CN116827811A - Three-dimensional visual management method, system and equipment for network security assets - Google Patents

Three-dimensional visual management method, system and equipment for network security assets Download PDF

Info

Publication number
CN116827811A
CN116827811A CN202310848408.3A CN202310848408A CN116827811A CN 116827811 A CN116827811 A CN 116827811A CN 202310848408 A CN202310848408 A CN 202310848408A CN 116827811 A CN116827811 A CN 116827811A
Authority
CN
China
Prior art keywords
data
network security
scene
security asset
dimensional model
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310848408.3A
Other languages
Chinese (zh)
Inventor
夏俊杰
高枫
肖宇
王伟
王超
韩孟祥
宋畅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN202310848408.3A priority Critical patent/CN116827811A/en
Publication of CN116827811A publication Critical patent/CN116827811A/en
Pending legal-status Critical Current

Links

Landscapes

  • Processing Or Creating Images (AREA)

Abstract

The application provides a three-dimensional visual management method, a system and equipment for network security assets, which acquire network security asset data through acquisition of field data and equipment operation data; analyzing the network security asset data to obtain analysis data; according to the scenes in the network security assets, invoking network security asset three-dimensional models corresponding to the scenes from a preset network security asset three-dimensional model library to construct a target three-dimensional model; configuring visual parameters in the target three-dimensional model according to the analysis data, generating a visual effect on the basis of the target three-dimensional model, loading and generating a data window at the associated position of each scene in the target three-dimensional model, displaying the analysis data and the original data corresponding to each scene in the data window, combining a digital twin technology, a city information model and network security asset monitoring, and displaying network security asset information in real time in a pre-stored network security asset three-dimensional model animation form.

Description

Three-dimensional visual management method, system and equipment for network security assets
Technical Field
The present application relates to communication technologies, and in particular, to a method, system, and device for three-dimensional visual management of network security assets.
Background
With the development of information technology, network information systems play an increasingly critical role, and software and hardware information related to network information is called network security assets. The traditional network security asset management method is to collect network security asset data and directly use the data in a network security management and control system or generate a result report for a manager to use through data analysis.
However, most of the existing network security asset management methods display network security asset data in a chart mode, for example, fixed data content is displayed beside a network security asset schematic diagram, the position and the state of the network security asset in a three-dimensional city scene cannot be displayed, the existing network security management methods lack effective interaction between the network security asset and people, manual update cannot be achieved in real time, and vulnerability detection programs are difficult to collect, so that the network security state is difficult to comprehensively grasp.
Disclosure of Invention
The application provides a three-dimensional visual management method, system and equipment for network security assets, which are used for solving the problems of single expression mode, poor real-time performance, low management efficiency and narrow viewing angle of the traditional network security asset management.
In one aspect, the application provides a three-dimensional visual management method for network security assets, comprising the following steps:
acquiring network security asset data through acquisition of field data and equipment operation data;
analyzing the network security asset data to obtain analysis data, wherein the analysis data comprises state data of each scene in the network security asset, and the scenes comprise sites and devices;
according to the scenes in the network security assets, retrieving network security asset three-dimensional models corresponding to the scenes from a preset network security asset three-dimensional model library to construct a target three-dimensional model, wherein the network security asset three-dimensional model library is used for storing network security asset three-dimensional models corresponding to different scenes;
configuring visual parameters in the target three-dimensional model according to the analysis data, generating a visual effect on the basis of the target three-dimensional model, loading and generating a data window at the associated position of each scene in the target three-dimensional model, and displaying the analysis data and the original data corresponding to each scene in the data window.
In one possible implementation, the acquiring network security asset data through the collection of field data and device operation data includes:
Acquiring real-time shooting data of a camera to obtain field data, and acquiring real-time operation data of equipment to obtain the operation data of the equipment;
summarizing the field data and the equipment operation data as original data;
and preprocessing the original data to generate and acquire network security asset data.
In a possible implementation manner, the preprocessing the raw data includes:
dividing the original data into correct data, repeated data, error data and incomplete data according to a preset data verification rule;
deleting the repeated data, and only reserving one part of the repeated data as correct data;
and reserving the correct data, and generating a preprocessing report according to the error data and the incomplete data.
In one possible implementation manner, the analysis data includes geographic position data of each scene in the cyber-security asset, and the retrieving the cyber-security asset three-dimensional model corresponding to each scene from the preset cyber-security asset three-dimensional model library to construct the target three-dimensional model includes:
acquiring a network security asset three-dimensional model corresponding to each scene from a preset network security asset three-dimensional model library;
And splicing the three-dimensional models of the network security assets corresponding to each scene based on the geographic position data of each scene, and constructing a target three-dimensional model.
In a possible implementation manner, the configuring the visualization parameters in the target three-dimensional model according to the analysis data, generating a visualization effect on the basis of the target three-dimensional model, includes:
obtaining visual parameters corresponding to each scene from a preset state parameter library according to the state data of each scene, wherein the preset state parameter library is used for storing the visual parameters corresponding to each state data, and the visual parameters comprise color parameters, brightness parameters, flash frequency parameters and transparency parameters;
and carrying out visual parameter configuration on the network security asset three-dimensional model of each scene in the target three-dimensional model according to the visual parameters corresponding to each scene, and generating a visual effect.
In one possible implementation manner, the analyzing the network security asset data to obtain analysis data includes:
judging whether the network security asset data of each scene is abnormal data or not according to the preset data security range of each scene;
If yes, the state data of the scene is in an abnormal state;
if not, acquiring the state data of the scene based on the network security asset data of the scene.
In one possible implementation manner, after the determining whether the network security asset data of each scene is abnormal data, the method further includes:
taking a scene with abnormal state data as an abnormal scene, and acquiring geographic information data of the abnormal scene from network security asset data of the abnormal scene;
and sending out an alarm in a data window associated with the abnormal scene based on the geographic information data of the abnormal scene.
In another aspect, the present application provides a three-dimensional visual management device for a network security asset, including:
the data acquisition module is used for acquiring network security asset data through acquisition of field data and equipment operation data;
the data analysis module is used for analyzing the network security asset data to obtain analysis data, wherein the analysis data comprises state data of each scene in the network security asset, and the scenes comprise sites and devices;
the target three-dimensional model building module is used for retrieving three-dimensional network security asset models corresponding to all scenes from a preset three-dimensional network security asset model library according to the scenes in the network security asset to build a target three-dimensional model, and the three-dimensional network security asset model library is used for storing three-dimensional network security asset models corresponding to different scenes;
The visual display module is used for configuring visual parameters in the target three-dimensional model according to the analysis data, generating a visual effect on the basis of the target three-dimensional model, loading and generating a data window at the associated position of each scene in the target three-dimensional model, and displaying the analysis data and the original data corresponding to each scene in the data window.
In a third aspect, the present application provides an electronic device comprising a memory, a processor, and computer-executable instructions stored in the memory and executable on the processor, the processor implementing the network security asset three-dimensional visualization management method of any one of the first aspects above when executing the computer-executable instructions.
In a fourth aspect, the present application provides a computer readable storage medium storing a computer program which when executed by a processor implements the network security asset three-dimensional visualization management method of any one of the first aspects above.
The application provides a three-dimensional visual management method, a system and equipment for network security assets, which acquire network security asset data through acquisition of field data and equipment operation data; analyzing the network security asset data to obtain analysis data, wherein the analysis data comprises state data of each scene in the network security asset, and the scenes comprise sites and devices; according to the scenes in the network security assets, retrieving network security asset three-dimensional models corresponding to the scenes from a preset network security asset three-dimensional model library to construct a target three-dimensional model, wherein the network security asset three-dimensional model library is used for storing network security asset three-dimensional models corresponding to different scenes; configuring visual parameters in the target three-dimensional model according to the analysis data, generating a visual effect on the basis of the target three-dimensional model, loading and generating a data window at the associated position of each scene in the target three-dimensional model, displaying the analysis data and the original data corresponding to each scene in the data window, combining a digital twin technology, a city information model and network security asset monitoring, and displaying network security asset information in real time in a pre-stored network security asset three-dimensional model animation form.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.
Fig. 1 is an application scenario schematic diagram of a three-dimensional visual management method for network security assets provided by an embodiment of the present application.
Fig. 2 is a flowchart of a three-dimensional visual management method for network security assets according to an embodiment of the present application.
Fig. 3 is a flowchart of a method for generating a visualization effect based on a target three-dimensional model according to the present embodiment.
Fig. 4 is a schematic diagram of a three-dimensional visual management device for network security assets according to an embodiment of the present application.
Fig. 5 is a schematic structural diagram of an electronic device based on a three-dimensional visual management device for network security assets according to an embodiment of the present application.
Specific embodiments of the present application have been shown by way of the above drawings and will be described in more detail below. The drawings and the written description are not intended to limit the scope of the inventive concepts in any way, but rather to illustrate the inventive concepts to those skilled in the art by reference to the specific embodiments.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the application. Rather, they are merely examples of apparatus and methods consistent with aspects of the application as detailed in the accompanying claims.
First, the terms involved in the present application will be explained:
the city information model (City Information Modeling, CIM) is an organic complex that builds a three-dimensional city space model and city information based on city information data. The CIM foundation platform is a foundation platform for building three-dimensional digital models such as buildings, infrastructures and the like on the basis of urban foundation geographic information, expressing and managing urban three-dimensional space, is a basic operation platform for urban planning, construction, management and operation work, and is a basic, key and physical information infrastructure of a smart city.
The digital twin is to fully utilize data such as a physical model, sensor update, operation history and the like, integrate simulation processes of multiple disciplines, multiple physical quantities, multiple scales and multiple probabilities, and complete mapping in a virtual space, thereby reflecting the full life cycle process of corresponding entity equipment. Digital twinning is a beyond-the-reality concept that can be seen as a digital mapping system of one or more important, mutually dependent equipment systems.
In the related art, the conventional cyber-security asset management method has the following problems:
firstly, the expression mode is single, and most of the network security asset data are displayed in a chart mode, for example, fixed data content is displayed beside a network security asset schematic diagram, the position and the state of the network security asset in a three-dimensional city scene cannot be displayed, other content is difficult to view, detailed information is difficult to view from other view angles, and monitoring of management staff is not facilitated.
Secondly, the system lacks a real-time monitoring and feedback mechanism, and the traditional network security asset management generally needs to manually collect and analyze asset data, so that real-time monitoring and feedback cannot be realized. Therefore, the manager is difficult to know the running condition and the safety condition of the asset in time, corresponding measures cannot be taken in time, and security holes and faults are easy to occur.
Third, traditional network security asset management generally focuses only on specific asset classes and security issues, and lacks a comprehensive and comprehensive perspective. This makes it difficult for the manager to fully understand and master the status of the network security assets, and blind areas and vulnerabilities are likely to occur.
Aiming at the technical problems, the embodiment of the application aims to provide a three-dimensional visual management method, a system and equipment for network security assets, and the core concept of the method is that virtual network security assets and network security assets in the real world are combined through a digital twin technology, so that network security management staff can intuitively check the network security assets and operation conditions in a simulated three-dimensional scene displayed by a control terminal without any visit, and master the main information of network security. The method can effectively make up the defects of the traditional network security management method and improve the efficiency and accuracy of network security management and control.
In order to better understand the scheme of the embodiment of the present application, an application scenario related to the embodiment of the present application is described below.
Referring to fig. 1, fig. 1 is a schematic diagram of an application scenario of a three-dimensional visual management method for network security assets according to an embodiment of the present application, as shown in fig. 1, including a scenario end 100, a server 200, and a presentation end 300.
Where the scene side 100 includes a field and a device, the field may be a machine room with a camera, the device may be a sensor, etc., the scene side 100 continuously generates real-time data related to network security assets and transmits the data to the server 200.
The server 200 may be configured to receive related data sent by the scene end 100, and process the data accordingly to form a visual model and data that may be displayed at the display end 300. In particular, the server 200 may include a data center, a data acquisition unit, a data analysis unit, and a three-dimensional visualization unit. The data acquisition unit is used for receiving related data sent by the scene end 100 and storing the data to the data center; the data analysis unit can be used for extracting data from the data center and analyzing the data to obtain analysis data; the three-dimensional visualization unit comprises a three-dimensional model synthesis module, an analysis data matching module and a three-dimensional rendering display module, wherein the three-dimensional model synthesis module is used for retrieving a three-dimensional model of the network security asset from a three-dimensional model library of the urban network security asset, the analysis data matching module is used for carrying out visual parameter configuration on the three-dimensional model of the network security asset according to analysis data, and the three-dimensional rendering display module is used for rendering the three-dimensional model of the network security asset.
The presentation end 300 may be configured to present the three-dimensional model of the cyber-security asset according to the rendered three-dimensional model of the cyber-security asset generated by the server 200. The display terminal 300 may refer to a terminal with a display screen, or may refer to a terminal with a CIM three-dimensional platform.
The following describes the technical scheme of the present application and how the technical scheme of the present application solves the above technical problems in detail with specific embodiments. The following embodiments may be combined with each other, and the same or similar concepts or processes may not be described in detail in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
Fig. 2 is a flowchart of a three-dimensional visual management method for network security assets according to an embodiment of the present application. As shown in fig. 2, the method of the present embodiment includes:
s201: and acquiring network security asset data through acquisition of field data and equipment operation data.
The execution main body of the embodiment of the application can be a server or a network security asset three-dimensional visual management system in the server, wherein the network security asset three-dimensional visual management system can be realized through software.
It can be appreciated that the field data may include real-time video of the machine room captured by the camera, and the device operation data may include device data collected by the sensor on the device, including data such as network traffic, abnormal access, and the like.
S202: analyzing the network security asset data to obtain analysis data, wherein the analysis data comprises state data of each scene in the network security asset, and the scenes comprise sites and devices.
In this step, analyzing the cyber-security asset data mainly includes counting the data according to a preset rule, combining the original data with the cyber-security asset location, and the like, so as to obtain status data of each scene in the cyber-security asset.
S203: and according to the scenes in the network security assets, retrieving the network security asset three-dimensional models corresponding to the scenes from a preset network security asset three-dimensional model library to construct a target three-dimensional model, wherein the network security asset three-dimensional model library is used for storing the network security asset three-dimensional models corresponding to different scenes.
In the step, according to the actual scenes, a network security asset three-dimensional model corresponding to each scene is called from a preset network security asset three-dimensional model library, so that a digital and virtual target three-dimensional model is constructed, and the target three-dimensional model can reflect the state of the actual scene and realize digital twin.
It can be understood that a plurality of models such as equipment, network connection and the like for mapping the real network security assets exist in the CIM three-dimensional scene, and a network security asset three-dimensional model library can be built based on the CIM three-dimensional scene.
S204: configuring visual parameters in the target three-dimensional model according to the analysis data, generating a visual effect on the basis of the target three-dimensional model, loading and generating a data window at the associated position of each scene in the target three-dimensional model, and displaying the analysis data and the original data corresponding to each scene in the data window.
In this step, the state data corresponding to each scene in the analysis data is mainly converted, and the data is visually expressed in a specific visual expression mode. Specifically, by acquiring and analyzing real-time data, visual parameters in the target three-dimensional model are configured, for example, the model corresponding to the scene is classified and displayed by changing the color, brightness, luminous degree and transparency of the three-dimensional model, so as to express different current working states. Therefore, the state of a specific network security asset can be expressed in an animation mode, which is equivalent to the state of the specific network security asset in the running state of the network security asset in real time, and whether the specific network security asset works normally can be clearly known when the scene fails.
According to the three-dimensional visual management method for the network security assets, the network security asset data are acquired through acquisition of field data and equipment operation data; analyzing the network security asset data to obtain analysis data, wherein the analysis data comprises state data of each scene in the network security asset, and the scenes comprise sites and devices; according to the scenes in the network security assets, retrieving network security asset three-dimensional models corresponding to the scenes from a preset network security asset three-dimensional model library to construct a target three-dimensional model, wherein the network security asset three-dimensional model library is used for storing network security asset three-dimensional models corresponding to different scenes; configuring visual parameters in the target three-dimensional model according to the analysis data, generating a visual effect on the basis of the target three-dimensional model, loading and generating a data window at the associated position of each scene in the target three-dimensional model, displaying the analysis data and the original data corresponding to each scene in the data window, combining a digital twin technology, a city information model and network security asset monitoring, and displaying network security asset information in real time in a pre-stored network security asset three-dimensional model animation form.
The technical scheme of the three-dimensional visual management method for the network security assets is described in detail below.
In a possible implementation manner, the three-dimensional visual management method for the network security asset provided by the embodiment summarizes the field data and the equipment operation data as original data, and obtains the network security asset data after preprocessing the original data.
Specifically, the acquiring network security asset data through the acquisition of field data and equipment operation data comprises the following steps: acquiring real-time shooting data of a camera to obtain field data, and acquiring real-time operation data of equipment to obtain the operation data of the equipment; summarizing the field data and the equipment operation data as original data; and preprocessing the original data to generate and acquire network security asset data.
It will be appreciated that the data of the network security asset site, including the operational status data of the device, etc., may be collected by sensors, data collection devices, and monitoring programs deployed on the network security asset in the scene in which the network security asset is located. The collected data is converted into transmission control protocol/internet protocol (Transmission Control Protocol/Internet Protocol, TCP/IP), whereby the original data that can be transmitted over the internet can be obtained.
Specifically, preprocessing the original data includes: dividing the original data into correct data, repeated data, error data and incomplete data according to a preset data verification rule; deleting the repeated data, and only reserving one part of the repeated data as correct data; and reserving the correct data, and generating a preprocessing report according to the error data and the incomplete data.
In the step of preprocessing the original data, the original data is classified according to a preset data verification rule, wherein the data verification rule can be used for judging the type of the original data according to the content and the generation time of the original data. And carrying out different processing on the original data of different columns, screening the original data, and generating a preprocessing report according to the error data and the incomplete data so as to facilitate maintenance personnel to check.
In this embodiment, the field data and the device operation data are summarized as the original data, and the network security asset data is obtained after the original data is preprocessed, so that the comprehensiveness and correctness of data acquisition are effectively ensured, and the accuracy of subsequent data analysis is facilitated.
In one possible implementation manner, the analysis data includes geographic position data of each scene in the cyber-security asset, and the retrieving the cyber-security asset three-dimensional model corresponding to each scene from the preset cyber-security asset three-dimensional model library to construct the target three-dimensional model includes: acquiring a network security asset three-dimensional model corresponding to each scene from a preset network security asset three-dimensional model library; and splicing the three-dimensional models of the network security assets corresponding to each scene based on the geographic position data of each scene, and constructing a target three-dimensional model.
In this embodiment, the three-dimensional model of the network security asset corresponding to each scene may be called from the three-dimensional model library of the network security asset, and the position parameter data is matched with the three-dimensional model of the network security asset, so that the three-dimensional model of the network security asset may be generated at the corresponding position in the three-dimensional scene, thereby constructing the target three-dimensional model.
In this embodiment, a digital and virtual target three-dimensional model is constructed by retrieving a network security asset three-dimensional model corresponding to each scene from a preset network security asset three-dimensional model library, so as to implement digital twin, and reflect the state in each actual scene in real time in a digital form in a CIM three-dimensional scene.
In a possible implementation manner, the three-dimensional visualization management method for the network security asset provided by the embodiment obtains the visualization parameters corresponding to each scene from the preset state parameter library according to the state data of each scene, and configures the visualization parameters in the target three-dimensional model so as to generate a visualization effect. Fig. 3 is a flowchart of a method for generating a visual effect on the basis of a target three-dimensional model according to the present embodiment, where, as shown in fig. 3, the method includes configuring visual parameters in the target three-dimensional model according to the analysis data, and generating the visual effect on the basis of the target three-dimensional model, where the method includes:
s301: and obtaining the visual parameters corresponding to each scene from a preset state parameter library according to the state data of each scene, wherein the preset state parameter library is used for storing the visual parameters corresponding to each state data.
In the step, according to the current state data of each scene in the urban network security asset, the visualization parameters matched with the current state data in the preset state parameter library are called. By way of example and not limitation, the visualization parameters include color parameters, brightness parameters, flash frequency parameters, transparency parameters.
S302: and carrying out visual parameter configuration on the network security asset three-dimensional model of each scene in the target three-dimensional model according to the visual parameters corresponding to each scene, and generating a visual effect.
In the step, the model corresponding to the scene is displayed by changing the color, brightness, luminous degree and transparency of the three-dimensional model so as to express different current working states.
It can be understood that the process of visual parameter configuration is that the process of driving the state animation in the three-dimensional model according to the state of the scene, the state animation is a corresponding state animation of preset state matching for the network security asset, and the state animation has a corresponding matching relationship with the state data.
Specifically, the driving state animation may be classified into a data driving state animation and a numerical data driving state animation in two ways, respectively. The driving mode of the classified data driving state animation is as follows: and presetting one-to-one corresponding state animations in a preset state parameter library according to different orders or different state categories of the state data of the similar network security assets, and finding out the corresponding state animations according to the orders or the state categories of the current state data for display. The driving mode is to directly call the corresponding state animation from the preset animation library according to the state data by using the mapping relation, and the mode is that the animation expression is discontinuous, but the operation and the setting are simpler and the processing can be finished by a simpler mode. The driving mode of the numerical data driving state animation is as follows: setting a corresponding state animation for a network security asset in a preset state parameter library, and changing the display parameters of the state animation according to the current data value so as to display the corresponding state animation. The driving method actually uses the data value to change the parameter character of the state animation, so that the change of the state animation can be accomplished in a continuous mode, the expression is more detailed, but more factors are needed, and the calculation processing process is more complex.
In this embodiment, the visualization parameters corresponding to each scene are obtained from the preset state parameter library according to the state data of each scene, and the visualization parameters in the target three-dimensional model are configured to generate the visualization effect, so that the method has the characteristics of high information integration and high information visualization, and can meet the requirements of each layer of management personnel on fast and efficient mastering of the network security asset information and the requirements of the management personnel on deep viewing of the network security asset information.
In one possible implementation manner, the analyzing the network security asset data to obtain analysis data includes: judging whether the network security asset data of each scene is abnormal data or not according to the preset data security range of each scene; if yes, the state data of the scene is in an abnormal state; if not, acquiring the state data of the scene based on the network security asset data of the scene.
It can be understood that when an abnormality such as a device failure, a network intrusion, etc. occurs in the scene, the network security asset data thereof also exceeds the preset data security range. Therefore, whether the network security asset data of the scene is abnormal data can be judged by detecting whether the network security asset data of the scene exceeds a preset data security range, and whether the state of the scene is abnormal is further determined, so that the scene is conveniently displayed and an alarm is sent out in a visual interface.
In this embodiment, whether the network security asset data of the scene is abnormal data is determined by detecting whether the network security asset data of the scene exceeds a preset data security range, so that state data corresponding to the actual state of the scene can be generated in the three-dimensional visual model, whether the scene is abnormal or not is rapidly distinguished, and an alarm is timely sent out.
In one possible implementation manner, when the warning is given to the scene of the abnormal data, the warning may be located, and after the determining whether the network security asset data of each scene is the abnormal data, the method further includes: taking a scene with abnormal state data as an abnormal scene, and acquiring geographic information data of the abnormal scene from network security asset data of the abnormal scene; and sending out an alarm in a data window associated with the abnormal scene based on the geographic information data of the abnormal scene.
In this embodiment, after obtaining the abnormal data, the position of the scene is quickly located according to the scene to which the abnormal data belongs, and an alarm is sent out on the display interface of the system.
In this embodiment, by acquiring the geographic information data of the abnormal scene, and based on the geographic information data of the abnormal scene, an alarm is sent out in a data window associated with the abnormal scene, so that the abnormal scene can be timely alarmed in the three-dimensional visual model, and the geographic information data of the abnormal scene is associated, thereby facilitating maintenance personnel to timely perform maintenance work and improving response timeliness to network security asset management.
Fig. 4 is a schematic diagram of a three-dimensional visual management device for network security assets according to an embodiment of the present application. As shown in fig. 4, the three-dimensional visual management device for network security assets comprises:
a data acquisition module 41, configured to acquire network security asset data through acquisition of field data and equipment operation data;
a data analysis module 42, configured to analyze the cyber-security asset data to obtain analysis data, where the analysis data includes status data of each scenario in the cyber-security asset, and the scenario includes a site and a device;
the target three-dimensional model construction module 43 is configured to retrieve, according to the scenes in the cyber-security asset, a cyber-security asset three-dimensional model corresponding to each scene from a preset cyber-security asset three-dimensional model library, to construct a target three-dimensional model, where the cyber-security asset three-dimensional model library is configured to store cyber-security asset three-dimensional models corresponding to different scenes;
the visual display module 44 is configured to configure visual parameters in the target three-dimensional model according to the analysis data, generate a visual effect on the basis of the target three-dimensional model, load and generate a data window at the associated position of each scene in the target three-dimensional model, and display the analysis data and the original data corresponding to each scene in the data window.
In one possible design, the data acquisition module 41 is specifically configured to:
acquiring real-time shooting data of a camera to obtain field data, and acquiring real-time operation data of equipment to obtain the operation data of the equipment;
summarizing the field data and the equipment operation data as original data;
and preprocessing the original data to generate and acquire network security asset data.
In one possible design, the data acquisition module 41 is also specifically configured to:
dividing the original data into correct data, repeated data, error data and incomplete data according to a preset data verification rule;
deleting the repeated data, and only reserving one part of the repeated data as correct data;
and reserving the correct data, and generating a preprocessing report according to the error data and the incomplete data.
In one possible design, the analysis data includes geographic location data for each scene in the cyber-security asset, and the target three-dimensional model building module 43 is specifically configured to: acquiring a network security asset three-dimensional model corresponding to each scene from a preset network security asset three-dimensional model library;
and splicing the three-dimensional models of the network security assets corresponding to each scene based on the geographic position data of each scene, and constructing a target three-dimensional model.
In one possible design, the visual presentation module 44 is specifically configured to:
obtaining visual parameters corresponding to each scene from a preset state parameter library according to the state data of each scene, wherein the preset state parameter library is used for storing the visual parameters corresponding to each state data, and the visual parameters comprise color parameters, brightness parameters, flash frequency parameters and transparency parameters;
and carrying out visual parameter configuration on the network security asset three-dimensional model of each scene in the target three-dimensional model according to the visual parameters corresponding to each scene, and generating a visual effect.
In one possible design, the data analysis module 42 is specifically configured to:
judging whether the network security asset data of each scene is abnormal data or not according to the preset data security range of each scene;
if yes, the state data of the scene is in an abnormal state;
if not, acquiring the state data of the scene based on the network security asset data of the scene.
In one possible design, the data analysis module 42 is also specifically configured to:
taking a scene with abnormal state data as an abnormal scene, and acquiring geographic information data of the abnormal scene from network security asset data of the abnormal scene;
And sending out an alarm in a data window associated with the abnormal scene based on the geographic information data of the abnormal scene.
Fig. 5 is a schematic structural diagram of an electronic device based on a three-dimensional visual management device for network security assets according to an embodiment of the present application. As shown in fig. 5, the electronic device of this embodiment includes: at least one processor 50 (only one shown in fig. 5), a memory 51, and a computer program stored in the memory 51 and executable on the at least one processor 50, the processor 50 implementing the steps in any of the various method embodiments described above when executing the computer program.
The electronic device may include, but is not limited to, a processor 50, a memory 51. It will be appreciated by those skilled in the art that fig. 5 is merely an example of an electronic device and is not meant to be limiting, and may include more or fewer components than shown, or may combine certain components, or different components, such as may also include input-output devices, network access devices, etc.
The processor 50 may be a central processing unit (Central Processing Unit, CPU), the processor 50 may also be other general purpose processors, digital signal processors (Digital Signal Processor, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), off-the-shelf programmable gate arrays (Field Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The specific implementation process of the processor 501 may refer to the above-mentioned method embodiment, and its implementation principle and technical effects are similar, and this embodiment will not be described herein again.
The memory 51 may in some embodiments be an internal storage unit of the electronic device, such as a memory of the electronic device. The memory 51 may also be an external storage device of the electronic device in other embodiments, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash Card (Flash Card) or the like. Further, the memory 51 may also include both an internal storage unit and an external storage device of the electronic device. The memory 51 is used to store an operating system, application programs, boot loader (BootLoader), data, and other programs, etc., such as program codes of computer programs, etc. The memory 51 may also be used to temporarily store data that has been output or is to be output.
The embodiments of the present application also provide a computer readable storage medium storing a computer program, which when executed by a processor implements steps of the above-described respective method embodiments.
The computer readable storage medium described above may be implemented by any type of volatile or non-volatile memory device or combination thereof, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic disk, or optical disk. A readable storage medium can be any available medium that can be accessed by a general purpose or special purpose computer.
An exemplary readable storage medium is coupled to the processor such the processor can read information from, and write information to, the readable storage medium. In the alternative, the readable storage medium may be integral to the processor. The processor and the readable storage medium may reside in an application specific integrated circuit (Application Specific Integrated Circuits, ASIC for short). The processor and the readable storage medium may reside as discrete components in the electronic device described above.
Those of ordinary skill in the art will appreciate that: all or part of the steps for implementing the method embodiments described above may be performed by hardware associated with program instructions. The foregoing program may be stored in a computer readable storage medium. The program, when executed, performs steps including the method embodiments described above; and the aforementioned storage medium includes: various media that can store program code, such as ROM, RAM, magnetic or optical disks.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus/network device and method may be implemented in other manners. For example, the apparatus/network device embodiments described above are merely illustrative, e.g., the division of the modules or units is merely a logical functional division, and there may be additional divisions in actual implementation, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection via interfaces, devices or units, which may be in electrical, mechanical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Other embodiments of the application will be apparent to those skilled in the art from consideration of the specification and practice of the application disclosed herein. This application is intended to cover any variations, uses, or adaptations of the application following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the application pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It is to be understood that the application is not limited to the precise arrangements and instrumentalities shown in the drawings, which have been described above, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the application is limited only by the appended claims.

Claims (10)

1. A method for three-dimensional visual management of a network security asset, comprising:
acquiring network security asset data through acquisition of field data and equipment operation data;
analyzing the network security asset data to obtain analysis data, wherein the analysis data comprises state data of each scene in the network security asset, and the scenes comprise sites and devices;
according to the scenes in the network security assets, retrieving network security asset three-dimensional models corresponding to the scenes from a preset network security asset three-dimensional model library to construct a target three-dimensional model, wherein the network security asset three-dimensional model library is used for storing network security asset three-dimensional models corresponding to different scenes;
configuring visual parameters in the target three-dimensional model according to the analysis data, generating a visual effect on the basis of the target three-dimensional model, loading and generating a data window at the associated position of each scene in the target three-dimensional model, and displaying the analysis data and the original data corresponding to each scene in the data window.
2. The method of claim 1, wherein the acquiring network security asset data through the collection of field data and equipment operation data comprises:
Acquiring real-time shooting data of a camera to obtain field data, and acquiring real-time operation data of equipment to obtain the operation data of the equipment;
summarizing the field data and the equipment operation data as original data;
and preprocessing the original data to generate and acquire network security asset data.
3. The method of claim 2, wherein the preprocessing the raw data comprises:
dividing the original data into correct data, repeated data, error data and incomplete data according to a preset data verification rule;
deleting the repeated data, and only reserving one part of the repeated data as correct data;
and reserving the correct data, and generating a preprocessing report according to the error data and the incomplete data.
4. The method according to claim 1, wherein the analysis data includes geographic position data of each scene in the cyber-security asset, and the retrieving the cyber-security asset three-dimensional model corresponding to each scene from the preset cyber-security asset three-dimensional model library to construct the target three-dimensional model includes:
acquiring a network security asset three-dimensional model corresponding to each scene from a preset network security asset three-dimensional model library;
And splicing the three-dimensional models of the network security assets corresponding to each scene based on the geographic position data of each scene, and constructing a target three-dimensional model.
5. The method of claim 1, wherein configuring the visualization parameters in the target three-dimensional model according to the analysis data, generating a visualization effect based on the target three-dimensional model, comprises:
obtaining visual parameters corresponding to each scene from a preset state parameter library according to the state data of each scene, wherein the preset state parameter library is used for storing the visual parameters corresponding to each state data, and the visual parameters comprise color parameters, brightness parameters, flash frequency parameters and transparency parameters;
and carrying out visual parameter configuration on the network security asset three-dimensional model of each scene in the target three-dimensional model according to the visual parameters corresponding to each scene, and generating a visual effect.
6. The method of claim 1, wherein analyzing the cyber-security asset data to obtain analysis data comprises:
judging whether the network security asset data of each scene is abnormal data or not according to the preset data security range of each scene;
If yes, the state data of the scene is in an abnormal state;
if not, acquiring the state data of the scene based on the network security asset data of the scene.
7. The method of claim 6, further comprising, after said determining whether said cyber-security asset data for each scene is anomalous data:
taking a scene with abnormal state data as an abnormal scene, and acquiring geographic information data of the abnormal scene from network security asset data of the abnormal scene;
and sending out an alarm in a data window associated with the abnormal scene based on the geographic information data of the abnormal scene.
8. A network security asset three-dimensional visualization management device, comprising:
the data acquisition module is used for acquiring network security asset data through acquisition of field data and equipment operation data;
the data analysis module is used for analyzing the network security asset data to obtain analysis data, wherein the analysis data comprises state data of each scene in the network security asset, and the scenes comprise sites and devices;
the target three-dimensional model building module is used for retrieving three-dimensional network security asset models corresponding to all scenes from a preset three-dimensional network security asset model library according to the scenes in the network security asset to build a target three-dimensional model, and the three-dimensional network security asset model library is used for storing three-dimensional network security asset models corresponding to different scenes;
The visual display module is used for configuring visual parameters in the target three-dimensional model according to the analysis data, generating a visual effect on the basis of the target three-dimensional model, loading and generating a data window at the associated position of each scene in the target three-dimensional model, and displaying the analysis data and the original data corresponding to each scene in the data window.
9. An electronic device, comprising: a processor, and a memory communicatively coupled to the processor;
the memory stores computer-executable instructions;
the processor executes computer-executable instructions stored in the memory to implement the method of any one of claims 1 to 7.
10. A computer readable storage medium having stored therein computer executable instructions which when executed by a processor are adapted to carry out the method of any one of claims 1 to 7.
CN202310848408.3A 2023-07-11 2023-07-11 Three-dimensional visual management method, system and equipment for network security assets Pending CN116827811A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310848408.3A CN116827811A (en) 2023-07-11 2023-07-11 Three-dimensional visual management method, system and equipment for network security assets

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310848408.3A CN116827811A (en) 2023-07-11 2023-07-11 Three-dimensional visual management method, system and equipment for network security assets

Publications (1)

Publication Number Publication Date
CN116827811A true CN116827811A (en) 2023-09-29

Family

ID=88142908

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310848408.3A Pending CN116827811A (en) 2023-07-11 2023-07-11 Three-dimensional visual management method, system and equipment for network security assets

Country Status (1)

Country Link
CN (1) CN116827811A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117649300A (en) * 2024-01-29 2024-03-05 山东新睿信息科技有限公司 Asset allocation management method and system based on digital twinning

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117649300A (en) * 2024-01-29 2024-03-05 山东新睿信息科技有限公司 Asset allocation management method and system based on digital twinning
CN117649300B (en) * 2024-01-29 2024-04-30 山东新睿信息科技有限公司 Asset allocation management method and system based on digital twinning

Similar Documents

Publication Publication Date Title
Zhang et al. Construction site information decentralized management using blockchain and smart contracts
CN112416728A (en) Buried point data acquisition method and device, client device and readable storage medium
EP4235482A1 (en) State preview method and system for key equipment of nuclear power plant, and device and storage medium
CN1996326A (en) Information system service-level security risk analysis
CN116827811A (en) Three-dimensional visual management method, system and equipment for network security assets
CN110309926A (en) The system and method for automatically creating craft preservation record by aircraft data
CN109840684A (en) Management method, equipment, system and the storage medium of architecture information
CN110716973A (en) Big data based security event reporting platform and method
CN113315828A (en) Traffic recording method and device, traffic recording equipment and storage medium
CN112488592A (en) Engineering equipment management method and device based on block chain and computer terminal
CN114296406A (en) Network attack and defense display system, method and device and computer readable storage medium
WO2024088025A1 (en) Automated 5gc network element management method and apparatus based on multi-dimensional data
CN111465045B (en) AP monitoring method, monitoring server and monitoring system
CN117094660A (en) Construction monitoring method and system based on digital twin technology
CN115859689B (en) Panoramic visualization digital twin application method
CN108775220B (en) Civil air defense door state display method and device
CN116596281A (en) Lightweight three-dimensional property management system
CN116489336A (en) Equipment monitoring method, device, equipment, medium and product based on virtual film production
CN115310011A (en) Page display method and system and readable storage medium
CN111369665A (en) Production state monitoring system and monitoring method based on three-dimensional modeling technology
CN112686742A (en) Sales invoice risk early warning method and device, storage medium and electronic equipment
CN112669470A (en) Camera marking method and device based on BIM
CN112104507A (en) Method, system, equipment and medium for monitoring network security of power generation enterprise
CN111861394A (en) Intelligent cell management method and system based on Internet of things
CN114615344B (en) Intelligent protocol conversion method and device for electric power instrument

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination