monitoring method based on visualization, which ensures the security transmission of a network through a regional data monitoring method and two simultaneous operation data monitoring of intelligent monitoring and manual analysis, thereby solving the problems in the background technology.
In order to achieve the above purpose, the present invention provides the following technical solutions: a network security monitoring method based on visualization comprises the following steps:
s1: the network safety monitoring is divided into areas, and the divided areas are subjected to safety monitoring, so that the safety monitoring is more perfect and accurate, the safety of a local network is ensured, and the safety monitoring of the whole network is ensured;
s2: the method comprises the steps that data are collected through a video monitoring terminal, the collected data are reported to an Internet of things safety perception platform through an Internet of things safety gateway, the Internet of things safety perception platform transmits the data to a display, and a user and an administrator view data information through corresponding accounts;
s3: the internet of things security gateway is also connected with a video flow monitoring system in series, the video flow monitoring system also comprises a video image analysis system, and the video image analysis system is connected with an interface of the distributed storage system;
s4: the video flow monitoring system is divided into two modules, namely abnormal flow monitoring and abnormal behavior monitoring, wherein the abnormal behavior monitoring module is connected with a port of the distributed storage system.
Preferably, the regional part is divided into a host security visualization, a data security visualization, a network traffic visualization and a security policy visualization.
Preferably, the host security visualization comprises an internet of things security sensing platform and a display.
Preferably, the data security visualization comprises an internet of things security gateway, and the network traffic visualization comprises abnormal traffic, abnormal behavior and a video image analysis module in a video traffic monitoring system.
Preferably, the administrator may issue a coordinated treatment instruction and transmit the instruction to a video image analysis system for manual instruction analysis.
Preferably, the video image analysis module transmits the data information through an edge DC, wherein the edge DC comprises an MEC platform and a monitoring and resetting subsystem.
Preferably, the edge DC includes a security management agent and a security monitoring defense device.
Preferably, the user and the administrator are provided with corresponding accounts and passwords, and the user side is divided into a common user and a vip user.
Compared with the prior art, the invention has the beneficial effects that: according to the network security monitoring method based on visualization, the network security monitoring is firstly divided into the areas, and the independent security monitoring is carried out on different areas, so that each area is in an independent security monitoring state, the security monitoring of the whole network is guaranteed, an administrator end is arranged, the data condition of a display screen is watched manually, the abnormal condition of the data is checked manually, manual visual data analysis can be carried out while the abnormal condition of intelligent data is analyzed, and further the functions of intelligent and manual simultaneous data processing are achieved, and the security monitoring of the network is effectively guaranteed.
Drawings
FIG. 1 is a schematic diagram of the operation of the system of the present invention;
FIG. 2 is a flow chart of the steps of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1-2, the present invention provides a technical solution: a network security monitoring method based on visualization comprises the following steps:
s1: the network security monitoring is divided into areas, and the divided areas are divided into a host security visualization, a data security visualization, a network flow visualization and a security policy visualization by the security monitoring of the divided areas, so that the security monitoring is more perfect and accurate, the security of a local network is ensured, and the security monitoring of the whole network is ensured;
s2: the method comprises the steps that data are collected through a video monitoring terminal, the collected data are reported to an Internet of things safety perception platform through an Internet of things safety gateway, the safety state of the Internet of things is perceived through multiple dimensions of endpoint safety, boundary safety, communication safety and platform safety, the Internet of things safety perception platform transmits the data to a display, a user and an administrator watch data information through corresponding accounts, the user and the administrator are provided with corresponding accounts and passwords, the user end is divided into common users and vip users, the users are distinguished, the effect of a shunt server is achieved, and the safety of running smoothness of the server when the account number is logged in can be guaranteed through multiple groups of servers;
s3: the internet of things security gateway is also connected with a video flow monitoring system in series, the video flow monitoring system also comprises a video image analysis system, and the video image analysis system is connected with an interface of the distributed storage system;
s4: the video flow monitoring system is divided into two modules, namely abnormal flow monitoring and abnormal behavior monitoring, wherein the abnormal behavior monitoring module is connected with a port of the distributed storage system and is used for comparing real-time data flow with historical data in the distributed storage system so as to detect abnormal behaviors which are not based on characteristics, further identify more concealed attack methods, an administrator can issue linkage treatment instructions and transmit the instructions to the video image analysis system for manual instruction analysis, and the administrator can manually check and process the abnormal data by setting authorities.
The host computer safety visualization comprises an internet of things safety perception platform and a display, the safety perception platform ensures that the information transmitted to the display is in a safe state, and further effectively ensures that the user cannot leak when the information belongs to the respective password and account.
The data security visualization comprises an internet of things security gateway, the network traffic visualization comprises abnormal traffic, abnormal behaviors and a video image analysis module in a video traffic monitoring system, data information of a plurality of states is detected, so that the data can be detected omnidirectionally, the security of the data is guaranteed, abnormal traffic monitoring can be carried out, the condition that the traffic flows are disturbed can be monitored at the first time, further, the abnormal behaviors are detected, the vertical data in a distributed storage system can be compared, the abnormal condition of the behaviors is judged, further, the security of the data is further enhanced, meanwhile, the video image is analyzed, the abnormal condition of the image can be intelligently analyzed, and the safe transmission of the data can be guaranteed through the simultaneous operation of the abnormal traffic, the abnormal behaviors and the video image analysis module.
The video image analysis module transmits data information through the edge DC, the edge DC can directly transmit data at a local static distance without passing through an area network, delay loss caused by data transmission can be avoided, the safety and encryption type of the data transmission can be ensured to the greatest extent, the edge DC comprises an MEC platform and a monitoring and resetting subsystem, and the edge DC comprises a safety management and control agent and a safety monitoring and defending device.
Principle of system: as shown in fig. 1-2, when the network security monitoring method based on visualization is used, firstly, after data acquisition is performed through a video monitoring terminal, the data are transmitted to an internet of things security gateway, the internet of things security gateway transmits information to two parts simultaneously, one part of the data is reported to an internet of things security sensing platform, the internet of things security sensing platform is used for carrying out multidimensional security sensing on the data, then the information data are converted into display data to be displayed and converted through a display, then a user side carries out data watching processing through an account number of the user side, meanwhile, an administrator carries out manual analysis and investigation on abnormal conditions through the account number of the user side, after a problem is found, a manual instruction is issued to a video image analysis module to carry out manual information processing, and the other part of the data is transmitted to a video traffic monitoring system, and the video traffic monitoring system carries out intelligent security monitoring, abnormal behavior monitoring and video image analysis and detection, so that the data is in a safe running state is ensured, the safety of the multi-dimensional network security monitoring is realized, and the security of the data transmission is ensured.
Although embodiments of the present invention have been shown and described, it will be understood by those skilled in the art that various changes, modifications, substitutions and alterations can be made therein without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (8)

1. The network security monitoring method based on visualization is characterized by comprising the following steps of:
s1: the network safety monitoring is divided into areas, and the divided areas are subjected to safety monitoring, so that the safety monitoring is more perfect and accurate, the safety of a local network is ensured, and the safety monitoring of the whole network is ensured;
s2: the method comprises the steps that data are collected through a video monitoring terminal, the collected data are reported to an Internet of things safety perception platform (safety states of the Internet of things are perceived from multiple dimensions of endpoint safety, boundary safety, communication safety and platform safety) through an Internet of things safety gateway, the Internet of things safety perception platform transmits the data to a display, and a user and an administrator watch data information through corresponding accounts;
s3: the internet of things security gateway is also connected with a video flow monitoring system in series, the video flow monitoring system also comprises a video image analysis system, and the video image analysis system is connected with an interface of the distributed storage system;
s4: the video flow monitoring system is divided into two modules, namely abnormal flow monitoring and abnormal behavior monitoring, wherein the abnormal behavior monitoring module is connected with a port of the distributed storage system (used for comparing real-time data flow with historical data in the distributed storage system so as to detect abnormal behaviors which are not based on characteristics and identify more concealed attack techniques).
2. The visualization-based network security monitoring method of claim 1, wherein the regional portion is divided into a host security visualization, a data security visualization, a network traffic visualization, and a security policy visualization.
3. The visualization-based network security monitoring method of claim 2, wherein the host security visualization comprises an internet of things security awareness platform and a display.
4. The visualization-based network security monitoring method of claim 1, wherein the data security visualization comprises an internet of things security gateway, and the network traffic visualization comprises abnormal traffic, abnormal behavior and a video image analysis module in a video traffic monitoring system.
5. The visual-based network security monitoring method of claim 1, wherein the administrator can issue linked treatment instructions and transmit the instructions to a video image analysis system for manual instruction analysis.
6. The visualization-based network security monitoring method of claim 1, wherein the video image analysis module performs the transmission of the data information through an edge DC, the edge DC comprising an MEC platform and a monitoring reset subsystem.
7. A visualization-based network security monitoring method as recited in claim 6, wherein the edge DC includes a security management agent and a security monitoring defense device.
8. The visual network security monitoring method according to claim 1, wherein the user and the administrator are provided with corresponding accounts and passwords, and the user side is divided into a normal user and a vip user.
CN202310202390.XA 2023-03-06 2023-03-06 Network security monitoring method based on visualization Pending CN116155610A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310202390.XA CN116155610A (en) 2023-03-06 2023-03-06 Network security monitoring method based on visualization

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310202390.XA CN116155610A (en) 2023-03-06 2023-03-06 Network security monitoring method based on visualization

Publications (1)

Publication Number Publication Date
CN116155610A true CN116155610A (en) 2023-05-23

Family

ID=86358169

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310202390.XA Pending CN116155610A (en) 2023-03-06 2023-03-06 Network security monitoring method based on visualization

Country Status (1)

Country Link
CN (1) CN116155610A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117650947A (en) * 2024-01-29 2024-03-05 深圳市众泰兄弟科技发展有限公司 Network flow data safety visual monitoring system based on machine learning
CN117675506A (en) * 2023-10-16 2024-03-08 北京智慧城市网络有限公司 Intelligent network operation and maintenance management method and system based on user behavior analysis

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117675506A (en) * 2023-10-16 2024-03-08 北京智慧城市网络有限公司 Intelligent network operation and maintenance management method and system based on user behavior analysis
CN117650947A (en) * 2024-01-29 2024-03-05 深圳市众泰兄弟科技发展有限公司 Network flow data safety visual monitoring system based on machine learning
CN117650947B (en) * 2024-01-29 2024-04-12 深圳市众泰兄弟科技发展有限公司 Network flow data safety visual monitoring system based on machine learning

Similar Documents

Publication Publication Date Title
CN116155610A (en) Network security monitoring method based on visualization
CN109818985B (en) Industrial control system vulnerability trend analysis and early warning method and system
CN105515180A (en) Intelligent substation communication network dynamic monitoring system and monitoring method thereof
US10469307B2 (en) Predicting computer network equipment failure
CN109889476A (en) A kind of network safety protection method and network security protection system
CN108520187A (en) Industrial control system physics Network Intrusion detection method based on the analysis of serial communication bus signal
WO2023216641A1 (en) Security protection method and system for power terminal
CN112711509A (en) Method and system for improving operation and maintenance safety of data center machine room
CN105071985A (en) Server network behavior description method
CN107517214A (en) System and method for providing computer network security
CN110324323A (en) A kind of new energy plant stand relates to net end real-time, interactive process exception detection method and system
CN109034400A (en) A kind of substation's exception metric data predicting platform system
CN107483409B (en) A method of the operational order real-time monitoring echo towards industry control operating system
CN110855506A (en) Safety situation monitoring method and system
CN114580862A (en) Power grid dispatching situation perception detection system
CN113205238A (en) Situation awareness defense capacity assessment method for power plant industrial control system
CN112543123B (en) Safety protection and early warning system of industrial automatic control system
CN112650180B (en) Safety warning method, device, terminal equipment and storage medium
CN117061372A (en) Real-time processing platform for monitoring and analyzing network flow
CN115550034A (en) Service flow monitoring method and device for distribution network power monitoring system
CN101499170B (en) Video color exception analysis method and apparatus
CN112688929B (en) Sharing system based on Internet threat information
CN204013578U (en) A kind of outdoor network cabinet environmental monitoring system
CN116846686B (en) Industrial Internet security situation awareness cooperative linkage system based on data analysis
CN110572379A (en) Network security oriented visualization big data situation awareness analysis system key technology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination