CN116545880B - Service security visualization method and device under digital wind tunnel - Google Patents
Service security visualization method and device under digital wind tunnel Download PDFInfo
- Publication number
- CN116545880B CN116545880B CN202310477322.4A CN202310477322A CN116545880B CN 116545880 B CN116545880 B CN 116545880B CN 202310477322 A CN202310477322 A CN 202310477322A CN 116545880 B CN116545880 B CN 116545880B
- Authority
- CN
- China
- Prior art keywords
- service
- data
- test
- state set
- wind tunnel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000007794 visualization technique Methods 0.000 title abstract description 13
- 238000012360 testing method Methods 0.000 claims abstract description 89
- 230000000007 visual effect Effects 0.000 claims abstract description 55
- 238000000034 method Methods 0.000 claims abstract description 40
- 230000000694 effects Effects 0.000 claims abstract description 31
- 238000004458 analytical method Methods 0.000 claims abstract description 18
- 230000002776 aggregation Effects 0.000 claims abstract description 12
- 238000004220 aggregation Methods 0.000 claims abstract description 12
- 238000012800 visualization Methods 0.000 claims description 28
- 230000007123 defense Effects 0.000 claims description 23
- 238000012550 audit Methods 0.000 claims description 17
- 238000004590 computer program Methods 0.000 claims description 17
- 230000002159 abnormal effect Effects 0.000 claims description 14
- 238000010276 construction Methods 0.000 claims description 14
- 230000004044 response Effects 0.000 claims description 8
- 238000012544 monitoring process Methods 0.000 claims description 7
- 230000006399 behavior Effects 0.000 claims description 4
- 230000035515 penetration Effects 0.000 claims description 4
- 238000013475 authorization Methods 0.000 claims description 3
- 238000000605 extraction Methods 0.000 claims description 3
- 230000003993 interaction Effects 0.000 claims description 3
- 230000008569 process Effects 0.000 claims description 3
- 230000011218 segmentation Effects 0.000 claims description 3
- 239000000758 substrate Substances 0.000 claims 1
- 230000008901 benefit Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000009435 building construction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/04—Processing captured monitoring data, e.g. for logfile generation
- H04L43/045—Processing captured monitoring data, e.g. for logfile generation for graphical visualisation of monitoring data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Mining & Analysis (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Aerodynamic Tests, Hydrodynamic Tests, Wind Tunnels, And Water Tanks (AREA)
Abstract
The invention provides a service security visualization method and a device under a digital wind tunnel, wherein the method comprises the following steps: executing a digital wind tunnel test task and collecting test data; performing aggregation analysis on the collected test data according to the test result to obtain an active state set, a resource state set and a protection state set; and inputting the active state set, the resource state set and the protection state set into a pre-trained visual coding model, and outputting a visual effect. The invention can refine the state set of each object to form a visual set, and constructs a security visual based on the service; the method is convenient for clients to understand the accompaniment of network security, and simultaneously, the test effect of the digital wind tunnel is visually expressed.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a service security visualization method and device under a digital wind tunnel.
Background
The traditional wind tunnel is a pipeline-shaped test device which is manually generated and used for controlling air flow, simulating the flow condition of air around an aircraft or an entity, measuring the effect of the air flow on the entity and observing physical phenomena, and is used in the fields of transportation, building construction, wind energy utilization and sports; the digital wind tunnel is an experimental bed for constructing network security test and evaluation in a microblog space, is used for constructing and testing information systems, cloud platforms, internet of things, 5G and smart city information physical systems, and has wide application prospects.
The digital wind tunnel completes the construction of a simulation scene through integrating virtualization, cloud computing, SDN and network arrangement technologies and is applied to various services. By combining with the traditional wind tunnel concept, a wind tunnel visual expression suitable for the network security field is constructed, and the method is a problem to be solved at present. The current problems are: 1. the information physical system or the information system has too many network security points and areas and lacks a uniform visual angle for visual expression; 2. traditional network security tests such as penetration tests focus on microscopic development from a risk perspective, and lack of control over service perspectives, which results in unobvious security companion characteristics and is not beneficial to developing subsequent security works.
Disclosure of Invention
The present invention has been made in view of the above-mentioned problems, and it is an object of the present invention to provide a method and apparatus for traffic security visualization in a digital wind tunnel that overcomes or at least partially solves the above-mentioned problems.
In one aspect of the present invention, a method for visualizing traffic security in a digital wind tunnel is provided, the method comprising:
executing a digital wind tunnel test task and collecting test data;
performing aggregation analysis on the collected test data according to the test result to obtain an active state set, a resource state set and a protection state set;
and inputting the active state set, the resource state set and the protection state set into a pre-trained visual coding model, and outputting a visual effect.
Further, before the digital wind tunnel test task is executed and test data is collected, the method further includes:
the method comprises the steps of disassembling a visual scene into an architecture visual scene and an activity visual scene, wherein the architecture visual scene consists of service points and defense points constructed by a tested service system, and the activity visual scene is an interaction visual generated by normal service and abnormal access of the service system in the process of carrying out service by the service system;
the system, functional modules and components are defined according to service points.
Further, the system is comprised of a plurality of different functional modules, each functional module being comprised of a plurality of different components;
the service points are from system definition, service activity audit, analysis, monitoring/audit results of service penetration/test activity and manual definition, and are updated and iterated through a loop; generating lines by connecting a plurality of different service points, and generating a plane by connecting a plurality of lines/points;
the boundary of the surface is the weight of a service point, the weight is used for performing word segmentation analysis and extraction according to manual definition and normal service flow audit results, the construction of the system and the functional module is realized by using a hierarchical layout algorithm, and the construction of the functional module and the component is realized by using a force-guided layout algorithm;
the defending points are from identity authentication, authorization, access control, audit, asset protection, service point information hiding and component information hiding;
and the defense point protects the functional module.
Further, the executing the digital wind tunnel test task and collecting test data includes:
and carrying out service testing, network security testing and aggressiveness testing on the information system through a test bed constructed by the digital wind tunnel testing system, and collecting test flow data, test behavior audit data, security protection alarm data, service operation monitoring data and service alarm data.
Further, the test result includes: normal/abnormal access of service points, interception/alarm of service points, normal operation of service points and defending effect of defending points.
Further, the set of activity states includes: data distinguishing normal service access, data distinguishing abnormal service access and data distinguishing offensive access;
the service state set includes: data of normal response of the service point, data of abnormal response of the service point and data of the service point which is attacked;
the defensive resource collection comprises: the data of successful defense of the defense point and the information of the defense point are hidden.
Further, the visual effect includes: the visual effect of the node, the visual effect of the defensive point and the visual effect of the attack/normal access line.
In a second aspect of the present invention, there is provided a traffic safety visualization device under a digital wind tunnel, the device comprising:
the execution module is used for executing the digital wind tunnel test task and collecting test data;
the aggregation analysis module is used for carrying out aggregation analysis on the collected test data according to the test result to obtain an active state set, a resource state set and a protection state set;
and the input module is used for inputting the active state set, the resource state set and the protection state set into a pre-trained visual coding model and outputting a visual effect.
In another aspect of the invention, a computer readable storage medium is provided, on which a computer program is stored which, when being executed by a processor, implements the steps of the traffic safety visualization method under digital wind tunnels as above.
In yet another aspect of the present invention, there is also provided an electronic device comprising a storage controller including a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the traffic safety visualization method under digital wind tunnels as above when executing the computer program.
According to the business security visualization method and device under the digital wind tunnel, business is extracted, defense points and business points are extracted, the construction of an integral visualization model is realized through a point, line and face layout algorithm, meanwhile, data is developed by taking the business points as attention points, state sets of all objects are extracted to form a visualization set, and security visualization based on the business is constructed; the method is convenient for clients to understand the accompaniment of network security, and simultaneously, the test effect of the digital wind tunnel is visually expressed.
The foregoing description is only an overview of the present invention, and is intended to be implemented in accordance with the teachings of the present invention in order that the same may be more clearly understood and to make the same and other objects, features and advantages of the present invention more readily apparent.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to designate like parts throughout the figures. In the drawings:
FIG. 1 is a flow chart of a method for visualizing business security in a digital wind tunnel according to an embodiment of the present invention;
FIG. 2 is a flowchart of another method for visualizing traffic security in a digital wind tunnel according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a service security visualization device under a digital wind tunnel according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless expressly stated otherwise, as understood by those skilled in the art. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It will be understood by those skilled in the art that all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs unless defined otherwise. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
FIG. 1 schematically illustrates a flow chart of a method of traffic security visualization in a digital wind tunnel in accordance with one embodiment of the present invention. Referring to fig. 1, the service security visualization method under a digital wind tunnel according to an embodiment of the present invention specifically includes the following steps:
s11, executing a digital wind tunnel test task and collecting test data;
s12, carrying out aggregation analysis on the collected test data according to the test result to obtain an active state set, a resource state set and a protection state set;
s13, inputting the active state set, the resource state set and the protection state set into a pre-trained visual coding model, and outputting a visual effect.
Further, before the digital wind tunnel test task is executed and test data is collected, the method further includes:
the method comprises the steps of disassembling a visual scene into an architecture visual scene and an activity visual scene, wherein the architecture visual scene consists of service points and defense points constructed by a tested service system, and the activity visual scene is an interaction visual generated by normal service and abnormal access of the service system in the process of carrying out service by the service system;
the system, functional modules and components are defined according to service points.
In this embodiment, for example, a system is defined to be composed of N functional modules, 1 functional module having N components; defensive resources are described on the system, functional modules, component nodes.
In this embodiment, the main body of the visual construction as a whole includes: service resources, defending resources and an external activity main body, wherein the service resources consist of different service nodes, and the external activity main body is a test activity;
the business resources and the defending resources have symbiotic relationship and are matched with each other, and an external activity body is embodied as an activity, and the activity interacts with the business resources and the defending resources.
Further, the system is comprised of a plurality of different functional modules, each functional module being comprised of a plurality of different components;
the service points are from system definition, service activity audit, analysis, monitoring/audit results of service penetration/test activity and manual definition, and are updated and iterated through a loop; generating lines by connecting a plurality of different service points, and generating a plane by connecting a plurality of lines/points;
the boundary of the surface is the weight of a service point, the weight is used for performing word segmentation analysis and extraction according to manual definition and normal service flow audit results, the construction of the system and the functional module is realized by using a hierarchical layout algorithm, and the construction of the functional module and the component is realized by using a force-guided layout algorithm;
the defending points are from identity authentication, authorization, access control, audit, asset protection, service point information hiding and component information hiding;
and the defense point protects the functional module.
In this embodiment, the defending points are protected around the system, the functional modules and the components, and the defending points may be from the system security design, the security device, the protection device and the audit device.
Further, the executing the digital wind tunnel test task and collecting test data includes:
and carrying out service testing, network security testing and aggressiveness testing on the information system through a test bed constructed by the digital wind tunnel testing system, and collecting test flow data, test behavior audit data, security protection alarm data, service operation monitoring data and service alarm data.
Further, the test result includes: normal/abnormal access of service points, interception/alarm of service points, normal operation of service points and defending effect of defending points.
Further, the set of activity states includes: data distinguishing normal service access, data distinguishing abnormal service access and data distinguishing offensive access;
the service state set includes: data of normal response of the service point, data of abnormal response of the service point and data of the service point which is attacked;
the defensive resource collection comprises: the data of successful defense of the defense point and the information of the defense point are hidden.
Further, the visual effect includes: the visual effect of the node, the visual effect of the defensive point and the visual effect of the attack/normal access line.
In this embodiment, a visual expression library may be used to obtain a visual effect.
The embodiment of the invention provides a service security visualization method under a digital wind tunnel, which is characterized in that services are extracted, defense points and service points are extracted, the construction of an integral visualization model is realized through a point, line and face layout algorithm, meanwhile, data is developed by taking the service points as attention points, state sets of all objects are extracted to form a visualization set, and a service-based security visualization is constructed; the method is convenient for clients to understand the accompaniment of network security, and simultaneously, the test effect of the digital wind tunnel is visually expressed.
Fig. 2 schematically shows a flow chart of another method of traffic security visualization in a digital wind tunnel according to an embodiment of the invention. Referring to fig. 2, another method for visualizing service security in a digital wind tunnel according to an embodiment of the present invention specifically includes:
disassembling the visual scene; defining a minimum unit to obtain service resources and protection resources; executing a digital wind tunnel test task and collecting data; performing aggregation analysis on the acquired data to obtain an active state set, a resource state set and a protection state set; obtaining a unit visualization set according to the active state set, the resource state set and the protection state set; judging whether all the visual construction is completed or not; if yes, matching with the visual effect, and if not, re-disassembling the visual scene.
According to the service security visualization method under the digital wind tunnel, provided by the embodiment of the invention, the service is extracted, the defense points and the service points are extracted, the construction of an integral visualization model is realized through a point, line and face layout algorithm, meanwhile, the service points are used as attention points for developing data, the state sets of all objects are extracted to form a visualization set, and the service-based security visualization is constructed; the method is convenient for clients to understand the accompaniment of network security, and simultaneously, the test effect of the digital wind tunnel is visually expressed.
For the purposes of simplicity of explanation, the methodologies are shown and described as a series of acts, it is to be understood and appreciated by one of ordinary skill in the art that the methodologies are not limited by the order of acts, as some acts may, in accordance with the methodologies, take place in other order or concurrently. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred embodiments, and that the acts are not necessarily required by the embodiments of the invention.
Fig. 3 schematically shows a schematic structural diagram of a service security visualization device under a digital wind tunnel according to an embodiment of the present invention. Referring to fig. 3, a service security visualization device under a digital wind tunnel according to an embodiment of the present invention specifically includes:
the execution module 301 is configured to execute a digital wind tunnel test task and collect test data;
the aggregation analysis module 302 is configured to perform aggregation analysis on the collected test data according to the test result, so as to obtain an active state set, a resource state set and a protection state set;
the input module 303 is configured to input the set of active states, the set of resource states, and the set of protection states into a pre-trained visual coding model, and output a visual effect.
The embodiment of the invention provides a service security visualization device under a digital wind tunnel, which is characterized in that services are extracted, defense points and service points are extracted, the construction of an integral visualization model is realized through a point, line and face layout algorithm, meanwhile, data is developed by taking the service points as attention points, state sets of all objects are extracted to form a visualization set, and a service-based security visualization is constructed; the method is convenient for clients to understand the accompaniment of network security, and simultaneously, the test effect of the digital wind tunnel is visually expressed.
For the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments for relevant points.
In addition, the embodiment of the invention also provides a computer readable storage medium, on which a computer program is stored, the program being executed by a processor to implement the steps of the service security visualization method under the digital wind tunnel as described above.
In this embodiment, the module/unit integrated by the service security visualization device under the digital wind tunnel may be stored in a computer readable storage medium if implemented in the form of a software functional unit and sold or used as a separate product. Based on such understanding, the present invention may implement all or part of the flow of the method of the above embodiment, or may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and when the computer program is executed by a processor, the computer program may implement the steps of each of the method embodiments described above. Wherein the computer program comprises computer program code which may be in source code form, object code form, executable file or some intermediate form etc. The computer readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer memory, a Read-only memory (ROM), a random access memory (RAM, random AccessMemory), an electrical carrier signal, a telecommunications signal, a software distribution medium, and so forth. It should be noted that the computer readable medium contains content that can be appropriately scaled according to the requirements of jurisdictions in which such content is subject to legislation and patent practice, such as in certain jurisdictions in which such content is subject to legislation and patent practice, the computer readable medium does not include electrical carrier signals and telecommunication signals.
In addition, the embodiment of the invention also provides electronic equipment, which comprises a storage controller, wherein the storage controller comprises a memory, a processor and a computer program which is stored in the memory and can run on the processor, and the processor realizes the steps of the business security visualization method under the digital wind tunnel when executing the program. For example, steps S11 to S13 shown in fig. 1. Alternatively, the processor may implement the functions of the modules/units in the embodiment of the service security visualization device under digital wind tunnel when executing the computer program, for example, the execution module 301, the aggregation analysis module 302, and the input module 303 shown in fig. 3.
According to the business security visualization method and device under the digital wind tunnel, business is extracted, defense points and business points are extracted, the construction of an integral visualization model is realized through a point, line and face layout algorithm, meanwhile, data is developed by taking the business points as attention points, state sets of all objects are extracted to form a visualization set, and security visualization based on the business is constructed; the method is convenient for clients to understand the accompaniment of network security, and simultaneously, the test effect of the digital wind tunnel is visually expressed.
The apparatus embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
From the above description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by means of software plus necessary general hardware platforms, or of course may be implemented by means of hardware. Based on this understanding, the foregoing technical solution may be embodied essentially or in a part contributing to the prior art in the form of a software product, which may be stored in a computer readable storage medium, such as ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the respective embodiments or some parts of the embodiments.
Furthermore, those skilled in the art will appreciate that while some embodiments herein include some features but not others included in other embodiments, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, any of the claimed embodiments can be used in any combination.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.
Claims (8)
1. A method for visualizing traffic security in a digital wind tunnel, the method comprising:
executing a digital wind tunnel test task and collecting test data;
performing aggregation analysis on the collected test data according to the test result to obtain an active state set, a service state set and a protection state set;
inputting the active state set, the service state set and the protection state set into a pre-trained visual coding model, and outputting a visual effect;
wherein:
the executing the digital wind tunnel test task and collecting test data comprises the following steps:
carrying out service test, network security test and aggressiveness test on the information system through a test bed constructed by the digital wind tunnel test system, and collecting test flow data, test behavior audit data, security protection alarm data, service operation monitoring data and service alarm data;
the set of active states includes: data distinguishing normal service access, data distinguishing abnormal service access and data distinguishing offensive access;
the service state set includes: data of normal response of the service point, data of abnormal response of the service point and data of the service point which is attacked;
the protection state set includes: the data of successful defense of the defense point and the information of the defense point are hidden.
2. The method of claim 1, wherein prior to performing the digital wind tunnel test task and collecting the test data, further comprising:
the method comprises the steps of disassembling a visual scene into an architecture visual scene and an activity visual scene, wherein the architecture visual scene consists of service points and defense points constructed by a tested service system, and the activity visual scene is an interaction visual generated by normal service and abnormal access of the service system in the process of carrying out service by the service system;
the system, functional modules and components are defined according to service points.
3. The method of claim 2, wherein the step of determining the position of the substrate comprises,
the system is composed of a plurality of different functional modules, each of which is composed of a plurality of different components;
the service points are from system definition, service activity audit, analysis, monitoring/audit results of service penetration/test activity and manual definition, and are updated and iterated through a loop; generating lines by connecting a plurality of different service points, and generating a plane by connecting a plurality of lines/points;
the boundary of the surface is the weight of a service point, the weight is used for performing word segmentation analysis and extraction according to manual definition and normal service flow audit results, the construction of the system and the functional module is realized by using a hierarchical layout algorithm, and the construction of the functional module and the component is realized by using a force-guided layout algorithm;
the defending points are from identity authentication, authorization, access control, audit, asset protection, service point information hiding and component information hiding;
and the defense point protects the functional module.
4. The method of claim 1, wherein the test results comprise: normal/abnormal access of service points, interception/alarm of service points, normal operation of service points and defending effect of defending points.
5. The method of claim 1, wherein the visualization effect comprises: the visual effect of the node, the visual effect of the defensive point and the visual effect of the attack/normal access line.
6. A traffic safety visualization device in a digital wind tunnel, the device comprising:
the execution module is used for executing the digital wind tunnel test task and collecting test data;
the aggregation analysis module is used for carrying out aggregation analysis on the collected test data according to the test result to obtain an active state set, a service state set and a protection state set;
the input module is used for inputting the active state set, the service state set and the protection state set into a pre-trained visual coding model and outputting a visual effect;
wherein:
the execution module executes the digital wind tunnel test task in the following mode and collects test data:
carrying out service test, network security test and aggressiveness test on the information system through a test bed constructed by the digital wind tunnel test system, and collecting test flow data, test behavior audit data, security protection alarm data, service operation monitoring data and service alarm data;
the set of active states includes: data distinguishing normal service access, data distinguishing abnormal service access and data distinguishing offensive access;
the service state set includes: data of normal response of the service point, data of abnormal response of the service point and data of the service point which is attacked;
the protection state set includes: the data of successful defense of the defense point and the information of the defense point are hidden.
7. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method according to any of claims 1-5.
8. An electronic device comprising a memory controller, the memory controller comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the method of any one of claims 1-5 when the computer program is executed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310477322.4A CN116545880B (en) | 2023-04-28 | 2023-04-28 | Service security visualization method and device under digital wind tunnel |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310477322.4A CN116545880B (en) | 2023-04-28 | 2023-04-28 | Service security visualization method and device under digital wind tunnel |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116545880A CN116545880A (en) | 2023-08-04 |
| CN116545880B true CN116545880B (en) | 2024-01-30 |
Family
ID=87451728
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310477322.4A Active CN116545880B (en) | 2023-04-28 | 2023-04-28 | Service security visualization method and device under digital wind tunnel |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116545880B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110955899A (en) * | 2019-12-13 | 2020-04-03 | 中国工商银行股份有限公司 | Safety test method, device, test equipment and medium |
| CN114780378A (en) * | 2022-03-15 | 2022-07-22 | 中国人寿保险股份有限公司 | Service interface-based system stability detection traceability method and related equipment |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8468244B2 (en) * | 2007-01-05 | 2013-06-18 | Digital Doors, Inc. | Digital information infrastructure and method for security designated data and with granular data stores |
| US9681304B2 (en) * | 2013-02-22 | 2017-06-13 | Websense, Inc. | Network and data security testing with mobile devices |
| EP4378137A1 (en) * | 2021-07-30 | 2024-06-05 | Cisco Technology, Inc. | Multi-service views for network monitoring visualization |
-
2023
- 2023-04-28 CN CN202310477322.4A patent/CN116545880B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110955899A (en) * | 2019-12-13 | 2020-04-03 | 中国工商银行股份有限公司 | Safety test method, device, test equipment and medium |
| CN114780378A (en) * | 2022-03-15 | 2022-07-22 | 中国人寿保险股份有限公司 | Service interface-based system stability detection traceability method and related equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116545880A (en) | 2023-08-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12034747B2 (en) | Unsupervised learning to simplify distributed systems management | |
| Liu et al. | Modeling cyber-physical attacks based on probabilistic colored Petri nets and mixed-strategy game theory | |
| Huang et al. | Distilling critical attack graph surface iteratively through minimum-cost sat solving | |
| DE112019003431T5 (en) | RULES GENERATING WITH THE HELP OF ARTIFICIAL INTELLIGENCE | |
| CN116527536B (en) | Test evaluation method, device and system based on parallel simulation | |
| CN110958263B (en) | Network attack detection method, device, equipment and storage medium | |
| CN109298855A (en) | A kind of network target range management system and its implementation, device, storage medium | |
| CN112100623A (en) | Risk assessment method, device and equipment of machine learning model and storage medium | |
| Wortman et al. | SMART: security model adversarial risk-based tool for systems security design evaluation | |
| Khaddaj et al. | Rethinking backdoor attacks | |
| Nazari et al. | Using cgan to deal with class imbalance and small sample size in cybersecurity problems | |
| Karbowski et al. | Critical infrastructure risk assessment using Markov chain model | |
| CN117993024B (en) | Data security assessment method and system based on data elements | |
| CN116545880B (en) | Service security visualization method and device under digital wind tunnel | |
| CN117113348A (en) | Threat detection code generation and use methods, apparatus, devices and media | |
| Ahmed Khan et al. | Generating realistic IoT‐based IDS dataset centred on fuzzy qualitative modelling for cyber‐physical systems | |
| Antul et al. | Toward scaling model-based engineering for systems of systems | |
| Tian et al. | [Retracted] Intrusion Detection Method Based on Deep Learning | |
| Buchanan et al. | Simulation debugging and visualization in the Möbius Modeling Framework | |
| CN113779336A (en) | User behavior data processing method and device and electronic equipment | |
| Gadyatskaya et al. | Attack-tree series: A case for dynamic attack tree analysis | |
| CN112750047A (en) | Behavior relation information extraction method and device, storage medium and electronic equipment | |
| Horawalavithana et al. | Behind the mask: Understanding the structural forces that make social graphs vulnerable to deanonymization | |
| Yan et al. | Holistic Implicit Factor Evaluation of Model Extraction Attacks | |
| Jha et al. | Feature Selection for Attacker Attribution in Industrial Automation & Control Systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |